news

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

With the development of intelligent cars, digital keys are gradually entering our lives as a new way to unlock cars. In China, the market installation rate of digital keys is expected to exceed 80% in 2030, among which radio frequency, BLE, and NFC digital key solutions have become the mainstream of the market.

Security risks and countermeasures

With the popularity of digital keys, as the most rigid and high-frequency feature of daily travel, it has become a standard feature of vehicle models, and it has also become a key target for hacker attacks. For example, in 2022, Tesla was exposed to security risks, and attackers could achieve keyless unlocking of vehicles through Bluetooth relay attacks. Through unified analysis of disclosed security incidents, it can be found that at least 24 models of 19 automakers have been pointed out to have this problem. When the digital keys of these models are attacked, they can unlock and start the vehicle without the owner's knowledge, and even start the ignition.

The main security threats include:

Replay attack: An attacker records legitimate communication signals and replays them later to trick the vehicle into performing illegal operations.

Relay attack: The attacker extends the communication range through the device, tricking the vehicle into thinking that the legitimate user is nearby.

To address these security threats, the following security measures can be implemented:

Encrypted communication: Use strong encryption algorithms to protect data during communication to prevent it from being intercepted and tampered with.

Authentication: Implement multi-factor authentication to ensure that only legitimate users can use the Digital Key feature.

Security Protocol: Adopt the latest security protocols and standards, such as TLS and SSL, to protect data transmission.

Regular updates: Digital key software is updated regularly to fix known security vulnerabilities.

Evaluation Procedures

In order to better protect the travel and vehicle safety of users, the IVISTA Internet Intelligence and Privacy Security Special Evaluation Procedure (2023 Edition) tests and evaluates the vehicle's digital key security through four dimensions: radio frequency key replay attack test, Bluetooth key replay attack test, Bluetooth key relay attack test, and NFC key relay attack test.

Through the above attack tests, we can find the security risks of existing models and test whether the vehicle can resist specific attacks when locked. The specific evaluation method is as follows:

Digital key security is the key to protecting users’ core assets from being stolen or lost, and is also an important direction for the current R&D and design of intelligent connected vehicles. IVISTA’s special evaluation of connected intelligence and privacy security will continue to focus on consumer needs, meet consumers’ expectations for car travel safety, shoulder social responsibilities, and escort consumers’ safe travel.