Huge Risk – Fraud in the Smart Mobility Space

ODED YARKONI

VP Innovation

November 9, 2017

Much has been said about the threat cyber attacks pose to connected cars, however, there are other significant risks for companies using such vehicles. Many businesses in the automotive industry rely on the new technologies introduced by connected cars and the smart mobility world as their main way to operate. Such businesses include car rental agencies, car leasing companies, and the expanding realm of car sharing companies. Mobile apps enable these companies to operate as they do today, providing modern services, and together with data gathered by connected cars they can track and monitor their vehicle fleets. While these innovations are very beneficial to businesses, they also entail the risks of fraud and misuse which can have a grave impact.

The first danger lurking in car sharing mobile apps is identity theft by hackers who penetrate the real users’ mobile devices. Mobile malware is constantly evolving and infect an ever-increasing number of users. These nefarious threats can completely compromise a mobile device and steal all credentials stored on it, or target a specific app, including car apps, as a Kaspersky research demonstrated all too well. From the moment an attacker obtained your credentials to a car-sharing app or breached it, he can use your account as if it was his own and inflict serious fraud damages upon the car sharing company.

Attackers can also use fake identities to register for Car on Demand services just like they do with any other credit card fraud. With identity leakage incidents like the Equifax breach and a record increase of data breaches in the US in general, hackers can pick whichever stolen identity which suits them from the millions sold on the black market for pennies, and use it to make unauthorized car rides on the victim’s behalf. With card-not-present frauds on the rise, there’s no reason to suspect they will not affect the automotive industry as well.

The new technologies of the smart mobility world also provide an opportunity for car rental agencies to fight misuse better than ever before. An example of a common misuse is rental cars used for taxi services such as Uber and Lyft, which strictly violate the car rental terms of service, or drivers driving recklessly and disregarding the rented vehicle’s integrity. While in the past rental agencies had no way of monitoring and enforcing their fleet’s policies, the data gathered by connected cars can be used to their advantage, if analyzed properly.

We at Upstream, can not only protect your fleet against cyber-threats but also provide you with advanced machine learning and big data analytics which will help you prevent such cases of fraud and misuse. Our solution is cloud-based, non-intrusive and uses data your fleet is already collecting. By constantly monitoring vehicle and driver behaviors, we can detect anomalies in the patterns and alert the fleet manager about any fraud attempt or misuse by one of the drivers. In the world of connected cars, fleet and IT managers should take care of their fleets’ security and prevent frauds, just like they tend to the vehicles physical conditions.

Newsletter Icon

The 2024 Global Automotive Cybersecurity Report

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

From Cost Center to Value Center: Monetizing Connected Vehicle & Mobility Data in the AI Era (Part 3)

In Part 1 and Part 2 of this series, we discussed the transformative journey of the automotive industry as OEMs evolve from traditional car manufacturers…

Read more

EV CPO Under Siege: A New Attack Exposed the Cybersecurity and Privacy Risks of EV Charging Networks

As the EV revolution accelerates, the spotlight often falls on sustainability, innovation, and range anxiety. However, an underexplored yet critical concern is the cybersecurity of…

Read more

Connecting the Dots: Integrating Auto-ISAC’s ATM with Deep & Dark Web Intelligence for Proactive Automotive Cybersecurity

In March 2024, Auto-ISAC released a significant resource for the automotive industry’s cybersecurity: the Automotive Threat Matrix (ATM). This is an important milestone for Auto-ISAC…

Read more

Breaking the (Supply) Chain: The Macroeconomic Stakes of Cybersecurity in Fleet Telematics

In an era where smart mobility and connected technologies are revolutionizing the automotive industry, reliance on telematics and IoT devices to manage fleet operations has…

Read more
Skip to content