Huge Risk – Fraud in the Smart Mobility Space

ODED YARKONI

VP Innovation

Much has been said about the threat cyber attacks pose to connected cars, however, there are other significant risks for companies using such vehicles. Many businesses in the automotive industry rely on the new technologies introduced by connected cars and the smart mobility world as their main way to operate. Such businesses include car rental agencies, car leasing companies, and the expanding realm of car sharing companies. Mobile apps enable these companies to operate as they do today, providing modern services, and together with data gathered by connected cars they can track and monitor their vehicle fleets. While these innovations are very beneficial to businesses, they also entail the risks of fraud and misuse which can have a grave impact.

The first danger lurking in car sharing mobile apps is identity theft by hackers who penetrate the real users’ mobile devices. Mobile malware is constantly evolving and infect an ever-increasing number of users. These nefarious threats can completely compromise a mobile device and steal all credentials stored on it, or target a specific app, including car apps, as a Kaspersky research demonstrated all too well. From the moment an attacker obtained your credentials to a car-sharing app or breached it, he can use your account as if it was his own and inflict serious fraud damages upon the car sharing company.

Attackers can also use fake identities to register for Car on Demand services just like they do with any other credit card fraud. With identity leakage incidents like the Equifax breach and a record increase of data breaches in the US in general, hackers can pick whichever stolen identity which suits them from the millions sold on the black market for pennies, and use it to make unauthorized car rides on the victim’s behalf. With card-not-present frauds on the rise, there’s no reason to suspect they will not affect the automotive industry as well.

The new technologies of the smart mobility world also provide an opportunity for car rental agencies to fight misuse better than ever before. An example of a common misuse is rental cars used for taxi services such as Uber and Lyft, which strictly violate the car rental terms of service, or drivers driving recklessly and disregarding the rented vehicle’s integrity. While in the past rental agencies had no way of monitoring and enforcing their fleet’s policies, the data gathered by connected cars can be used to their advantage, if analyzed properly.

We at Upstream, can not only protect your fleet against cyber-threats but also provide you with advanced machine learning and big data analytics which will help you prevent such cases of fraud and misuse. Our solution is cloud-based, non-intrusive and uses data your fleet is already collecting. By constantly monitoring vehicle and driver behaviors, we can detect anomalies in the patterns and alert the fleet manager about any fraud attempt or misuse by one of the drivers. In the world of connected cars, fleet and IT managers should take care of their fleets’ security and prevent frauds, just like they tend to the vehicles physical conditions.

Newsletter Icon

H1'2022 Automotive Cyber Trend Report

Newsletter Icon

Subscribe
to our newsletter

Sign up to receive updates delivered to your inbox

NHTSA Updates US Cybersecurity Guidelines for Vehicles

Connected and software-defined vehicles technologies are on the rise, offering customers a better user experience, and introducing new monetization strategies for OEMs. Given the rising…

Read more

Upstream Partners with Salesforce, Putting Connected Vehicle Data in Motion

The automotive industry is undergoing a massive transformation, building new revenue streams and business opportunities. Connected vehicle and smart mobility data are at the core…

Read more

Securing Smart Mobility Requires a Fresh Approach to API Security

Connected vehicles and smart mobility services use numerous APIs. Everything from OEM-driven companion apps, infotainment systems, OTA servers, telematics servers, and EV charging management or…

Read more

EV Charging Stations Cyber Vulnerabilities Could Be EVs Achilles Heel

Electric vehicles (EVs) are a critical pillar of the global automotive revolution we’re experiencing today. Over the next five years, the US government will invest…

Read more