Huge Risk – Fraud in the Smart Mobility Space


VP Innovation

Much has been said about the threat cyber attacks pose to connected cars, however, there are other significant risks for companies using such vehicles. Many businesses in the automotive industry rely on the new technologies introduced by connected cars and the smart mobility world as their main way to operate. Such businesses include car rental agencies, car leasing companies, and the expanding realm of car sharing companies. Mobile apps enable these companies to operate as they do today, providing modern services, and together with data gathered by connected cars they can track and monitor their vehicle fleets. While these innovations are very beneficial to businesses, they also entail the risks of fraud and misuse which can have a grave impact.

The first danger lurking in car sharing mobile apps is identity theft by hackers who penetrate the real users’ mobile devices. Mobile malware is constantly evolving and infect an ever-increasing number of users. These nefarious threats can completely compromise a mobile device and steal all credentials stored on it, or target a specific app, including car apps, as a Kaspersky research demonstrated all too well. From the moment an attacker obtained your credentials to a car-sharing app or breached it, he can use your account as if it was his own and inflict serious fraud damages upon the car sharing company.

Attackers can also use fake identities to register for Car on Demand services just like they do with any other credit card fraud. With identity leakage incidents like the Equifax breach and a record increase of data breaches in the US in general, hackers can pick whichever stolen identity which suits them from the millions sold on the black market for pennies, and use it to make unauthorized car rides on the victim’s behalf. With card-not-present frauds on the rise, there’s no reason to suspect they will not affect the automotive industry as well.

The new technologies of the smart mobility world also provide an opportunity for car rental agencies to fight misuse better than ever before. An example of a common misuse is rental cars used for taxi services such as Uber and Lyft, which strictly violate the car rental terms of service, or drivers driving recklessly and disregarding the rented vehicle’s integrity. While in the past rental agencies had no way of monitoring and enforcing their fleet’s policies, the data gathered by connected cars can be used to their advantage, if analyzed properly.

We at Upstream, can not only protect your fleet against cyber-threats but also provide you with advanced machine learning and big data analytics which will help you prevent such cases of fraud and misuse. Our solution is cloud-based, non-intrusive and uses data your fleet is already collecting. By constantly monitoring vehicle and driver behaviors, we can detect anomalies in the patterns and alert the fleet manager about any fraud attempt or misuse by one of the drivers. In the world of connected cars, fleet and IT managers should take care of their fleets’ security and prevent frauds, just like they tend to the vehicles physical conditions.

Newsletter Icon

Upstream’s 2023 Global Automotive Cybersecurity Report

Newsletter Icon

to our newsletter

Sign up to receive updates delivered to your inbox

The Power Grid Must Be Protected, But Are EV Charging Stations Secure?

The widespread adoption of electric vehicles (EVs) depends on a robust and reliable network of charging stations. However, as the number of EVs on the…

Read more

Navigating the Risks of Automotive Subscription Revenue Streams: Cyber Hacking Enables Bypassing, Tampering and Fraud

“A significant increase in hacking attempts by vehicle owners is expected, aimed at bypassing premium costs by manipulating systems fraudulently.” – Upstream Security 2023 Global…

Read more

API Security Needs to be Integral in Automotive Threat Analysis and Risk Assesment

APIs enable the opportunity to innovate and improve services in the connected vehicle and smart mobility ecosystem. APIs are widely used in advanced features, services…

Read more

NHTSA Updates US Cybersecurity Guidelines for Vehicles

Connected and software-defined vehicles technologies are on the rise, offering customers a better user experience, and introducing new monetization strategies for OEMs. Given the rising…

Read more