Why Smartphone Apps Could Soon Replace Car Keys

Why Smartphone Apps Could Soon Replace Car Keys

Sooner or later, a smartphone app will be able to unlock your car. But what are the potential security issues that come with this new technology?

  • By Andy Allan
  • Jul 18, 2018

With global mobile phone usage expected to reach more than 5.5 billion users by 2022, the days without connectivity at our fingertips are long gone.

It appears that soon, the traditional car key will be extinct: firstly, replaced by contactless keys, and in the future, by smartphone apps. Here, CAT Autokeys discuss how soon this is likely to happen, and the potential security issues that come with this new technology.

How Would You Unlock Your Car via a Smartphone App?

Advancements in car connectivity technology have been ever-increasing, and it’s predicted that soon, car owners will be able to unlock – and even start their own cars – by using apps that have been downloaded on their mobile phone.

In order to lock, unlock and start their cars, owners will need a “direct link to the secure element of the device;” and this is predicted to help reduce the risk of car theft.

The information that’s sent through this link will use a secured short-range connection, which means that owners must be in close proximity of their vehicle – much like if they were to make a contactless debit or credit card payment (i.e. closer to the car than you would with a traditional car key).

The way this would work, is once next to the car, the owner would place their phone by the door handle, and scan their fingerprint to unlock their vehicle.

If the owner wants to grant someone else access, they would share a passcode with them; and that’s also a solution for anyone who wants to enter a hire car.

How Soon Is This Technology Likely to Be Rolled Out?

Plans for smartphone apps to replace traditional keys are part of new developments from the cross-industry technology body, the Car Connectivity Consortium (CCC). This brings together well-known car brands such as BMW, Audi, Volkswagen and General Motors, alongside leading technology companies including Panasonic and Apple.

Right now, this contactless car key technology exists merely in a ‘Release 1.0’ phase, which “provides a generalized deployment method that allows vehicle OEMs (suppliers) to securely transfer a digital key implementation to a smart device”.

The ‘Release 2.0’ version has an anticipated launch date of early 2019, which will enable the technology to become both more scalable and affordable to implement.

Plus, the fact that so many car makers have been directly involved in the development, it’s likely that this digital key feature will be introduced to many car brands once the technology has reached the maturity stage.

Which Brands Are Already Backing the Move?

Whilst the CCC is aiming to make the technology more widespread, you may be surprised to know that it’s not the first group to try and implement this technology. That would be Volvo, who trialed a smartphone-based system back in 2016.

In fact, even now certain brands are actively using this technology with customers. For example, Tesla owners are already able to use a dedicated app as opposed to a key, to access their Model S, Model X and Model 3 vehicles. The other feature they boast is the ability for the car owner to limit the top speed and acceleration whilst someone else is driving their car.

BMW have also created an app that enables drivers to access their car, as opposed to using a traditional car key.

Should We Be Worrying About Security Issues?

New technologies always raise security concerns, but the fact is, with technology constantly evolving, companies are aware of potential issues, and can work to limit them.

The CCC have spoken out before about the technology currently used by Tesla and BMW, and have deemed it to be less safe than what they’re developing; assuring their new system will bring about “the highest state-of-the-art security level for vehicle access”.

Existing keyless entry systems have been exploited by criminals, who have been able to gain entry and even start a car by purchasing electronic devices online. In some cases, they’ve even been able to access gadgets which can programmed blank fobs to work with specific cars in seconds – that’s not at all ideal.

One aspect introduced into the CCC’s technology to reduce the risk of theft is to revoke all keys once a car has been sold. This means that if someone were to sell their car and had shared their digital pass with someone else; the new owner won’t have to worry about other people accessing their car.

To conclude, whilst there are some examples of existing smartphone apps enabling car owners to enter their cars, this technology is still very much in the developmental stage. Security concerns will naturally rise, but the CCC has the time to review these issues, and put plans into place to minimize the risk. For the motoring industry, this is certainly an exciting breakthrough, and is one to watch over the coming months and years.

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services

  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

Most   Popular

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.