Keyless car security flaw revealed

Keyless car security flaw revealed

Scientists claim more than 100 car models - including some from the biggest auto-makers - could be at risk of keyless theft.

The three researchers made the discovery two years ago but were prevented from warning the public after one of the affected manufacturers got an injunction.

Volkswagen won a case in the High Court to stop the publication of the academic paper in 2013.

It has now withdrawn its objection after the authors agreed to remove one sentence from the original report.

Audi, Fiat, Honda, Volvo and Volkswagen were among the auto-makers said to be vulnerable to keyless theft.

The research team found a weakness in a Swiss-made immobiliser system called Megamos Crypto, whereby the signal sent between the key and ignition could be listened to, making it susceptible to attack.

A transponder embedded in a car's key is used as security. When it is not present, the engine will not start.

But the paper showed it was possible to listen to the signals between the immobiliser unit and the transponder using close-range wireless communication.

It warned of real-life situations like valet parking or car rental, where an adversary has access to both for a period of time.

When it applied for the injunction, Volkswagen argued the research could enable someone, especially a sophisticated criminal gang with the right tools at its disposal, to break the security and steal a car.

Two years later, however, the paper is set to be published.

The researchers claim their aim is to improve security for all motorists with keyless cars.

Copyright Press Association 2015