campion bmw-a1 nat_auto woodford_ origo-2 finol autoparts-2 serfac270514a

Four new cars found to be vulnerable to a ‘relay attack’


Thatcham Research, the independent automotive research centre, has released security ratings for seven new cars. Designed to help consumers understand the theft risk of a car, the ratings are based on a series of security tests encompassing physical and digital security.

As with the first consumer ratings released in March, many of the assessed cars do not have any security measures in place to prevent criminal exploitation of the keyless entry / start system.

Richard Billyeald

Richard Billyeald, Chief Technical Officer, Thatcham Research comments: “Theft claims (in the UK) paid by insurers in the first quarter of this year were at their highest for any quarter since 2012, with a payment made to a car crime victim every eight minutes. These figures demonstrate why the automotive industry must move to secure keyless entry / start systems, many of which offer criminals the chance to quickly and silently circumvent otherwise robust physical security.”

Of the seven new cars tested, four have keyless entry / start systems susceptible to the relay attack and have therefore been rated ‘Poor’ – whether optional or standard.

Billyeald continues: “Were it not for the keyless entry / start vulnerability, all the cars assessed would have earned a ‘Good’ rating or better.”

Known vulnerability, known fixes
The BMW 7 Series, BMW X7 and Porsche 911 all retained their ‘Superior’ ratings through the introduction of motion sensor enabled fobs. If the sensor detects the fob hasn’t moved for a short period, it idles and goes into sleep mode. This effectively prevents criminals with Relay Attack kit from extending the range of the communication between car and fob.

Billyeald adds: “BMW and Porsche have acted decisively to secure vulnerable keyless entry / start systems. Fixes are not exclusive to premium cars, there are fixes coming through on the big-sellers too, with Ford recently announcing that it has introduced a new, more secure fob for its latest Fiesta and Focus model ranges. We’re seeing solutions applied to some new cars, let’s see them applied to all.”

Earlier this year the Audi e-tron, Jaguar XE, Land Rover Evoque, Mercedes B-Class and Porsche Macan were also given Superior ratings, which can only be achieved when a solution to the keyless entry / start vulnerability is in place.

Guidance for buyers
Keyless entry / start systems are frequently offered by carmakers as an additional cost option but can also be standard-fit. The BMW 7 Series and BMW X7 come with the system as standard, while it is an option with the remaining cars assessed.

New car buyers should ask the right questions in the dealership, Billyeald suggests: “Keyless entry / start systems are often optional or included with trim levels, so buyers need to understand that they could raise the theft risk profile of their new car by ticking that box. Buyers that do want it, and many do as it’s a good convenience function, should ask their dealer if a fix has been introduced.

“Owners can also protect their fob with a Faraday shielding pouch. While some fobs can be turned off overnight – the Mazda 3’s fob has this function for example. However, solutions which rely on active participation from the driver are not included in the rating.”

Thatcham Research’s keyless infographic can be downloaded here.