When a Life Hack Gets Hacked: Telematics Cyber Threats Raise Security Questions for Auto Insurers

by on Aug 10, 2015

telematics2With innovation comes excitement but also new dangers. That is the case currently with telematics, a technology that has revolutionized the auto insurance industry in recent years. Telematics tracks the movements and speeds of cars, but was recently used by cybersecurity researchers to turn off a Jeep Cherokee’s engine as it drove.

This is a scary development considering the role telematics is playing in the future of the auto insurance industry. Major firms like Progressive and Allstate are already implementing telematics technology as part of their insurance packages. The fact that this technology is potentially not secure from cyber threats is disconcerting, and could impact industry strategy going forward.

TelematicsCar

The threat of hackers rises congruously with the advancement of technology and convenience for users. Smartphones that connect to cars provide another medium in which hackers can cause damage. Nicholas Weaver, a security researcher at the International Computer Science Institute in Berkeley, believes that the increasing connectivity among devices is a big problem, arguing that for this technology to work, each product must have a single authenticated server. “Products designed to be accessible by a range of means including smartphones leave a large ‘attack surface’ that is easier to penetrate. But products that communicate only with a single authenticated server allow the company that owns the server to compile a raft of information about the user, increasing privacy concerns.”

This lack of security recently caused Fiat Chrysler to recall 1.4 million vehicles in the United States in order to install software to counteract hackers. Building software capable of protecting cars from hackers is far from impossible, but the fact that so many cars were on the road while at risk exhibits how companies can rush to release new technologies before ensuring they are safe for use. Members of Congress have even expressed their concern about the safety, with Fred Upton and Frank Pallone Jr. – the ranking Republican and Democrat, respectively, of the House Energy and Commerce Committee – stating, “We have said that cars today are essentially computers on wheels, and the last thing drivers should have to worry about is some hacker along for the ride.”

In theory, telematics makes sense for both auto insurers and drivers, as it allows safe drivers the benefits of lesser coverage, while encouraging them to drive more safely and, in doing so, save firms money. It also motivates firms to be creative with the technology and how they implement it into their insurance offerings. But all of this is moot if the technology isn’t safe from cyber threats, which this recent news shows is still not completely the case. For auto insurers and car companies alike, investing in the cyber security necessary to protect drivers is imperative, as the recent fiasco not only cost Fiat Chrysler a big chunk of money, but also put customers at risk.