Enterprise Customer able to Remotely Control Vehicle Following Rental Period
Security remains a concern in car rental connectivity
As the car rental industry dives head-first into the unpredictable world of high-tech, particularly within the realm of car connectivity, they’re discovering a great deal of amenities to their business. Incredibly high volumes of data wirelessly being processed has streamlined and accelerated booking and administrative workflows like never before. Numerous accounts of efficiencies and customer satisfaction have reportedly spiked now that connectivity provides more consumer options than ever before, while information on vehicular status has helped carve away at expenses regarding maintenance.
However the dark side of connectivity is still a huge point to ponder, much of it surrounding security. While consumers are concerned about privacy issues concerning the massive flows of data from the rentals they drive to the car rental offices administering that technology, additional issues involving cybercrime stand to make businesses vulnerable to the hackers preying upon them.
A TechSpot article recently revealed a security breach can be innocently discovered, as was the case with an Enterprise customer named Msamba Sinclair. Back in May, Sinclair rented a Ford Expedition from the company, but the issues involving the vehicle didn’t surface until a few days after he returned it. While playing around with his smartphone, Sinclair discovered that he could still control the Ford remotely via the FordPass app he downloaded for the rental.
It was one thing to be able to track the vehicle’s location, days after he returned the Ford. What was more shocking was that the app still allowed him to manipulate the door-locking features and even start and stop the vehicle’s engine, an action that could prove fatal to an occupant. Situations like that usually mean that the car rental company neglected to reset the vehicle’s infotainment system, which relays those control features to the FordPass app, but when Sinclair alerted Ford about the situation, his comments were ignored.
When Enterprise got wind of the situation, its spokesperson, Lisa Martini, released the following statement:
“Several years ago, we implemented employee training on best practices for clearing data as part of our standard vehicle cleaning procedures. Additionally, we have information in our privacy policy and rental agreements to remind customers to remove their data when returning a car. We also work closely with the various automotive manufacturers to ensure we update and enhance our procedures as needed in response to new features and technologies that are added to vehicles. To that end, we understand the concerns this specific situation has raised and are actively working with Ford to implement protocols for customers who attempt to enable this feature on a rental car using their personal account.”
Ford commented that the company normally does a master reset to clear the memory of any connectivity with smartphones before its dealerships sell any vehicle bearing its brand. Insiders though, are inferring that Enterprise follows a different set of procedures when it comes to adding vehicles to its fleet.
Interestingly enough, at this writing, Sinclair can still remotely control that Ford.
–