Enlarge /. The screen displayed by FordPass four days after an Enterprise Rent-A-Car customer returned a Ford Mustang.
In October, Ars recorded the story of a man who could remotely start, stop, lock, unlock, and track a Ford Explorer that he rented and returned five months ago. Now something almost identical has happened to the same Enterprise Rent-A-Car customer. Four days after returning a Ford Mustang, the FordPass app installed on Masamba Sinclair's phone continues to give him control of the car.
As last time, Sinclair could track the location of the vehicle at any time. He could start and stop the engine and lock and unlock his doors. Enterprise didn't remove Sinclair's car access until Wednesday, more than three hours after I informed the rental agency of the error.
"It looks like someone else has rented it and it's currently in a golf resort," Sinclair wrote in an email Tuesday. "This car is loud, so starting the engine definitely leaves people asking a lot of questions." On Wednesday, before his access was removed, he added, "Looks like the previous rental is over and it's back in the Enterprise parking lot." Below is a video showing the control he had until then.
Ford pass access.
We take security and data protection seriously
In October, Enterprise and Ford said they had mechanisms in place to ensure that FordPass and other remote apps provided by Ford were not paired before vehicles were sold or rented to new customers. The answers were problematic for several reasons. According to Enterprise, leases signed by customers remind them to delete their data when they return from cars. The problem is that the reminder doesn't warn tenants of the risks that arise when a previous customer's app remains paired with the vehicle they rent.
In addition, customers have little incentive to separate the app from a returned car. Customers frequently seek flights and may not want to go through menus they have never seen before. And since the privacy and security risks are only with the new customer, shameful people who return the car may want to maintain remote access. When returning cars, it should be common for the rental agency staff to decouple the app. This is no different than vacuuming the car's carpet or checking the engine.
Meanwhile, Ford claimed that there are several ways that drivers can tell when an app has access to their vehicle. The automaker also said it reminded dealers to decouple cars before they were resold.
Neither of these measures seem to adequately counter the risk of people remaining in control of vehicles after the vehicles are rented or sold to new customers. Sinclair agrees that he could unpair his device himself. He said he did not do this because he wanted to test the security procedures put in place by the companies that use and develop the app. An article published by KrebsOnSecurity last week that reports a man who continued to have remote access to a Ford Focus four years after the end of his lease, suggests that the problem is not isolated.
The problem is not that there is no way to remove previous tenants or owners' access to a paired vehicle. For example, Ford vehicles display a label on a dashboard screen when location sharing, remote start / stop, and remote lock / unlock are active. Popups will also appear on every ignition if location services are active and no known paired Bluetooth devices are detected. The news can only solve the problem if it is prominent and clear enough for users to recognize the risk. A Ford spokesman asked to comment stated that the communications he described in October were still in effect.
Company officials meanwhile made the following statement:
The security and privacy of our customers is very important to us as a company. We appreciate that we are made aware of this and we are actively working to follow up on the issue related to this specific rental that took place last week.
After deploying last fall, we updated our vehicle cleaning guidelines related to our master reset process. In addition, we have initiated a frequent secondary review process in consultation with Ford. We have also started to work with Ford and are nearing completion of the test software that automates the avoidance of FordPass pairing by rental customers.
We will use these latest experiences to further develop our processes and ensure that they optimally fulfill the functions and technologies that are constantly being added to vehicles.
Other manufacturers' vehicles are likely to have similar features, and like the features provided by Ford, they are likely to be easily overlooked by many drivers. People who rent or buy new cars should read the manuals carefully to find out exactly how remote access works and how to ensure that it is removed by previous customers.