Is Smartphone Entry a Target for Car Thieves?

Dear Ms. Smartphone: I read on social media how it is easy to steal certain Korean cars because thieves do not need a key to get the engine going. It got me wondering if my own car, a Tesla Model X, would be easy to steal too. I have a Bluetooth enabled system and I use my smartphone to unlock the doors and start the car. Is smartphone entry a target for car thieves? SamS.

Dear SamS: Indeed, these days we see fewer people with bent coat hangers trying to retrieve keys through the car windows, but we hear more about Hyundais and Kias being “hacked.” Since you own a high tech vehicle you do wonder if it’s a target for thefts.

There are three ways to get into a car. The first is the traditional key made of nickel, steel, or brass. The second is the one-way RFID (radio frequency identification) like the keyless fob for the Chevy Bolt. The third is a two-way NFC (near field communication) and Bluetooth connection between your smartphone and the car door- commonly found on high-end BMW and Mercedes, and also, your Tesla. You will be pleased to know that the Tesla is NOT in the Insurance Institute of America’s top ten list of vehicles most frequently stolen.

While the Tesla car is a high-tech masterpiece, that smartphone to Bluetooth connection is not. Bluetooth works like somewhat like WiFi, which means that a “clever” criminal (just why do we call them clever?) can set up a sting between your phone and your vehicle to do an intercept and gain access. It’s likely to be a two-person operation, because they need to capture that short-range signal.  Or, a thief can gain access doing a brute force sweep, scanning all Bluetooth devices in the area.

Love/Hate Bluetooth:

You get a few options with your Tesla vehicle for opening the doors and starting the engine and my own preference would be to use just the cardkey, not the Bluetooth. Here is why: After you gain entry and get settled in the driver’s seat, you will probably forget about the Bluetooth connection to your phone. As you motor, the Bluetooth is in constant communication with outside beacons and transmitters. A lot of traffic services use it to evaluate roadway congestion and travel times. It will be remotely accessed, say if you drive by a billboard, to count marketing exposures. There’s no doubt: Bluetooth is useful in the aggregate. But, you, the driver, only need to participate if you have it turned on. An  active Bluetooth will also drain your phone battery faster.

The other hesitation I have about using the Bluetooth to open car doors is, my term, the “all in one” syndrome. It seems like people lose their smartphones less often these days since they are practically glued to them. But, I am not sure why we want to burden the phones with more features. If we use our phone to unlock the doors, it is a constant reminder that we cannot exist without the phone. At  a more subconscious level this is a persistent reminder to pull out the phone and then check for messages and updates. When it comes to technology, and perhaps to driving, both a psychic and physical distance can be restful.

Learn by Video!

If you are curious how the smartphone interacts with the vehicle, check out this video on YouTube. Even if you don’t drive a Tesla, there are instructions on how to install a Bluethooth device, and what you need to do to lock it down. With a good mechanical sense and a few tools, you could send a Bluetooth ping from your phone to your car…or to someone else’s! Or, you could make your Tesla more secure by adding two-factor authentication. But, that will just slow you down and make opening the doors more cumbersome

That said, you still  need to keep the Tesla’s plastic cardkey handy when you park with a valet, bring the car in for service, or let your friend or a teen take the car out for a spin. When you go to sell the car or trade it, make sure to clear the Bluetooth codes!  This is also recommended  step when you return a rental car. You, not someone else, should clear the Bluetooth settings. 

The final word is that you should probably not overthink this. Bluetooth and NFCs present a vulnerability for drivers, but we all face some security risks these days. It is still significantly harder for the random thief (not the clever one!)  to open a Tesla than an old car with a coat hanger and the cylinder lock.