Computer science experts may have exposed a dangerous flaw within telematics, but it`s nothing but a minor setback for the insurance-based technology, Canadian experts say.
The vulnerability was revealed earlier this week when researchers at a California security conference demonstrated that they could hack a car by sending SMS messages to its telematics dongle. They were subsequently able to order its internal network to perform such functions as engaging its windshield wipers and disabling the vehicle’s brakes.
While this sounds ominous for auto insurance brokers who sell policies based on Usage Based Insurance (UBI) data, experts and industry leaders feel that this is just a minor obstacle to overcome before Canada approaches universal adoption of telematics in automobiles.
Gil Zvulony, an information technology lawyer based in Toronto, acknowledges the risks that this exposure presents to Canadian drivers.
“The fact that they can do this remotely is a little alarming, and given that the insurance industry is trying to push these onto vehicles, it raises questions about if they become as commonplace as cell phones,” said Zvulony. “The potential that this creates for mass chaos is pretty scary.”
Zvulony feels that this shouldn’t discourage brokers to sell UBI policies, however, since all new technologies come with their own inherent set of risks.
“Anytime we connect computers to people and networks, we have all sorts of security issues, but there are always counter-measures,” he said. “When computers became infected with viruses, we didn’t abandon computers, just developed anti-virus programs. The solution isn’t to abandon the technology.”
Industry leaders echo Zvulony’s sentiment, and feel that insurance providers will develop a patch that safeguards against these vulnerabilities.
“I wouldn’t discourage telematics any more than I would discourage people from communicating with their friends online,” said George R. Hodgson, CEO of the Insurance Broker Association of Alberta. “There’s always a risk of people getting ahold of personal information and using it for nefarious purposes, but it’s up to providers of UBI to minimize that.”
A spokesperson from Desjardins Insurance has also come forth to defend its popular Ajusto app, and assures brokers that its telematics program would not be susceptible to any type of cyber invasion.
“Desjardins Insurance Ajusto ODBII device is immune from these types of attack because our device simply does not have the electronic component enabling the communication with the port. We only receive electrical current from the port and nothing else,” said Alex Veilleux, VP, Ajusto and Innovation at Desjardins Insurance.
As the industry works to address these security concerns, Hodgson feels that this will only amount to a slight hiccup in the rollout of telematics, which could be a staple of Canadian life in the next 10 or 20 years.
“I think in the future it will be widely adopted and vehicles will come with devices already built into them, it’s just a matter of insurance companies and brokers being given permission to access that information” he said.