Tracking

Parking apps can let anyone track your car – this hacker wants to stop it

The rise of technology and its progress through which humans consistently try to harness its maximum potential is indeed useful and beneficial to civilization as a whole. However, technological upgrades also come with loopholes that make space for fraud and deception. Thus, it is important that we remain cautious. Because, as the good old saying goes, it is always better to be safe than sorry.

Tracking

Apparently, anybody can track the location of your vehicle as long as they have your license plate number. This is mainly due to the minor flaws in parking apps, a hacker has revealed. Read along to know more.

The What and Why

Inti De Ceukelaire is a cybersecurity expert who spent over three months on the discrepancies in parking apps that can lead to anyone keeping tabs on your vehicle’s location. The results of the study detailing all the necessary information concerning this were released on Sunday.

As stated by De Ceukelaire in a press meet, 120 vehicle owners in Europe consented to take part in the 100-day experiment. Using three different and diverse methods, the hacker was successful in pointing out the exact live locations of more than 29 percent of the vehicles.

The first method involved registering the license plates in parking apps. Users don’t have to prove their identity while registering. All the hacker had to do was enable the app’s license place recognition(ANPR)feature. Once a target vehicle enters an ANPR-enabled parking lot, this feature sends an alert. The method isn’t very expensive and can be easily exploited by stalkers or criminals.

The second method is even better and totally free of cost making it all the more accessible. He presented a tool named ‘Platescan’ that enabled him to connect to thousands of digital parking meters in areas that specifically provide free limited parking. Platescan then uses the target’s license plate number to initiate a one-second parking session. Since parking areas like the ones mentioned offer only one free parking spot per day, it is easier to track the location of the vehicle from the error message sent stating that the vehicle has already used up its free parking privileges.

De Ceukelaire has refused to release the tool to the public however he also pointed out the fact that his methods could be easily duplicated by anyone intending to exploit and deceive.

The third method is even simpler as it makes use of the vendors that let users view their current parking sessions and receipts. An attacker can easily access that information as long as they have the target’s phone number and license plate number.

“We have identified more than a million trackable parking spots across Europe, and expect the number to ramp up quickly in the months and years to come. With ANPR-based payment also finding its way to toll roads such as Ireland’s M50 and England’s M6, free movement will become increasingly harder without the risk of being tracked,” De Ceuklaire said.

De Ceuklaire has called on Europe to tighten its privacy regulations and to make sure that the users are provided with the option to “opt-out of their license plates being processed.”