Toggle Dark Mode
When getting rid of a car, most people make sure they don’t leave personal possessions and important paperwork inside. Now with software like Apple’s CarPlay and Android Auto, there is concern private data could be left behind.
This could even be a potential problem with rental cars and ride sharing programs. Kelsey Mays from Cars.com mentions that car-sharing programs, such as Enterprise CarShare, Zipcar, and Getaround, and now GM, are using programs to help people gain access to cars even if they can’t own one. If renters use the CarPlay system, they will leave data behind which could theoretically be accessed by a third party.
Mays cautions not to overreact about the possibility of personal data being compromised. The only thing hackers could get from most cars is the identification code for a particular device. There’s not much to be done with that without the device itself. Device IDs can be deleted by performing a factory reset of the CarPlay system, much like a person would do when selling a used iPhone. However, forgetting to do that won’t lead to stolen data, since hackers can’t access the iPhone with the ID by itself. Many of the experts Mays interviewed for her piece claim that car entertainment systems simply mirror what’s on a smartphone and don’t take any data other than the device ID.
If there is any real risk of leaving compromised data, it’s via Bluetooth. Mays talks about how data transferred to the car via Bluetooth is usually comprised of addresses and phone numbers.
She quotes VW’s Spokesman Mark Gillies, “For every paired Bluetooth phone, the car stores the phone ID and pairing information. The phonebook data and calling lists are transferred to the car. When you disconnect the phone, the call information is removed from the car’s memory and updated on a following reconnect. The phonebook data persists in the car in order to be available immediately after a next connect.”
New Bluetooth technologies can access more data than ever before. Mays quotes Bird saying, “…keystroke data, wireless sensor reporting and the ability to transmit short data packets like messages, emails, calendar notifications, tasks, notes and reminders,” might be stored in memory. Mays says it’s unlikely, but it is possible such information could be hacked. Even then, they would have to get past the security measures, like passwords, in order to get to the data.
What iPhone users with CarPlay, who wish to sell their old vehicle, should do is delete their phone profiles from their car and then do a factory restore. That will limit the likelihood of data being left on the system.
Apparently, even if the phone ID is erased, there is still a small possibility that some information will still be in the car because of the Bluetooth connection process, depending on the software used in a particular car. Whatever the case, rest assured that the likelihood of old data being accessed by a third party will be tiny as long as users follow the same guidelines that most do when getting a new iPhone. And if one is to use ride sharing or rental cars, perhaps it might be best to avoid using Bluetooth.
Have you ever tried CarPlay? Did you love it? Tell us why in the comments below.