Preprint Article Version 1 Preserved in Portico This version is not peer-reviewed

Safeguarding Personal-Identifiable Information (PII) after Smartphone Pairing with Connected Vehicle

Jason W Carlton
* ORCID logo and
Hafiz Malik
* ORCID logo
Version 1 : Received: 2 September 2024 / Approved: 3 September 2024 / Online: 3 September 2024 (17:55:23 CEST)

How to cite: Carlton, J. W.; Malik, H. Safeguarding Personal-Identifiable Information (PII) after Smartphone Pairing with Connected Vehicle. Preprints 2024, 2024090240. https://doi.org/10.20944/preprints202409.0240.v1 Carlton, J. W.; Malik, H. Safeguarding Personal-Identifiable Information (PII) after Smartphone Pairing with Connected Vehicle. Preprints 2024, 2024090240. https://doi.org/10.20944/preprints202409.0240.v1

Abstract

The integration of connected autonomous vehicles into the transportation system introduces significant enhancements in driving experience and convenience. Yet, it simultaneously raises important concerns regarding the security and privacy of passenger data. As individuals increasingly depend on these connected vehicles, particularly rental cars with advanced infotainment systems, safeguarding their personal information becomes a paramount imperative, presenting significant challenges that must be addressed to maintain user trust and comply with privacy regulations. This paper investigates risks associated with personal information stored in connected vehicle technology, emphasizing the importance of robust security and privacy practices. In the advent of cyber threats and the need for data protection, we examine a risk management framework (RMF) as suggested by NIST, which aims to address these quintessential concerns preemptively. Our research moves beyond the limitations of manual safeguarding methods, supporting the necessity for an advanced automated technical solution. To address these issues, we introduce and meticulously assess the efficacy of “Vehicle Inactive Profile Removal” (VIPR), an innovative technical solution conceived to actively eliminate the risks and potential oversights that stem from the prevalent tendency of renters to leave personal data unerased in the infotainment systems of rented connected vehicles. We provide a thorough evaluation of VIPR through various scenarios, including vehicle return to a rental depot, subsequent rentals, and ridesharing contexts. Our proof of concept includes an array of experiments to demonstrate how VIPR proficiently and autonomously removes previous renters’ “Inactive” profiles from a simulated infotainment system. The results highlight how VIPR constitutes a critical step towards enhancing the privacy and security of personal data, thereby promoting a safer, more responsible use of connected vehicle technology in society.

Keywords

connected vehicles; connected vehicle architecture; data privacy; data security; infotainment system; personable identifiable information (pii); ride sharing; software; technology; rental vehicles

Subject

Engineering, Transportation Science and Technology

Copyright: This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Download PDF

Comments (0)

We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.

Leave a public comment
Send a private comment to the author(s)
* All users must log in before leaving a comment
Views 0
Downloads 0
Comments 0
Get PDF Cite Share 0
Bookmark BibSonomy Mendeley Reddit Delicious
×
Alerts
Notify me about updates to this article or when a peer-reviewed version is published.
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here.