Version 1
: Received: 26 September 2024 / Approved: 27 September 2024 / Online: 27 September 2024 (11:20:01 CEST)
How to cite:
Carlton, J. Security and Privacy Analysis on Personal Identifiable Informationfor Connected Commercial Vehicles. Preprints2024, 2024092195. https://doi.org/10.20944/preprints202409.2195.v1
Carlton, J. Security and Privacy Analysis on Personal Identifiable Informationfor Connected Commercial Vehicles. Preprints 2024, 2024092195. https://doi.org/10.20944/preprints202409.2195.v1
Carlton, J. Security and Privacy Analysis on Personal Identifiable Informationfor Connected Commercial Vehicles. Preprints2024, 2024092195. https://doi.org/10.20944/preprints202409.2195.v1
APA Style
Carlton, J. (2024). Security and Privacy Analysis on Personal Identifiable Informationfor Connected Commercial Vehicles. Preprints. https://doi.org/10.20944/preprints202409.2195.v1
Chicago/Turabian Style
Carlton, J. 2024 "Security and Privacy Analysis on Personal Identifiable Informationfor Connected Commercial Vehicles" Preprints. https://doi.org/10.20944/preprints202409.2195.v1
Abstract
With many Americans eager to resume travel after prolonged restrictions from the coronavirus pandemic, car rentals are on the rise. According to Auto Rental News, “2021 U.S. Car Rental Revenue Climbs 21% Year-Over-Year” (Brown, 2021). In conjunction with increased car rental, and associated travel, we can expect to see an increase in cyber security and data privacy attacks. In the digital age, enterprises have a responsibility to protect consumers’ personally identifiable information (PII). As it pertains to rental vehicles, when consumers connect their mobile devices to a rental vehicle’s Entertainment and Infotainment System or utilize the built-in navigation feature, they do so, unbeknownst to themselves that the information from their devices is transferring to the vehicle, where it will remain, unless properly expunged from the system. A large majority of consumers are blissfully unaware that their PII is being stored, and how easy it would be for an adversary to potentially breach their data security and privacy. To expand upon this hypothesis, I conducted a further investigation on the subject, by partaking in the rental of three different vehicles, each belonging to a different manufacturer (Nissan, Chrysler, and Maserati), from three different vehicle rental companies (Enterprise, Hertz and Turo). I then, as a consumer, tested my hypothesis to determine if, I was able to easily breach the prior consumers’ data security and privacy by viewing devices that had previously connected to the vehicle, as well as any of the previous consumers’ personal information. The results were undeniable; the PII of the previous consumers is not protected.
Keywords
Connected Vehicles; Data Privacy; Data Security; Infotainment System; Personal Identifiable Information; Ride-Sharing; Software; Technology; Rental Vehicles
Subject
Engineering, Transportation Science and Technology
Copyright:
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.