Cars are probably one of the most expensive things you interact with daily. The streets are constantly lined with them, and losing one would put a massive dent in anyone’s wallet.
Car thefts happen all the time. You need to be constantly vigilant: ensure that your car is locked, and your keys are safe, and you’ve parked in a safe spot, and everything in your vehicle is in working order.
Vigilance has become second nature to most drivers. We all know that the dangers are out there, and we’re used to being on alert all the time.
That’s why technology to prevent carjacking is so vital. Thieves are crafty and innovative and will probably go for the quickest and most readily available target. Keeping your car secure and impossible to steal is critical in car ownership and manufacturing.
Initially, cars used typical lock-and-key setups to prevent them from being opened. They were also equipped with similar mechanisms in their ignition, so nobody could turn on the engine without inserting the correct key.
Thieves eventually learned how to hot-wire cars or mess with the ignition cylinder and start the engine without having the correct key, so car manufacturers had to innovate. They couldn’t let their cars be exposed to this vulnerable bypass, after all.
That’s where car immobilizers come in. So how does an immobilizer work to prevent carjackings? Well, immobilizers only allow the engine to run when the correct key is inserted into the ignition. All of the typical bypass techniques don’t work on engine immobilizers. Cars are a lot more secure now.
But how does an immobilizer work? Are they really as secure as that? And if they are, how are there still carjackings?
How Immobilizers Work
So, how does an immobilizer work?
Immobilizers are units that only allow the engine to turn on when it detects the presence of your key fob inside your car.
If you have a keyless entry system or smart car key, the immobilizer is what starts your car. But if you have a key entry system, the immobilizer still needs to detect your battery-powered key fob before it allows the engine to start.
So how does an immobilizer work to send this data?
A wireless transmitter reads data coming from your key fob to the immobilizer. This data is encrypted, meaning that only computers with a unique “encryption key” can access it. The immobilizer has the correct encryption key to unlock your key fob. And once it unencrypts the data, the immobilizer takes a look and sees if there’s a match.
Some more advanced versions use “rolling codes,” which change every time someone starts the car. These keys still use a static, unchanging code. They just also store a changing code that must be checked after the first static code by the immobilizer. This way, both devices must store two codes simultaneously and be prepared to change the second one.
And how does an immobilizer work with this? If the data matches the immobilizer’s system, the machine knows that the car was started with the correct key fob. It then allows the engine to start. It is difficult to replace a key fob, making them effective theft prevention items.
Immobilizers were invented in 1919, but they weren’t widely used until the late 20th century. In 1998, the European Union passed a law stating that all cars manufactured in Europe have immobilizers installed. Afterward, rates of carjacking began to decline.
Noticing this decline, the United Kingdom followed suit with similar laws, as did Australia and later Canada. Carjacking rates declined in these countries as well after immobilizers became mandatory.
Unfortunately, recently, these rates started to climb back up again. But how?
To understand the problems of immobilizers, we must first understand their strengths. Let’s ask the question: how does an immobilizer work in safety?
How Immobilizers Are Safe
So, how do you steal a car? I assume that you’ve never stolen a car, but regardless, one phrase probably popped into your head: hot-wiring.
To hot-wire a car, access the inner mechanisms under the steering wheel and find the wires that connect the ignition to the engine. This process is how a working ignition activates. Then, you need to cross two different wires: one that tells the car the ignition is in the “on” position and the car’s starter.
You need to know a bit about the inner workings of the car you’re stealing, so it’s not an incredibly easy process. Different models have different colored wires, and you need to know what wires do what. It’s also very easy to electrocute yourself, so please don’t try this at home.
First, the carjacker twists the battery wires together. Then, they connect the ignition wire. This turns the car on, but it doesn’t start the engine. The carjacker must briefly connect the starter wire to do that. Doing this allows the carjacker to drive.
Hot-wiring is tricky because it requires knowledge of a specific car’s wires and the skill to not get electrocuted (which is very easy to accidentally do). Regardless, it was growing increasingly popular among car thieves in the late 20th century. Something had to be done.
So how does an immobilizer work to prevent this? They don’t allow the engine to start at all, even when the correct wires are crossed, and you can’t physically access them like you can with wires. Hot-wiring a car built in the 21st century is generally a bad idea. At best, the car won’t start, and at worst, you’ll get electrocuted.
Without the specific data transmitted inside the properly working key fob, the immobilizer won’t release at all. How does an immobilizer work if there’s no key fob present, after all? They’re very effective at grounding a vehicle and preventing movement. And even if your key fob is not working, your immobilizer will prevent the car from starting.
But if that’s the case, why did vehicle thefts go up after the 2010s? What are people doing to get around these immobilizers and jack cars? How does an immobilizer work in a thief’s favor?
How Immobilizers Aren’t Safe
If immobilizers can’t be physically manipulated, how does an immobilizer work in the favor of thieves trying to break into your car?
The way carjackers are getting into cars with immobilizers is essentially through hacking. The data transmitted between transponder and immobilizer is encrypted, so you need to crack the code to deactivate the immobilizer. And some immobilizers have proven themselves to be very insecure.
Researchers have already cracked several of the most common immobilizers. The most common transponders used are the Megamos Crypto, Keeloq, Hitag2, and DST40. All four of these have their bypasses publicly available. How does an immobilizer work if anyone can bypass it with public information?
These studies found the same thing: that these immobilizers have very predictable and insecure cryptographic sequencing. This means the encrypted data is simple for a machine to guess and eventually crack.
After the DST40 was cracked, the DST80 was released to compensate. It has a longer cryptographic sequence to make guessing the encryption key harder. Unfortunately, researchers found that this longer sequence used many of the same elements as the DST40 and was just as insecure.
The cracking of these sequences doesn’t affect every car on the market, but it impacts a large percentage of them. You should research your car model and ensure that yours was not affected.
So how does an immobilizer work now? As a result of these breaches, immobilizers are being improved upon. Some of the more recent models use securer cryptographic sequencing. Like all locks, immobilizers are in an arms race where they must perpetually stay ahead of thieves.
Better cryptography makes a car much harder to steal. In general, cryptography is far more advanced than what’s in these cars, so change is possible. This lower-end cryptography worked back when most carjackers only knew how to hot-wire a car, but now that better technology is needed, cars will soon catch up.