Category: Blog

9 August, 2023 . 7 mins read

From Seoul to London: How Cities Customize Public Transport Payment

Public transportation is a cornerstone of modern urban living, offering convenience, efficiency, and sustainability for commuters worldwide. As cities continue to expand and mobility becomes more critical than ever, public transport payment methods have evolved significantly, incorporating more user-friendly features. From contactless smart cards to integrated mobile apps, we will explore how cities have revolutionized public transport payment to cater to the diverse needs of their residents and visitors.

Seoul, South Korea – Seamless commuting experience

Seoul, the dynamic capital of South Korea, is renowned for its high-tech public transportation system that bridges its vast urban landscape. The public transport system in Seoul is closely interconnected. Many of the subway and bus routes cross the city border, seamlessly linking Seoul to its surrounding suburban regions. Over a million people commute to Seoul from nearby regions like Incheon and Gyeonggi Province on a daily basis. These commutes often entail multiple transfers between subway lines or from subway to buses. To accommodate such an interconnected system, a common payment method that allows for convenient cross-city travel and smooth transfers is a must for a city like Seoul.

To ensure a seamless travel experience for passengers Seoul’s public transport authorities have incorporated a contactless payment system. Diversification of payment options creates additional convenience for users. In Seoul, you can use regular contactless-enabled bank cards, rechargeable T-money public transport cards, and single-use tickets to pay for your rides. The contactless payment system also supports alternative digital payments like the T-money mobile app and Samsung Pay.

Using a personal credit card for public transport is reserved for locals who can get a public transport payment-enabled card at Korean banks. T-money cards, on the other hand, are available to everyone. The T-money card functions as a rechargeable card that passengers can easily top up at various locations, such as through the mobile app, at subway stations, and convenience stores. Beyond its use in public transportation, the T-money card extends its service to payments at vending machines and convenience stores.

One of the key strengths of Seoul’s contactless payment system lies in its seamless integration across various modes of transportation. Whether taking the subway, hopping on a bus, renting a bike, or catching a taxi, commuters can utilize the same card for all their travel needs. The payment system also accounts for multi-modal commutes, offering discounts for transfers completed within 30 minutes from the previous ride. This integration minimizes the hassle of juggling multiple payment methods and encourages the use of public transport for travel in and outside of the city. The same contactless payment methods can also be used nationwide, making public transport payment universally convenient across South Korea.

Seoul public transport payment

London, United Kingdom – Convenience for locals and tourists

As one of the world’s largest cities, London boasts an extensive and intricate public transport network comprised of the underground, iconic two-decker buses, and railways. On top of having a multi-million population, the city welcomes millions of tourists from all over the world every year. London’s public transport system helps all of these people navigate the city on a daily basis.  

London’s public transport payment system is renowned for its flexibility. The system operates on a contactless basis on virtually all public transit in London, including buses, underground, overground, Docklands Light Railway (DLR), and most national rail services in the city. Users can pay for their rides with whatever payment method is the most convenient for them.

Passengers can use contactless credit or debit cards, as well as mobile payment options like Apple Pay, Samsung Pay, and Google Pay. London’s mass transit system also offers its own contactless Oyster card that is used as a rechargeable smart card. Users can top up their cards with credit to travel across the city effortlessly. To cater to tourists, the city offers Visitor Oyster cards that offer discounts on London’s popular attractions. The British capital’s public transport payment system’s flexibility caters to the needs of both residents and international travelers, offering users a wide variety of payment options to choose from.

One notable feature of London’s transport payment system is fare capping. The amount passengers pay for their daily or weekly travels is capped at a predetermined limit, equivalent to the cost of a pre-paid day/week travel card. Fare capping ensures that commuters never pay more than necessary, providing financial relief for regular commuters.

London is one of the most expensive cities in the world. For a city like this, public transport payment capping helps ease the financial burden of everyday commuting. Fare capping also makes public transport a more attractive alternative to other means of transportation like cabs and private cars, which helps ease traffic congestion in a city known for its narrow alleyways.

London public transport payment

Munich, Germany – Bridging analog and digital

Munich, a city renowned for its rich history and cultural heritage, has an efficient and reliable public transportation system operating a wide-reaching metro, trams, and buses. Payment for Munich’s public transport is done with an MVV (Münchner Verkehrs- und Tarifverbund (Munich Transport and Tariff Association))ticket, a rather traditional payment method compared to more high-tech contactless options.

The MVV ticket is a paper or electronic ticket that provides access to Munich’s extensive public transport network, including the U-Bahn (subway), S-Bahn (commuter trains), trams, and buses. Travelers can choose from various ticket options, such as single-ride tickets, stripe tickets for multiple rides, day passes, tourist cards, and weekly or monthly travel cards.

Munich’s public transport system is organized into multiple zones, and the MVV ticket fares differ across these zones. Due to the difference in fares, ticket prices are calculated according to the passenger’s journey. Multi-use tickets, like monthly and weekly pre-paid cards, also take zonal travel into account offering different ticket prices for different zones. Prior to boarding public transport passengers have to validate their tickets by stamping them in at stamping machines as there are no turnstiles on the subways performing automatic validation.

Because of Munich’s unique public transport structure, the payment system can seem rather analog. Passengers have to purchase new tickets quite frequently, which can be cumbersome. To make public transport payment more convenient for the users the city rolled out alternative ways to purchase tickets digitally. Munich has embraced mobile ticketing applications, like The MVV app, which allow travelers to purchase tickets on their phones. Some tickets can also be purchased on the MVV website. This kind of digitization implements more user-friendly practices in public transit payment while catering to the existing system’s operations.  

Munich public transport payment

Seoul, London, and Munich, each of these cities are unique in their public transit system operations and user demographics. Each city’s public transit authorities have successfully devised distinct payment systems that work best for them. These diverse approaches showcase how cities worldwide are leveraging technology to enhance the commuter experience. Making public transport more user-friendly is an important step in promoting sustainable transportation and reducing reliance on private vehicles.

As urbanization continues to shape the world, the lessons learned from Seoul, London, and Munich’s public transport payment systems offer valuable insights for other cities striving to create customized and user-friendly mobility solutions.

AUTOCRYPT utilizes its experience in secure fleet management and big data analytics to develop bespoke mobility platforms catering to clients’ needs. By embracing cutting-edge technologies and customer-centric approaches, AUTOCRYPT creates mobility platforms that customers want to use. Learn more about AutoCrypt® MOVE.

11 July, 2023 . 5 mins read

In-Vehicle Cybersecurity: A Closer Look at HSM and TEE

It has long been established that cybersecurity is essential to vehicle operations and needs to be implemented universally. However, it is important to note that automotive cybersecurity does not follow a one-size-fits-all approach. Different types of cybersecurity measures have their pros and cons and are more effective for certain types of vehicle architectures rather than others. While there are different types of vehicle cybersecurity measures available on the market today, this blog will discuss hardware security modules (HSM) and trusted execution environments (TEE), offering a closer look at two of the most robust vehicle cybersecurity solutions.

Why do we need in-vehicle security?

Modern vehicles have complex internal computing systems that enable superior functions like advanced driver-assistance systems (ADAS), vehicle-to-everything (V2X) communications, as well as network and cloud connectivity. These internal computing systems interact with each other and the external network, exchanging large amounts of data and signals. If these communication nodes lack appropriate security measures it leaves the vehicle vulnerable to cyber risk.

Wi-Fi, navigation systems, V2X communications, all of these network connection endpoints can be potential routes for cyber attacks. Hackers could breach into a vehicle’s internal system to steal private data like vehicle location, registration number, and even financial information. There is also the risk of hackers breaking into the vehicle systems to gain control of its functions. We saw this happen when two researchers hacked into a car through its cellular connection. After establishing a wireless access to the car, the hackers gained control of the vehicle’s dashboard, infotainment system, and even the engine.

This experiment revealed many vulnerabilities in vehicle internal systems security. It also solidified the importance of a layered approach to vehicle cybersecurity, where both the internal vehicle environment and the external communications are secured.

What is HSM?

One of the most robust cybersecurity solutions in the automotive industry is a Hardware Security Module (HSM). HSM is an external physical security unit that is installed into electronic control units (ECU). It safeguards vehicle communications and functional control systems with message cryptography. Typically, an HSM will include its own processor, cryptographic technologies, and dedicated memory for the hardware security firmware and secure data. Having its own processor, the HSM operates separately from the ECU, bearing the computational load of security functions.

The security module’s main job is to safeguard sensitive vehicle data during message exchanges. It does this by storing cryptographic keys, performing cryptographic operations, and verifying digital signatures to conduct authenticity checks for messages passing through the vehicle. This makes sure that data coming from outside of the vehicle is verified, and data leaving the vehicle is safely encrypted.

HSMs have been the industry standard in vehicle cybersecurity for their ability to safeguard valuable information from tampering. However, there is a problem of scalability with this particular cybersecurity measure. HSM is a security unit that has to be physically installed into ECUs within the vehicle. So, installing HSMs in cars with complex internal architectures and an abundance of ECUs may become costly.

There is also the issue of flexibility. Many modern luxury vehicles support over-the-air (OTA) systems like software downloads and updates. These OTA systems enable the installation of new functionalities into a vehicle without having to alter its hardware composition.

In a rapidly developing automotive industry, cybersecurity software needs to be able to adapt to vehicle software changes. This will be hard to achieve for a car secured only with hardware security modules. The hardware-software segregation in advanced vehicle architectures requires a more flexible approach to cybersecurity that ensures cybersecurity measures evolve hand-in-hand with vehicle software developments.

What is TEE?

A cybersecurity solution that works more effectively in centralized vehicle architectures with ever-evolving software structures is a Trusted Execution Environment (TEE). TEE is a software-based security measure that creates a secure and isolated environment within the application processor, separating critical operations from the rest of the system.

Critical operations and sensitive data can be executed and stored within the trusted execution environment, shielded from potential cyber threats. Similar to HSMs, TEEs have protected crypto libraries where sensitive information, such as cryptographic keys, can be securely stored and managed. They also provide secure communication channels between trusted components, ensuring that data transmitted within the secured area remains confidential and protected from the rest of the vehicle. This helps prevent unauthorized access or tampering.

For instance, the AutoCrypt IVS-TEE security solution offers OTA systems security with encryption and authentication technologies, making sure that only validated software is received and installed during OTA system updates. This is done to ensure that the software comes from an OEM and not a malicious actor.

While TEE and HSM offer similar cybersecurity measures they are very different in terms of implementation and execution. TEEs are built into the application processor’s chipset and can be implemented through software updates, making them more flexible and adaptable to changing security requirements. Leveraging a vehicle’s existing hardware resources, TEEs eliminate the need for additional security components, potentially reducing costs.

Establishing a TEE is a cybersecurity-by-design approach that ensures that there is a secure environment to run critical operations in every application processor.

Comparison of HSM and TEE structure

As vehicles become increasingly connected and autonomous, the importance of robust automotive cybersecurity methods cannot be overstated. HSM and TEE both play crucial roles in securing vehicles against cyber threats. HSMs excel in cryptographic operations and secure key storage, while TEEs create isolated execution environments within the main processor. By combining these methods, automotive manufacturers can maximize protection from external cyber threats and enhance the security of their vehicles.

AUTOCRYPT’s in-vehicle cybersecurity solutions provide complete protection for the vehicle-embedded systems minimizing cybersecurity risks.

To stay informed about the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.

14 June, 2023 . 7 mins read

The V2X Deployment Roadmap in Europe: Progress, Challenges, and What to Expect by 2024

Vehicle-to-everything (V2X) technology is widely regarded by industry experts as a promising solution to improve road safety and achieve full autonomous driving in the long run. However, to establish a functional and interoperable V2X ecosystem, all stakeholders must be on the same page. This article dives into the current V2X deployment progress in Europe and what to expect in the near future.

Europe is often seen as an optimal testbed for V2X technology and Cooperative Intelligent Transport Systems (C-ITS), not only because the continent has some of the world’s most developed and well-maintained road networks, but also because it is home to dozens of road transport operators and has the highest concentration of global automotive OEMs.

As a promising strategy for achieving Vision Zero, V2X deployment has been on the agenda in Europe since the early 2010s. To facilitate the rollout of C-ITS, European Member States and road infrastructure operators joined forces to establish the C-Road Platform, a joint initiative to establish an integrated and interoperable C-ITS network that spans across European borders.

In the private sector, many automotive OEMs have been integrating V2X onboard units (OBU) into their new vehicles. As one of the early adopters, Volkswagen has equipped V2X OBUs in its entire ID. electric vehicle lineup. BMW recently announced plans to deploy V2X technology in its vehicles for vehicle-to-grid (V2G) bidirectional charging. Mercedes-Benz also has plans to deploy V2X, but has been so far promoting its cloud service as a medium to provide real-time vehicle-to-vehicle (V2V) warnings.

However, despite all these efforts, we haven’t yet seen any large-scale V2X use cases on the continent. This raises many questions. How developed is V2X technology? Where is Europe on the V2X deployment roadmap? What are some of the challenges the industry is facing? What can we expect years down the road?

Is V2X technology ready for commercial use?

This would have been tough to answer in the past few years. But as of 2023, V2X technology is fully ready for implementation and commercial use. The reliability and safety of the technology have been repeatedly validated at cross-industry interoperability tests, with AUTOCRYPT being a major contributor to message security. A lot of roadside equipment is now V2X capable. And many OEMs have equipped their vehicles with V2X OBUs.

Where is Europe on the V2X deployment roadmap?

Europe is now entering an early stage of commercial V2X deployment. Still, to operate V2X services on a large-scale, more OBUs and RSUs need to be deployed. This can take up to a decade because consumers will keep their older cars for many years before upgrading. Time is also needed for road operators to install RSUs into their roadside equipment.

At this stage, is V2X deployment only a matter of time? The reality is more complicated. There remain a few challenges that are preventing OEMs and road operators from rolling out V2X at full speed.

What challenges does the industry face?

1. The divide between DSRC and C-V2X: into the hybrid era

The biggest challenge that has been slowing down V2X deployment was a lack of agreement among industry players on the communication protocol. The debate between the WLAN-based DSRC (dedicated short-range communications) and the LTE and 5G-based C-V2X (cellular V2X) has significantly slowed down the implementation of V2X. Each industry player has their own stance and preference, leading to an ongoing rivalry between the two technologies.

As of 2023, North America and China have mostly agreed on using C-V2X as the de facto V2X communication protocol, phasing out DSRC. However, Europe remains largely divided. Whereas Volkswagen uses DSRC for its vehicles, BMW and Daimler have both been in favour of C-V2X.

Fortunately, this divide is becoming less of an obstacle. Seeing that the European industry isn’t likely to reach a consensus anytime soon, V2X hardware providers, software suppliers, and cybersecurity providers like AUTOCRYPT have developed solutions compatible with both protocols so that industry players can continue V2X deployment without having to worry about compatibility.

Nevertheless, since DSRC and C-V2X are not meant to be interoperable at the fundamental access layer, more sophisticated hardware and additional development efforts are needed for dual compatibility. As such, although this hybrid approach can help the industry overcome its immediate interoperability issues, it is by no means an optimal solution in the long run. Many experts predict that one of the two protocols will eventually die off, ending the hybrid era.

2. A lack of incentives

Another obstacle that has been slowing down V2X deployment is the lack of incentives. In most conventional markets, the first mover often gains a competitive advantage because clients and consumers tend to associate the new idea or technology with the brand, just like how Tesla is strongly associated with electric vehicles and Uber with ride-hailing platforms. However, this kind of first-mover advantage is not present in the V2X market, because the full benefit of V2X can only be realized after multiple OEMs and road operators deploy them. Although Volkswagen equipped V2X into the ID. lineup, consumers haven’t been able to experience any significant benefits and thus no association is formed between V2X and the ID. brand.

Under such circumstances, governments and regulators must incentivize early adopters to accelerate V2X deployment. As of now, the idea of regulating V2X is still in debate. But with the joint effort of governments and several industry associations, more and more incentives are beginning to surface.

For instance, Europe’s new car assessment program, Euro NCAP, announced in its 2025 Roadmap that beginning in 2024, all new cars must be equipped with V2X connectivity to receive a five-star safety rating. This move will serve as an effective incentive for OEMs to deploy V2X in their vehicles on a large scale. The Euro NCAP further explained in the report that it chose this timing because it expects all technical uncertainties to be resolved by 2024.

3. Demand uncertainty

Currently, the public has very limited knowledge about V2X technology and its potential. In fact, many have never heard of the technology. This leads to uncertainty in market demand, as it’s hard to gain a grasp of demand when consumers haven’t been informed about the supply.

This isn’t to say that there will be a lack of demand. The potential demand for V2X is immense, given that consumers have always had strong desires for safety and convenience, both of which V2X has a lot to offer. Therefore, the question is not whether there is enough demand, but whether consumers are educated enough to understand how V2X can fulfill these demands. In the end, industry players must not only invest in the technology itself, but also in promoting the benefits of the technology by establishing innovative services and attractive consumer offerings.

What can we expect in the future?

Overall, V2X technology is now nearing the end of its testing stage and ready for large-scale development. Most of the challenges and obstacles that have slowed down V2X deployment over the past few years are now resolved. With more and more incentives, we can expect to see a kickstart to full-scale V2X deployment beginning in 2024.

For a more detailed analysis of the current progress and future prospects of V2X, download the full white paper below:

v2x 2024 prospect white paper thumbnail
Download White Paper

As one of the top five V2X security providers in the world (recognized by Markets & Markets), AUTOCRYPT has always maintained a position ahead of the market in terms of technology and innovation. Not only does its V2X security module support both DSRC and C-V2X, but its Security Credential Management System (SCMS) is fully compatible with all three major standards in the world, including the US SCMS, EU CCMS, and Chinese C-SCMS. To prepare OEMs for full-scale deployment, it released its Integrated Management System (IMS) for SCMS, allowing OEMs to manage millions of vehicle certificates on a single dashboard.

To learn more about AUTOCRYPT’s V2X security solutions and AutoCrypt SCMS, contact global@autocrypt.io.

To stay informed and updated on the latest news about AUTOCRYPT and mobility tech, subscribe to AUTOCRYPT’s newsletter.

13 June, 2023 . 5 mins read

AI In Automotive Cybersecurity

The rise of artificial intelligence is signaling disruption in the technology industry. The likes of Microsoft, Google, and OpenAI are spearheading fierce competition to create the most advanced artificial intelligence aimed at improving the way we interact with technology. While intelligent language models like ChatGPT are already fascinating people with their abilities to deliver answers to given prompts, AI technologies currently available to the public are just the tip of the iceberg. In the automotive industry, artificial intelligence can streamline operations and improve efficiency throughout the supply chain. Utilization of artificial intelligence in the automotive cybersecurity sector can especially benefit threat detection and response.

The Need for Strengthened Vehicle Cybersecurity

Several decades ago vehicle security would entail door locks, car alarms, and airbags. While the same is still true, cybersecurity is becoming an essential part of automotive security. Ensuring full protection now includes shielding the vehicle from internal system malfunctions as well as external cyber threats. However, as cars turn more software-driven and connected, vehicle security is becoming increasingly complex.

A modern-day car contains multiple electronic control units (ECUs) responsible for in-vehicle electronic systems that regulate and perform various functions ranging from essential tasks like steering and engine control to more mundane ones like unlocking doors and rolling down windows. The number of ECUs in a given vehicle depends on the quantity and complexity of vehicle features. For instance, a contemporary luxury car can have up to 150 ECUs, and the number may continue growing if new functionalities and sub-systems are added. These ECUs communicate with different parts of the vehicle and other ECUs to keep the vehicle running. Each of these ECUs and their communication nodes must be secured to protect the vehicle from cyber threats.

Limitations of Conventional Automotive Cybersecurity

Keyless car theft, infotainment system attacks, malware, conventional automotive cybersecurity software is built to protect against these and many other known threats. Cybersecurity companies employ ethical hacking methods to ensure the timely discovery of system loopholes. In ethical hacking, white hat hackers are responsible for hacking vehicle systems to find weaknesses in the software and report it to the cybersecurity software developers, who then implement appropriate security measures.

The complex system architecture of modern vehicles contains dozens of ECUs and millions of code lines, all of which can be potentially exploited by malicious actors. Manually searching for vulnerabilities in these vehicles is like looking for a needle in a haystack. As vehicle systems get more complex securing them will become even harder. While ethical hacking helps companies develop resilient security measures against cyber attacks, this ad hoc approach to cybersecurity has its limitations.

The biggest challenge in automotive cybersecurity is protecting the vehicle from unprecedented danger, also known as a zero-day attack. These attacks exploit previously undiscovered vulnerabilities in vehicle systems to install malware or tamper with the vehicle. Protection against zero-day attacks necessitates a more sophisticated approach to automotive cybersecurity, which is where AI comes in.

The Potential of AI/ML-powered Cybersecurity

AI/ML-based systems analyze, classify, and train on large amounts of data to self-improve and make independent decisions down the road. When applied in automotive cybersecurity, machine learning algorithms can be implemented in the security software to learn common patterns of vehicle operations. A trained model will then be able to distinguish anomalies that fall beyond the scope of ordinary vehicle signals. If malicious behavior is detected the cybersecurity software will send alerts and shield the vehicle from danger. Even if a malicious actor exploits a previously unidentified vulnerability, an AI-powered anomaly detection model will be able to detect intrusions and prevent them.

A car’s digital communications are simple and more predictable than that of a typical computer network. Since signals exchanged during normal vehicle operations often follow fixed patterns, determining an anomalous signal is not very difficult. Therefore, employing unsupervised machine learning in cybersecurity is feasible. For instance, imagine a car driving on the highway at cruising speed that suddenly receives a breaking signal requesting to stop the car in the middle of the road. An AI-powered security software will be able to differentiate this unusual command from a common driving pattern. The system will then block the anomalous signal and send it over to the security experts for further action.

While perfecting a fully AI-based cybersecurity software may take years, some companies are already leveraging the power of machine learning in their solutions. One example is AutoCrypt Security Fuzzer, which is an automated testing solution that employs an AI-based algorithm to input semi-random test cases into selected systems to reveal errors in vehicle software. The solution essentially causes intentional crashes in the system to expose software vulnerabilities that need to be addressed. An AI-based security fuzzer greatly reduces testing time, streamlining the ad hoc approach to cybersecurity implementation.

Due to the self-improving nature of artificial intelligence, the potential of AI in automotive cybersecurity is limitless. The speed of developments in the automotive sector requires cybersecurity measures that are just as agile. Leveraging artificial intelligence in vehicle cybersecurity will help address the risks of zero-day attacks and mitigate threats in a timely and efficient manner.

To stay informed and updated on the latest news about AUTOCRYPT and automotive cybersecurity, subscribe to AUTOCRYPT’s official newsletter.

24 May, 2023 . 5 mins read

How Custom Mobility Solutions Promote Transportation Sustainability

Making transport sustainable has become a global priority as we strive to reduce our carbon footprint and create a more environmentally friendly future. However, sustainability in transportation goes beyond decarbonization, it also necessitates inclusivity and accessibility for all individuals. Unfortunately, the current state of transport often overlooks the needs of people with reduced mobility (PRM), making their everyday journeys challenging and limiting their freedom. This blog will explore the importance of inclusive transport and how custom mobility solutions can help build a sustainable and accessible transportation system for all.

The Challenge of Inclusivity in Public Transport

Public transport forms the backbone of urban mobility, yet it often falls short in terms of inclusivity. People with reduced mobility face numerous obstacles when using public transport, such as inaccessible stations, lack of proper seating, and insufficient accessibility information. These barriers hinder their ability to travel freely and participate fully in society, making routine actions like commuting to work or visiting healthcare facilities unnecessarily complicated.

To address this issue, public transport systems need to be improved with inclusivity in mind. Governments should invest in infrastructure upgrades that include ramps, elevators, and accessible seating at stations and on vehicles. However, accessibility goes beyond infrastructure improvements. To enhance the accessibility of public transport for PRM local authorities will need to ensure clear signage, provide real-time information, and establish customized mobility services.

Harnessing the power of technology in transportation

Technology can be a powerful enabler of inclusive transportation. Embracing technological solutions empowers individuals with disabilities to plan their journeys more efficiently and travel with confidence. One innovative solution that holds great promise is demand-responsive transport (DRT). DRT utilizes advanced algorithms and technology to provide flexible and on-demand transportation services that cater to the specific needs of individuals, including those with reduced mobility. On-demand transportation services specifically tailored to PRM can offer convenient and affordable options. Optimized in the form of mobile applications, DRT platforms can provide real-time information on accessible routes, schedules, and vehicle availability.

DRT systems operate by allowing passengers to request transportation through a mobile app or a centralized call center. The algorithms optimize routes based on real-time demand, picking up passengers from their desired locations and dropping them off at their destinations efficiently. DRT systems can be customized to accommodate various accessibility requirements. For instance, passengers with reduced mobility can request wheelchair-accessible vehicles, ensuring that their specific needs are met during transit. As such, DRT promotes a more inclusive and user-centric transportation experience by integrating various customized features into the technology.

Unlike fixed-route public transport, DRT adapts dynamically to passenger demand. By optimizing routes in real-time, DRT vehicles can efficiently serve passengers across different areas, reducing wait times and providing more efficient routes. This is done by real-time data collection that feeds machine-learning algorithms, constantly improving routing efficiency.

In addition to addressing accessibility concerns, DRT has the potential to offer cost-effective transport solutions. By optimizing vehicle occupancy and pooling multiple passengers traveling in the same direction, DRT can lower individual travel costs compared to traditional private rides. This affordability factor makes it a more sustainable option for everyday commutes, benefiting individuals with reduced mobility who may face financial constraints.

On top of providing customized services to users, DRT can be seamlessly integrated into existing transportation networks, complementing traditional public transport systems. By connecting with buses, trains, and other modes of transport, DRT offers a holistic approach to inclusive mobility, allowing individuals with reduced mobility to transition smoothly between different modes of transportation. Technology-enabled DRT platforms provide real-time information to passengers, including estimated arrival times and vehicle tracking. This information empowers individuals with reduced mobility to plan their journeys, reducing uncertainties and improving overall confidence in using public transport.

Incorporating technology-driven customized DRT transport can revolutionize the way individuals with reduced mobility navigate their cities. By leveraging advanced algorithms, mobile applications, and seamless integration with existing transportation systems, DRT offers a flexible, accessible, and cost-effective solution that caters to the specific needs of all passengers, regardless of their mobility limitations.

DRT in Action – Case Study of 2U Access

AutoCrypt EQ’s 2U Access is a DRT platform created specifically to serve PRM. The platform was created in collaboration with 2U Social Cooperative, a non-profit based in Busan, South Korea. The main purpose of the platform is to make transportation efficient while keeping it accessible and affordable for PRM. Utilizing a dynamic routing system powered by machine learning algorithms, 2U Access ensures that each user’s transportation needs are met at the right place and time. Valuable demographic data such as information on the local spread of people with disabilities, areas with inefficient public transport, barrier zones, and more were used to create and further optimize the service.

In less than 2 years since the launch 2U Access gathered close to 20,000 users, completing over 300,000 rides. A vast amount of data collected during these rides quantifies the benefits delivered to users. Travel time savings and increased convenience were the most significant user benefits. In fact, 18% of 2U Access passengers used the service for work commutes and reported a 20-minute reduction in their commute time. By offering easier commutes 2U Access not only saved the passengers’ valuable time but also enabled PRM to enter the labor market, indirectly delivering public sector benefits. This shows that DRT services not only promote transportation sustainability but also contribute to overall public welfare and economic sustainability.

As we strive for a more inclusive and sustainable transport future, harnessing technology, including innovative solutions like DRT, becomes increasingly important. By embracing these advancements, we can create a transportation ecosystem that breaks down barriers, empowers individuals with reduced mobility and ensures that no one is left behind on the journey toward a more inclusive society.

27 April, 2023 . 6 mins read

What Are the Potential Consequences of Cyberattacks on OEMs?

The automotive industry has drastically changed in the past decade becoming increasingly software driven. However, higher reliance on software comes hand in hand with a higher risk of cyberattacks. This is because a more complicated system backend has more potential entryways malicious hackers can exploit. A cyberattack on an OEM can have dire consequences that may affect sensitive company and customer data, disrupt supply chain operations, and tamper with vehicles produced by the OEM. This blog will explore some of the potential consequences of cyberattacks against OEMs.

Data Breaches

One of the biggest cyber threats to an OEM is a data breach. If an OEM’s system is attacked and a data breach occurs, the stored data could be stolen, compromised, or deleted, leading to various adverse effects on both the customers and the OEM.

During a data breach, malicious hackers can steal confidential customer data, such as personal identification numbers (PINs), social security numbers, medical records, and more. This valuable information can either be leaked or posted on the dark web for purchase. In any case, if the customers’ confidential data is exposed, malicious actors can use it to commit fraud, phishing, or an infinite number of other criminal activities. Not all data breaches are targeted toward retrieving customer data. Sometimes cyber criminals may want to access sensitive company information and steal trade secrets or intellectual property. Some breaches are purely destructive, with hackers accessing confidential data only to destroy it. 

Data breaches are extremely dangerous as they not only compromise data but also lead to a loss of customer trust in the OEM. On top of that, OEMs may face legal consequences or be fined for negligent cybersecurity practices that can end up costing a fortune.

Sometimes a breach into a company’s system may not be limited to stealing sensitive data. Malicious hackers may encrypt the data and request a ransom in exchange for a decryptor. Ransomware is designed to deny a user or organization access to files on their computer. By encrypting these files and demanding a ransom payment for the decryption key, cyber attackers place organizations in a position where paying the ransom is the easiest way to regain access to their files.

In 2021, Kia Motors America allegedly suffered a ransomware attack, where the hackers requested $20 million to decrypt files and not leak confidential data. During the alleged ransomware attack, the OEM’s portals suffered a system outage. This resulted in the disruption of services where customers and dealerships across the country were unable to access their data. While financial damages were never disclosed, this incident ended up damaging the OEM’s reputation.

A cyberattack on an OEM can cause significant harm to customer data, leading to financial loss, legal consequences, and loss of customer trust. As such, it is crucial for OEMs to invest in robust cybersecurity measures to protect themselves and their customers from potential cyberattacks.

Supply Chain Disruptions

Software plays a critical role in making sure the automotive sector’s supply chain operates efficiently and effectively. A cyberattack on an OEM, or any other company within the supply chain, could disrupt the production of components that are critical to the supply chain. This could lead to delays in operations, holding up the delivery of final products down the supply chain. Delays in the supply chain will ultimately slow down the rollout of vehicles to customers. If this happens, not only does the OEM suffer financial losses, but the company’s reputation will also take a major hit. A similar incident happened in 2022, when a supplier of Toyota suffered a cyberattack. As a result, the OEM had to halt production which ended up slashing production outputs by a third.

The effects of a cyberattack on the supply chain can be disastrous, therefore industry regulations like WP29 and ISO/SAE 21434 hold OEMs accountable for enforcing cybersecurity practices. Meaning that OEMs are obligated to make sure that cybersecurity measures are implemented across every company in the supply chain. This includes monitoring and auditing cybersecurity throughout the supply chain to demonstrate enforcement of the regulations at all times.

OEMs need to encourage cybersecurity measures at the base of all IT operations within the company and throughout the supply chain. Implementing cybersecurity measures is not limited to installing sophisticated cybersecurity software. It also includes utilizing encryption and authentication, as well as educating employees on cybersecurity practices that need to be honored in day-to-day operations.

Vehicle System Disruptions

While supply chain disruptions and data breaches have negative consequences on operations, finances, and company image, a cyberattack on a vehicle can escalate into a life-and-death situation.

Modern vehicles run on around 100 million lines of code which enable many advanced features beloved by customers. Unfortunately, hackers can exploit vulnerabilities in complex vehicle software to gain unauthorized access to in-vehicle systems. We have seen reports of hackers breaking into vehicles using car infotainment systems, key fobs, or Wi-Fi dongles. But hackers can also gain access to a car by attacking the OEM’s server. Hackers can inject malware into a company’s server, which can then spread to the vehicle’s systems via over-the-air software updates or other connections. The malware can then allow them to take control of the vehicle’s functions or steal data.

If the OEM system has remote access capabilities, through cellular or Wi-Fi connections, hackers can attempt to exploit vulnerabilities in these connections to gain access to the vehicle’s systems. This can allow them to remotely control the vehicle’s functions, such as acceleration, braking, and steering. If malicious hackers get access to vehicle control this can wreak havoc on the roads and put millions of lives in danger.

Companies must secure in-vehicle systems and conduct regular security assessments to mitigate the risks of vehicle-targeted cyberattacks. The automotive industry can collaborate with cybersecurity experts to stay on top of vehicle cybersecurity regulations and best practices. This can help the industry get access to effective solutions that address emerging cybersecurity risks. For instance, AutoCrypt IVS specializes in securing in-vehicle systems by protecting the vehicle from external attacks, monitoring communications within the vehicle, and responding to any abnormal activities.

The increasing reliance on software in the automotive industry has created new cybersecurity risks. To address these risks OEMs have to prioritize cybersecurity within the company, across the supply chain, and in every vehicle on the road by developing a comprehensive cybersecurity framework. Ensuring cybersecurity should come in multiple levels. First, OEMs must secure internal IT systems and operations. On the second level, OEMs will need to secure the supply chain and encrypt all communications between partner companies. And lastly, employ in-vehicle security measures that will make sure that vehicles are protected against internal and/or external threats.