A resource for consumers, locksmiths, and security professionals
Cars are probably one of the most expensive things you interact with daily. The streets are constantly lined with them, and losing one would put a massive dent in anyone’s wallet.
Car thefts happen all the time. You need to be constantly vigilant: ensure that your car is locked, and your keys are safe, and you’ve parked in a safe spot, and everything in your vehicle is in working order.
Vigilance has become second nature to most drivers. We all know that the dangers are out there, and we’re used to being on alert all the time.
That’s why technology to prevent carjacking is so vital. Thieves are crafty and innovative and will probably go for the quickest and most readily available target. Keeping your car secure and impossible to steal is critical in car ownership and manufacturing.
Initially, cars used typical lock-and-key setups to prevent them from being opened. They were also equipped with similar mechanisms in their ignition, so nobody could turn on the engine without inserting the correct key.
Thieves eventually learned how to hot-wire cars or mess with the ignition cylinder and start the engine without having the correct key, so car manufacturers had to innovate. They couldn’t let their cars be exposed to this vulnerable bypass, after all.
That’s where car immobilizers come in. So how does an immobilizer work to prevent carjackings? Well, immobilizers only allow the engine to run when the correct key is inserted into the ignition. All of the typical bypass techniques don’t work on engine immobilizers. Cars are a lot more secure now.
But how does an immobilizer work? Are they really as secure as that? And if they are, how are there still carjackings?
The most important things to know about car immobilizers is:
So, how does an immobilizer work?
Immobilizers are units that only allow the engine to turn on when it detects the presence of your key fob inside your car.
If you have a keyless entry system or smart car key, the immobilizer is what starts your car. But if you have a key entry system, the immobilizer still needs to detect your battery-powered key fob before it allows the engine to start.
So how does an immobilizer work to send this data?
A wireless transmitter reads data coming from your key fob to the immobilizer. This data is encrypted, meaning that only computers with a unique “encryption key” can access it. The immobilizer has the correct encryption key to unlock your key fob. And once it unencrypts the data, the immobilizer takes a look and sees if there’s a match.
Some more advanced versions use “rolling codes,” which change every time someone starts the car. These keys still use a static, unchanging code. They just also store a changing code that must be checked after the first static code by the immobilizer. This way, both devices must store two codes simultaneously and be prepared to change the second one.
And how does an immobilizer work with this? If the data matches the immobilizer’s system, the machine knows that the car was started with the correct key fob. It then allows the engine to start. It is difficult to replace a key fob, making them effective theft prevention items.
Immobilizers were invented in 1919, but they weren’t widely used until the late 20th century. In 1998, the European Union passed a law stating that all cars manufactured in Europe have immobilizers installed. Afterward, rates of carjacking began to decline.
Noticing this decline, the United Kingdom followed suit with similar laws, as did Australia and later Canada. Carjacking rates declined in these countries as well after immobilizers became mandatory.
Unfortunately, recently, these rates started to climb back up again. But how?
To understand the problems of immobilizers, we must first understand their strengths. Let’s ask the question: how does an immobilizer work in safety?
So, how do you steal a car? I assume that you’ve never stolen a car, but regardless, one phrase probably popped into your head: hot-wiring.
To hot-wire a car, access the inner mechanisms under the steering wheel and find the wires that connect the ignition to the engine. This process is how a working ignition activates. Then, you need to cross two different wires: one that tells the car the ignition is in the “on” position and the car’s starter.
You need to know a bit about the inner workings of the car you’re stealing, so it’s not an incredibly easy process. Different models have different colored wires, and you need to know what wires do what. It’s also very easy to electrocute yourself, so please don’t try this at home.
First, the carjacker twists the battery wires together. Then, they connect the ignition wire. This turns the car on, but it doesn’t start the engine. The carjacker must briefly connect the starter wire to do that. Doing this allows the carjacker to drive.
Hot-wiring is tricky because it requires knowledge of a specific car’s wires and the skill to not get electrocuted (which is very easy to accidentally do). Regardless, it was growing increasingly popular among car thieves in the late 20th century. Something had to be done.
So how does an immobilizer work to prevent this? They don’t allow the engine to start at all, even when the correct wires are crossed, and you can’t physically access them like you can with wires. Hot-wiring a car built in the 21st century is generally a bad idea. At best, the car won’t start, and at worst, you’ll get electrocuted.
Without the specific data transmitted inside the properly working key fob, the immobilizer won’t release at all. How does an immobilizer work if there’s no key fob present, after all? They’re very effective at grounding a vehicle and preventing movement. And even if your key fob is not working, your immobilizer will prevent the car from starting.
But if that’s the case, why did vehicle thefts go up after the 2010s? What are people doing to get around these immobilizers and jack cars? How does an immobilizer work in a thief’s favor?
If immobilizers can’t be physically manipulated, how does an immobilizer work in the favor of thieves trying to break into your car?
The way carjackers are getting into cars with immobilizers is essentially through hacking. The data transmitted between transponder and immobilizer is encrypted, so you need to crack the code to deactivate the immobilizer. And some immobilizers have proven themselves to be very insecure.
Researchers have already cracked several of the most common immobilizers. The most common transponders used are the Megamos Crypto, Keeloq, Hitag2, and DST40. All four of these have their bypasses publicly available. How does an immobilizer work if anyone can bypass it with public information?
These studies found the same thing: that these immobilizers have very predictable and insecure cryptographic sequencing. This means the encrypted data is simple for a machine to guess and eventually crack.
After the DST40 was cracked, the DST80 was released to compensate. It has a longer cryptographic sequence to make guessing the encryption key harder. Unfortunately, researchers found that this longer sequence used many of the same elements as the DST40 and was just as insecure.
The cracking of these sequences doesn’t affect every car on the market, but it impacts a large percentage of them. You should research your car model and ensure that yours was not affected.
So how does an immobilizer work now? As a result of these breaches, immobilizers are being improved upon. Some of the more recent models use securer cryptographic sequencing. Like all locks, immobilizers are in an arms race where they must perpetually stay ahead of thieves.
Better cryptography makes a car much harder to steal. In general, cryptography is far more advanced than what’s in these cars, so change is possible. This lower-end cryptography worked back when most carjackers only knew how to hot-wire a car, but now that better technology is needed, cars will soon catch up.
Car immobilizers are basically just devices that prevent the car from being started if they don’t sense the right key.
So how does an immobilizer work? Key fobs send out encrypted data signals that the immobilizer reads. If the data signal is the same as what the immobilizer has on file, it allows the engine to start once the key turns.
Car immobilizers make hot-wiring impossible, as the correct key must be inside the car to deactivate them.
But how does an immobilizer work? Unlike the wiring under the steering wheel, you can’t physically manipulate an immobilizer, as it’s designed to be tricky to break into. Carjackers must find some other way around the immobilizer.
Immobilizers block signals from reaching the engine control unit. When you start an engine, the fuel must be introduced through a fuel injector, allowing the engine to continue running on said fuel.
The immobilizer prevents this fuel injection if the code it reads is incorrect. Essentially, when the wires cross that tell an engine to start, the immobilizer stands in the way of the process and only allows the process to continue if the code it reads in the key is correct.
Back in the day, carjackers were skilled in hot-wiring vehicles. They could undo the casing in the steering wheel and cross the correct wires to start the car manually. And how does an immobilizer work against that? With an immobilizer, the engine won’t start unless the correct key is detected.
Immobilizers prevent the vehicle from starting unless the correct key fob is detected. Any car can have an immobilizer, but keyless entry cars especially need them. They don’t have the extra security of the key.
A car with keyless entry and an immobilizer means that the vehicle can’t be hot-wired and can only start if the person pressing the “start” button has the key fob in its vicinity. The key fob must send the correct signal to the immobilizer. Only then will it deactivate and allow the engine to start.
The immobilizer is a significant invention and one of many milestones in the battle between thieves and manufacturers.
Like all security, car security needs to be layered. For example, the odds of an experienced car thief having an automotive lock pick set are pretty high. But what about the odds of them having an automotive lock pick set and the knowledge and training for hot-wiring? How about an automotive lock pick set, the understanding for hot-wiring, and the ability to crack cryptographic sequencing to deactivate the immobilizer?
How does an immobilizer work against bypasses? Essentially, it doesn’t always have to.
The right kind of dedicated thief can bypass immobilizers, but most thieves are not. This principle is especially true when there are still cars out there without an immobilizer. Classic cars have this enticing combination of being old enough to have worse security and expensive collector’s items.
Once again, however, it’s a matter of where you are in an arms race. As immobilizers have become incredibly common, so has knowing how to crack them.
As a result, anyone interested in stealing cars (or anyone with a stuck car key) is going to look into immobilizers as they begin to run out of “easier” options. How does an immobilizer work against time?
Manufacturers must deploy and develop harder immobilizers quickly. Car manufacturers are working on that. In a few years, most people may have a harder to crack immobilizer.
Despite their flaws, immobilizers are helpful. With the proper key programming, they can be very effective. Sure, we’ve come a long way since their invention, but they changed the game for good. Without immobilizers, regular hot-wiring would still be a common occurrence and something you’d have to worry about regularly.
For now, cryptographic sequencing and wireless transmitters should be your biggest concern. How does an immobilizer work against those? That said, these are less accessible than the screwdriver and pliers you’d need for hot-wiring. When it comes down to it, we have a lot to be thankful for in immobilizers.
Category: Automotive, Lock Types
