- We release first Consumer Security Ratings for 2020, as ‘theft or unauthorised taking of a motor vehicle’ increases by 5%
- Absence of traditional security measures on Hyundai, MG and Tesla models result in ‘Basic’ ratings
- ‘Superior’ BMW, Land Rover, Mini, Porsche, Škoda and Toyota models pass keyless system ‘Relay Attack’ test
- Relay Attack test failures for Mazda, MG, Subaru and Vauxhall models
We have released our first Consumer Security Ratings for 2020, having assessed the security features of 13 new cars. The results show that while progress is being made by carmakers, some models are still coming to market with inherent security vulnerabilities.
Vehicles are assessed by Thatcham Research security engineers for resistance to digital theft and to confirm that features, including immobiliser, alarm, double locking systems and wheel security, meet minimum insurer requirements.
Three of the vehicles tested, the Hyundai i10 Premium Mpi (‘Basic’), MG HS Excite T-GDI (‘Poor’) and Tesla Model 3 (‘Basic’), were missing some of these security features, and the Tesla’s rating will apply following an upcoming firmware update.
Richard Billyeald, Chief Technical Officer, Thatcham Research comments, “The keyless vulnerability continues to be a concern to car owners. However, it is not the only factor behind recent increases in vehicle theft.”
“Our assessment found that the rated Hyundai, MG and Tesla models are missing some commonly accepted security measures. These measures were introduced to improve core car security and represent the minimum today’s drivers should expect, whatever the vehicle price point.”
Billyeald comments on the rating for the Tesla Model 3: “Thatcham Research has been working closely with Tesla on the security features on the Model 3. Their ability to enhance security functionality via advanced connectivity across all vehicles is a huge advantage.”
Can buyers count on keyless security?
The BMW X6 M50d, BMW 218i Gran Coupe M Sport, Land Rover Discovery Sport D150, Mini EV, Porsche Taycan, Škoda Superb and Toyota Supra all gain ‘Superior’ ratings for all-round security and the presence of a Relay Attack fix.
‘Poor’ ratings were awarded to the following models with keyless systems because Thatcham Research security engineers were able to access and start the vehicles using Relay Attack equipment:
- Mazda CX-30
- MG HS Excite T-GDI
- Subaru Forester e-Boxer XE Premium
- Vauxhall Corsa Ultimate Turbo 100
Billyeald comments, “The number of carmakers now offering Relay Attack counter-measures with new vehicles is steadily increasing and should be applauded. However, all new cars with keyless systems ought to have a solution to this long-standing vulnerability in place.”
“It’s also important to remember that the motion-sensor fob, while a good short-term fix, is not the ultimate solution to the keyless vulnerability, which should be designed-out of new vehicles completely in the future.”
The rated vehicles
|BMW X6 M50d||SUPERIOR|
|BMW 218i Gran Coupe M Sport||SUPERIOR|
|Hyundai i10 Premium Mpi||BASIC|
|Land Rover Discovery Sport D150||SUPERIOR|
|MG HS Excite T-GDI||POOR|
|Porsche Taycan Turbo||SUPERIOR|
|Subaru Forester e-Boxer XE Premium||POOR|
|Tesla Model 3||BASIC|
|Vauxhall Corsa Ultimate Turbo 100||POOR|
*Where available, Thatcham Research tested one model with keyless entry and start fitted. This may be an optional feature on some or all models.
Check the spec
When keyless entry and start is available on a range, the Consumer Security Rating is applied to the model with the system fitted.
“Drivers should go into the dealership with their eyes open to keyless security and if they do intend to specify the system, ask if a fix has been introduced. Your dealer is there to help with any queries or concerns and will know about system fitment and which type of fob is available,” says Billyeald.
For more information on the Relay Attack please click here.
 The Tesla Model 3 uses a different access system (Near Field Communications) to the other cars tested and is not susceptible to the Relay Attack