Belgian Hacker asks EU to increase privacy measures in parking apps

Hackers can find out a vehicle's location through parking apps and car parks with smart cameras. This was announced by Belgian ethical hacker Inti De Ceukelaire after a self-organised research project.

De Ceukelaire conducted a 100-day experiment in which he tried to track 120 cars. One in four he was able to locate perfectly. With that information, criminals could get to work. Ceukelaire calls for privacy measures to be beefed up. Since most parking companies are active in several countries, he called for a European approach.

The Indigo parking app does not even require hacking. Simply entering the number plate of the car you'd like to follow into the system suffices. There is no check whether that number plate actually belongs to the app user. Once the car enters an underground car park with number plate recognition, the app user is notified.

De Ceukelaire also developed a computer programme to detect whether the cars he tracked were using 4411 free parking sessions. In any city where that service is offered, drivers can be located via the programme. In Belgium it concernes Aalst, Antwerp, Beveren, Charleroi, De Panne, Ghent, Hasselt, Tournai and Turnhout.

"My computer programme 'talked' to thousands of digital parking meters at the end of each day asking if there was still free parking time available for the cars to be traced. If my system failed to create a one-second free parking session for that number plate in one of the free zones, I knew with certainty that the vehicle had parked in that zone that same day," he told VRT.

© BELGA PHOTO