Hidden 'CarKey' privacy policy in iOS 13.6 beta hints at imminent release

Posted:
in General Discussion edited June 2020
Text relating to Apple's rumored "CarKey" feature has been discovered buried in iOS 13.5.1 and the first iOS 13.6 beta, suggesting a launch could be just over the horizon.

Credit: BMW
Credit: BMW


The feature, which was first hinted at by code within iOS 13.4, would allow Apple users to turn their iPhones or Apple Watches into digital NFCs "keys" for vehicles. Those keys could be used to lock, unlock and even start a vehicle.

While an exact launch timeline is still unclear, German site iPhone-ticker.de spotted the aforementioned privacy policy, which was discovered in various versions of iOS 13.

Although the information doesn't reveal any new details about "CarKey," it does summarize how the feature will work.

The leaked CarKey privacy policy. Credit: iPhone-ticker.de
The leaked CarKey privacy policy. Credit: iPhone-ticker.de


Users will be able to add keys to their Wallet app by signing into their car maker's app or by entering a pairing code in Wallet. From there, keys will be stored alongside credit cards, passes and other items in Wallet.

"If successful, your device sends Apple a one-time owner redemption token. Apple uses the redemption token, information about your Apple account and your device, and your location at the time of provisioning (if Location Services is enabled) for fraud prevention purposes," the policy reads.

Apple adds that users can share their car keys by tapping an Invite button and selecting the level of access they'd like to grant to another user. That corroborates details first revealed in a series of leaked screenshots earlier in 2020.

As far as what personal information is kept or sent, Apple says that vehicle manufacturers may connect a user's device identifier with other information they have on a user. Apple itself said it doesn't collect or retain data on vehicle or CarKey usage.

It's a similar case for data about key sharing, with Apple stating that it "forwards to the vehicle manufacturer information about with whom a pass is shared and what level of access was granted."

Apple will partner with automakers for the feature, so it could end up as an add-on option for customers akin to CarPlay. Data found within a leaked build of iOS 14 suggests that BMW may be one of the first manufacturers to support "CarKey."

"CarKey" will use biometric authentication such as Face ID and Touch ID to secure keys, although there are signs of an "Express Mode" that would allow them to use it without authenticating.

Given that code related to CarKey was found in iOS 14, there's a good chance that the feature will be unveiled at Apple's virtual WWDC 2020 event on June 22.

Comments

  • Reply 1 of 17
    digitoldigitol Posts: 276member
    LOL. kinda pointless really. Perhaps I don’t understand this fully? do you have to reach out and grab your phone, or even so much as touch it/look (touch/face id) to unlock your car? If so, Terrible, Horrible, Lame. My car already has walk up keyless entry. No need to touch, look at, click, pull out anything. Sigh. Apple i’m not impressed. Not since 2011. Sad. 
  • Reply 2 of 17
    This is great! Apple Watch or iPhone can replace my key ring with FOBS. Why didn't anybody think of this before? 
  • Reply 3 of 17
    mike1mike1 Posts: 3,442member
    digitol said:
    LOL. kinda pointless really. Perhaps I don’t understand this fully? do you have to reach out and grab your phone, or even so much as touch it/look (touch/face id) to unlock your car? If so, Terrible, Horrible, Lame. My car already has walk up keyless entry. No need to touch, look at, click, pull out anything. Sigh. Apple i’m not impressed. Not since 2011. Sad. 

    Perhaps you don't understand it "fully" because it hasn't been announced and nobody knows all the details yet.
    Did your narrow mind even consider for a second that it might use the same technology as transit pass whereby you wouldn't have to take the phone out of your pocket or push a button on your watch in orer for it to work?!
    razorpit
  • Reply 4 of 17
    KuyangkohKuyangkoh Posts: 838member
    This is great! Apple Watch or iPhone can replace my key ring with FOBS. Why didn't anybody think of this before? 
    Hello....Tesla anyone??
  • Reply 5 of 17
    SpamSandwichSpamSandwich Posts: 33,407member
    Would be happier if an Apple Transit (Car) was announced. Electronic keys on my iPhone? I don’t think so. Can’t hand those keys off to the valet.
  • Reply 6 of 17
    digitol said:
    LOL. kinda pointless really. Perhaps I don’t understand this fully? do you have to reach out and grab your phone, or even so much as touch it/look (touch/face id) to unlock your car? If so, Terrible, Horrible, Lame. My car already has walk up keyless entry. No need to touch, look at, click, pull out anything. Sigh. Apple i’m not impressed. Not since 2011. Sad. 
    It would not be pointless to me because there have been countless times where I forgot my keys. I try to start my car and it doesn’t turn over and a message pops up that I need my keys with me. However, I never seem to forget to put my phone in my pocket. For me, this would be a game changer.
    razorpit
  • Reply 7 of 17
    digitoldigitol Posts: 276member
    mike1 said:
    digitol said:
    LOL. kinda pointless really. Perhaps I don’t understand this fully? do you have to reach out and grab your phone, or even so much as touch it/look (touch/face id) to unlock your car? If so, Terrible, Horrible, Lame. My car already has walk up keyless entry. No need to touch, look at, click, pull out anything. Sigh. Apple i’m not impressed. Not since 2011. Sad. 

    Perhaps you don't understand it "fully" because it hasn't been announced and nobody knows all the details yet.
    Did your narrow mind even consider for a second that it might use the same technology as transit pass whereby you wouldn't have to take the phone out of your pocket or push a button on your watch in orer for it to work?!
    Ouch. Such hostility! That's why I was asking. I think You are a pretty cool guy Mike1. Anyone who likes the Apple is ok in my book. I have never experienced using transit pass, so that was informative as well.. Thanks man. 
  • Reply 8 of 17
    razorpitrazorpit Posts: 1,796member
    digitol said:
    LOL. kinda pointless really. Perhaps I don’t understand this fully? do you have to reach out and grab your phone, or even so much as touch it/look (touch/face id) to unlock your car? If so, Terrible, Horrible, Lame. My car already has walk up keyless entry. No need to touch, look at, click, pull out anything. Sigh. Apple i’m not impressed. Not since 2011. Sad. 
    It would not be pointless to me because there have been countless times where I forgot my keys. I try to start my car and it doesn’t turn over and a message pops up that I need my keys with me. However, I never seem to forget to put my phone in my pocket. For me, this would be a game changer.
    Yep, there are plenty of times I want to put something in to my locked car in my driveway, and I have to go in the house to get my keys.

    I would never rely on this feature for daily use simply because I don’t trust Apple and their updates. I could easily see ‘10.14.2’ breaking this functionality while the family and I are ‘out to dinner’, or at the office, leaving us/me stranded. It is a nice feature but only as a backup.
  • Reply 9 of 17
    mike1 said:
    digitol said:
    LOL. kinda pointless really. Perhaps I don’t understand this fully? do you have to reach out and grab your phone, or even so much as touch it/look (touch/face id) to unlock your car? If so, Terrible, Horrible, Lame. My car already has walk up keyless entry. No need to touch, look at, click, pull out anything. Sigh. Apple i’m not impressed. Not since 2011. Sad. 

    Perhaps you don't understand it "fully" because it hasn't been announced and nobody knows all the details yet.
    Did your narrow mind even consider for a second that it might use the same technology as transit pass whereby you wouldn't have to take the phone out of your pocket or push a button on your watch in orer for it to work?!
    Dang bud.  That is both rude and wrong.  The tech has been announced and the details are readily available.  Apple's name "CarKey" is the only thing that's new.  The tech is not new. It's already on Release 3.0.  It's a development of the Car Connectivity Consortium. https://carconnectivity.org/  It's already in use on the Hyundai Sonata through supported Android devices.
    edited June 2020 gatorguy
  • Reply 10 of 17
    zimmiezimmie Posts: 651member
    This sounds terrible. Why is the manufacturer involved at all? For that to matter, the manufacturer must be storing a master key for your car which could be used to issue other keys the car would trust, even if you aren't using this feature yourself.
  • Reply 11 of 17
    zimmie said:
    This sounds terrible. Why is the manufacturer involved at all? For that to matter, the manufacturer must be storing a master key for your car which could be used to issue other keys the car would trust, even if you aren't using this feature yourself.
    The article is confusing, but there is no master key.  You issue other tokenized keys yourself.  For example if you want to allow your child to drive the car to the movies.  Or issue a key to a valet.  There are many, many other features to digital keys but the article only focuses on mentions of Apple's implementation as it relates to info found in iOS 13.6 beta.  A more comprehensive detailing of the features can be found at the CCC link I posted in the comment above yours.
  • Reply 12 of 17
    digitol said:
    LOL. kinda pointless really. Perhaps I don’t understand this fully? do you have to reach out and grab your phone, or even so much as touch it/look (touch/face id) to unlock your car? If so, Terrible, Horrible, Lame. My car already has walk up keyless entry. No need to touch, look at, click, pull out anything. Sigh. Apple i’m not impressed. Not since 2011. Sad. 
    I can see a couple of use cases for this.

    Key fob battery dies while in the middle of the Africa.
    Key fob is destroyed by a herd of stampeding Cape buffalo.
    Key fob is stolen by a monkey while hiking.
    My daughter needs to borrow my car while it's at home and I'm in Africa filming Cape buffalo.
    There's something in my car that someone needs and I'm in the hospital recovering from wounds sustained while trying to take pictures of angry Cape buffalo.

    I can think of a few more, even a few that don't involve Cape buffalo.
  • Reply 13 of 17

    zimmie said:
    This sounds terrible. Why is the manufacturer involved at all? For that to matter, the manufacturer must be storing a master key for your car which could be used to issue other keys the car would trust, even if you aren't using this feature yourself.
    You know that the car manufacturer, or at least the dealer, can reproduce your car key anytime they want, right?  They have a record of your car's key, whether it's a "old" style metal one or a new fangled electrical one.
  • Reply 14 of 17
    zimmiezimmie Posts: 651member

    zimmie said:
    This sounds terrible. Why is the manufacturer involved at all? For that to matter, the manufacturer must be storing a master key for your car which could be used to issue other keys the car would trust, even if you aren't using this feature yourself.
    You know that the car manufacturer, or at least the dealer, can reproduce your car key anytime they want, right?  They have a record of your car's key, whether it's a "old" style metal one or a new fangled electrical one.
    Physical car key, sure. They can't add a key to my car's immobilizer without me being aware, though. The only options on my car are to add a new key using an existing owner key, or to reset the immobilizer entirely, which takes several hours and involves wiping its trust of my existing keys (making it tamper-evident).
  • Reply 15 of 17
    zimmiezimmie Posts: 651member

    zimmie said:
    This sounds terrible. Why is the manufacturer involved at all? For that to matter, the manufacturer must be storing a master key for your car which could be used to issue other keys the car would trust, even if you aren't using this feature yourself.
    The article is confusing, but there is no master key.  You issue other tokenized keys yourself.  For example if you want to allow your child to drive the car to the movies.  Or issue a key to a valet.  There are many, many other features to digital keys but the article only focuses on mentions of Apple's implementation as it relates to info found in iOS 13.6 beta.  A more comprehensive detailing of the features can be found at the CCC link I posted in the comment above yours.
    I've been reading through that information, and they don't describe exactly how the manufacturer is involved. The only conclusion consistent with what I've read so far is the manufacturer operates something like a certificate authority which needs to sign the device's key for the car to trust it. If that's the case, though, they would be able to generate their own key and sign it themselves such that the car would trust it.

    I also see mention that only one device can be an owner device with full authority over the car, but I don't see mention of how to replace the owner device if it is lost or stolen. A description of that process would probably provide more insight into just how trustworthy the system is.
  • Reply 16 of 17
    zimmie said:

    zimmie said:
    This sounds terrible. Why is the manufacturer involved at all? For that to matter, the manufacturer must be storing a master key for your car which could be used to issue other keys the car would trust, even if you aren't using this feature yourself.
    The article is confusing, but there is no master key.  You issue other tokenized keys yourself.  For example if you want to allow your child to drive the car to the movies.  Or issue a key to a valet.  There are many, many other features to digital keys but the article only focuses on mentions of Apple's implementation as it relates to info found in iOS 13.6 beta.  A more comprehensive detailing of the features can be found at the CCC link I posted in the comment above yours.
    I've been reading through that information, and they don't describe exactly how the manufacturer is involved. The only conclusion consistent with what I've read so far is the manufacturer operates something like a certificate authority which needs to sign the device's key for the car to trust it. If that's the case, though, they would be able to generate their own key and sign it themselves such that the car would trust it.

    I also see mention that only one device can be an owner device with full authority over the car, but I don't see mention of how to replace the owner device if it is lost or stolen. A description of that process would probably provide more insight into just how trustworthy the system is. 
    DigitalKey/CarKey is software, not a device. DigitalKey is simply an app you download on your phone.  Apple hasn't intro'd the app yet, but the Hyundai Digital Key app is in the Play Store if you want to see it live.  If your phone is lost or stolen, you replace it as you normally would.  DigitalKey doesn't replace your regular normal car key fob.  When you buy a car you still get whatever fob the manufacturer uses.  DigitalKey is simply an option for you to download from the Play Store/App Store and use, similar to the way we use Android Auto or CarPlay already.  The manufacturer's role is to authenticate the app and allow it to control car systems.  The same thing they already do for AA/CP.

    There's only one master device (your phone) because people typically have only one phone.  Multiple master devices don't make sense.  As the phone and car owner, you can give as little or as much control to an additional driver as you'd like.  No one else can give out control of your car.  That's what they mean by full authority.
  • Reply 17 of 17
    zimmiezimmie Posts: 651member
    zimmie said:

    zimmie said:
    This sounds terrible. Why is the manufacturer involved at all? For that to matter, the manufacturer must be storing a master key for your car which could be used to issue other keys the car would trust, even if you aren't using this feature yourself.
    The article is confusing, but there is no master key.  You issue other tokenized keys yourself.  For example if you want to allow your child to drive the car to the movies.  Or issue a key to a valet.  There are many, many other features to digital keys but the article only focuses on mentions of Apple's implementation as it relates to info found in iOS 13.6 beta.  A more comprehensive detailing of the features can be found at the CCC link I posted in the comment above yours.
    I've been reading through that information, and they don't describe exactly how the manufacturer is involved. The only conclusion consistent with what I've read so far is the manufacturer operates something like a certificate authority which needs to sign the device's key for the car to trust it. If that's the case, though, they would be able to generate their own key and sign it themselves such that the car would trust it.

    I also see mention that only one device can be an owner device with full authority over the car, but I don't see mention of how to replace the owner device if it is lost or stolen. A description of that process would probably provide more insight into just how trustworthy the system is. 
    DigitalKey/CarKey is software, not a device. DigitalKey is simply an app you download on your phone.  Apple hasn't intro'd the app yet, but the Hyundai Digital Key app is in the Play Store if you want to see it live.  If your phone is lost or stolen, you replace it as you normally would.  DigitalKey doesn't replace your regular normal car key fob.  When you buy a car you still get whatever fob the manufacturer uses.  DigitalKey is simply an option for you to download from the Play Store/App Store and use, similar to the way we use Android Auto or CarPlay already.  The manufacturer's role is to authenticate the app and allow it to control car systems.  The same thing they already do for AA/CP.

    There's only one master device (your phone) because people typically have only one phone.  Multiple master devices don't make sense.  As the phone and car owner, you can give as little or as much control to an additional driver as you'd like.  No one else can give out control of your car.  That's what they mean by full authority.
    They explicitly talk about how this only works on devices with secure enclaves or similar. Thus, it would be a device key, not a software key.

    From their description, it sounds like they request a key pair from the secure enclave, which will not hand out the private key to anybody (it stores the private key internally and performs operations with it, but will not disclose it; such keys do not survive backup and restoration onto another device). They then send the public key off to the manufacturer to be signed. Once it's signed, the public key and signature are handed to the car along with some kind of challenge response which only the private key corresponding to that public key could have created.

    If my guess above is correct, the manufacturer could sign a key for some other device (or even sign a purely software key pair), which would then be able to unlock and start the car, even after it is no longer under any kind of lien.

    The exact process of replacing the owner device would confirm or refute this.
Sign In or Register to comment.