RFID Immobiliser

[andrew_h] has put together this slick anti theft device for his car. The RFID immobiliser is used to keep the car from starting unless you swipe an RFID tag. Depending on how well you hide it, and how well the person stealing the car knows you, they would have no reason to suspect that they have to swipe the tag. Even if someone steals the car while it is already running, they won’t be able to re start the engine if they shut it off. As usual, schematics and PCBs are available.

27 thoughts on “RFID Immobiliser

  1. @miguel

    Just use a latching relay setup instead, then until the key is removed it will stay able to start

    If a professional thief wants it, they’re going to get it regardless. Most devices are to stop the average moron.


  2. Actually I could see this being pretty effective, as when someone is stealing a car they tend to want to get gone pretty quickly; and don’t forget, those that resort to thievery are not exactly renowned for the technological knowhow beyond what they come prepared for IE hotwiring ignition, disabling alarm. Neat build, I see this having allot of applications.

  3. well, if you open up the lock cylinder, the combination is visible too!

    its not even encrypted!

    if this device is hidden under the console, its location is the obscurity.

    the actual RFID data is the real security layer. indeed the contacts can be shorted, just like the ignition switch. but i do think the obscurity adds some protection.

  4. Some facts.

    Thieves are stupid, really stupid. This will thwart 98.997% of all thieves.

    Most car thefts are not by a pro that is stripping it, most are really stupid kids looking for a joyride or to steal something to get more crack.

    This would be highly effective in stopping most thieves. problem is it needs to make very loud noise afterwards or the retard will start trashing the interior of the car.

  5. FYI the ones in OEM cars are challenge/response cryptographic passive rfid. Think keygen..

    This means there is no static response..

    These systems are reliable enough that the only actual compromise in over 3 decades were by a private research team using an fpga array and custom firmware. If a thief steals one it’s through key theft in some form or another.

    The Mercedes one held it’s own even when the rest of the system was compromised by high profile Iranian chop shop thieves. They defeated satallite, alarm and everything else..

  6. By the way this is entirely different RFID than what you’ve seen cracked in subway systems etc..way way more secure..still used in 2010 by all manufacturers and undefeated in the wild

  7. I could see lots of other uses for this. It would work as a door lock for a car or home. Connect the relay to the start button on your computer, lock the case physically and no one can start your machine up without an authorized keycard. An extra layer of security is almost always a good thing.

  8. I would guess this offers the same amount of security as the newer cars that have only push-button ignitions and use proximity FOBs on the driver to activate. Add in the normal key interlock and it seems even more secure.

  9. This might be a stupid question, but the article doesn’t mention any specific type of RFID tag.

    If I was going to build something like this as a first project into microcontrollers and RFID, would anyone be able to recommend a tag I could/should use with something like this?

  10. I was developing something along the lines of this except a weee bit more intricit. Using the OBD2 lines the device was able to reed the information from the engine. If no card was swiped one could start the car but not exceed 25 mph and 5 miles. There was a card used for someone “borrowing” the car which would limit the speed to 60 mph and 50 miles. then the drive card would limit the speed to 70 mph (the speed limit in my state). Finally the unlock card would impose no restrictions.

    The whole outcome was kinda thwatted when I removed the ecu to place a carburated engine in and is still awaiting upgrades (think gps) for the speed and distance

  11. I used to pull the emergency brake, then unscrew the release knob and toss it in my pocket. But then again, who wants to steal a Tercel?

    @Whatnot; what if you decide to wear clogs?

  12. I kind of like this. I don’t own any Lambos, Ferraris, Corvettes, Maybachs, Bugattis, or any other high-end car, so would-be thieves looking to steal my car wouldn’t have a clue to even go near this. Combine this with a fuel pump isolator circuit as well, and you have a car no (average) thief will be able to take, short of coming in with a tow truck.

  13. This is the MiFare RFID that is easy to reverse engineer for those asking. It just stores keys.

    The passive chips that do challenge/response that all the OEMs use are super discreet as far as programming goes. You’d have the reverse the BCM or ECM firmware to get the keygen for an implementation.

  14. xorpunk the instructable says it is an ID-12 rfid reader. I used one of those on a project last year, they don’t store any codes. The Pic would store the code and compare to what is read from the ID-12.

    it would be much easier to just cut out the relay and twist wires back together, then to reverse engineer the code. like they said if you hide this well then it would stop nearly any thief.

  15. @ XORPunk – The oem ones are NOT that secure.
    Goto bypasskit.com. Most of these devices can learn with one, or two keys and can then generate the same “all is well” signal so that a car can be remote started with no key present.

  16. My family had an old Peugeot that had a very similar system to this, minus the RFID. A reed relay (or functional equivalent) was hidden down in the casing of the steering column which needed to be swiped with a magnet before the ignition would work. IMO I don’t think adding the RFID contributes much to the security of this system, which is very much by obscurity: if the thief knows where to look, it’d be trivial to bypass, as others have said. (By the way, security by obscurity is okay provided the security strategy is a rare one in the strategy pool.)

  17. More strategy, Maybe?

    What if u were to set this security system up to intercept the current to starter & ignition; impersonating a dieing battery, too weak to start engine, and fully power lights? Thermistor of some type?

    AS long as this method wasn’t commercialized, I think it would be quite affective, for some time, fouling those that would deprive us of our equitable interest in said vehicle.

    A little misdirection… never hurts. ;)


Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.