Adding Keypad Security To Your Automobile’s Ignition System

[BadWolf] managed to make some free time to get back to his own electronic projects. This time around he’s created a security system for his car. It’s patched into the ignition, preventing the engine from starting when the key is turned. A driver must first insert the key, then type the combination on a keypad in the center console before the car will fire up.

While he was working on the project he also decided to add a start button to the dash-board (we think it does make it look like a later model vehicle). The keypad is driven by an Arduino Nano which has the start code stored in it. Power for the system is provided by a USB hub hidden behind the dash which he thinks will also come in handy with future hacks.

When the proper code is entered, you’ll hear a rendition of the Super Mario Bros. theme. The speaker also lends a pleasant beep with each keypress. See the demo clip after the break to hear it for yourself.

[youtube=http://www.youtube.com/watch?v=tHOID4QQ3vg&w=470]

62 thoughts on “Adding Keypad Security To Your Automobile’s Ignition System

  1. transponder keys with discreet challenge/response protos and rolling code dongles are still the best things for security. Italian makers just add laser cut keys and sat tracking to that..

    1. No, those are even easier to thwart – You simply need a set of transcievers to extend the range of the key – Get transciever near owner -> get other transciever near car -> car unlocks. Start car, pull it on to trailer, take it away…. Or, I assume you can simply duplicate the signal that is being extended, and the car will run for some period of time…

      Worse yet, if it’s a simple RFID key, then it is much easier to simply copy the key by walking by with the correct RFID reader, punching the ignition, and driving off…

      Newer cars are easier to steal than older cars – You don’t have to cut and splice wires anymore.

    2. WOW. Just looked at his schematic – So to bypass this system, you need to rip one wire out and connect it to a voltage….. There is no point if you are going to make it that easy!!! This is for fun, not to actually make the car harder to steal.

      1. Even professional car security systems can be bypassed by pretty simple means. Point is that the system does not have to be secure, it only does have to inconvenience the thief enough so the added risk of bypassing the system is not worth it for the thief. And for that, even completely trivial homebrew solutions are mostly better as security through obscurity is pretty important factor in this.

  2. @Alexander
    The keycode has been changed right after video.
    Also,didn’t you notice the shape of the password..;)

    Glider someone?

    @Xorpunk
    It is by far more secure,but it’s really expensive to get that to a vehicule which didn’t came with it at first.

  3. It was way better if he stoped using the key and used remote unlock for the door and start/stop button for the ignition.

    And even better if he just used a CAM to compare the numbers inserted, instead of a arduino.

      1. 7805 is heatsinked,enclosed in a dedicated box and it’s on only when the accessory is on. Also,I’m drawing about 100mA out of it right now and like I told Brett yesterday,I needed a quick and dirty 5V source while my commercial supply is in the shipping,thanks for the concerns and the advice but I think next time you could tell me in less douchebag ways. Thanks

      1. well, not quite there kid. Jealous much? Oh one thing. I looked at your schematic, you are drawing an awful lot of current through that 7805 regulator. probably more than you should, and I bet it’s not even heat sinked. If you burn up your yaris POS insurance wont cover that…

  4. 12 volts to 5 volts with a lm7805, how about the heat dissipation problem? IMO, I would have gone with a low drop out regulator especially if you are powering that usb hub and plan on using anything in addition to the arduino.

    also the website says that the wires will be complicated enough to confuse a thief. I beg to differ, this may stop some 16 year olds who wouldn’t be going after a prius anyway but again, my opinion ;)

    wouldn’t be a complete review if I didnt give you props…
    Good job overall, the install looks clean, I especially like the tubular lock on the panel next to trunk popper (though easily defeated in seconds with a southord lock pick)

  5. Subaru have had a system like this for a while. It gets tedious when you have to work on 5 or so a day. A good feature is ‘valet mode’ though which gives you 10 starts before you need the code again.

  6. I see so many reasons why this is bad:

    1) As someone said, your car can be hotwired

    2) You exposed it on the internet, so high-tech thieves might actually find this fun

    3) Imagine you’re in a danger situation where you have to start very fast, or your engine stalled in the middle of a very busy place… good luck avoiding that truck

    4) If the circuit can be accessed somewhere, Arduino code can be replaced with some other code that won’t check for a keycode

    Kudos for the hacking and getting your hands dirty, nice that it works, but it’s a terrible idea to mess with a car, so many things could go wrong and end up killing you.

      1. If your key has an ID chip in it, I’m guessing this project was more for the fun of just wiring everything up than it is a practical theft deterrent.

        If I looked in your car and saw that system, and then saw that the car wasn’t very clean I’d probably break the window, rip up the control panel, and then just leave it there like that… you know, if I was a criminal. I think you are asking for trouble with that system.

        Sometimes the best anti-theft system is a silent one. Most crooks would know your car has an ID chip and would stay away, or steal something that was worth big bucks instead.

  7. Just rip off the plastic panelling next to the gear stick, there will be 4 wires, the two for the ignition, and 2 for the battery. Just connect the 2 ignition wires together and jimmy the ignition as normal.

    1. the OBC “on board computer” has a code function where when you shut the car off but had yet to pull the key out you can press the code button and enter a 4 digit number. upon return to the vehicle you would need to put the 4 digit code in otherwise the car will crank and crank but never start. they put it in all the cars of the era with the full featured OBC including the 3 and 5 as well.

      1. Technically if it is a manual shift transmission, and you were able to get the key into the run position. you could bypass his system of starting the car. Seeing as it’s a new car, the key would be chipped anyways. With the key you could still get this car rolling, as this just prevents you from turning the starter motor. The starter can be replaced by a slight downhill slope, or a strong friend.

  8. Dear HOD commenters,

    I get it! You’re so very smart and you would have done it so much better. Great make a video of your improved project. Until then, no one cares. Do or do not. There is no I would have done it better.

  9. Good day!

    I was wondering if it is possible to install a security pin code for the ignition on the BMW X 6 2015 model? Everyone in my family is a driver and I want make sure that when I’m not home my car will be safe… Can the manufacturer supply such services? How will it affect my car’s warranty and the insurance?

    Thank you in advance.
    Tshepo Maletenyane

  10. Very interesting to read, but still all the (VATS: GM) and whatever else company used similar style resistance keys for ignition. Each company only used a handful of difference resistances which are all online. The wires are as easy to get to as the the plug for the ignition switch. The reason they only used a few different resistances is for the key replacement. It is extremely easy to bypass the security keys once you have the resistance values.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.