Automated license plate recognition systems have been used for over a decade by law enforcement to monitor and identify traffic offenders. More recently, the technology has found its way to customer-facing applications, despite criticism by privacy advocates. Until now, most privacy concerns revolved around increased risk of government surveillance, automated decision making, high cost of usage and potential data breaches. With this research paper, we are putting the theory into practice and factual data, uncovering different ways in which these systems are inadvertently already exposing vehicle location data to the general public. The growing trend of affected license plate systems across Europe and the U.S. is concerning, and calls for prompt and decisive actions by legislators to mitigate the increasing risks.
From June 2022 to mid-September 2022, a group of 120 randomly selected individuals with different levels of car usage volunteered to have their license plates tracked as part of this study. None of the participants were briefed about the research methodologies, so their participation would not influence their driving behavior.
One discovered methodology involved (re-)registering the license plates into parking and toll road applications that start- and stop sessions based on automatic license plate recognition. Out of the 120 license plates monitored, we were able to track down the live location of slightly over 29% of vehicles during a 100-day window (26.5% of which using methodology #1, and additional 2.5% using methodology #2 which was tested on a smaller scale).
Another technique was proven to work in areas without cameras, such as on-street parking in cities and residential neighborhoods. A proof-of-concept stalkerware application was developed to routinely create one-second parking sessions for a multitude of parking zones across the country, intercepting any errors that would indicate the vehicle is already parked there. When used in areas that offer limited free parking time, the scan would only have to run once a day and would not incur any charges for the attacker.
The attack surface of both techniques is widespread, with more 3,850 affected areas identified in 10 different countries in Western Europe. All traffic participants can be affected, regardless of whether they already use parking apps or not. Other than avoiding all affected areas, the only way for road users to temporarily mitigate the risk is to invoke their (UK/EU) GDPR’s Right to Restrict Processing on the concerned data processors. In order to facilitate this, a web application hosted at NOTMYPLATE.COM was developed to help users send in a propper GDPR request for their license plate with an up-to-date list of affected parking apps.
While this will help combat the privacy loopholes short-term, a more rigid solution will need to be put into place by data processors and regulators.
The COVID-19 pandemic has accelerated the rise of contactless solutions, and the parking industry is no exception to this trend: ticketless entry through a mobile app or license plate recognition have become a standard for the large majority of parking operators. This trend increases convenience for its end-users, but also inadvertently exposes these previously closed systems to remote attacks described in the following sections.
In order to automatically start- and stop a parking- or tollroad session based on a license plate, parking apps allow their users to enter their license plate number. Whilst this is convenient, this system lacks any form of authorisation: none of the apps verified whether the license plate was owned or affiliated to the person who entered it. This creates an opportunity window for a malicious actor to register someone else’s license plate and enable ANPR-based payments on their behalf. The next time a connected ANPR camera would detect the license plate, the attacker would receive a live push notification informing them of their session, disclosing the name of the parking lot the license plate is detected.
On May 31 2022, we launched a call on Twitter and Instagram to sign up participants for our car-tracking experiment. To be eligible to participate, the individuals had to be a named driver of the car, but there were no requirements in terms of car usage. None of the individuals that agreed to participate were briefed about the tracking methodologies, to ensure their driving behavior would not change. In total, 120 participants had their license plates entered in the apps of two selected parking operators: Q-Park and Indigo. The third big Belgian operator Interparking was excluded because their application only allows its users to link one license plate at a time, which is less convenient for a large scale experiment.
Within the first days of the experiment, we already received the first succesful hits: one in a Q-Park location near a hospital in Antwerp, and one in an Indigo location in Malines.
Over the duration of the experiment, the list of successfully located vehicles continued to grow in a linear fashion. After 100 days, 26.5% of all vehicles were already successfully located using this methodology:
After every successful match, we deactivated or removed the license plate in the system to prevent suspicion. In many cases, the matched location would provide insights into the activity the targeted driver was attending while the vehicle was parked. Amongst the parking locations are hospitals, shopping malls, casino’s, swimming pools, concert venues, public transportation hubs or offices. Given enough data points, it could be possible to deanonymize individuals based on their activity history.
As the attacker is creating ANPR-based sessions on behalf of their victims, it does require them to cover the parking fee in case of a successful attack. The exact amount would depend on the location and the duration of the session, but typically be only a fraction of the costs of other tracking techniques, such as hidden trackers or private investigators.
During the investigation, €273.85 was spent on parking tickets ranging from €1,60 to €36,00. Some sessions were not charged because the driver either immediately left the building, or a technical error occurred. The average cost to successfully track down a vehicle was €7,82.
In a real-world attack scenario, attackers may reduce operating costs by cutting the parking session short through the customer service or using stolen credit cards. On some occasions, the unknowing victim would still grab a ticket and pay for it themselves, reducing the cost of the attack down to zero.
Since the technique attacks the fundamentals of license plate based parking systems, it is not possible to fully mitigate the attack without losing some of its current convenience and functionalities.
While license plate owner verification would seem like a logical solution to implement, it brings a couple of hurdles with it. Having users upload their registration certificate does not only diminish the user experience, it would provide the parking operators with even more sensitive data they are not permitted to process, and could easily be forged.
Our research has shown that the majority of parking apps allow re-registration of license plate, even if the plate is already listed in the system. Without any notification or need for confirmation, the license plate would be disabled from the victim account and any future charges or notifications regarding the license plate would be sent to the attacker.
Some applications do prevent the re-usage of a license plate through their application. In that case, the customer service could possibly still re-assign it when contacted.
Some parking apps allowed an infinite amount of license plates to be added to their ANPR payment list, allowing attackers to conduct surveillance on scale. Reducing the amount of license plates one could add would make the attack less convenient in execution, but would not remediate the issue. The downside of a limitation is that some businesses and organizations already use these parking apps to manage their entire fleet.
Just like a robinson list, a centralized blacklist can be maintained for people who wish to opt-out from private companies processing their license plate date. This would however not protect people that are unaware of the risk, and would have to be maintained by an authorized and trusted body. It only works if all the apps decide to implement it.
While limiting automatic license plate recognition based billing to slots that are pre-booked by a user does not prevent malicious actors from verifying whether a vehicle has been somewhere during a specific period of time, it makes a wide scale operation costly and less feasible.
The attack in its current form raised little to none suspicion for most test subjects, given the fact that a barrier that opens automatically is not an uncommon thing to see at a parking lot. Had the screens at the entry informed them about the ANPR session along with the payment information that did not match theirs, it would not have gone unnoticed.
Certain tollroad systems, such as France's Bip & Go télépéage, require a physical Radio-frequency identification (RFID) tag to be present in the car for authentication purposes. Linking online payments to a secure tag ID rather than a license plate may still allow the convenience of a seamless enterance and prevent others accessing or registering the account.
As sustainable urban mobility planning is reclaiming street parking spots for public use, parking control solutions make their way onto public space. Since placing ANPR cameras on the corner of every street would be excessive and expensive, drivers are required to enter their license plate into a parking app- or meter upon arrival in a parking zone. Next to paid on-street parking, this allows cities to offer free parking for a limited time, e.g. 30 minutes for free near a shopping district. To prevent drivers from continuously renewing their free parking slot, parking operators implement a cooldown period in which a free parking session can no longer be created for a license plate. In most cases, a free slot can only be used once a day. When entering license plates for vehicles that are already registered or used their free slot for that day, parking applications would typically show an error that a session cannot be created. Attackers can use this error as an oracle to determine who has already parked there, by entering their license plates into the system and checking whether the error shows.
In order to exploit this technique at a scale, attackers can create an automated system that poll for the presence of a certain license plate across all parking zones on a regular basis. For this study, a proof-of-concept stalkerware application was created for the 4411.io parking app, active in Belgium and The Netherlands. The system would simulate a normal Android application and automatically create 1-second parking sessions for selected license plates on a daily basis:
If the free parking session could not be created because the user had already parked there, the system would catch this error:
To avoid suspicion by the targets, the parking sessions were automatically created just before the free slots were reset, so they would never arrive at a parking spot to find out that someone had created a session on their behalf. If the error was captured, a push notification would be sent to the attacker to inform them about a successful hit:
This technique is less suited for mass-surveillance as it requires the application to create a considerable amount of parking sessions per target, increasing the chances of being detected by the parking operator. In the limited proof of concept, 19 participants from a selected city implementing this system were tracked over a period of 100 days. Three inhabitants were detected in the monitored zones, all of which multiple times. The system created more than 5,000 parking sessions in a clearly automated pattern, but was never blocked from operating by the parking operators.
Some parking applications offer the possibility to pay or download receipts containing location details merely by supplying the license plate on the website, enabling attackers to monitor locations for on- and offstreet parking sessions.
APCOA Connect offers its users the possibility to download VAT receipts containing the exact time and location of parking sessions merely by specifiying a license plate and a phone number.
Attackers could use public data sources to get the phone number of a victim, such as the Facebook data breach in order to get an overview of their location details.
Live demo For demonstration purposes, I have created a parking session with the following details:
Autopay.io is a platform active in Norway, Sweden, Denmark and Finland and Germany. Just like described in "2.1. Session hijacking through ANPR cameras", it utilizes ANPR recognition to automacally debit parking costs for a parking session: Their website features a form that allows users to query unpaid parking sessions for the past 48 hours, and pay for them: At first glance, the absence of (re)captcha technologies indicates that an attacker could simply run a script to run this every 48 hours to continously monitor a license plate.
We have analyzed the most popular B2C parking applications utilizing ANPR technologies. None of the tested apps implemented mechanisms to validate whether the application user was the legitimate license plate owner. Note that we were only able to test and validate ANPR functionalities in Belgium. Some parking operators may not have rolled out number plate recongnition in all territories yet. Please check the local website to see if they've already rolled out ANPR parking in your area. We still included them in the list, as a request for restriction of processing may also apply to planned implementations.
|Austria 🇦🇹||EasyPark, Interparking, APCOA|
|Belgium 🇧🇪||EasyPark, Q-Park, Indigo Neo, Interparking, APCOA|
|Denmark 🇩🇰||EasyPark, Q-Park, APCOA, AutoPay|
|Finland 🇫🇮||EasyPark, AutoPay|
|France 🇫🇷||Q-Park, APCOA, Indigo Neo, Interparking|
|Germany 🇩🇪||EasyPark, Q-Park, Contipark, APCOA, AutoPay|
|Ireland 🇮🇪||Q-Park, APCOA|
|Italy 🇮🇹||EasyPark, Interparking, APCOA|
|Luxembourg 🇱🇺||Indigo Neo|
|Netherlands 🇳🇱||EasyPark, Q-Park, Indigo Neo, Interparking, APCOA|
|Norway 🇳🇴||EasyPark, APCOA, AutoPay|
|Poland 🇵🇱||Interparking, APCOA|
|Spain 🇪🇸||EasyPark, Indigo Neo, Interparking, AENA|
|Sweden 🇸🇪||EasyPark, APCOA, AutoPay|
|Switzerland 🇨🇭||EasyPark, Twint+ / ParkingPay|
|United Kingdom 🇬🇧||EasyPark, Q-Park, APCOA, NCP|
Some parking applications integrate with ANPR technologies implemented by other parking applications.
While these may still be vulnerable to the attacks described in "2.2. Trial-and-error attacks with free limited parking" and "2.3. Authentication by plate in parking apps", they are currently not listed as a processor of the data in NOTMYPLATE.
With nearly 4,000 affected locations across Western Europe and more than a million trackable parking spots in 10 different countries, it is getting increasingly harder to travel across Europe without the risk of exposing your location. During our tests, we were able to locate a target parking their vehicle more than 1,100km from their home, near the Spanish border.
While a driver may choose to avoid ANPR-based parking garages, it can be more difficult to completely avoid toll roads over longer distances. In Sweden and Norway Epass24 already automatically charges tolls to accounts with a user-supplied license plate, along with Ireland’s M50 and England’s M6.
As more than half of installations activated in the past three years, it is likely that we will see a rapid growth of B2C ANPR cameras in the months to come. Combined with urban mobility plans that typically strive to relocate cars from the street to dedicated parking garages, more vehicles will be registered by ANPR cameras in the future.
The fact that nearly a quarter of all vehicles were successfully tracked during this experiment shows that action needs to be taken as soon as possible. Parking apps should be made privacy-first, and should properly verify and inform data subjects as required by privacy laws.
On the drivers’ side, this should serve as a reminder that a license plate is a personal identifiable information record that should never be exposed to others online, e.g. on social media. This document is not a manifesto against technology, but rather a warning that convenience should not come at the cost of our privacy.