vDome: The Keyless Car Theft Solution Designed for the Way Criminals Actually Operate

At a Glance

• Keyless car theft has become the dominant form of vehicle theft in multiple markets – driven by the widespread availability of relay attack equipment and CAN injection tools that bypass conventional security measures entirely.
• Effective keyless car theft prevention requires protection at the vehicle’s electronic systems layer, not just the physical perimeter – because the attacks that dominate current theft statistics operate inside the vehicle’s architecture.
• PlaxidityX’s vDome Keyless car theft solution brings AI-powered detection and prevention to the vehicle level, addressing the full spectrum of keyless theft techniques within a production-grade automotive cybersecurity platform.

 

In 2024, the majority of high-value vehicle thefts in the UK, Germany, and France did not involve a physical key, a broken window, or a forced lock. They involved two criminals with electronic devices, a parked vehicle, and less than ninety seconds. The tools they used — relay amplifiers and CAN bus injectors – are commercially available, increasingly affordable, and devastatingly effective against vehicles whose security architecture was never designed to face them. The question for OEMs and fleet operators is no longer whether to take keyless car theft prevention seriously. It is how to do so effectively.

Why Traditional Security Fails Against Modern Theft Techniques

The relay attack exploits the two-way radio frequency communication between a vehicle’s keyless entry receiver and the owner’s key fob. By amplifying the fob’s signal across distances it was not designed to bridge, criminals convince the vehicle that the authorised key is nearby. The vehicle responds as programmed – by unlocking. The entire attack takes place without the owner’s knowledge and without triggering any alarm condition.

CAN injection goes further. Rather than spoofing the key fob signal, it bypasses the keyless entry system entirely. By connecting a small device to the vehicle’s Controller Area Network – accessible through headlight wiring harnesses and other external connectors – criminals inject forged CAN messages that command the body control module to unlock the doors and allow engine start. No RF signal. No key fob involvement. No alarm.

Against these techniques, traditional keyless car theft prevention measures have significant limitations. Faraday pouches block relay attacks but do nothing against CAN injection. OBD port locks reduce one access point but not the headlight harness or other external CAN connectors. Steering wheel locks deter opportunists but not organised criminals who have already started the engine and can drive away.

vDome: AI-Powered Detection at the Vehicle Level

PlaxidityX’s vDome Keyless car theft solution addresses the problem at the layer where modern attacks actually operate: the vehicle’s internal electronic architecture. Rather than attempting to harden external physical access points, vDome monitors the vehicle’s CAN bus in real time, applying machine learning models trained on vehicle-specific traffic patterns to detect the anomalous message sequences that injection attacks produce.

The AI detection model at the core of vDome identifies CAN injection attack signatures within milliseconds of their appearance on the bus – rapidly enough to block the attack sequence before the targeted ECUs execute the forged commands. The system distinguishes between the highly specific patterns of legitimate ECU communication and the inevitably anomalous characteristics of externally injected traffic, without generating the false positive alerts that would make the system operationally impractical in a production vehicle.

For relay attack prevention, vDome complements its CAN-layer protection with support for advanced key fob authentication protocols including distance bounding and UWB-based precision positioning – providing verifiable proximity measurement that relay amplification cannot defeat. The combination addresses both dominant attack techniques in a single integrated platform.

What Makes vDome Different from Aftermarket Accessories

The fundamental distinction between vDome and aftermarket keyless car theft prevention products is the level of integration. Aftermarket devices attach to the vehicle’s exterior or occupy a diagnostic port – they operate outside the vehicle’s electronic architecture and cannot detect or block attacks that occur within it. vDome is integrated into the vehicle’s ECU ecosystem, with access to the CAN traffic streams where injection attacks are observable and interceptable.

This integration also enables continuous learning. vDome’s AI models can receive updated attack signatures via the vehicle’s OTA update infrastructure, ensuring that new attack variants – which criminal groups develop and commercialise rapidly – are addressed without requiring hardware intervention. An aftermarket device purchased today cannot be updated to detect the CAN injection sequence developed for next year’s vehicle model. vDome can.

For OEMs and fleet operators evaluating keyless car theft prevention at scale, vDome’s architecture also enables fleet-level intelligence through integration with PlaxidityX’s Vehicle Security Operations Center. Attack attempts on individual vehicles generate telemetry that feeds into fleet-wide analysis, enabling rapid identification of new attack campaigns and coordinated criminal activity targeting specific vehicle models or geographic areas. Full product specifications and deployment information are available at PlaxidityX’s vDome product page, with detailed context on the keyless theft threat landscape covered at PlaxidityX’s keyless car theft prevention blog.

The Regulatory Context for Keyless Theft Prevention

Vehicle theft through electronic means is now explicitly addressed in automotive cybersecurity regulation. UN Regulation 155, which mandates Cybersecurity Management System certification for vehicle type approval in most major markets, requires OEMs to assess and mitigate the risk of unauthorised access to vehicle systems – including through keyless entry exploitation and CAN bus manipulation.

ISO/SAE 21434, the companion engineering standard, requires formal Threat Analysis and Risk Assessment (TARA) of all vehicle attack surfaces – encompassing relay attacks, CAN injection, and OBD exploitation as recognised threat categories. For OEMs, implementing vDome is not only a commercially prudent theft mitigation measure but a direct contribution to regulatory compliance across markets where UN R155 approval is required.

As the regulatory environment tightens and the economic cost of theft-related insurance losses, reputational damage, and regulatory penalty risk increases, the business case for a production-integrated keyless car theft solution like vDome becomes compelling across the full vehicle range — not just the premium and high-value segments where the investment has historically been easiest to justify.

Frequently Asked Questions About Keyless Car Theft Prevention and vDome

What is keyless car theft?

Keyless car theft is a method of stealing vehicles without using the physical key. Criminals exploit wireless keyless entry systems or directly manipulate the vehicle’s internal electronic networks to unlock the doors and start the engine. Today, relay attacks and CAN injection are the two most common forms of keyless vehicle theft.

How does a relay attack work?

A relay attack uses two devices to extend the radio signal from a key fob inside a home to a vehicle parked outside. The car believes the legitimate key is nearby and unlocks automatically. Because the vehicle responds exactly as designed, traditional alarms usually do not activate.

What is CAN injection?

CAN injection is a more advanced theft technique in which criminals connect a device to accessible wiring, such as the headlight harness, and send forged messages onto the Controller Area Network (CAN bus). These messages can instruct the vehicle to unlock and start without any key fob signal.

Which is more dangerous: relay attacks or CAN injection?

Both are highly effective, but CAN injection is considered more sophisticated because it bypasses the keyless entry system entirely. Even vehicles protected by Faraday pouches or signal-blocking devices can still be vulnerable to CAN bus attacks.

Why are Faraday pouches not enough?

Faraday pouches can help prevent relay attacks by blocking key fob signals, but they do not stop CAN injection or other attacks that occur inside the vehicle’s electronic architecture. They address only one theft method, not the broader cybersecurity threat.

What is the best keyless car theft prevention solution?

The most effective keyless car theft prevention solutions protect the vehicle’s electronic systems rather than relying solely on physical deterrents. PlaxidityX vDome is designed to detect and block attacks directly at the CAN bus level, where modern theft techniques actually operate.

What is PlaxidityX vDome?

vDome is an AI-powered automotive cybersecurity platform that monitors CAN bus communications in real time to detect malicious message injection and other unauthorized activity. It is integrated into the vehicle’s electronic architecture and can stop attacks before they execute.

How does vDome detect theft attempts?

vDome uses machine learning models trained on vehicle-specific traffic patterns. When the system identifies abnormal CAN messages associated with theft techniques, it can trigger countermeasures within milliseconds to block the attack sequence.

Can vDome stop relay attacks?

Yes. In addition to monitoring CAN traffic, vDome supports advanced authentication technologies such as Ultra-Wideband (UWB) and distance-bounding protocols, which verify whether the key is physically near the vehicle and prevent signal amplification attacks.

How is vDome different from aftermarket anti-theft devices?

Aftermarket devices operate outside the vehicle’s core systems and usually cannot detect or block attacks occurring within the CAN bus. vDome is integrated directly into the vehicle’s ECU ecosystem, allowing it to monitor, detect, and prevent attacks at the source.

Can vDome be updated to address new theft methods?

Yes. vDome supports over-the-air (OTA) updates, enabling OEMs to deploy new threat detection models and attack signatures as criminal techniques evolve.

Is vDome designed for car manufacturers or individual drivers?

vDome is designed primarily for automotive OEMs and fleet operators that need scalable, production-grade cybersecurity protection across large numbers of vehicles.

How does vDome help fleet operators?

vDome can integrate with a Vehicle Security Operations Center (VSOC), allowing fleet managers to analyze attack attempts across all connected vehicles, identify emerging threats, and respond to organized theft campaigns.

Does vDome help with UN R155 compliance?

Yes. United Nations Economic Commission for Europe Regulation R155 requires automakers to identify and mitigate cybersecurity risks such as unauthorized access to vehicle systems. Implementing vDome directly supports these regulatory requirements.

How does vDome support ISO/SAE 21434?

International Organization for Standardization/SAE International 21434 requires formal Threat Analysis and Risk Assessment (TARA) for vehicle attack surfaces. vDome helps mitigate identified risks related to relay attacks, CAN injection, and other theft techniques.

Can keyless car theft be prevented entirely?

No solution can guarantee complete elimination of theft risk, but integrated cybersecurity systems like vDome significantly reduce the likelihood of successful attacks by detecting and blocking malicious activity before it reaches critical vehicle systems.

Why is keyless car theft prevention becoming more important?

Electronic vehicle theft is increasing across Europe and other major markets. As attacks become more sophisticated and regulations tighten, OEMs and fleet operators need cybersecurity solutions that address both operational risk and compliance requirements.