A little help to tackle cycle security in cities

Drago

Flouncing Nobber
Although there’s a risk that if you do not have secure/controlled workplace parking (as many in London) and you leave a lock out in the open, it could be tampered with
that's a common wheeze. Glue in the lock, then when the rider arrives at work they cant lock it. The choice is to go home or risk leaving it unlocked, and that's when johnny light finger strikes.
 
OP
Frottish

Frottish

Active Member
Location
London
Capital One would disagree,
https://www.nytimes.com/2019/07/29/business/capital-one-data-breach-hacked.html
as would Finstra
https://www.pymnts.com/news/security-and-risk/2020/finastra-suspected-ransowmare-attack/

What happens if the power supply in the lock fails. And will a simple rare earth magnet render the electronics useless?
Great points, I'll try to explain the thinking at the moment.

The kind of simple power systems the lock will be using are beyond 99% reliable nowadays, but failures can still happen. The locks will require juice to open, not to close, so if there is a power failure then you won't be able to open and use the lock. If you're unlucky enough to get a power failure while your bike is locked then there will be an emergency function in the app to alert us so we can go and fix it asap, I won't expect people to wait around so we would pay for a taxi to get you to wherever you wanted to go and deliver your bike to you once we've unlocked it.

As for magnets, the locks will use powerful rare earth permanent magnets as part of the locking system (hence juice only needed to open the lock). As such the electronics will be shielded. As with everything, enough force can overcome barriers, so if the perp had a big electromagnet it could still scramble the code and cause the lock to stay in locked mode. same problem as above. But then you have to think about why someone would invest in a big heavy electromagnet and drag it around, when they can achieve the same result with a couple of drops of superglue in a traditional lock.

With regards to hackers, if you read the information about those hacks they are human errors, not hacks of the encryption. In the case of the Capital One breach, the hacker only got access to data because she found a door that was left open so to speak: "The F.B.I. agent who investigated the breach said in court papers that Ms. Thompson had gained access to the sensitive data through a “misconfiguration” of a firewall on a web application"

Please keep asking more, having the concept challenged is the best feedback to design it to be stronger :smile:
 
OP
Frottish

Frottish

Active Member
Location
London
What happens if your phone battery dies or the app crashes?
Good question,

At the moment the idea is to issue users with a unique account recovery code when they sign up or get security questions set up.
that way in the event that your phone dies / gets lost / dog attack you'll be able to contact us and prove that you own the bike that is locked. Then as with the lock failure situation we can arrange taxi & delivery of bike, though I'll need to think about how to deal with the cost of that as it is open to abuse if we do it for free. Anyone could go for a ride, get drunk and then claim a free taxi home by simply claiming that their phone died.

This needs some more though on my end. I can see a few ways to mitigate it, like the app sending you a pop-up alert with a reminder when it sees that your phone is down to 5% or something, possibly a one-time access code valid for a short period of time. But I would need to make sure this does not create potential flaws in the security system. Good food for thought.

As for app crashing, I'll do my best to make sure that does not happen :smile:
 
OP
Frottish

Frottish

Active Member
Location
London
I can't help thinking it's a lot of faff that wont lock my bike any more securely than a traditional lock would.
If your lock is Gold secured and insured, then yes, this will be the same level of security. As in, a very high level of security. The difference is that ours are free and you don't have to carry a heavy lock + cable / chain around with you.
 

raleighnut

Guru
Location
On 3 Wheels
If your lock is Gold secured and insured, then yes, this will be the same level of security. As in, a very high level of security. The difference is that ours are free and you don't have to carry a heavy lock + cable / chain around with you.
So what do you do if all the locks are in use and you're not carrying a lock of your own ?
 
OP
Frottish

Frottish

Active Member
Location
London
We plan on placing slightly more locks per location that users for that area, so we'll have a buffer of a few packing spaces for when things get busier than usual. You'll also be able to see lock availability via the app to you can get a feel ahead of time how busy it is.
 
Top Bottom