The temptation for bad actors to manipulate mileage data hasn’t gone away despite vehicle passports and information sharing between border countries.
How well do you know your vehicle’s history? Does the condition of the interior – driver’s seat, steering wheel, footwell carpet and pedal rubbers – seem reasonable given the mileage shown on the odometer? Fraudsters can inflate the selling price of a vehicle by thousands of pounds, particularly for higher-end models, in the time it takes to plug a tool into the OBD-II port and enter a new mileage reading.
Of course, such ‘mileage correction’ tools do have legitimate use cases. Should an instrument cluster fail, repair shops need a way to restore the car’s mileage on the replacement unit. Owners too, could have a reason to modify odometer data if they had fitted bigger or smaller wheels to a stock model, altering the distance travelled calculation. But, clearly, access to the necessary protocols is being abused.
Filtering out excess mileage charges
One-off odometer reprogramming isn’t the only concern. So-called ‘mileage filtering’ is a problem too – enabled by in-line devices (often hidden behind the vehicle’s dashboard) programmed to manipulate traffic on the car’s network. Targeting odometer values, these tools swap out legitimate data so that a portion of the distance travelled by the vehicle (for example, 1 mile in 10) never appears on the instrument cluster.
Mileage filters could put a big dent in the profits of vehicle financing firms as technically the kit provides a means of avoiding excess mileage charges. Losses in the leasing sector could add up to hundreds of pounds per vehicle, if not more.
Globally, the total cost of mileage tampering is considerable. In the EU alone, the economic loss pegged to odometer fraud is estimated to be ‘most probably’ in the region of EURO 8 billion, according to a 2018 European Parliament study.’
Pressure is building on car makers to do something about the situation and EU regulations (updated in 2019) include a provision (2.3.6) that obliges OEMs to effectively deter odometer reprogramming.
Respondents to a UK consultation on changes to vehicle testing legislation, which included a question on ‘vehicle clocking’, pointed out that the criminal act relates to failing to declare that mileage adjustment has taken place when a vehicle is sold. Furthermore, enforcers have to show how consumers were affected – for example, by linking the action to influencing a sale and increasing a vehicle’s value.
European officials, however, leave fewer loopholes – declaring in 2015 that services aiming to reduce or misrepresent the distance record of a vehicle ‘cannot be considered as a legal activity’.
Another concern, besides illegal sales activity, is safety. Manipulating odometer values can lead to routine maintenance being missed and owners being unaware that critical components such as brakes and other moving parts could be in need of servicing. Also, with new cars being exempt from an MOT for three years, bad actors have a relatively large time period within which to tamper with their vehicles before an official record of the mileage is formally logged. And even when records are on file, it seems that fraudsters are still prepared to try their luck.
In a 2020 study of 10 million mileage records, Rapid Car Check – a UK vehicle history checking website – found 735,504 records of a lowered mileage between MOT tests.
There have been calls for mileage correction to be subject to greater regulation so that only authorized agents are allowed to carry out the service legally. But what about DIY odometer fraud enabled by easy to obtain tools and information gathered online?
A more prudent approach could be to focus on better protecting the data that’s sent over in-vehicle networks – for example, by applying anomaly detection and data fusion to weed out falsified mileage readings. You’ll be able to discover more about this – and other developments – as the Secure-CAV consortium continues its work improving automotive safety and security.
To receive regular updates on the Secure-CAV project, sign-up via the subscription page.