A man called Masamba Sinclair rented a Ford Expedition five months ago, and while he had the car in his possession, he set up access to the vehicle with the FordPass app. Ford recently made all FordPass services free for compatible cars. Knowing that all Ford cars that are compatible are susceptible to this is disturbing.
Sinclair says that he still has access to the Expedition via the FordPass app five months after his rental. All he had to do was download the app, enter the VIN of the Expedition, and confirm it via the infotainment system. He can still unlock and lock the doors, see where the car is, and start and stop the engine.
Sinclair says that he reported the issue to Ford. He says that he submitted the issue via Ford New Ideas and a solution to solve the problem, but it was denied. Think about how easy this would be to exploit in the wild. If you go to a hotel or a restaurant to eat in a Ford that supports FordPass, while the valet has the car, they could pair it to their phone app and simply come back later to steal the car with a key to unlock the doors and start the engine in hand.
There is no official comment on the issue from Ford at this time. It’s not clear how or if the vehicle owner can disassociate all devices from the car. This also posed an issue for used Ford sales down the road if a previous owner continues to have access to the car via the app.