Security Testing for Connected Vehicles

Skill requirements for users to unlock or disarm connected vehicles

If your skill lets the user unlock or disarm their connected vehicle, you must require them to use their Alexa profile PIN or one-time password (OTP). The Alexa profile PIN or OTP requires voice ID setup on the Alexa app. For OTP, the user also must set up a mobile phone number. For details, see Alexa user identification. Use authentication confidence levels to help you understand the different levels of confidence Alexa can obtain in the identity of a user.

As an alternative, you can allow the user to unlock or disarm their connected vehicle by first requiring them to set up an OEM-managed PIN with at least four digits. For implementation details, see Alexa.AuthorizationController Interface.

If your skill allows the user to unlock or disarm their vehicle remotely, you must secure the action with an authentication confidence level of 400 or higher or an OEM-managed PIN to correspond with that action. For all other skill interactions, you can decide the level of user authentication.

After the user has established an OEM-managed PIN, you can provide an opt-out option on your app. For users who don't set up an OEM-managed PIN or voice ID, you can also provide the user with reduced functionality of your skill. For users who opt out of the voice ID prerequisites, you must remind them to enable the prerequisites or have them exit the skill in a controlled manner.

Testing your skill for Alexa voice ID implementation

Complete the voice ID tests listed in the following table.

Test Expected results
1 Test the behavior of your skill when a user new to the Amazon household interacts with the skill. If you don't have a new user, you can delete a user's voice ID, and then proceed to have that user interact with the skill. The requests to unlock or disarm the connected vehicles aren't run. Instruct the user to set up a voice ID in the Alexa app to use these features.
2 Test the behavior of your skill when the user has created a voice ID and met the mandatory prerequisites on the Alexa app. An example of a mandatory prerequisite would be creating a personal profile PIN. When the user interacts with the skill, invoke all intents that let that user unlock or disarm a connected vehicle. The requests to unlock or disarm the connected vehicles are accepted when Alexa can achieve a minimum authentication confidence level of 400 in user identification.
3 Determine if remote unlocking or disarming the connected vehicle is secured with either an OEM-managed PIN or an authentication confidence level of `400 or higher`. The user must be able to unlock or disarm the connected vehicle by using an OEM-managed PIN or meeting an authentication confidence level of `400 or higher`. Guide the user to fulfill the prerequisites for meeting authentication confidence levels if they haven’t done so. For example, guide the user to create a voice ID.

Testing your skill for OEM-managed PIN implementation

Complete the OEM-managed PIN tests listed in the following table.

Test Expected results
1 Enable the skill and complete the account linking process. Make sure that the account linking flow includes setting an OEM-managed PIN to access unlock functionality and the OEM-managed PIN meets the security requirements.
  • The OEM-managed PIN must be at least four digits.
  • The flow should remind the user to reset the OEM-managed PIN every 60 days.
2 Enable the skill, but don't set the OEM-managed PIN or opt out of the OEM-managed PIN requirement when prompted. Attempt to invoke the intents that let the user unlock or disarm a connected vehicle.
  • The requests to unlock or disarm the connected vehicle aren't run. Alexa instructs the user to set an OEM-managed PIN to use these features.

  • Features other than unlock or disarm work normally without the OEM-managed PIN.
3 Invoke each intent that lets a user unlock or disarm a connected vehicle without opting out of the OEM-managed PIN.
  • Each request to unlock or disarm a connected vehicle asks the user to speak the OEM-managed PIN.
4 Invoke each intent that lets a user unlock or disarm a connected vehicle. When prompted for the OEM-managed PIN, say an incorrect PIN. Provide an incorrect PIN at least three times.
  • The skill rejects the incorrect PIN and doesn't complete the unlock or disarm request.
  • After three consecutive incorrect PIN attempts, the skill instructs you to reset your OEM-managed PIN. Attempting a fourth request with the original, correct OEM-managed PIN now fails.