Can’t Hide Your Stride: Inferring Car Movement Patterns from Passive TPMS Measurements

A groundbreaking study by researchers from IMDEA Networks Institute, NEC Laboratories Europe, and TU Delft has uncovered a significant privacy vulnerability in modern vehicles. The research, titled "Can’t Hide Your Stride: Inferring Car Movement Patterns from Passive TPMS Measurements," demonstrates how Tire Pressure Monitoring System (TPMS) transmissions can be exploited to track vehicles and infer sensitive information about drivers.

The TPMS Privacy Vulnerability

The study reveals that TPMS transmissions, which are sent over the air in clear text, contain a unique identifier that remains constant over very long periods. This design choice, intended for vehicle safety and maintenance, inadvertently creates a privacy risk. The researchers deployed a network of low-cost spectrum receivers along roads to collect and analyze TPMS transmissions over a 10-week period.

Key Findings

• Unique Identifiers: TPMS transmissions include a unique identifier that does not change over time, making it possible to track individual vehicles.
• Large-Scale Tracking: The study observed at least 20,000 cars during the measurement period, indicating that malicious actors could easily scale their efforts to track thousands of vehicles.
• Sensitive Information Inference: The researchers found that TPMS transmissions can be used to systematically infer potentially sensitive information such as:
  • The presence of a vehicle
  • The type of vehicle
  • The weight of the vehicle (and by extension, the number of passengers)
  • The driving pattern of the driver

Methodology and Equipment

The researchers used a network of low-cost spectrum receivers, with each receiver costing as little as $100. This affordability makes the threat accessible to a wide range of potential attackers, from individual stalkers to organized criminal groups.

Implications and Recommendations

The study’s findings have significant implications for car owners’ privacy. The ability to track vehicles and infer sensitive information without the owner’s knowledge or consent raises serious concerns. The researchers urge policymakers and car manufacturers to design more secure and privacy-preserving TPMS systems for future cars.

Potential Mitigations

• Encryption: Implementing encryption for TPMS transmissions to prevent unauthorized access to the unique identifiers.
• Dynamic Identifiers: Using dynamic or rotating identifiers to make it more difficult to track individual vehicles over time.
• Privacy by Design: Incorporating privacy considerations into the design of TPMS and other vehicle systems from the outset.

Conclusion

The study "Can’t Hide Your Stride: Inferring Car Movement Patterns from Passive TPMS Measurements" highlights a critical privacy vulnerability in modern vehicles. As cars become increasingly connected and reliant on wireless systems, it is essential to address these security and privacy concerns to protect car owners’ rights and safety.

For more information, you can access the full paper here.

---

This article is based on the research paper "Can’t Hide Your Stride: Inferring Car Movement Patterns from Passive TPMS Measurements" by Lizarribar, Yago; Scalingi, Alessio; Giustiniano, Domenico; Sánchez Sánchez, Pedro Miguel; Calvo-Palomino, Roberto; Bovet, Gerome; Lenders, Vincent, published in 2026.