Skip to main content

Design Considering Security and Privacy

Because vehicles are devices shared by multiple people, you must design your app with careful attention to security and privacy.

Account and Session Management

It must be easy to log out and switch accounts when the vehicle owner changes or the driver is replaced.
Tokens for social logins, OTT accounts, and similar must be stored in secure storage such as the Keystore.

Minimize Personal Data Collection

When the app requests the user’s location, voice, account information, and so on, you must clearly explain why it is needed and design the consent flow to be simple and easy to understand.
Do not store unnecessary personally identifiable information (PII), and if personal data is included in logs, record it in masked form.

Data Leaving the Vehicle

When designing telemetry/analytics events, you must incorporate the following into your design.

Establish policies for how to anonymize or pseudonymize vehicle IDs and user IDs.
Ensure that in‑drive behavioral data is separated so it is not used for marketing purposes.

Account and Session Management
Minimize Personal Data Collection
Data Leaving the Vehicle