79% of smart dash cams we tested had security issues Out of 28, only six didn't have any concerns. Find out what problems we uncovered and how to keep your dash cam secure Callum Pears Researcher & writer

Callum pushes tech to its limits and has spent nearly three years bombarding antivirus with malware, taxing routers and inspecting computer monitors

Which? dash cam tests found security flaws and concerns in the majority of smart models we tested, and in some cases they were breaking the law.

Smart dash cams have wireless connectivity and features that use the internet. This could be tracking technologies, motion detection, voice assistant controls and voice alerts, as well as more advanced features such as automatic cloud backup, real-time alerts and remote viewing.

You're also able to transfer footage wirelessly to the companion app on your smartphone, which is much quicker and more straightforward than traditional dash cams, where you'd need to remove the SD or micro-SD card and copy the files over to your computer.

Although these features make a dash cam a more useful tool for drivers, they also expose you to potential security risks.

Our testing found numerous dash cams with multiple security vulnerabilities. In fact, of the 28 smart dash cams we tested, only six lacked security concerns.

Find out what problems we encountered, which manufacturers took action to fix the problems we uncovered, and what you can do to keep your dash cam secure.

Best dash cams: compare dash cams from Garmin, Nextbase, Road Angel and more What were the issues we found? A person watching dash cam footage on their smartphone

Of all the issues we found, weak default wi-fi passwords were the most concerning security vulnerability because they mean that nearby hackers could connect to the devices and access data such as journey information, saved recordings and other personal information.

Since 2024, manufacturers have been obliged to ensure that default passwords aren’t easily guessable. This can be resolved by enforcing a mandatory password change or by assigning unique default passwords.

We contacted each manufacturer to share our findings and gave them an opportunity to comment and resolve our concerns.

Road Angel successfully addressed the issue with its dash cams, which now require changing the default password.

Miofive initially responded and released a firmware patch that fixed some of our other concerns, but didn’t resolve the default password issue. Miofive didn’t respond to our follow-up messages, and we received no response from Kitvison and Orskey.

In addition to weak passwords, we also found mediocre encryption on some dash cams. There were several exploitable security weaknesses that made it possible to intercept data, access, and potentially modify stored video files.

To do this would be difficult for hackers. In most cases, they would need to be very close to the dash cam to exploit it – but it's not impossible. Many of these issues are also exacerbated by the poor default wi-fi passwords.

Nextbase resolved our concerns with firmware patches. Miofive and Road Angel fixed some issues but not others, and we're continuing to work with Road Angel to get remaining concerns resolved.

Garmin reviewed our findings but stated that it believes that numerous factors 'limit the exploitability of any purported vulnerabilities such that there is no practical risk to our customers’. Kitvision and Orskey did not respond.

In an age of growing cyberattacks and sophistication among hackers, dash cam manufacturers should be placing the greatest emphasis on their devices' security, even if they think it's difficult to exploit or a niche weakness.Why is PSTI important? Dash cam showing the road ahead

The Product Security and Telecommunications Infrastructure (PSTI) Act came into effect in April 2024. It mandates that manufacturers, importers and distributors (such as retailers) have a duty to protect devices that can connect to the internet or other networks.

It states ‘UK consumers should be able to trust that these products are designed and built with security in mind’.

The PSTI Act specifies the publication of information on how to report security issues, details on how long manufacturers will ensure security patches are released and the banning of universal default and easily guessable passwords.

These factors are important for strengthening security defences and ensuring that manufacturers release updates to keep products safe from new threats.

Although the Act gives manufacturers time to bring their products in line with its standards, they’re now duty bound to investigate compliance failures and take action if required.

If manufacturers fail to act, then the Office for Product Safety and Standards (OPSS) will intervene. The OPSS is an enforcement authority responsible for ensuring compliance.

Strong legal protections and vigilant enforcement mean UK consumers can use smart devices – including dash cams – with confidence, knowing that non-compliance by manufacturers will have consequences.

Which? takes this seriously too, and we’ve already informed the OPSS about our findings, the responses we received from manufacturers and the concerns we still have.

3 steps to keep your dash cam safe and secure A person installing a dash cam in a car

There are some simple steps you can take to boost your dash cam’s security, regardless of what manufacturers do or don't do.

1. Update wi-fi passwords

The most important thing we would encourage every smart dash cam owner to do right now is to update the wi-fi password.

This is used to connect to paired smartphones and transfer footage wirelessly to them. A weak or easily guessable password could, under the right circumstances, allow others access to your dash cam and its library of footage.

As our testing has found many manufacturers still fail to either enforce a mandatory change, or provide a unique default password – it's highly recommended that users update them independently to a strong, but memorable, alternative. Check out our guide to creating secure passwords for help with this. 2. Install firmware updates

In addition to resolving software bugs and performance issues, firmware updates also provide important security updates.

It's important to update both the dash cam itself and any companion app. These updates ensure both are equipped to deal with newly discovered or recently resolved security vulnerabilities. 3. Keep footage backed up elsewhere

It's good practice to ensure that captured video footage – particularly important footage (such as that showing an incident, accident, or crash) – is backed up securely and separately from internal storage and any subscription-based cloud storage you may be using.

The risk to footage located exclusively on the internal SD or micro-SD card is that it could become corrupted, damaged, lost or stolen.

Cloud-based storage is typically part of a subscription service (either from the dash cam manufacturer or a third party). The risk here is ending the subscription and losing access to the stored footage, which the provider may later delete after you've unsubscribed.

Back up footage on your computer or smartphone to keep it safe. Alternatively, for additional peace of mind, consider investing in a USB storage device or external hard drive to store your backed-up dash cam footage. Make sure to pick a model with a healthy amount of storage, as video files tend to be large.

The latest dash cams we've tested BlackVue DR970X-2CH Plus BlackVue DR970X-2CH Plus dash cam BlackVue DR970X-2CH Plus Amazon Marketplace UK £529.95 Amazon UK £529.95

The DR970X-2CH Plus is a forward-facing and rear-facing dash cam with a 4K camera for the front windscreen and a Full HD camera for the back.

It has a range of smart features and functionality, and you can review footage using the companion BlackVue app or the BlackVue Viewer web software.

You can also follow footage on a virtual map using the collected GPS data, helping you identify where key events occurred.

Through the BlackVue Cloud service you can access more advanced features such as push notifications to your smartphone, live view and cloud storage. Some of these features require a subscription at an additional cost.

Read our BlackVue DR970X-2CH Plus review to find out how it fared in our tough tests. Garmin Dash Cam X210 Garmin Dash Cam X210

Available from Garmin (£260)

The X210's 2K camera is an upgrade of the earlier X110. It's comparatively small, making its footprint on the windscreen minimal, especially compared with some models.

Motion detection, GPS tracking and voice controls are all notable smart features.

The Vault Subscription Plan Advance grants you access to Garmin’s secure cloud-based storage feature. This is accessed through the Garmin Drive app.

Take a look at our Garmin Dash Cam X210 review to see how it compares to others we've tested. Nextbase Piqo 1K Nextbase Piqo 1K dash cam

Available from Halfords (£99), Nextbase (£99)

The Piqo 1K is one of the more affordable dash cams we’ve tested, but it doesn't come with a supplied SD card, which can easily catch you out.

It has a solid array of additional smart features, including GPS tracking, motion detection and the ability to access footage via the companion Nextbase app.

Footage is listed with thumbnails in the app, making it a doddle to cycle through them.

Check out the Nextbase Piqo 1K review to see if it's the right dash cam for you.