OBD-II Port Security: What You Need to Know

Updated March 2026 · Silent Security Research Team

What is the OBD-II port? Every car made after 1996 has a standardized diagnostic port called OBD-II (On-Board Diagnostics). Think of it as a USB port for your car — mechanics plug in a scanner to read error codes, check engine performance, and diagnose problems. It's usually under the dashboard on the driver's side, within 18 inches of the steering wheel.

The OBD-II port is convenient for mechanics — but it's also a potential security vulnerability. Anyone with physical access to your car for 30 seconds can plug in a device that tracks your location, reads your driving data, or in some cases, even starts your car.

What Can Someone Plug Into Your OBD Port?

Risk GPS Trackers

A GPS tracker plugged into the OBD port is completely hidden inside the car and powered by the car's battery — no dead batteries, no external antenna to find. Used by stalkers, jealous partners, employers, repo companies, and thieves scoping high-value vehicles.

Risk Relay Attack Devices

Sophisticated attackers have plugged CAN bus injection devices into OBD ports that can disable immobilizers and allow the car to be started without the key. This is increasingly used for keyless entry vehicle theft.

Monitor Insurance Dongles

Usage-based insurance programs (Progressive Snapshot, State Farm Drive Safe & Save) use OBD dongles to monitor your driving. Legitimate — but worth understanding what data they collect. They report speed, braking, time of day, and mileage.

Useful Diagnostic Scanners

Mechanics use OBD readers to diagnose check engine lights. You can buy your own (BlueDriver, FIXD) to get codes before visiting a shop. Completely legitimate and useful.

How to Check if Your OBD Port Has a Tracker

Locate Your OBD-II Port

Sit in the driver's seat and look under the dashboard. The OBD-II port is a 16-pin trapezoid-shaped connector, typically within 18 inches of the steering column. You may need a flashlight. It sometimes has a cover flap.

Look for Anything Plugged In

If there's a device plugged into the port, note what it looks like. Legitimate devices: insurance dongles (if you signed up for one), your own diagnostic scanner if you left it in. Unknown device: could be a GPS tracker. Small, rectangular, often black or grey plastic, sometimes with a small LED.

What to Do if You Find an Unknown Device

If you did not put it there — do not immediately remove it. Photograph it first. Then consult an attorney before removing it, as it may be evidence of a crime (stalking, unauthorized surveillance). Contact local police — this may be a crime depending on who placed it and why.

Protecting Your OBD Port

Install an OBD port lock — a physical device that blocks the port and requires a key to access. Products like "Bouncer" OBD Lock are available on Amazon for ~$30
Park in well-lit, high-visibility areas — OBD tracker installation requires ~30 seconds of physical access
Be alert to anyone who has been alone with your car for unexplained periods
If you have reason to suspect tracking, also check wheel wells, under bumpers, and inside the bumper for magnetic external trackers
Consider a professional vehicle sweep if you have serious stalking or domestic violence concerns

The Relay Theft Problem: Keyless Cars

Modern keyless car theft doesn't require the OBD port — it works by amplifying your key fob's signal from inside your house while two attackers stand near the car. But once thieves have the car, they sometimes use OBD devices to reprogram new keys or disable immobilizers. Countermeasures: store key fobs in a Faraday pouch or metal box to block signal amplification.

Bottom line: For most people, the OBD port is not a daily threat. But if you're in a high-conflict situation (stalking, contentious divorce, repo concerns) or own a high-value vehicle, checking the port and installing an OBD lock is a cheap, simple precaution worth taking.