Can I program a new key for my friends car with my Vag-com?

   #1  

luxus panzer

Verified VCDS User
Verified
Joined
Jan 19, 2015
Messages
38
Reaction score
11
Location
Canada
VCDS Serial number
hc824066
thanks all
 
   #2  

Uwe

Benevolent Dictator
Administrator
Joined
Jan 29, 2014
Messages
38,908
Reaction score
27,493
Location
USA
VCDS Serial number
HC100001
It depends. What kind of car is it? Do you have a means of getting the security (PIN) code for it?

-Uwe-
 
   #3  

luxus panzer

Verified VCDS User
Verified
Joined
Jan 19, 2015
Messages
38
Reaction score
11
Location
Canada
VCDS Serial number
hc824066
It depends. What kind of car is it? Do you have a means of getting the security (PIN) code for it?

-Uwe-

If I understand correctly I can not get the PIN with my VAG-COM, correct?
 
   #5  

Mar4ix

Verified VCDS User
Verified
Joined
Nov 28, 2015
Messages
22
Reaction score
0
Location
Ireland
VCDS Serial number
C?ID=81710
just quick question regarding this matter, is that true, that pin code been printed on original key fobs (small print at the fob edge) cars between 2001 and 2005 ?
 
   #6  

Uwe

Benevolent Dictator
Administrator
Joined
Jan 29, 2014
Messages
38,908
Reaction score
27,493
Location
USA
VCDS Serial number
HC100001
I doubt it. On MY 2000 and 2001 US model cars with Immo, the original keys came with a single "scratch off" tag that had the PIN for the car. But that ended at MY 2002. Of course it's possible things were done differently in other markets.

-Uwe-
 
   #7  

04_sti

Verified VCDS User
Verified
Joined
Nov 11, 2014
Messages
44
Reaction score
9
Location
USA
VCDS Serial number
C?ID=230582
Uwe, can you complete this thread and tell everyone how a dealer or VW does this?
 
   #8  

Uwe

Benevolent Dictator
Administrator
Joined
Jan 29, 2014
Messages
38,908
Reaction score
27,493
Location
USA
VCDS Serial number
HC100001
On older cars that use a PIN, the dealers' tool connects to VW's corporate server (via a VPN), reads VIN and Immo-ID from the car, sends those to the server, which looks up and returns the corresponding PIN from database. The dealers' tool then uses the PIN to do what it needs to do in terms of security functions -- without ever showing the PIN to the dealership. This had a glaring weakness: One could get the PIN by listening in on the connection between the dealers' tool and the car.

On newer cars that use a challenge/response, the dealer's tool connects to VW's corporate server (via a VPN), gets VIN and Immo-ID, and one-time challenge from car, sends it to the server, which computes a response from challenge, I think using car's PIN. But the PIN is never sent to to tool, only the response corresponding to challenge. So the PIN cannot be intercepted by listening, and the algorithm to generate response from challenge is not on tool either, making it difficult to reverse-engineer. Lastly, this is immune to listening in and replaying anything later because the car's challenge changes every time the ignition is cycled.

In the former case, if you have a tool that can read the PIN directly from the car, Bob's your uncle.

In the latter case, even if you can get the PIN, it generally doesn't do you much good because you'd still need the correct algorithm to generate the response from the challenge.

-Uwe-
 
Top