Written by Fouad Husseini, founder at the Open Insurance Think Tank.
Motor insurance is the most dominant product in property and casualty lines. Globally, premiums from motor insurance accounted for around 40% of total non-life insurance premiums in 2019.
The mobility ecosystem is quickly evolving towards fully autonomous driving relying heavily on software and data. Integrating event data into insurance solutions is a challenging and interesting endeavor. Not least, the industry is still going through the motions of transforming to the digital platform economy, a challenge of its own.
Notwithstanding, insurers are investing in platforms that support new business models. These models will increasingly rely on data transmissions from vehicles and third-party telematics services. While much of the focus is still largely on generating driving scores, and transforming product distribution, the scope for innovation is so much wider if vehicle, infrastructure, and insurance connectivity is considered.
The Open Insurance Think Tank (OPIN) has served as a playground for innovators exploring the boundaries of connectivity. It has created projects that are driven by its community of chief architects, software developers, insurance experts and legal advisors. Motor insurance ranks high on everyone’s agenda. Much of what is discussed in this article is the result of community led research.
Connectivity is Composability Enabler
For platforms to create stronger network effects and for users to receive ever greater value, data must flow across ecosystems. If we take a successful platform such as Apple’s, many would be surprised to learn that CarPlay is now in 90 percent of new cars sold in the USA. Most car manufacturers today provide compatibility with Apple’s iOS and CarPlay. It is considered as a desirable add-on for consumers. Even brands that for years resisted CarPlay compatibility or offered compatibility at an extra cost have today changed their practices.
It is also highly interesting to note that a player the size of Apple with the massive intellectual property that it owns, participates in open standards alliances such as that of the Car Connectivity Consortium. One such standard is the Digital Key 2.0 which Apple helped in designing and of course was among the first to implement into their phones. Digital keys using iPhone’s digital wallet can now be used to control access into the vehicle and digitally share keys with others. Apple’s impressive ecosystem footprint is causally related to the interoperability that it creates and builds into its product line.
We can all see the way the mobility industry is going through a massive transformation and how data is at the center of an evolution to fully autonomous driving.
Insurance is admittedly rather different, and composability needs to be framed into the correct context. Composable insurance is based on the well-established principles of composability in system design and software development. The idea is simple, instead of locking an insurer into a monolithic core insurance stack with hard-coded integrations, composable insurance optimizes for speed, agility and freedom.
Today, even the simplest insurance service involves a complex orchestration of core systems, transaction processing, decision making, reporting, analytics, authentication and security. Instead of locking these functions together for dedicated applications and workflows, composable insurance separates the functions so they can be combined and recombined in new ways to deliver new services and customer experiences. Fully featured digital experiences will almost always require capabilities drawn from multiple platforms.
Insurtech and mobility startups are projecting themselves in the form of secure and easy-to-consume APIs that can transform event data from connected cars into packages (integrations/apps) of added value that insurers can integrate into their services. Opportunities are also available to insurers to explore the advantages of direct access to data from vehicles.
Connected Vehicles
Cars are becoming software on wheels, concurrently, studies show that in 2019 worldwide sales of cars with embedded telematics are estimated to have hit 28.5 million units. Software monitors and controls hundreds of ECUs, sensors, and many mechanical parts. To appreciate the sophisticated digital infrastructure of a modern vehicle you need to visualize a three layer framework. A Sensory Layer includes equipment for collecting data from the surrounding environment, GPS, gyroscopic sensors, cameras, LIDAR, radar and ultrasonic sensors. A vast array of sensors monitors different parts of the vehicle including pressure sensors (to detect brake and accelerator pedal depression or a window closing obstruction), temperature, rain, humidity, engine and vehicle speed, camshaft position etc.
Then there is the Communication Layer. Many would be familiar with in-vehicle systems such as infotainment equipment, telematics, and Onboard Diagnostics (OBD). At a lower level, all vehicles have an automotive bus system using various specifications most notably, CAN, MOST, LIN, Ethernet and FLEXRAY.
The third layer is the Control Layer. It includes the drive train, ABS breaking, steering control and for semi and fully autonomous cars, it would include motion planning.
These systems create a huge amount of data, some is generated at low intervals while others at higher intervals. This data could be used by insurers to generate driving scores, determine vehicle orientation, condition of powertrain and different parts, maintenance scheduling, vehicle recall and initial damage assessment.
Vehicle Telematics
Telematic devices are typically installed in vehicles either through embedded systems or black box style installations. These systems rely on long range mobile networks or satellite navigation for relaying collected data and communicating with vehicle. Data, some of which is potentially sensitive information, enable forensic analysis of vehicle speed and acceleration, braking, cornering, fuel efficiency, vehicle roadworthiness, location tracking and much more.
This information could then be used to generate driving behavior and patterns, predictive and preventive maintenance, accident-avoidance information or alerts, roadside assistance, and to design driver coaching tips.
Advocating for Cross Industry Data Access
Machine learning algorithms are used to generate actionable insights. OEMs use descriptive, predictive, diagnostic, and prescriptive analytics to enhance vehicle efficiency, aftersales service and ultimately the ownership experience.
The complexity of software driven vehicles is both astonishing and worrisome. Software bugs could sometimes introduce life threatening situations. To resolve software issues quickly, OEMs today use over-the-air (OTA) updates to wirelessly deliver security fixes, software updates or a new system feature.
From insurers perspective, data generated through Vehicle-to-Vehicle (V2V), Vehicle-to-Everything (V2X) and Vehicle-to-Infrastructure (V2I) interactions could allow developers to immerse in the possibilities.
Use case development requires a conceptual understanding of the types of data generated by vehicles. Some may be treated as Static Data such as the Vehicle Identification Number (VIN), chassis number, number of doors and car color, or Semi Dynamic Data, for example, service history and recall history or Fully Dynamic Data which would include speedometer and odometer reading, breaking frequency, and driving times.
Insurance applications could ingest this range of data to tailor coverage and pricing, identify driver at the wheel, generate driving profile, verify accident-damaged parts and much more.
But there are certain challenges. Universally, automotive open data standards do not relate directly to insurance. For example, average annual mileage driven, breaking frequency, parking duration, harsh breaking, cornering and acceleration would require the transfer of data to the cloud for processing and for deriving such insights. It would be ideal if mobility standards included some forms of derived data. In-vehicle processing of insurance related data would save a lot of bandwidth reducing the amount of raw data being transited to cloud.
On the other hand, there are use cases where the utility of shared access to insurance data is clearly obvious. One rather complex use case involves the assessment of impact damage caused by a vehicle to several other vehicles (a pile up for example). Several insurers may be involved, and for a swift and accurate loss reserve to be determined, information of loss could be shared by each of the “OPIN” insurers in near real time. This information would be enriched with real time data on damaged parts from vehicle. This would considerably shorten the length of time needed for subrogation and payment processing. It is also a prime use case of ensuring the trust worthiness of data used in evaluating and processing claims, albeit digitally.
To pursue the opportunities of integrating disparate systems together, insurance and adjacent ecosystems must commit towards consolidating around a common approach.
Tailored Insurance
Today, a driver profile is a pre-requisite for new business models and telematics are indispensable. Approximately 70% of insurers are focusing on generating accurate profiles by enriching held data with external data from multitude of sources.
Actuarial models are also becoming very sophisticated by increasingly relying on Machine Learning (ML) algorithms for generating predictions that allow for instant and accurate quotations.
There is also increased interest in managing the risks of driving throughout the policy lifecycle by maintaining regular touch points with the driver. This has spawned several new business models. It is important however to distinguish between the levels of risk management each provides.
Pay-As-You-Drive (PAYD) policies as the name suggests allow for premiums to be corelated to the number of miles driven. They however provide very limited information of the driving behavior.
Pay-How-You-Drive (PHYD) policies on the other hand generate a postmortem driver profile based on which renewal premium is calculated. This model generally lacks proactive engagement with the driver but can be used to produce accurate correlation between driving behavior and assessment of risk. Incidents of aggressive driving, distracted driving or drowsiness can be deduced from data collected.
Manage-How-You-Drive (MHYD) is the most advanced in this category for both conventional and semi-autonomous vehicles. Being focused on the emotional and behavioral factors of driving, insurers can actively manage risk through a combination of voice alerts and rewards thereby a regular touch point with the driver is maintained. Gamification and gentle coaching are some of the features used in improving the insured’s driving habits and patterns.
Try-Before-You-Buy (TBYB) is a customer acquisition concept that is gaining traction across retail and commercial segments. A free of charge, three months trial is offered to new or existing customers during which coaching, and rewards are granted for safe driving. At end of the trial, an insurer is able to generate a tailored price linked to a risk score.
Different products appeal to different customer segments. More mature and experienced drivers are attracted by PAYD and PHYD policies. TBYB seem to attract the attention of younger drivers who prefer to weigh the tradeoff of being monitored with the potential premium savings attainable.
Commercial customers and fleet management operators stand to gain from telematics and GPS enabled innovation. As the trend towards shared and on-demand mobility grows, the commercial motor insurance market will grow at a faster rate than that of retail motor products.
Simplified and Accelerated Claims Settlement
Built-in vehicle telematics provide data at specific intervals from different sensors monitoring vehicle dynamics, and overall condition of vehicle. In the event of an accident, data received by insurers can be used to quicky estimate if accident was for example a head-on collision, and fault detection signals could be used to determine the extent of damage caused to vehicle and so on.
Vendors of telematics hardware and software can monitor and capture fine-grained data using onboard dashcams, electronic tags, video cameras and smartphone apps. If combined with data received from the car, insurers will be able to perform accident reconstruction and forensics in almost real time.
Chatbots would complement the user experience by providing the customer with loss mitigation information and respond to any concerns regarding quantum of compensation, deductions and time to repair.
But accidents are not exclusively limited to own vehicle damage. An insured driver may be liable for damage caused to one or more third parties. Damage could be caused to lamp posts, traffic light fixtures and other roadside public infrastructure. Smart and connected infrastructure could become another source of real time data that could help insurers quickly and more accurately set loss reserves.
Accident Avoidance
Insurers can proactively manage imminent hazard to protect driver, passenger, and insured vehicle.
Location coordinates and heading angle could allow an insurer to warn driver of an impending flood risk when approaching a certain zone. Through a mixture of content and alerts, the driver receives information to activate four-wheel drive (if available), activate traction control, and alternative route redirection.
Ambient in vehicle temperature, fault detection, engine control system failure and powertrain malfunction data can subsequently alert insurer of a potential claim and its magnitude.
In the event of damage, driver is advised best next action to mitigate damage to vehicle and avoid injury. Depending on system sophistication, in addition to the now standard car rescue services, the insurer may digitally initiate workshop repair processes and replacement car.
Cyber Threats to Connected Vehicles
Beyond the motor insurance class, the increased complexity of in-vehicle systems and the increasing range of external systems it communicates with demand deeper understanding of cyber liability risks.
We know that every conceivable attack vector will be tested by determined malicious actors. This includes GPS spoofing attacks, malware delivery through special encoding in music, actuators compromised by apps, injection and capture attacks on the CAN bus, hacks of infotainment system, OBD and airbags. Attacks could target vehicular ports connecting with diagnostic devices, telematics systems, USBs, paired mobile devices or Electrical Vehicles (EV) charging stations.
Vehicles are susceptible to man-in-the-middle attacks against in-vehicle systems and V2X communications. Highly automated and autonomous vehicles are at greater risk of these attacks as the security of functions controlling acceleration, braking and steering could be compromised i.e., the Control Layer.
Perhaps a good example of a high-profile system hack is the one that struck BMW, Rolls Royce, and Mini makes. The ConnectedDrive infotainment system was compromised partly due to its network gateway lacking thorough security mechanisms.
As third-party telematics systems have gained wider adoption, the vulnerabilities associated with these technologies require extensive analysis. Researchers highlight the risks of injection and control override attacks. They involve injection of malicious messages within the in-vehicle network or transmission of malicious commands that override the vehicle operator's attempts to take corrective action.
Underwriters need to understand countermeasures and intrusion detection mechanisms deployed to secure the integrity and resilience of vehicle Communication and Control layers. It will be important to see how ML-based security software for cloud services and automotive platforms are used by OEMs and telematics services to address these challenges. Stress testing hardware and software using simulations is another important element. Researchers are experimenting with distributed ledgers to cryptographically sign exchanges of data as will be explained later in the article.
Future Mobility Demands More Insurance Innovation
Consumers are moving from ownership- to usership-mobility. Passive mobility will be eclipsed by on-demand mobility, shared mobility, and seamless integrated mobility.
Car design is also changing. Experts forecast that some car manufacturers will shift to producing white-label electric skateboard-like models housing the powertrain and chassis. Body and interiors (the top hat in car designer jargon) may be designed and manufactured by others. Cars will be assembled the way iPhones are designed (by Apple) and manufactured (by Foxconn).
We will start to see more trucks and personal cars joining and driving in platoons on highways taking advantage of wireless Vehicle-to-Vehicle (V2V) communication and autonomous control.
Software and data are at the heart of what is obviously a customer/driver centric evolution. But again, the customer, usually the driver, will eventually become a passenger in the future!
With V2I communication, if a connected car driving on the smart roads of the futuristic Woven City causes damage to a smart lamppost, it will instantly receive information from its embedded IoT devices. This data could be relayed to the insurer as part of a First Notice of Loss (FNOL) process before a claim is even made by the local authority.
Inherent vulnerabilities within vehicular communications could lead to catastrophic cyber events. Insurers would need to design their cyber coverage with a clear understanding of risks posed. That is a major challenge. Scoring cyber risks is a specialized domain. In underwriting, insurers will need to consider factors such as the nature of open standards adopted by OEM for access authentication and authorization, OTA software updates, brand and model of vehicle, and the extent of blockchain secured data. Smart contract based catastrophe coverage is a primary blockchain use case. In the event of a DDoS attack, blockchain oracle services can be used to make senor data available to the smart contract to verify the state and condition of vehicle. Processing of a hacking incident will involve a vehicle or OEM calling a function in the smart contract thus reporting damage to insurer. Thereon, the claim may be processed automatically or semi-automatically based on contract terms and coverage.
Paradoxically, cyber insurance and blockchain technology are both still relatively in their infancy. There are concerns that use of smart contracts may add another layer of complexity and one would say risk as well.
In-car payments present an interesting overlap of automotive and FinTech. The most basic form of Usage-Based-Insurance (UBI) is PAYD where premium is directly related to number of miles driven. Premium collection and in some cases rebate, traditionally requires manual verification of odometer reading through email communication between insurer and customer. At policy renewal, some insurers make use of certified odometer auditors. Making odometer data directly accessible from vehicles would provide a far more reliable source of information. It reduces the risk of odometer tampering and eliminates the incremental cost of audits.
Jaguar, Honda and Hyundai have embedded payment technology into In-Vehicle-Infotainment systems (IVI) to automate in-car fuel payment at the pump. Synchronously, premium collection for PAYD could be automated by invoking payment functionality at the same time payment for fuel or EV charging is made.
Receiving odometer reading could have advanced uses as well. Today, actuarial models are increasingly shifting from vehicle-year exposure to miles-driven exposure for predicting future performance of motor portfolio. It would be extremely sensible to be able to collect information from the odometers of all vehicles insured to allow for real time assessment of motor portfolios.
Predictive and preventive maintenance is becoming a harbinger of proactive customer behavior. Analytics using vehicle age, annual miles driven, data on system faults, the state of vehicle components, such as the braking system, tyre pressure etc. are useful in estimating potential crash intensity. This information is generally viewed as a genuine touch point by customers.
In practice, this is one of the most difficult ideas for insurers to convert into proactive customer behavior. Prompting private car owners to take proactive action mid-policy term is not easily accomplished without the right level and combination of incentives.
Brainstorm sessions by OPIN’s mobility group generated some interesting ideas for using a multi-layered approach of incentives or bonuses that the customer could enjoy. As this is a topic still under development by the group, our recommended approach will be published in a forthcoming whitepaper.
Outstanding Challenges
Despite the advances made by OPIN’s working group and automotive partners in designing interoperable insurance and mobility standards, there are concerns, limitations and gaps that are hard to solve or quantify at least for the time being. Chief architects on both sides have drilled down to almost the circuit board level and experts on the mobility side have received in depth insights of insurance processes across the value chain.
Chief among these challenges are concerns relating to driver consent, data processing purposes and time limitation, sharing data with third parties, price discrimination, ML biases, and transparency. These are important topics for insurers, OEMs, customers, and not least regulators. The EU for example has recently published a consultation document to specifically limit third party data access, and has recommended that processing of vehicle metrics remain in the host vehicle unless transfer is strictly necessary. To the credit of the EU, it required the installation of embedded telematic devices on all new vehicles by 2024. To explore the topic, OPIN’s Legal & Regulatory Working Group and the Mobility Working Group will jointly address many of these concerns.
There are also economic and technical challenges in connected vehicles communicating with dynamic open insurance platforms. The cost incurred in power consumption and cellular bandwidth could be substantial to all stakeholders considering it is estimated that these vehicles will produce 25GB per day. Data transmission and computational capacity needed to handle complex, and resource heavy applications may affect battery health, state of charge systems in EVs and optimal vehicle operation. Of course, all of these factors are influenced by the frequency of trips made by driver.
Connected and autonomous cars may provide higher quality of life, cleaner environment, and less congestion. Open insurance will help insurers design customer centric, frictionless, seamless experiences, and cost-effective coverage. Alongside the technical and legal challenges, cultural and social acceptability are sticky issues for both industries.
With closer cooperation and global standardization between insurance and automotive industries we expect open data sharing will accommodate the needs of the two domains and their consumers. We also hope it becomes a source of inspiration for automotive professionals, engineers, researchers, and technology enthusiasts.