I guess they just inverted the concept of the remote control key.

Remote control key : you push a button on your key (the transmitter), it sends a signal to a receiver in your car, your car authenticates the key (probably a request/response challenge involving some crypto), and opens the door.

Now if you swap the transmitter and the receiver : you put the transmitter button in your car door's handle, and you move the receiver to your key: you have your magic key fob.

From what I understand, the security relies on the fact that the power of the radio signals emitted by the transmitter and receiver are very low, so the range of usage is limited to a few meters. The thiefs and researchers exploited this by amplifing the radio signals of both communicating devices to extend the range up to 90+ meters.

The GP's point still stands: if you are within transmitting range of your car, anyone can push the button on the car door and open it. I doubt that the transmitter verifies line of sight between it and the car.

I have a car with that system and in my experience you need to be really close to the car for the system to work. Stand further away than arms length from the handle and the car won't open even if someone else tries to open it. Also it looks like the car has independent antennas on each side - even if I stand very close to the driver side, you can't open the car by pulling the handle on the passenger's side.

Thanks for that. If it is even sensitive to which side of the car you're on, that implies a really short-range sensor. The potential to use a signal booster still remains, but at least there is no risk of inadvertently opening your car just because you're on the other side of a wall.

I really wish car manufacturers would not rely on security through obscurity for these systems though.

The button is on the car, and it (normally) doesn't work unless you're right next to the car. It won't unlock unless you push the button, and some models will automatically lock if you walk more than a foot away.