The global automotive cybersecurity market size is projected to grow from USD 1.9 billion in 2020 to USD 4.0 billion by 2025,
at a CAGR of 16.5%, according to MarketsandMarkets. It analysed that increased use of electronics per vehicle and
a growing number of connected cars, and reinforcement of mandates by regulatory bodies for vehicle data protection are
some of the key factors that will drive the market for the automotive cybersecurity market.
Connectivity issue in cellular networks
Digital car key solution aims to complement traditional methods while being
robust enough to fully replace them. It allows individual owners to easily and
confidently use their mobile devices to access vehicles. However, it isn’t likely
to replace the physical keys any time soon. Since current digital key solutions
require network connectivity for certain operations, the driver’s mobiles and
vehicles should be connected to the network to receive and activate the key.
Drivers often come across an accessibility issue when the vehicle is located
in a basement or rural area where network connectivity is typically weak. We
need a better digital key solution to overcome the risk of relying on a network
connection for the user’s ultimate keyless access.
External connection risks
The in-vehicle network is designed to operate in a closed
environment, so security issues are unlikely to occur. However,
as the number of external interfaces to the in-vehicle network
increases, the probability of the occurrence of security issues
increases. Connecting inexpensive commercial devices or
continuous communication with external networks for
autonomous vehicles exposes drivers to constant threats.
Vehicles exposed to external threats are not only results in financial damage, but can be directly related to life, so more attention is required.
Mobile app authentication vulnerability
Manufacturers release their own mobile apps to facilitate communication with vehicles. As a result,
we are always facing malicious threats through these apps. For example, in the case of a token-based authentication process,
a hacker can remotely turn off the vehicle or issue an incorrect command.
In particular, if unnecessary in-vehicle systems are operated and the battery of the electric vehicle is forcibly consumed,
the vehicle may not move.
swIDch provides OTAC technology in the form of SDK/API to automotive companies to enhance authentication in security and user experience.
- Locally generates a dynamic digital key without cellular network connectivity
- Blocks external threats in advance through one-time code generation
- Securly grant a key with expiration time to your family and friends
- Key can only be passed on network connection e.g. key transfer by token
- There are no solutions to key theft and fraudulent reuse i.e. connected to open internet
- The usage time of the key cannot be controlled e.g. rental period, time of return
No Networks Required
- Networkless Environment
- Dynamic key information
- Virtual key information
OTAC Dynamic Digital Key solution
swIDch’s Dynamic Digital Key solution can bridge this connectivity gap. Our underlying technology, OTAC (One-Time Authentication code) allows drivers to access a vehicle in a networkless environment. Additionally, OTAC is designed to not only support a comprehensive level of security with Multi Factor Authentication, but also to secure Bluetooth with Dynamic Authentication Mechanism to prevent hacking key threats.
OTAC is fully compliant with Secure Element capabilities and a Trusted Algorithm to host in Trusted Execution Environment (TEE). No matter where the driver or car is located, there are no obstacles for drivers activating the digital key and sharing it with an authorized person e.g. family members, rental car customers, car-sharing customers, etc. The system ensures multi-person access via smartphone app without compromising security.
that provides all of the following features, tested and substantiated
by the University of Surrey technical report
Sufficient to IDENTIFY user
that does NOT duplicate
in off-the-network environment