Pain points

The global automotive cybersecurity market size is projected to grow from USD 1.9 billion in 2020 to USD 4.0 billion by 2025,
at a CAGR of 16.5%, according to MarketsandMarkets. It analysed that increased use of electronics per vehicle and
a growing number of connected cars, and reinforcement of mandates by regulatory bodies for vehicle data protection are
some of the key factors that will drive the market for the automotive cybersecurity market.

Connectivity issue in cellular networks

Connectivity issue in cellular networks

Digital car key solution aims to complement traditional methods while being
robust enough to fully replace them. It allows individual owners to easily and
confidently use their mobile devices to access vehicles. However, it isn’t likely
to replace the physical keys any time soon. Since current digital key solutions
require network connectivity for certain operations, the driver’s mobiles and
vehicles should be connected to the network to receive and activate the key.
Drivers often come across an accessibility issue when the vehicle is located
in a basement or rural area where network connectivity is typically weak. We
need a better digital key solution to overcome the risk of relying on a network
connection for the user’s ultimate keyless access.

External connection risks

External connection risks

The in-vehicle network is designed to operate in a closed
environment, so security issues are unlikely to occur. However,
as the number of external interfaces to the in-vehicle network
increases, the probability of the occurrence of security issues
increases. Connecting inexpensive commercial devices or
continuous communication with external networks for
autonomous vehicles exposes drivers to constant threats.
Vehicles exposed to external threats are not only results in financial damage, but can be directly related to life, so more attention is required.

Mobile app authentication vulnerability

Manufacturers release their own mobile apps to facilitate communication with vehicles. As a result,
we are always facing malicious threats through these apps. For example, in the case of a token-based authentication process,
a hacker can remotely turn off the vehicle or issue an incorrect command.
In particular, if unnecessary in-vehicle systems are operated and the battery of the electric vehicle is forcibly consumed,
the vehicle may not move.

The solution

swIDch provides OTAC technology in the form of SDK/API to automotive companies to enhance authentication in security and user experience.

  • Locally generates a dynamic digital key without cellular network connectivity
  • Blocks external threats in advance through one-time code generation
  • Securly grant a key with expiration time to your family and friends


Networks Dependent

Networks Dependent

  • Key can only be passed on network connection e.g. key transfer by token
  • There are no solutions to key theft and fraudulent reuse i.e. connected to open internet
  • The usage time of the key cannot be controlled e.g. rental period, time of return


No Networks Required

No Networks Required

  • Networkless Environment
  • Dynamic key information
  • Virtual key information

OTAC Dynamic Digital Key solution

swIDch’s Dynamic Digital Key solution can bridge this connectivity gap. Our underlying technology, OTAC (One-Time Authentication code) allows drivers to access a vehicle in a networkless environment. Additionally, OTAC is designed to not only support a comprehensive level of security with Multi Factor Authentication, but also to secure Bluetooth with Dynamic Authentication Mechanism to prevent hacking key threats.

OTAC is fully compliant with Secure Element capabilities and a Trusted Algorithm to host in Trusted Execution Environment (TEE). No matter where the driver or car is located, there are no obstacles for drivers activating the digital key and sharing it with an authorized person e.g. family members, rental car customers, car-sharing customers, etc. The system ensures multi-person access via smartphone app without compromising security.

Contact us today

Why swIDch

OTAC, developed by swIDch, is the original technology
that provides all of the following features, tested and substantiated
by the University of Surrey technical report
Why swIDch
sufficient to IDENTIFY user
Uni-directional authentication in
off-the-network environment

Single-step identification and authentication with the code alone. Include our biometric option and get single-step MFA. Vastly improved UX by removing steps.

OTAC is a dynamic code, which means the code is constantly changing. Eliminates all use of static information. Forget usernames and passwords forever. Vastly reduced workload for IT helpdesks. 

No network connection required for generating OTAC, enabling uninterrupted use no matter where you are. No more waiting for additional tokens/OTPs and no need for heavy public key infrastructure (PKI). 


Highly configurable code parameters and lightweight SDK/applet means wide range of deployment options on many devices across multiple sectors.