Pain points

The global automotive cybersecurity market size is projected to grow from USD 1.9 billion in 2020 to USD 4.0 billion by 2025,
at a CAGR of 16.5%, according to MarketsandMarkets. It analysed that increased use of electronics per vehicle and
a growing number of connected cars, and reinforcement of mandates by regulatory bodies for vehicle data protection are
some of the key factors that will drive the market for the automotive cybersecurity market.

Connectivity issue in cellular networks

Connectivity issue in cellular networks

Digital car key solution aims to complement traditional methods while being
robust enough to fully replace them. It allows individual owners to easily and
confidently use their mobile devices to access vehicles. However, it isn’t likely
to replace the physical keys any time soon. Since current digital key solutions
require network connectivity for certain operations, the driver’s mobiles and
vehicles should be connected to the network to receive and activate the key.
Drivers often come across an accessibility issue when the vehicle is located
in a basement or rural area where network connectivity is typically weak. We
need a better digital key solution to overcome the risk of relying on a network
connection for the user’s ultimate keyless access.

External connection risks

External connection risks

The in-vehicle network is designed to operate in a closed
environment, so security issues are unlikely to occur. However,
as the number of external interfaces to the in-vehicle network
increases, the probability of the occurrence of security issues
increases. Connecting inexpensive commercial devices or
continuous communication with external networks for
autonomous vehicles exposes drivers to constant threats.
Vehicles exposed to external threats are not only results in financial damage, but can be directly related to life, so more attention is required.

Mobile app authentication vulnerability

Manufacturers release their own mobile apps to facilitate communication with vehicles. As a result,
we are always facing malicious threats through these apps. For example, in the case of a token-based authentication process,
a hacker can remotely turn off the vehicle or issue an incorrect command.
In particular, if unnecessary in-vehicle systems are operated and the battery of the electric vehicle is forcibly consumed,
the vehicle may not move.

The solution

swIDch provides OTAC technology in the form of SDK/API to automotive companies to enhance authentication in security and user experience.

  • Locally generates a dynamic digital key without cellular network connectivity
  • Blocks external threats in advance through one-time code generation
  • Securly grant a key with expiration time to your family and friends

As-is

Networks Dependent

Networks Dependent

  • Key can only be passed on network connection e.g. key transfer by token
  • There are no solutions to key theft and fraudulent reuse i.e. connected to open internet
  • The usage time of the key cannot be controlled e.g. rental period, time of return

To-be

No Networks Required

No Networks Required

  • Networkless Environment
  • Dynamic key information
  • Virtual key information

OTAC Dynamic Digital Key solution

swIDch’s Dynamic Digital Key solution can bridge this connectivity gap
Our underlying technology, OTAC (One-Time Authentication code) allows drivers to access a vehicle in a networkless environment.
Additionally, OTAC is designed to not only support a comprehensive level of security with Multi Factor Authentication,
but also to secure Bluetooth with Dynamic Authentication Mechanism to prevent hacking key threats.

OTAC is fully compliant with Secure Element capabilities and a Trusted Algorithm to host in Trusted Execution Environment (TEE).
No matter where the driver or car is located, there are no obstacles for drivers activating the digital key and sharing it with an authorized
person e.g. family members, rental car customers, car-sharing customers, etc. The system ensures multi-person access via smartphone app
without compromising security.

Why swIDch

OTAC, developed by swIDch, is the original technology
that provides all of the following features, tested and substantiated
by the University of Surrey technical report
Why swIDch
DYNAMIC CODE that is
Sufficient to IDENTIFY user
DYNAMIC Authentication code
that does NOT duplicate
Uni-directional authentication
in off-the-network environment

OTAC is a dynamic code, which means the code keeps changing. As a result, you don’t need to worry about any leak of your personal information, such as
your card details, because the codes must have already been changed when others try to use them.

The network connection is NOT necessary at all for generating OTAC.

Reducing an authentication stage that requires the network connection directly means there are fewer gateways for
the hackers
to access our personal information.

Moreover, this feature enables users
to authenticate even when they are
in networkless environments, such
as on the plane, underground, rural or foreign areas.

swIDch can guarantee that the code never duplicates with anyone
at any given moment.

There is NO chance of someone else having the same code.

The users or their devices can be identified with the code alone.

Once OTAC has been generated, providing OTAC alone is already fully sufficient to identify the user as the code is unique.

It means, you can forget about the bundles of static information including IDs and passwords.