Connected Car OTAC
We provide trustworthy authentication mechanisms for the Connected Car against cyber threats
Pain points
The global automotive cybersecurity market size is projected to grow from USD 1.9 billion in 2020 to USD 4.0 billion by 2025, at a CAGR of 16.5%, according to Markets and Markets. It analysed that increased use of electronics per vehicle and a growing number of connected cars, and reinforcement of mandates by regulatory bodies for vehicle data protection are some of the key factors that will drive the market for the automotive cybersecurity market.
- Connectivity issue in cellular networks
Digital car key solution aims to complement traditional methods while being robust enough to fully replace them. It allows individual owners to easily and confidently use their mobile devices to access vehicles. However, it isn’t likely to replace the physical keys any time soon. Since current digital key solutions require network connectivity for certain operations, the driver’s mobiles and vehicles should be connected to the network to receive and activate the key. Drivers often come across an accessibility issue when the vehicle is located in a basement or rural area where network connectivity is typically weak. We need a better digital key solution to overcome the risk of relying on a network connection for the user’s ultimate keyless access.
- External connection risks
The in-vehicle network is designed to operate in a closed environment, so security issues are unlikely to occur. However, as the number of external interfaces to the in-vehicle network increases, the probability of the occurrence of security issues increases. Connecting inexpensive commercial devices or continuous communication with external networks for autonomous vehicles exposes drivers to constant threats. Vehicles exposed to external threats are not only results in financial damage but can be directly related to life, so more attention is required.
- Mobile app authentication vulnerability
Manufacturers release their own mobile apps to facilitate communication with vehicles. As a result, we are always facing malicious threats through these apps. For example, in the case of a token-based authentication process, a hacker can remotely turn off the vehicle or issue an incorrect command. In particular, if unnecessary in-vehicle systems are operated and the battery of the electric vehicle is forcibly consumed, the vehicle may not move.
Solutions
SSenStone provides OTAC technology in the form of SDK/API to automotive companies to enhance authentication in security and user experience.
- Locally generates a dynamic digital key without cellular network connectivity
- Blocks external threats in advance through one-time code generation
- Securly grant a key with expiration time to your family and friends
- Before OTAC
- After OTAC
-
Networks Dependent
- Key can only be passed on network connection e.g. key transfer by token
- There are no solutions to key theft and fraudulent reuse i.e. connected to open internet
- The usage time of the key cannot be controlled e.g. rental period, time of return
-
No Networks Required
- Networkless Environment
- Dynamic key information
- Virtual key information
- OTAC Dynamic Digital Key solution
SSenStone’s Dynamic Digital Key solution can bridge this connectivity gap. Our underlying technology, OTAC (One-Time Authentication code) allows drivers to access a vehicle in a networkless environment. Additionally, OTAC is designed to not only support a comprehensive level of security with Multi Factor Authentication, but also to secure Bluetooth with Dynamic Authentication Mechanism to prevent hacking key threats.
OTAC is fully compliant with Secure Element capabilities and a Trusted Algorithm to host in Trusted Execution Environment (TEE). No matter where the driver or car is located, there are no obstacles for drivers activating the digital key and sharing it with an authorized person e.g. family members, rental car customers, car-sharing customers, etc. The system ensures multi-person access via smartphone app without compromising security.
Why OTAC
OTAC, developed by SSenStone, is the original technology that provides all of the following features at the same time.
-
OTAC is a dynamic code, which means the code keeps changing. As a result, you don’t need to worry about any leak of your personal information, such as your card details, because the codes must have already been changed when others try to use them.
-
The network connection is NOT necessary at all for generating OTAC.
Reducing an authentication stage that requires the network connection directly means there are fewer gateways for the hackers to access our personal information.
Moreover, this feature enables users to authenticate even when they are in networkless environments, such as on the plane, underground, rural or foreign areas. -
swIDch can guarantee that the code never duplicates with anyone at any given moment.
There is NO chance of someone else having the same code. -
The users or their devices can be identified with the code alone.
Once OTAC has been generated, providing OTAC alone is already fully sufficient to identify the user as the code is unique.
It means, you can forget about the bundles of static information including IDs and passwords.
Insights
Contact Us
make your service reliable with SSenStone!
Inquire now.
5F, 329, Cheonho-daero Dongdaemun-gu, Seoul, Republic of Korea
Contact below if you have an urgent inquiry.
Korea Office (SSenStone)
5F, 329, Cheonho-daero Dongdaemun-gu, Seoul, Republic of Korea (02622)
Tel : 02-569-9668 | Fax : 02-6455-9668
im@ssenstone.com
UK Office (swIDch)
Office 158, 1st Floor, 3 More London Riverside, London, England, SE1 2RE
Tel : 020-3283-4081
info@swidch.com