As payment networks mull facilitating transactions from automobiles there are security concerns now being aggressively addressed. Giesecke & Devrient and IBM are teaming up to work on a new connected vehicle security solution with the intent to make car hacks much more difficult in the future.
The new crypto chip and key solution is being showcased first at IAA International Automobile Fair in Frankfurt, September 17 to 27.
IT security is becoming a crucial precondition for the automotive industry in terms of a wider adoption of connected vehicles.
Security infrastructures are required within the vehicle and from the vehicle to the backend infrastructures. As trusted partners and suppliers for the automotive industry, IBM and G&D team up to tackle these security challenges for the connected vehicle ecosystem.
IBM and G&D present a first showcase of the connected vehicle security solution at the IBM booth no. 3.1 B48 in the New Mobility World.
The technology partners will demonstrate a “Secure Gateway ECU” to enable a more secure communication within the vehicle and to the backend. The partners expect a further development of the platform based on OEM customer requirements over time, potentially combining other security elements to enhance the existing crypto key and chip core elements. The highlights:
Management of trusted identities in a secure environment
Trusted Service Management to ensure driver data security and privacy
Secure Gateway ECU to ensure the communication within the car and to the backend
Highly flexible connectivity management with G&D’s subscription management solution
The IBM/G&D end-to-end connected vehicle security solution platform will be based upon multiple IT security related solution components:
Highly protected hardware elements with Smart Card level security, so-called “embedded Secure Elements” (eSE), within the vehicle for storing cryptographic keys in a protected high-level tamper-resistant area help to raise the level of security and to reduce the number of car hacks drastically.
Key creation and lifecycle management in a key management back-end is essential to ensure both the availability and security of the encrypted information. The management of trusted identities protects users identity and enables authorized access to vehicle.
The Subscription Management of the SIM modules (M2M SIM cards) provides automotive OEMs with more flexible connectivity solutions. A car can be individually configured for security settings when delivered in different markets and connected to service operators without changing the SIM module to simplify the logistics. This allows vehicle manufactures more flexibility when producing vehicles for different counties with many mobile network operators (MNOs).
The subscription to the MNO can be programmed when the vehicle is delivered to the destination country after manufacturing.
Security intelligence within the vehicle, closely linked to security intelligence capabilities on the backend side, improves the detection of hacker attacks from abnormally operation monitoring. Security intelligence on the backend side with Security Operations Centers and Security Intelligence and Event Management helps detect tampering operations at an early stage to detect hacker attacks early and to avoid damages to the system. Secured communication channels and secured data storage in the cloud ensure highest standards for data privacy. This also helps to make payment transactions safer with a resilient backend infrastructure.
For data, background and forecasts on Giesecke & Devrient: Search CardWeb.com’s CardFlash® Library of more than 58,000 archived articles; Access CardWeb.com’s CardData® for current and historical Performance, Portfolios, Profiles, etc. Visit RAM Research® (ramresearch.com) for quarterly and annual forecasts covering more than 150 metrics. [complimentary or deeply discounted access to CardWeb.com subscribers].
Additional database resources include CardWeb.com’s CardExecs® – comings & goings of payments movers & shakers; CardWeb.com’s CardWatch® – ears & eyes on marketing globally (57K items); and CardWeb.com’s CardPixes® – form & function of card design (7K items).