Autocharge versus “plug and charge”

It turns out that there are better and worse ways to accomplish a seamless charging experience for fast DC charging of electric vehicles.  There is “autocharge” which is older and more widely adopted, and less secure.   EVgo uses “autocharge”.  And there is “plug and charge” according to ISO 15118, which is much more secure, but is much newer and is not yet widely adopted. 

With the older “autocharge” approach, the charging service provider uses any of a variety of vehicle identifiers, transmitted “in the clear” between the vehicle and the charging system.  The identifier used by EVgo for autocharge is a MAC (media access control) address stored in the vehicle for its communications system.  There is, I guess, some risk of somebody spoofing the MAC address and charging up their vehicle for free, at the expense of some other customer of EVgo.  Here is how EVgo explains it:

EVgo has set up several processes to detect potential fraud.  If the time, location, and State of Charge (SoC) are impossible or improbable, the session will be stopped, and customers will receive a notification of potential fraud, requiring their confirmation to allow Autocharge+ (i.e., if your account is used to start a charge in California and then to start a charge in Ohio ten minutes later, this will be flagged as potential fraud). As long as you’ve signed up to receive messages from EVgo, you’ll always receive a notification that an Autocharge+ session has started.  Please contact the EVgo Charging Crew right away if you suspect a session that isn’t yours. You can call 877-494-3833 for 24/7 assistance.

Here is how one commenter describes “plug and charge”:

Plug & Charge uses a variety of cryptographic tools to secure communications between the vehicle and the charging infrastructure, protecting the driver’s personal information, the vehicle’s systems that are “touched” during the charging process, and the charging infrastructure – from malicious third-party actors during the charging process. Once the vehicle-charge point connection is established, all identification and authorization happen across a highly secure communications link, to ensure data is exchanged in a confidential and authenticated way.

Unlike Autocharge, ISO 15118’s Plug & Charge relies on digital signatures and public key infrastructures. This security paradigm is built into the Plug & Charge identification mode, as defined by ISO 15118.

Authentication standards allow the EV to automatically identify itself to the charging network and have the backend system “issue” validation, and then begin the charge. Each vehicle is linked to an individual billing account, whether personal, family, corporate, or other EV owner, and the transaction will be accurately documented to reflect the energy that was supplied to the EV.

According to one commentator, Tesla vehicles use a proprietary version of Plug & Charge.

According to one commentator, cars from Volkswagen Group do not have a fixed MAC address and cannot use AutoCharge.

Leave a Reply

Your email address will not be published. Required fields are marked *