IP Information & News

Ignition to identification — the ‘car key’ is evolving

Dr Terence Broderick

By Dr Terence Broderick

Patent Attorney

The function of the car key is changing. The ignition lock was initially invented in the early 20th century, though cars still required a driver to crank the engine by hand before the car could be driven. With the introduction of the starter motor, the car key also functioned as a means of initiating ignition, as well as securing access to the vehicle. In the mid-1990's, central locking systems led to the development of the ‘smart key’ — the mere presence of which enabled the driver to access and drive the car without placing it into the ignition. The car key was now electronic, and any mechanical engagement with the car was no longer needed.

Recent developments have seen car keys evolve further, and the very idea of the car key is now as much about digital identity as it is about access and ignition.

Recent developments

UK-based security innovator Trustonic recently announced that it is providing a secure digital car key system to Volkswagen and Hyundai that is based on the provision of a secure communication path between a driver’s mobile device and the cloud. This utilises the concept of a Trusted Execution Environment, which protects the part of the mobile device that executes the relevant program code from the threats from the remainder of the device; and a Trusted User Interface which enables applications to interact with the driver whilst providing complete isolation from the device’s main operating system. This provides a secure cryptographic exchange between a driver’s mobile device and the vehicle for the purpose of accessing the vehicle.

Less about access and more about the identity of the driver, the recently launched Volvo Care Key enables the owner of the car to set a speed limit on their car depending on who is driving it. This means that in the same way that parents have become used to setting user restrictions on phones and tablets, a car owner can set a reduced speed limit if lending their vehicle to a younger relative or a less experienced driver.


The development of these technologies have slightly different aims. The former is about authentication of the driver and the latter is about authorisation and the ability to place restrictions on the way a driver is able to control the vehicle.

As cars become more and more connected as part of the internet-of-things, this expanded functionality of the car key becomes more and more about the digital identity of the driver than about accessing the car or switching the engine on. The digital identity of the driver represents the interaction of the driver with the car and the wider network, whether that be the internet-of-things, the connected car infrastructure or even just the internal management systems which control the car while it is being driven. It seems likely that each of us will have a ‘user profile’ linked to our car keys, that will allow the car to adapt automatically to our driving permissions, physical requirements and even our streaming playlists.


Digital identity management has been discussed as an improvement to cybersecurity and its application to drivers and their interaction with their vehicles is no different. The increased cybersecurity provided by the latest car key solutions will make cars more difficult to steal and more difficult to misuse as an entry point into a network of connected devices or as a physical tool to nefariously cause physical damage.

However, cyber criminals see opportunities and weaknesses even in the strongest systems and what seems ironclad today could become a weakness tomorrow. It is therefore imperative that innovators in the automotive sector stay ahead of cyber criminals by understanding the vulnerabilities in both their technologies and the wider transport infrastructure, as well as recognising the opportunities these provide for improving driver experience and security.

Moving forward

The management of a driver’s digital identity is vitally important as cars become extensions of our connected environment rather than simply tools to move us from the proverbial A to B. Maintaining the cybersecurity is also vital as any vehicle can be a source of enormous problems in the hands of a cyber criminal. As personal data becomes intertwined with vehicle usage, it is also important that user privacy is respected, as indicated in the recently published guidelines from the European Data Protection Board, discussed previously. At the same time, the ability to identify a driver will remain essential for the purpose of law enforcement.

A trusted automotive infrastructure needs to meet all of these challenges if it is going to be fully accepted and adopted by the public. Embedding a car key inside a mobile device using cryptography is a very elegant solution to preventing unauthorised access to a vehicle, but the safety of the user and their data must remain a priority.

If you would like to discuss the technological solutions you have been developing to improve the management of digital identity with regard to drivers and to improve the privacy and security around how the generated data is accessed, get in touch with me at tsb@udl.co.uk.

Related articles

You may also be interested in these...



Automotive cybersecurity is racing up the agenda — how will you respond?

A new European Commission sub-group will collaborate around automotive cybersecurity infrastructure.

Read more



Focus on rechargeable batteries

UDL’s Dr Tahsin Ali Kassam features in this month’s issue of the Materials World magazine

Read more



Driving the future – how automotive design and innovation design is shaped by society

What has driven automotive innovation in the past and what is going to drive it in the future?

Read more

Website by Extreme