Recharging in private
An electronic payment system developed in Singapore will protect the privacy of customers recharging their electric vehicles.
Most electric vehicles need to be recharged every 100 to 150 kilometres, with each recharge potentially exposing information related to a customer's payment and location. Now, researchers at the Agency for Science, Technology and Research (A*STAR) have designed a new system that can allow quick and easy money transfers at electric vehicle charging stations without jeopardizing customer privacy.
"Cybersecurity is an important factor for payment systems, but it is often ignored by users or administrators until the system is being attacked," says researcher Joseph Liu.
The recharging of electric vehicles presents unique challenges for privacy, not least because some cars with solar panels can sell electricity back to the grid, meaning payments flow in both directions. Without tight security, payment companies or hackers could monitor where and when cars are charged, gaining insight into people's lifestyles that could be exploited for spam marketing.
"Some popular electronic payment systems, like credit cards, do not provide any privacy, while other systems, like prepaid cash cards, may not be suitable for large payments, or are not insured against card loss," says Liu. "Cash is anonymous, but requires expensive machines to keep cash stores secure from thieves."
The new system developed by Liu and co-workers is based on an in-car unit that resembles a smartphone or tablet and allows two-way anonymous payments for recharging. Users can instantly shut down their accounts and retrieve unused credit. Also, if their car is stolen, they can revoke the location privacy to help police trace the car. In the event of a dispute between a user and a supplier, either party can submit the claims to an independent judging authority for investigation.
The researchers tested their system by simulating three different types of attack: a hacker trying to track the transactions of an honest user, a user trying to underpay for services, and a supplier trying to slander an honest user. The system proved robust against all three attacks.
The team has implemented a prototype of its secure charging system and is now seeking an opportunity to deploy the tamper-proof in-car units in electric vehicles.