Company Logo
Digital Key and Keyless Telematics

Digital Key and
Keyless Telematics

A phone-as-key system that turns a smartphone into a secure vehicle key over BLE and UWB, provisions access from the cloud, hands a car over between users in seconds, and resists relay attacks. From the secure element in the vehicle to the access app, keyless that you can trust.

THE CHALLENGE IconTHE CHALLENGE

A Digital Key Is a Lock You Are Asking People to Trust

Replacing a physical key with a phone is easy to demo and hard to make safe. The system has to authenticate a phone to a vehicle without anyone being able to clone the credential, relay the signal from a key sitting in a house to a car on the driveway, or pull secrets off a stolen device. It also has to provision and revoke access instantly, work when the phone has no network, and measure distance accurately enough that the door only opens for someone actually standing next to the vehicle. The digital key system is engineered around that trust problem.

Sits inside the Telematics and GPS Tracking stack and shares hardware and platform building blocks with Connected Vehicle and OEM Telematics.

WHAT'S INCLUDED Icon

WHAT'S INCLUDED

Phone-as-Key, End to End

BLE and UWB Radio Design

The in-vehicle radio module pairs BLE for connection and command with UWB for precise distance measurement, so the vehicle knows that a key is nearby and exactly how far away and on which side.

Secure Element and Key Store

The cryptographic keys are held in a hardware secure element on the vehicle side, so the credentials that unlock and start the vehicle never sit in plain firmware where a tamper or a memory dump could reach them.

Access Provisioning Service

A cloud service issues, scopes, and revokes digital keys. A key can be full access, time-limited, or restricted, and provisioning or revocation takes effect across the fleet in real time.

Anti-Relay Distance Bounding

UWB time-of-flight ranging defeats relay attacks. Because the vehicle measures true distance to the phone, an attacker cannot fool it by relaying a BLE signal from a key that is actually far away.

Car-Sharing Handover

The handover flow that car-sharing and rental depend on: a key appears on the next user's phone, the previous user's key is revoked, and the vehicle confirms the change without anyone meeting to exchange anything.

Access App and SDK

An access app and an SDK let unlock, lock, start authorisation, and key management embed into your own product, with offline-capable keys for when the phone has no signal at the vehicle.

HOW IT WORKS Icon

HOW IT WORKS

From Cloud Grant to Door Open

The flow has to be fast for the user and unforgiving for an attacker. It is designed so the convenience never weakens the security.

Provision the Key

The cloud service issues a scoped, signed digital key to the user's phone and binds it to the vehicle's secure element, with the option of an offline key for low-coverage locations.

Authenticate and Range

At the vehicle, BLE establishes the connection and a challenge-response authenticates the phone, while UWB measures true distance so the action only triggers when the user is actually present.

Authorise and Act

The secure element verifies the credential, the vehicle unlocks or authorises start, and the event is logged to the cloud so access is fully accountable.

WHAT YOU GET Icon

WHAT YOU GET

Keyless That Holds Up in the Real World

Relay Attacks Do Not Work

UWB distance bounding means a relayed signal from a phone sitting indoors cannot open the vehicle, closing the attack that defeats simple BLE-only keyless entry.

Grant and Revoke Instantly

Access is issued and pulled from the cloud in real time, so a returned rental, a finished shift, or a lost phone is handled immediately without anyone touching the vehicle.

Handover Without Meeting

For car-sharing, a vehicle moves from one user to the next with no key exchange, which is the entire reason a phone-as-key model exists.

Works Without Signal

Offline-capable keys mean the user can still unlock and start in a basement car park where the phone has no network, which is exactly where simple cloud-only systems fail.

SECURITY AND PLATFORM Icon

SECURITY AND PLATFORM

Engineered for Security and Scale

Hardware Root of Trust

Keys live in a secure element, sessions use TLS, and the firmware on STM32 with FreeRTOS enforces secure boot, so the credential chain is protected from the silicon up.

Tied Into Telematics

The key module shares the vehicle's connectivity, so access events sit alongside location and trip data, giving car-sharing and fleet operators one accountable record.

Updatable in the Field

Over-the-air updates refine the security stack, ranging behaviour, and access logic across deployed vehicles without recalling hardware.

FAQ Icon

FAQ

Common Questions

Why use both BLE and UWB for a digital key?

BLE handles the connection and command exchange reliably and at low power, but it cannot measure distance accurately, which is what relay attacks exploit. UWB adds precise time-of-flight ranging, so the vehicle knows exactly how far away and on which side the phone is. Using both gives a usable connection and a secure presence check.

How does the system stop relay attacks?

The system uses UWB distance bounding. Because the vehicle measures the true physical distance to the phone, an attacker who relays the BLE signal from a key that is actually inside a house cannot make the vehicle believe the key is next to it. The door only opens for someone genuinely standing at the vehicle.

Where are the cryptographic keys stored?

On the vehicle side, the keys live in a hardware secure element rather than in plain firmware. This means the credentials that unlock and start the vehicle are protected even if someone tampers with the module or attempts a memory dump, keeping the root of trust in hardware.

How fast can access be granted or revoked?

Provisioning and revocation happen through the cloud service in real time. A key can be issued as full, time-limited, or restricted access, and a returned rental, a finished shift, or a lost phone can be revoked immediately across the fleet without anyone needing to touch the vehicle.

Does it work when the phone has no network?

Yes. Offline-capable keys let a user still unlock and start the vehicle in a basement car park or a coverage dead zone where the phone has no signal. The key is pre-provisioned and validated locally at the vehicle rather than depending on a live cloud call every time.

How does the car-sharing handover work?

When a vehicle moves from one user to the next, a new digital key appears on the next user's phone and the previous user's key is revoked, with the vehicle confirming the change. No physical key changes hands and the two users never have to meet, which is the core of any car-sharing model.

Can access events be tied to telematics data?

Yes. The key module shares the vehicle's connectivity, so unlock, lock, and start events sit alongside location and trip data on the same platform. Car-sharing and fleet operators get one accountable record linking who had access to where the vehicle went.

Related pages

Telematics and GPS Tracking HubConnected Vehicle and OEM TelematicsCar-Sharing TelematicsBLE and Zigbee ConnectivityGPS Tracking Device Development

Ready to Build Your Digital Key System?

Share your vehicles, your access model, and whether this is for car-sharing, rental, or OEM keyless to get a walkthrough of the radio, the secure element, and the provisioning service.

Schedule a Free Consultation