Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple's 'CarKey' API could control your HomeKit smart lock in future

Last updated

The sudden appearance of the 'CarKey API' may only be the beginning, as Apple is seemingly exploring how it can expand on its cryptographic-based device authentication to bring digital keys into other areas.

The first beta of iOS 13.4 revealed traces of a "CarKey" API, one which would effectively turn the iPhone into an electronic key for a vehicle, similar to current keyless unlocking and starting systems employed today. By bringing the iPhone close to an NFC point, it could feasibly allow a car to start and to be driven, while also offering the option of sharing a version of the key to others with certain permissions disabled, such as enabling a car to be unlocked but not driven.

In a patent application titled "System access using a mobile device" published by the US Patent and Trademark Office on Thursday, Apple seems to be planning a much wider use of the concept than in just vehicles. The abstract for the filing mentions it would be used to authenticate a mobile device for access to system functionality, including "physical access to a system, starting an engine."

This could mean more than a car, and could easily apply to other access-oriented systems, like a smart lock on a home's door, access to an office for work, or to log in to a computer as already offered by the Apple Watch.

The patent application largely covers the possible processes for performing an authentication check between the smartphone and the locking system it is interacting with, rather than its possible applications.

A chart showing how the process of pairing and authentication could flow A chart showing how the process of pairing and authentication could flow

In short, the pairing system involves the creation of public and private keys on both the mobile device and the locked system sides as part of a pairing process. After pairing, the public keys and a shared secret from the pairing process are used to verify a signed certificate created using private keys, then an encrypted signature is transmitted as proof of verification, allowing further trusted communications to occur.

In various declarations, this can include the mobile device being set to not send identifying information until after verification of the signed certificate, and the exchange of keys using an "elliptic curve Diffie Hellman (DH) function."

It is also proposed the mobile device could share access to functions of the locked system with another device, via another similar certificate-signing process. The sharing could be performed over a private and direct wireless connection between the two mobile devices, without relying on an online server or messaging service to hand over access.

There are mentions of the use of a security token as a form of authentication between the mobile devices, which can be stored in a separate mailbox location for later access.

While sharable, the sharing system would also allow the original authorized device to revoke shared access by sending a revocation message, which is followed by a confirmation receipt generated by a secure circuit.

If implemented into the CarKey API, this can enable a driver to temporarily grant access to their car to a friend's device, either locally or remotely, with the ability to only unlock the vehicle for access and not to drive it, then later revoking permission to access. Elsewhere, this could feasibly grant access to a building to an individual without needing to physically pass a key.

The concept of digital keys on mobile devices lends itself quite neatly to rental-based services. For example, an AirBNB host could grant guests a temporary use key on their device for the duration of a visit, or a car rental business could provide car keys to a customer without the need for a local kiosk or store.

The patent application lists its inventors as Arun G Mathias, Florian Galdo, Matthias Lerch, Najeeb M. Abdulrahiman, Onur E. Tackin, and Yannick Sierra.

Apple files numerous patent applications on a weekly basis. Though the existence of a patent application does not guarantee the concept will appear in a future product or service, it does inform of areas of interest for Apple's research and development efforts.

Apple has previously looked at the use of a mobile device as an authentication token for external uses, including the possibility of it being used to securely present government ID. This could mean an iPhone has a chance of being used as an effective digital passport or driving license, depending on future legislative changes.

On the motoring front, Apple is a charter member of the Car Connectivity Consortium, which published its first Digital Key Release 1.0 standard for NFC-enabled smartphone interactions with a vehicle in 2018. As a charter member, Apple is largely expected to be implementing standards defined by such technical groups.

Apple has also filed a patent application for "Enhanced automotive passive entry" in August 2018, which suggested the use of magnetic antennas and radio frequency antennas to determine the range of an iPhone from a vehicle, to enable features based on location. A November 2019 patent proposed a similar idea, using Bluetooth and Ultra-Wideband to determine the location and to exchange cryptographic keys.

Whether it will be used in the often-rumored Apple Car remains to be seen.



9 Comments

❄️
robin huber 22 Years · 4026 comments

Please PLEASE put the car key on the Watch and not just the iPhone. It’s so nice going in to Trader Joe’s in my gym shorts that have no pockets and paying with my watch. Even nicer if I didn’t have to hand carry my car key fob, or my iPhone, to lock and unlock my car. 

❄️
avon b7 20 Years · 8048 comments

Huawei has had this kind of functionality for the last two years I believe. Audi was first on select models and BMW was rumoured to be in the frame too.

You had NFC for phone opening and engine start with the option to 'share' keys with other phones.

I don't drive so I never really never took that much interest in it but I was under the impression that this kind of functionality was open to the iPhone via an Audi Connect app.

Also parallel to this news is the scheduled Huawei event for the 23 Feb with the 8+1+N Strategy where the phone is the '1' acting as a secure hub over the network (N). This was first revealed last year;

https://www.gizmochina.com/2019/06/28/huawei-18n-strategy-5g-era/

The core ideas look similar at first glance. 

I thought the whole phone key thing was a relatively common thing on the big car brands but that could just be a non driver's impression.

🌟
GeorgeBMac 8 Years · 11421 comments

Although I suspect the roll out of this will be very slow, I am very much looking forward to it as possibly one of the most helpful of Apple's features.
As a runner, I carry as little as possible on me -- basically just a watch (and yes, pants too!).  So, the ability to lock and unlock my car from my Apple Watch would be very helpful.  But even just being able to not have to worry about losing or forgetting my house key would be great too.

And, actually, the Apple Watch is far better suited to this than the iPhone.  Increasingly I am leaving my phone behind and simply rely on my Apple Watch with LTE to do what I need.  Plus, the Apple Watch is always with me (I sleep with it and bathe with it on).  And, even nicer is that it is super fast and convenient because you don't have to pull anything out of your pocket nor do you have to sign on.   It's always there on my wrist and its always signed on.  So, at the grocery store, I tap one button and zing -- my payment is complete.

I am looking forward to this!

🎄
gatorguy 13 Years · 24633 comments

Please PLEASE put the car key on the Watch and not just the iPhone. It’s so nice going in to Trader Joe’s in my gym shorts that have no pockets and paying with my watch. Even nicer if I didn’t have to hand carry my car key fob, or my iPhone, to lock and unlock my car. 

What car company is it showing a bundled up skier unlocking her car with her watch? Looked awkward but at least she wasn't digging under layers of warmth to find a key. 

🎄
cg27 18 Years · 223 comments

This will be the next best thing after Ford’s keypad entry which they’ve offered for decades on all models.