Keyfactor Control for Automotive Manufacturers
By 2020, there will be a quarter billion connected vehicles on the road. We entrust our lives to these massive moving machines every day. Keeping them secure is priority one.
Securing Your Automotive Products

Connected vehicles offer a new level of ease and convenience to the modern consumer. The ability to stream music, freely communicate, access real-time data, navigation, and receive maintenance alerts are all tremendous and helpful features. Yet recent headlines have demonstrated notable security gaps confirming that the threat of hackers worming their way into automotive systems is real.

We designed Keyfactor Control to empower development teams to implement reliable, complete, robust PKI and cryptography during design. Incorporating security right from the start affords the confidence that your connected devices will stay secure and protect consumers throughout the vehicle’s entire lifecycle. Keyfactor Control’s flexible and scalable automotive cybersecurity options give you freedom and ease to secure the entire product line from end-to-end.

Automotive IoT Security – At Scale

When you’re the one running the line, there’s nothing more meaningful, or more challenging, than securing every product on a global scale. Whether it’s a controlled update, new certificate configuration, or an unexpected breach, it’s critical to stay on top of your entire device fleet down the street or around the world. Effective management of in-field updates can mean the difference between securing a satisfied customer, announcing a costly recall or embarking on a crisis management campaign. Including cybersecurity into device development should not be an afterthought – it should be rooted in the design.

Keyfactor Control Case Study

Managing 500 Million Connected Vehicles

Keyfactor performed a pilot designed to secure a large fleet of simulated connected vehicles. The premise was based on a catastrophic re-enrollment scenario where security was breached, which is a real-life threat in the automotive industry. The goal was to validate the ability to handle revocation and reissuance of 500 million certificates, and understand the time it would take to complete. The results were exceptional.


The Problem
Security complexities of connected vehicles

The promise of connected vehicles is tremendous, and so are the security measures required to reach that destination without winding up in a ditch, both literally and figuratively. Highly complex systems from multiple vendors, with legacy standards, equipment and infrastructure, all make very attractive targets for malicious actors.


The Solution
Scalable automotive cybersecurity

Keyfactor performed a pilot of securing a large fleet of simulated connected vehicles, based on a catastrophic re-enrollment scenario where the RoT was breached. The successful pilot demonstrated the ability to store, manage, and report on over 211 million certificates, and provide command-and-control instruction to 68 million simulated vehicle agents. Each vehicle’s agent polled for updates with a check-in rate of 800 per second, and pulled down the newly issued credentials and root.

With Keyfactor Control You Get:
Secure Code Signing

Signing firmware and software updates are a critical best practice to ensure that the software installed in your devices is genuine.

Installation and Identity Provisioning

Installation of Keyfactor Control and provisioning of a secure and unique identity during the device activation process.


Keyfactor Control empowers one-step automation of certificate and Root of Trust (RoT) management, and is available for embedded Android, and native-C for real-time operating systems.

Centralized Root of Trust Management

Certificates, key stores, and trust stores across all devices, applications, servers and services within the IoT ecosystem.


Incorporate encryption, authentication, and secure code signing within your IoT devices and applications using Keyfactor Control SDKs and APIs.

Extended Identity Attributes

Bind custom attributes to device identities without having to modify, revoke or reissue any certificate.

IoT Ecosystem Integration

APIs and plug-ins allow the IoT ecosystem to authenticate device identities, and enforce granular access control based on extended attributes.

Mass Scalability

Proven in environments of 500-million devices, running either on-premise, in the cloud, or in a custom architected hybrid mode.

Private and Public Certificate Authority

Includes a fully managed private PKI, and supports both internal certificate authorities as well as public issuers such as Certicom, DigiCert, and Entrust.

Whether you’re a manufacturer of connected vehicles or producer of automotive aftermarket IoT products, the end user is counting on you to build a product that will stay secure every day, during every use. Keyfactor Control makes it easy and affordable to build in high-assurance secure identity every step of the way.