Digital Car Key: Offline & Low Battery Access Discussion

Hey guys! Today, we're diving deep into a crucial aspect of digital car keys: making them work even when your phone's battery is dead or you're in an area with no internet. We're talking about out-of-battery and offline proximity capabilities for digital car keys, a topic that falls under the eu-digital-identity-wallet and eudi-doc-architecture-and-reference-framework categories. This is super important for ensuring that digital car keys are reliable and user-friendly in all situations.

The Core Idea: Seamless Access, Always

The fundamental idea here is simple: As a digital car key holder – imagine someone using their phone with an EU Wallet that contains a QEAA (Qualified Electronic Attestation of Attributes) for driving eligibility and vehicle authorization – you should be able to unlock, start, and even securely share access to your vehicle regardless of your phone's battery level or network connectivity. Nobody wants to be stranded because their phone died, right? This concept ensures a seamless journey and reduces dependence on network availability or expensive security hardware. After all, mobility is a fundamental right, even during emergencies or unexpected disruptions.

User Story: Reliability is Key

Let's put this into a user story to really understand the need:

• User: A vehicle user in Europe.
• Goal: To extend the non-functional requirements for EAAs (Electronic Attestation of Attributes) & QEAAs – especially those supporting automotive digital credentials – by making reliability, resilience, and digital safety core design attributes. Think of it as building trust into the system itself.
• Reason: It's crucial to design for what we call graceful degradation. This means that even when things aren't perfect (like a dead battery), the system still works. Imagine your digital car key holder’s phone runs out of battery. With the right design, the EU Wallet remains reliable and accessible even in low-power or offline conditions. This is because mobility is a fundamental right, and we want to make sure everyone can exercise that right.

Acceptance Criteria: Scenarios We Need to Cover

To make this vision a reality, we need to consider a few key scenarios. These scenarios act as our acceptance criteria, ensuring that the solution we develop is robust and covers real-world situations:

Scenario 1: Out-of-Battery Vehicle Access

Description: This is the big one! Imagine your phone battery is critically low or completely dead. You still need to be able to operate your vehicle or temporarily share access with another authorized person, even when both devices are in this low-power state. The solution needs to allow you to unlock and start the car using offline, local proximity capabilities. This means no network connection needed, and no expensive security hardware required. The access should be secure, privacy-preserving, and reliable.

In this scenario, the focus is on ensuring that the digital car key remains functional even when the primary device (the phone) is severely limited. This requires leveraging technologies like Bluetooth Low Energy (BLE) or Near Field Communication (NFC) to establish secure communication between the phone and the vehicle. Security is paramount, so the system needs to prevent unauthorized access while still providing a seamless experience for the user.

Furthermore, the user experience must be intuitive. The process of unlocking or starting the car with a dead battery should be straightforward and not require technical expertise. This might involve pre-configuring the system to recognize the user's phone even in a low-power state or having a backup mechanism that relies on a physical token or card. The goal is to minimize disruption and ensure that the user can continue their journey without significant inconvenience.

Scenario 2: Offline Proximity Capability (Credential Presentation and Sharing)

Description: Let's say you need to temporarily share vehicle access with a friend or family member, but one or both of your devices are offline. The system needs to support secure, wallet-to-wallet exchange of credentials locally. This ensures privacy and guarantees that only authorized individuals gain access.

This scenario highlights the importance of peer-to-peer communication capabilities within the digital car key system. The ability to securely transfer credentials offline is crucial for situations where network connectivity is unreliable or unavailable. This requires a robust protocol for encrypting and transmitting data between wallets, ensuring that the shared credentials cannot be intercepted or tampered with.

The design must also consider the user interface for sharing access. The process should be simple and intuitive, allowing users to easily select the recipient and specify the duration of access. Security considerations include preventing the unauthorized duplication or forwarding of shared credentials and ensuring that access is automatically revoked after the specified time period. This level of granularity and control is essential for maintaining the integrity of the system and protecting user privacy.

Scenario 3: Emergency and Crisis Access

Description: During an emergency or network disruption (like a natural disaster), you absolutely need to be able to access your vehicle and essential mobility services. The system should provide graceful degradation, preserving critical functionality and ensuring public trust in the resilience and reliability of digital mobility infrastructure. This is about more than just convenience; it's about safety.

In an emergency, the ability to access a vehicle can be life-saving. This scenario underscores the need for a digital car key system that can withstand adverse conditions and continue to function when traditional infrastructure is compromised. This may involve designing the system to operate independently of central servers or relying on alternative communication channels when network connectivity is disrupted.

Graceful degradation is key here. The system should prioritize essential functions, such as unlocking and starting the vehicle, even if other features are temporarily unavailable. This ensures that users can still access critical services when they need them most. Furthermore, the system should be designed to recover quickly and seamlessly once the emergency situation has passed, restoring full functionality without requiring manual intervention.

Scenario 4: Rapid Recovery After Outage

Description: After a temporary outage or low-power situation, the system needs to quickly restore full digital key functionality once your phone has enough power or finds a local connection. You should experience seamless continuity without needing to do anything manually. Think of it as the system automatically picking up where it left off.

This scenario focuses on the user experience after a disruption. The system should be designed to automatically re-establish connectivity and restore full functionality once the underlying issue has been resolved. This requires a proactive approach to monitoring the status of the device and the network connection, as well as a robust mechanism for synchronizing data between the wallet and the vehicle.

Seamlessness is the key objective. Users should not be required to manually reconfigure their settings or re-establish connections. The system should handle the recovery process automatically, minimizing disruption and ensuring a consistent user experience. This includes promptly re-establishing access to all vehicle functions and restoring any settings or preferences that may have been temporarily lost.

Priority and Estimates

This is a Medium priority feature, and we estimate it will take 8-13 story points of effort. The complexity stems from the security requirements, the need for offline protocols, and the overall resilience that the system needs to demonstrate. It's not a simple task, but it's a crucial one.

Technical Notes and Constraints

Here are a few things we need to keep in mind:

• Device limitations: We want this to work on standard phones. Low-power and offline proximity support should be universally available. We shouldn't require expensive security hardware as a prerequisite for citizen services.
• Graceful degradation: Unlocking and starting the car must work with low or no battery. We also need fast recovery after an outage.

Dependencies

This builds upon previous work, specifically the user story and Wallet-to-Wallet interaction content from ARF Release v2.6.0. You can check out the details here: https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/issues/78

In Conclusion: Building a More Reliable Digital Future

Guys, the ability to access your car with a digital key, even when your phone is out of battery or offline, is a game-changer. It's about building a more reliable and user-friendly digital future for mobility. By addressing these scenarios and technical constraints, we can create a system that is not only convenient but also safe and resilient. Let's keep the conversation going and work together to make this a reality!