Back to Case Studies
Digital Car Key

Chery Digital Car Key: Building a Multi-Standard Platform for Full Vehicle-Line Deployment

Chery deployed digital car keys across 20 production vehicle models, supporting every major industry standard and every mainstream mobile wallet ecosystem. To date, more than 3 million digital keys have been issued across the platform.

Client
Chery Automobile
Product Line
Mobile Credentials
Industry
Automotive
Published
2022-11-29
CHALLENGE
  • Fragmented standards. CCC, ICCOA, and ICCE each require different PKI, cryptography, applets, and certification flows.
  • Three radios. One access system. NFC, BLE, and UWB must operate together as a unified vehicle experience.
  • Full wallet ecosystem support. Apple Wallet and mainstream Android OEM wallets must work seamlessly across regions and devices.
  • Platform-scale integration. Multiple Tier 1 suppliers, SE chips, ECUs, and OTA cadences cannot be managed with per-model rebuilds.
20
PRODUCTION VEHICLE MODELS
3M+
DIGITAL KEYS ISSUED
10
Mobile OEM Ecosystems Supported (Apple + 9 Android OEMs)
8
SE CHIP VARIANTS SUPPORTED

1. Customer Context

Chery approached digital car keys as a platform capability from day one — not a flagship demo, not a limited rollout.

The goal was clear: support the entire vehicle lineup, every mainstream mobile ecosystem, and every major digital-key standard without locking the platform to a single hardware vendor.

The challenge was never whether a phone could unlock a car.

It was whether vehicle hardware, mobile wallets, wireless protocols, security standards, assembly-line provisioning, and OTA operations could all operate together at production scale. If any layer failed to integrate, digital keys would remain a prototype feature instead of a deployable platform capability.

Chery chose the most demanding path from the start: no phased rollout, no flagship-only deployment. Every vehicle model would support every major standard and every mainstream phone ecosystem at launch.

2. Challenges

2.1 Fragmented standards ecosystem

CCC, ICCOA, and ICCE each define different PKI structures, cryptography models, applets, and certification flows.

Apple Wallet requires CCC and MFi certification. Android OEM wallets align around ICCOA and ICCE. Meanwhile, proprietary BLE-based vehicle access systems still coexist across the industry.

Supporting the full mobile ecosystem means operating all of these in parallel — even though their trust chains, key systems, and provisioning models do not naturally interoperate.

2.2 Three radios operating as one system

NFC enables tap-to-unlock. BLE handles discovery, wake-up, and data transport. UWB enables secure ranging and passive entry.

Each radio introduces its own integration model across the vehicle and the phone. In production, all three must behave as one seamless vehicle access experience.

2.3 Full mobile ecosystem coverage

Digital keys only become a production feature when they work across the entire mobile ecosystem — not only on selected devices.

Apple operates its own security domain and MFi certification pipeline. Android OEMs maintain independent wallet stacks and onboarding requirements.

Production deployment therefore requires parallel integration across multiple mobile ecosystems at the same time.

2.4 Platform-scale integration

Different vehicle programs use different SE chips, MCUs, ECUs, and Tier 1 suppliers, each with independent OTA cadences.

A per-model integration approach would never scale across the lineup. Digital keys had to become a reusable platform capability instead of a vehicle-by-vehicle project.

3. The Solution

3.1 One cloud security infrastructure for every standard

CCC and ICCOA rely on certificate-chain trust models, while ICCE relies on symmetric-key architecture.

OnBoard™ unified both into a single security infrastructure:

  • PKI manages certificate hierarchies from Root CA to vehicle and phone
  • KMS manages ICCE key generation and distribution
  • All cryptographic material remains protected within HSM boundaries (FIPS 140-3 Level 3)

New standards extend the existing infrastructure instead of introducing parallel security stacks.

3.2 Parallel onboarding across mobile ecosystems

OnBoard™ delivered onboarding into Apple Wallet and mainstream Android OEM wallets in parallel, including SE applets, SDK integration, and certification support for CCC, ICCOA, and ICCE.

Apple required MFi certification, while each Android OEM maintained its own onboarding process and wallet architecture.

By operating both tracks simultaneously, Chery avoided certification-driven engineering bottlenecks and reduced rollout complexity across the vehicle lineup.

3.3 Reuse across chips and vehicle programs

Different vehicle models shipped with different SE chips and different combinations of supported standards.

OnBoard™ developed applets independently per standard and built a reusable cross-chip integration model on top:

  • validated chip-and-standard combinations reused existing applets directly
  • vehicle-specific differences were handled as incremental configuration
  • MCU integration and bring-up were standardized across the lineup

Digital-key updates were integrated into the existing vehicle OTA pipeline through the SEMS offline path (SCP11-C), rather than managed as standalone deployments.

3.4 Secure provisioning at assembly-line scale

Digital-key capability ultimately has to be provisioned into every vehicle leaving the production line.

SEMS manages security domains, applets, certificates, and key injection directly on the in-vehicle SE at manufacturing cadence.

Every provisioning operation is traceable and auditable.

This production-layer integration is what transformed digital keys from an engineering feature into a mass-production vehicle capability across the entire Chery lineup.

"What would normally require separate integrations across standards, mobile ecosystems, SE chips, and manufacturing was consolidated into one production platform. New vehicle programs now inherit the capability instead of rebuilding it."
— Chery × OnBoard™ delivery summary

4. Results

The Chery digital car key platform now operates in steady state across 20 production vehicle models, with more than 3 million digital key credentials issued to date.

Standards support, mobile OEM onboarding, wireless integration, and security infrastructure are consolidated at the platform layer — allowing new vehicle programs to inherit the capability instead of rebuilding it from zero.

METRIC RESULT
Vehicle models in production 20
Digital key credentials issued 3,000,000+
Standards supported CCC / ICCOA / ICCE / proprietary BLE
Wireless protocols supported NFC / BLE / UWB
Mobile ecosystem coverage Apple + 9 major Android OEMs
SE chip variants supported 8

Snowball Team
Team Member
LinkedIn
Founded in 2013, committed to driving scalable and sustainable industry growth through a trusted, future-ready security infrastructure. Snowball Technology’s core team comes from NXP’s security services group, bringing over a decade of experience in device security. The company currently has more than 100 employees, with over two-thirds in R&D. Snowball Technology is certified under international standards including ISO 9001, ISO 14001, and ISO 27001.
Building digital trust infrastructure for connected devices and credentials — backed by 13 years of expertise in digital credentials and cryptographic systems.
IoT Security
OverviewSecure Build & ReleaseFactory ProvisioningSBOM & VulnerabilitySecure Update & OTACompliance & DisclosureMatterGoogle Cast
Mobile Credentials
OverviewTransitAccessDigital Car Key
Resources
OverviewBlogCase Study
Company
About UsPartners
Privacy PolicyTerms Of ServiceCookie Policy
© 2026 Shanghai Snowball Digital Intelligence Technology Co., Ltd. All rights reserved.
EN
|
ZH