Multiple Electric Fleet Vehicles in a Row

OCPP Security and Security Profiles

Ampcontrol ensures the highest security standards for OCPP connections, protecting data and verifying system authenticity

REQUEST A DEMO
OCPP Secure Communication

Highest security profiles for data protection and secure transport

Ampcontrol secures OCPP communications with TLS (Security Profile 2), encrypting data during transmission. Mutual TLS (mTLS) authentication (Security Profile 3) ensures mutual verification of central systems and charge points, preventing interception and unauthorized access.

  • Data encrypted via TLS 1.3 (HTTPS and WSS)
  • Prevents unauthorized access
  • Ensures server authentication
  • truck driver in cabin close up on wheel
    Trusted By Customers
    Across Industries
    Mutual Authentication and PKI

    Verified security with mTLS and PKI infrastructure

    Mutual TLS authenticates both central systems and charge points with digital certificates, safeguarding against man-in-the-middle attacks. Ampcontrol leverages Public Key Infrastructure (PKI) to validate certificates through trusted Certificate Authorities (CAs), ensuring both message integrity and non-repudiation.

  • Prevents man-in-the-middle attacks
  • Authenticated data origin
  • Secure certificate management
  • truck driver in cabin close up on wheel
    Additional Security Measures

    Multi-layer protection for secure WebSocket, VPN, and cloud access

    Ampcontrol secures WebSocket connections and supports VPN use, reducing vulnerabilities by preventing open ports for inbound traffic. Cloud software is safeguarded through HTTPS, TLS 1.3, SSO with 2 step verification. Admins utilize Role-Based Access Control (RBAC), allowing role-specific access to reduce potential exposure to unauthorized users.

  • VPN and secure WebSocket
  • TLS 1.3 and HTTPS encrypted
  • RBAC limits access
  • Multi-layer protection for secure WebSocket, VPN, and cloud access
    Multi-layer protection for secure WebSocket, VPN, and cloud access

    Customer Stories

    How Takealot and Aeversa Achieve up to 65% Reduction in Energy Costs for Electric Fleets

    How Takealot and Aeversa Achieve up to 65% Reduction in Energy Cost for Electric Fleets

    Geotab’s Platform Enhanced by Smart EV Charging Solutions

    Geotab Marketplace leads the way for connecting fleet telematics and smart charging

    WattEV achieves operational excellence for EV truck charging sites

    WattEV uses Ampcontrol’s software to reduce the total peak power demand and ensure high availability of the charging infrastructure for the fleets.

    7Gen Offers AI-Powered Charging Management for Turnkey Solutions

    7Gen electrifies Canadian EV fleets with Ampcontrol charging management software

    Electrada AI-Powered EV Automatic Load Management

    Learn how Electrada uses AI-powered EV automatic load management system to lower operational costs for their fleets and customers in this case study.

    Aeversa Overcomes Grid Capacity Using Load Management Software

    Aeversa uses Ampcontrol for the energy flow and monitoring the charger uptime of electric fleet depots in South Africa.

    Revel uses AI-powered solutions to increase fleet efficiency

    Revel uses Ampcontrol’s software to reduce fuel costs and provide public charging access.

    FAQs

    What are the primary security profiles supported by Ampcontrol for OCPP connections?

    Ampcontrol supports Security Profile 2 (Secure Transport Layer - TLS) and Security Profile 3 (Mutual TLS - mTLS) for OCPP connections. These profiles enable secure, encrypted data transmission and mutual authentication between charge points and the central system.

    How does Security Profile 2 ensure data protection in OCPP connections?

    Security Profile 2 uses HTTPS and TLS protocols to encrypt data, preventing interception during transmission. This profile includes server-side authentication, where the charge point verifies the identity of the central system to ensure it’s connecting to an authorized source.

    What additional security benefits does Security Profile 3 provide?

    Security Profile 3, which uses Mutual TLS (mTLS), enables mutual authentication, meaning both the central system and charge points verify each other’s digital certificates. This two-way authentication prevents unauthorized access and helps guard against man-in-the-middle attacks.

    What is the role of Public Key Infrastructure (PKI) in Ampcontrol’s OCPP security?

    Ampcontrol leverages PKI to issue and validate digital certificates through trusted Certificate Authorities (CAs). This approach ensures that both the central system and charge points communicate securely, confirming data origin and message integrity.

    How does Ampcontrol secure WebSocket connections for OCPP?

    Ampcontrol uses secure WebSocket connections to safeguard data transmission between chargers and the central system. Additionally, Ampcontrol supports secure VPN connections to avoid the need for open ports, enhancing security and reducing vulnerability to attacks.

    What user access controls are implemented in Ampcontrol’s system for additional security?

    Ampcontrol employs Role-Based Access Control (RBAC) for admin users. RBAC restricts user access based on roles, ensuring that only authorized users can access sensitive functions and reducing the risk of unauthorized access within the platform.

    Questions About Ampcontrol?