OCPP Security and Security Profiles
Ampcontrol ensures the highest security standards for OCPP connections, protecting data and verifying system authenticity.
Highest security profiles for data protection and secure transport
Ampcontrol secures OCPP communications with TLS (Security Profile 2), encrypting data during transmission. Mutual TLS (mTLS) authentication (Security Profile 3) ensures mutual verification of central systems and charge points, preventing interception and unauthorized access. Using HTTPS/TLS, data is encrypted for both transport and server-side authentication, confirming each party’s identity.
Across Industries
.png)
.png)
.png)
.png)
Verified security with mTLS and PKI infrastructure
Mutual TLS authenticates both central systems and charge points with digital certificates, safeguarding against man-in-the-middle attacks. Ampcontrol leverages Public Key Infrastructure (PKI) to validate certificates through trusted Certificate Authorities (CAs), ensuring both message integrity and non-repudiation. Certificate management supports installation, renewal, and revocation to maintain secure, up-to-date authentication.
Multi-layer protection for secure WebSocket, VPN, and cloud access
Ampcontrol secures WebSocket connections and supports VPN use, reducing vulnerabilities by preventing open ports for inbound traffic. Cloud software is safeguarded through HTTPS, TLS 1.3+, SSO, and password protection. Admins utilize Role-Based Access Control (RBAC), allowing role-specific access to reduce potential exposure to unauthorized users.
How Takealot and Aeversa Achieve up to 65% Reduction in Energy Cost for Electric Fleets
Geotab Marketplace leads the way for connecting fleet telematics and smart charging
WattEV uses Ampcontrol’s software to reduce the total peak power demand and ensure high availability of the charging infrastructure for the fleets.
7Gen electrifies Canadian EV fleets with Ampcontrol charging management software
Learn how Electrada uses AI-powered EV automatic load management system to lower operational costs for their fleets and customers in this case study.
Aeversa uses Ampcontrol for the energy flow and monitoring the charger uptime of electric fleet depots in South Africa.
Revel uses Ampcontrol’s software to reduce fuel costs and provide public charging access.
Optimize Your Electric Fleet Operations
Learn More About Ampcontrol’s Peak Shaving Functionality
Ampcontrol supports Security Profile 2 (Secure Transport Layer - TLS) and Security Profile 3 (Mutual TLS - mTLS) for OCPP connections. These profiles enable secure, encrypted data transmission and mutual authentication between charge points and the central system.
Security Profile 2 uses HTTPS and TLS protocols to encrypt data, preventing interception during transmission. This profile includes server-side authentication, where the charge point verifies the identity of the central system to ensure it’s connecting to an authorized source.
Security Profile 3, which uses Mutual TLS (mTLS), enables mutual authentication, meaning both the central system and charge points verify each other’s digital certificates. This two-way authentication prevents unauthorized access and helps guard against man-in-the-middle attacks.
Ampcontrol leverages PKI to issue and validate digital certificates through trusted Certificate Authorities (CAs). This approach ensures that both the central system and charge points communicate securely, confirming data origin and message integrity.
Ampcontrol uses secure WebSocket connections to safeguard data transmission between chargers and the central system. Additionally, Ampcontrol supports secure VPN connections to avoid the need for open ports, enhancing security and reducing vulnerability to attacks.
Ampcontrol employs Role-Based Access Control (RBAC) for admin users. RBAC restricts user access based on roles, ensuring that only authorized users can access sensitive functions and reducing the risk of unauthorized access within the platform.
Questions About Ampcontrol?
Office 503
New York, NY
10001