Connected Car Infotainment Security

The ability to deliver High Definition and 4K streaming content services into vehicleis expected to provide a strong growth platform for automotive OEMs. To meet the requirements of the Content Service Providers, OEMs will need to implement advanced in-vehicle security for infotainment systems and Digital Rights Management (DRM) schemes to protect these high value assets. 

Secure Android IVI

Delivering secure advanced infotainment experiences on Android. 

Android Automotive is now a main-stream platform for delivering advanced IVI experiences. Designed to be regularly updated, Android Automotive supports the delivery of advanced user experiences that will evolve throughout a vehicle’s life-time, as well as support completely new experiences that will be deployed in the future.  

However, it is not enough to just leverage Android as a platform. To meet Google’s certification requirements (CTS), the platform needs to be secured using a Trusted Execution Environment (TEE) to ensure that it provides the highest level of security possible.    

  • Android Secure Boot 
  • Anti-Rollback protection 
  • Hardware-backed Keystore 
    • Key Attestation 
    • Version Binding 
  • Cryptographic Key Storage (using the Android KeyMaster/KeyMint Trusted Application) 
  • User Authentication (using the Android Gatekeeper Trusted Application)  
    • PIN/Pattern/Password/Biometrics  
    • Hardware backed Authentication Tokens  
  • File Based Encryption  
    • Metadata Encryption  
  • Support for Trusted Applications that support feature such as Widevine Level 1 DRM, Biometric authentication and much more. 

Rear Seat Entertainment

The importance Rear Seat Entertainment (RSE) is rising. Rideshare and 4G & 5G streaming services have experienced massive growth to allow high quality content services to passengers.  

Likewise, rideshare companies want to take advantage of the rear screens as a platform for delivering value added and transaction-based services within the vehicle.  However, these services now require advanced content and payment protection solutions.   

For example, HD content streaming services require the highest level of security provided by different DRM schemes, in order to protect the high value assets being streamed into the vehicle.  

As the range of content and services delivered to rear seat entertainment systems increases so will the requirement for robust security capabilities that can support and protect multiple users and their personal date and information. 

Trustonic’s Kinibi not only provides the connected car security capabilities required by these services, it also supports multiple displays from a single instance.  This can simplify the architecture design for the tier 1s / OEM as well as ensuring that costs are for such systems are kept to a minimum.    


Trustonic’s TEE can be used to support the advanced DRM schemes required for High Definition (HD) content streaming. 

Multimedia capabilities of in-vehicle infotainment systems continue to evolve, and they are capable of supporting the HD content services that consumers have become accustomed to. However, HD services require more advanced security capabilities to be implemented within the vehicle.  

Kinibi  is a commercial grade security solution that meets the requirements of Content Service Providers (CSP) to support their HD streaming services such as Microsoft PlayReady, Widevine and regional solutions such as China DRM.   

We are integrated with SVP on the silicon where available and can support HDCP transmission protocol standards on schemes we support:

Voice Assistants for Automotive

Over the last few years Voice Assistants such as Amazon Alexa, Google Assistant and Apple’s Siri, have started to play an important role in the automotive industry.  

OEMs can now add their own custom extensions, which enable deeper and richer integration into the vehicle systems with our compliant TEE.   

In addition to the services available through your PC, Smart Speaker or phone, voice assistants play an important role in simplifying the in-vehicle experience. They support the discovery of new features within the vehicle as well as safety, since the driver does not need to take their eyes off the road. 

As voice assistants become more widespread and have access to vehicle data, so does the need to ensure that they are fully protected – which must include the core platforms that they are integrated into.   

Features such as secure boot, advanced protection and hardware-backed roots of trust are becoming standard requirements.  These help to protect the instance running inside the vehicle and the communication with the cloud platforms.   

Alexa for Automotive

Amazon has updated its Device Security Requirements for Alexa built-in products with the new requirements effective since 1st August 2021. These requirements significantly increase the level of protection required. They underline Amazon’s commitment to protecting users and their data irrespective of how they engage with Amazon services. 

OEMs wishing to put the Android badge on their devices or make use of Google services (such as Google Maps) have been making use of security technologies such as Trusted Execution Environments to pass Android Certification Tests.  

Amazon has now done something similar for Alexa-enabled devices, and have come up with a strong list of requirements an OEM has to meet – including secure key storage and certification from a 3rd party lab.  

In-Vehicle Payments Set To Grow Rapidly

The concept of enabling an intelligent vehicle to directly transact with the world around it has been gaining momentum.  Although the Automotive and Financial Services industries operate in very different ways, there have already been multiple trials of different payment systems that have proven both the technology and the benefits that it can deliver for drivers and passengers alike.  

There is a strong opportunity for in-vehicle payments to create new digital revenue streams for OEMs through a wide range of use cases.  Juniper Research estimates that by 2025 the value of payments generated in-vehicle will exceed $85Bn.  Whilst the US and Western Europe are expected to lead this trend it is anticipated that it will have a positive impact in all geographic markets. The key use cases for in-vehicle payments include: 

  • Automated toll collection
  • Smart parking
  • Pay-at-the-pump
  • Voice commerce