EV charging trust depends on PKI, interoperability, and identity

At a glance

What this is: This is DigiCert’s analysis of how EV charging scales only when availability, interoperability, and digital trust are designed together.

Why it matters: It matters to IAM, NHI, and platform security teams because charger-to-vehicle authentication depends on certificate lifecycle governance, not just network availability.

By the numbers:

• Ohio broke ground on the first NEVI-funded EV charging station in October 2023, but 25 other states are poised to begin building stations of their own along nearly 80,000 miles of designated alternative fuel corridors.

👉 Read DigiCert's analysis of secure EV charging, PKI, and digital trust

Context

EV charging infrastructure is a trust problem as much as it is a deployment problem. Chargers must be available where drivers need them, but they also need interoperable identity and payment flows that can be authenticated without creating brittle user journeys. The primary security issue here is not consumer identity in the classic IAM sense, but device identity and certificate-backed trust across vehicles, chargers, and backend systems.

That makes this a useful analogue for NHI governance. Public infrastructure succeeds only when credentials, certificates, and provisioning flows are managed across a distributed ecosystem, which is the same operational pattern identity teams see in workload identity and machine identity programmes. The article’s emphasis on availability, interoperability, and trust maps directly to how organisations should think about lifecycle control for non-human identities.

Key questions

Q: How should organisations govern certificate-based device identity in connected infrastructure?

A: They should treat every certificate as a governed identity with an owner, lifecycle state, and revocation path. That means defining issuance policy, monitoring expiry, and validating trust across all dependent systems, not just at initial onboarding. If a device identity cannot be reliably revoked or rotated, it is not truly controlled.

Q: Why does interoperability increase identity risk in machine-to-machine environments?

A: Interoperability increases risk because multiple parties must agree on trust without sharing one admin domain. Each new connection expands the number of certificate authorities, policy boundaries, and validation checks. Without common governance, organisations get cross-system access that works operationally but is difficult to attest, revoke, or audit.

Q: What breaks when machine identity is treated as an infrastructure detail?

A: What breaks is accountability. If identity is buried inside the infrastructure stack, teams lose visibility into who issued the certificate, who can revoke it, and whether the trust chain is still valid. That creates hidden exposure when devices are replaced, partners change, or configurations drift.

Q: How do you know if a shared trust model is actually working?

A: You know it is working when devices authenticate consistently across environments, expired credentials are removed on schedule, and failed trust events are visible before users notice them. The real signal is not scale alone, but whether the ecosystem can verify identity without manual exceptions or brittle one-off fixes.

Technical breakdown

PKI and Plug & Charge identity flow

Public key infrastructure, or PKI, establishes trust by using certificates to confirm that a vehicle and charger are legitimate participants in the session. In Plug & Charge, this happens automatically when the EV connects, allowing the charger to validate the car and the car to validate the charging infrastructure. The value is not just authentication but predictable trust at machine speed. ISO 15118-2 certificates are the mechanism that lets EV ecosystems scale without relying on manual user actions for every session.

Practical implication: certificate issuance, renewal, and revocation must be governed like any other production identity lifecycle.

Interoperability depends on standardised trust anchors

Interoperability in EV charging is not only about plug shape or app compatibility. It also depends on common trust anchors that allow multiple manufacturers and charging networks to recognise each other’s identities. Without that, every ecosystem becomes a closed loop and every session needs custom onboarding. The article’s reference to an unaffiliated root of trust shows why shared trust infrastructure matters: it reduces fragmentation while preserving verification across brands and systems.

Practical implication: standardise identity trust boundaries before expanding multi-party charging or federated device access.

Why charger security is identity security

A charging session is a machine-to-machine trust transaction. The charger must trust the vehicle, the vehicle must trust the charger, and backend services must trust both enough to handle energy delivery and payment. That makes charger security an identity problem, not just an equipment problem. If the certificate chain is weak, the trust model fails even if the physical charger is intact. This is the same pattern security teams face when workload identity is treated as an afterthought instead of a control plane.

Practical implication: apply identity governance to charging ecosystems with the same rigor used for workload and service account access.

NHI Mgmt Group analysis

Digital trust is the control plane for EV charging, not an optional layer. The article shows that availability and interoperability only become usable when the trust model is strong enough to support machine authentication at scale. That is the same governance lesson identity teams learn with NHI programmes: distributed access is useful only when credential issuance, validation, and revocation are predictable. The practitioner conclusion is that infrastructure scale and identity assurance must be designed together.

Certificate lifecycle discipline is the real differentiator in connected infrastructure. The EV charging model depends on identities that can be issued, tested, deployed, and trusted across organisations and device types. That is the same operational burden seen in workload identity and machine identity governance, where rotation and expiry failures create hidden fragility. Practitioners should treat certificate lifecycle as a core control surface, not an administrative back office task.

Standardised trust anchors reduce fragmentation but do not remove governance responsibility. A shared root of trust makes cross-ecosystem charging possible, but it does not eliminate the need for ownership, policy, and revocation oversight. In identity terms, federation solves interoperability while lifecycle governance still determines whether trust remains valid. The practitioner takeaway is that common standards only work when there is an accountable operating model behind them.

EV charging exposes a useful identity analogy for NHI governance. A charger session looks physical, but the actual risk boundary is digital identity, certificate trust, and backend authorisation. That mirrors how many NHI and machine identity controls fail when teams focus on the asset rather than the identity relationship. The field should read this as evidence that trust infrastructure, not device count alone, determines whether scale is sustainable.

From our research:

• 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, according to The State of Non-Human Identity Security.
• Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities.
• For deeper lifecycle context, The State of Non-Human Identity Security shows why visibility gaps and trust gaps tend to appear together.

What this signals

Shared trust models will keep expanding beyond traditional IAM boundaries. EV charging is a reminder that identity governance is increasingly embedded in devices, infrastructure, and partner ecosystems, not just user directories. Teams that already struggle with certificate and workload lifecycle control should expect the same governance pressure wherever authentication happens between machines.

Machine identity programmes need measurable ownership, not just inventory. The operational question is whether a trust relationship can be issued, validated, expired, and revoked without manual intervention. That is exactly the kind of discipline that separates a maintained identity estate from a growing collection of unmanaged credentials.

The most useful next step for practitioners is to align device trust, certificate lifecycle, and revocation monitoring under one operating model. In practice, that means applying identity governance to physical infrastructure with the same seriousness already expected in NHI and workload identity programmes.

For practitioners

• Map charger identities as managed production identities Inventory every vehicle, charger, and backend certificate trust relationship, then assign clear ownership for issuance, renewal, and revocation across the full lifecycle.
• Define shared trust anchors before ecosystem expansion Set the root of trust, certificate policies, and validation rules before onboarding new manufacturers, roaming partners, or payment integrations.
• Treat interoperability as a governance requirement Test cross-vendor charging flows for authentication, certificate acceptance, and fallback behaviour, not just electrical compatibility and app usability.
• Build revocation and expiry into operational monitoring Monitor for expired, untrusted, or inconsistent certificates the same way you would monitor for stale service accounts or abandoned workload credentials.

Key takeaways

• EV charging succeeds only when availability, interoperability, and digital trust are designed as one system.
• PKI and certificate lifecycle management are the identity controls that make Plug & Charge scalable and auditable.
• Security teams should govern charging ecosystems like machine identity estates, with ownership, expiry, and revocation built into operations.

Key terms

• Public Key Infrastructure (PKI): PKI is the system that uses cryptographic keys and certificates to prove that a device, service, or user is legitimate. In machine identity programmes, PKI is the trust backbone that lets systems authenticate without relying on shared secrets or manual approval for every connection.
• Certificate Lifecycle Management: Certificate lifecycle management is the process of issuing, distributing, renewing, rotating, and revoking certificates before trust breaks down. In connected infrastructure, it is the control that keeps machine identity valid across hardware replacement, partner changes, and expiry events.
• Root Of Trust: A root of trust is the authoritative starting point that other identities and certificates rely on for validation. In distributed ecosystems, it determines which parties can establish trust, which can be revoked, and how consistent authentication remains across vendors and environments.
• Machine Identity: Machine identity is the set of credentials and trust relationships used by devices, workloads, and services to authenticate to one another. Unlike human identity, it is often automated, distributed, and high-volume, which makes lifecycle governance and revocation discipline essential.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by DigiCert: The keys to unlocking secure, sustainable EV charging. Read the original.