RFID authentication

RFID authentication is a user identification method that allows an EV driver to start (and sometimes stop) a charging session by tapping an RFID card or key fob on a charger’s RFID reader. The charger or backend system verifies the RFID token against an approved user list (local or cloud-based) and then authorizes charging.

RFID is widely used in public, workplace, fleet, and residential charging because it is fast, simple, and works well in environments where app-based authentication is inconvenient.

Why RFID Authentication Matters

RFID authentication supports controlled access, accurate billing, and operational management:

– Prevents unauthorized use of private or semi-private chargers
– Enables billing by user, cost center, fleet vehicle, or tenant
– Supports roaming access when RFID cards are issued by an eMSP
– Improves user experience for repeat users (tap-and-charge simplicity)
– Provides traceability for revenue reporting, refunds, and dispute handling

For fleets and workplaces, RFID often remains the most practical daily authentication method.

How RFID Authentication Works

A typical RFID authentication flow includes:

– The driver taps an RFID card on the charger
– The charger reads the card’s unique identifier (token/UID)
– The charger sends an authorization request to the backend via OCPP (or checks a local whitelist)
– The backend validates the token and returns Accepted or Rejected
– If accepted, the charger unlocks the connector (if applicable) and starts the session
– Session records are linked to that RFID identity for billing and reporting

In roaming scenarios, token validation may be handled through an eMSP and exchanged via OCPI.

Common RFID Use Cases

– Public charging for frequent users, subscription plans, and roaming access
– Workplace charging for employee access and cost allocation
– Fleet depots to ensure correct vehicle/driver attribution
– Multi-tenant buildings where each resident is assigned an RFID token
– Offline or low-connectivity sites using local authorization lists

Online vs Offline RFID Authorization

RFID authentication can be implemented in two main ways:

– Online authorization
– Token is checked in real time against a backend database
– Best for dynamic permissions, roaming, and accurate control

– Offline authorization (local whitelist)
– Charger stores a list of allowed RFID tokens locally
– Useful for resilience when connectivity is poor, but requires token management and updates

Some operators use a hybrid model: online by default, offline fallback if the network is unavailable.

RFID Security and Operational Considerations

– Basic RFID tokens can be copied more easily than app-based credentials, so token policies matter
– Token lifecycle management is essential: issuing, blocking, replacing lost cards, and auditing usage
– For roaming, mismatched token formats or provider mapping errors can cause failed authorizations
– If the RFID reader is poorly positioned or weather-exposed, user experience can suffer
– Clear signage improves success rate and reduces support calls