The industry association that maintains the Qi specification for wireless charging, the Wireless Power Consortium or WPC, doesn’t issue major updates very often, but when they do, it’s usually something major, like a big increase in power output, a large step up in efficiency or a significant new safety feature.
Take the last revision, for example. Released more than seven years ago, in 2015, Qi v1.2 extended charging beyond 5 watts, adding the ability to send up to 15 watts of power during a charge. It was the first substantial update to the specification since its introduction in 2010, and it suddenly made Qi a viable option for a much wider range of electronic devices.
Now, in 2022, it’s a similar story. Qi v1.3, which was recently made available for download from the WPC website, adds secure authentication between the transmitter (the charger) and the receiver (the device to be charged). It’s an important change, since it increases safety and creates a better charging experience, and because it changes how Qi devices are designed and certified.
Qi v1.3’s authentication is, in some ways, a logical extension of Qi v1.2, because Qi v1.3 adds an extra layer of protection when choosing the power level. Qi v1.3 defines two major power profiles: the Baseline Power Profile, which delivers up to 5 watts of output, and the Extended Power Profile, which delivers a maximum of 15 watts for what is called “fast charging”.
To safeguard devices and their users, the Extended Power Profile requires the use of hardware-based authentication. Before charging takes place, the receiver (the device to be charged) first confirms that it is interacting with a Qi-certified transmitter (the charging pad). Then, having authenticated the transmitter, the receiver requests the most appropriate and safest level of charging. If authentication fails, then the receiver can either cancel the request entirely or limit the amount of power it will accept.
Qi v1.3 authentication ensures that the transmitter and the receiver will work together as intended, with the expected level of charging output, so battery refills go smoothly. Authentication also helps avoid the risks of using non-certified chargers, which can permanently damage electronic components, make the device being charged too hot to touch, or, worse yet, start a fire.
The WPC’s Qi certification process already has strong industry support and is widely recognized for its commitment to safety. Even before the introduction of Qi v1.3, the certification process included a number of safety checks, so manufacturers who passed Qi certification could be confident that their devices implemented Qi’s various safety features correctly and consumers could be certain they were buying a quality build.
The introduction of Qi v1.3 changes the certification process, with additional steps to verify the new authentication algorithm. To pass Qi v1.3 certification, the Extended Power Profile must use a tamper-resistant subsystem that protects the private key and certificate used for authentication. More specifically, each wireless charger unit must contain a unique private key and a unique certificate, called the product unit certificate.
The product unit certificate must be issued by a provider who complies with the security requirements specified by the WPC, known as an Approved Manufacturer Certificate Authority Service Provider. Designing and implementing the necessary tamper-resistant subsystem, and then establishing a secure process for issuing and injecting product unit certificates, is a complex, time-consuming task, involving specialized techniques that are often unfamiliar to hardware and software developers.
This is where NXP comes in. We are an Approved Manufacturer CA Service Provider, and we offer a turnkey solution for Qi v1.3 certification, so it’s easy to deliver Qi-compliant devices that offer safe, satisfying charging experiences.
The diagram gives an overview of how the process works.
We issue a product unit certificate for each wireless charger. The certificate is signed by a manufacturer certificate authority, created specifically for the device manufacturer and itself signed by the WPC root certificate authority. The product unit certificate and its corresponding private key can be secured by the NXP EdgeLock SE05x secure element or the NXP EdgeLock A5000 secure authenticator, two WPC-compliant ICs. The EdgeLock SE05x and the EdgeLock A5000 store and protect the Qi private product unit key and certificate and support ECC NIST-256 for implementing Qi Authentication messages.
The EdgeLock A5000 is tailored for basic wireless charging, while the EdgeLock SE05x supports additional use cases, for devices that, in addition to wireless charging, also support features like secure connection to the cloud or interoperability with the new IP-based Matter specification for connectivity.
The hardware configuration includes an IoT applet for ECDSA and other cryptographic operations and is available with middleware that facilitates communication with the host. The EdgeLock SE05x and EdgeLock A5000 use the I2C protocol, so they can be attached to just about any microcontroller or microprocessor and are tailored for device authentication, so they deliver optimal performance while minimizing the amount of computing resources required on the host.
Example source code and documentation, supplied with the EdgeLock SE05x and EdgeLock A5000, gives developers a head start on charger design and makes it easier to pass certification. Also, as part of NXP’s EdgeLock 2GO service, we can provision the EdgeLock SE05x or EdgeLock A5000 with the private product unit keys and certificates required for Qi authentication. There’s no need to establish a costly and complex PKI infrastructure, and charger production can take place in third-party facilities without adding security risk.
Having a stable, carefully maintained specification, backed by a solid program for certification, has helped Qi become the de facto standard for wireless charging. The Qi format is already used by millions and millions of people around the world every day, as a convenient way to top up the batteries in their smartphones, mobile accessories and small appliances.
Now, with the power profiles and secure authentication defined in Qi v1.3, the charging experience can be safer and more enjoyable than ever before. The new mandate for hardware-based authentication is, admittedly, a significant change in terms of design, test and certification, but with turnkey solutions like ours, manufacturers can move quickly to meet the new requirements.
To learn more about our security and authentication solutions for Qi charging and other IoT applications, visit www.nxp.com/iotsecurity and www.nxp.com/iotsecurityusecase.
Beatrice Arnaud is Senior Marketing Manager and part of the IoT Security team at NXP Semiconductors. With demonstrated experience in go-to-market strategy, strategic partnerships and marketing of complex hardware and software security solutions for devices, she is driving NXP’s secure service offering for Smart Home, Mobile, Gaming and Computing Accessories segments.
Julien Delplancke is Senior Product Manager at NXP Semiconductors. As part of the IoT security team, he is driving NXP’s secure service offering for IoT products and collaborating with device manufacturers, service providers and cloud providers in order to help NXP customers to protect their devices and services.