Secure synchronization of cloud vaults for mobile applications for automotive telematics.

JP2026097752APending Publication Date: 2026-06-16TOYOTA MOTOR NORTH AMERICA INC

Patent Information

Authority / Receiving Office
JP · JP
Patent Type
Applications
Current Assignee / Owner
TOYOTA MOTOR NORTH AMERICA INC
Filing Date
2025-11-25
Publication Date
2026-06-16

Smart Images

  • Figure 2026097752000001_ABST
    Figure 2026097752000001_ABST
Patent Text Reader

Abstract

Establish a secure connection between the host platform's telematics system and the mobile application. [Solution] An exemplary operation includes one or more of the following: establishing a secure channel between the host platform and the vehicle based on a TLS handshake between the host platform and the vehicle; downloading an authorization code to the vehicle through this secure channel; receiving the authorization code from a mobile application installed on a mobile device and having a decryption key; encrypting a secret that the mobile application uses to communicate with the host platform using an encryption key corresponding to the decryption key; transmitting the encrypted secret from the host platform to the mobile application; and establishing a connection between the host platform and the mobile application based on the secret.
Need to check novelty before this filing date? Find Prior Art

Claims

1. The steps include establishing a secure channel between the host platform and the vehicle based on a transport layer security (TLS) handshake between the host platform and the vehicle, The steps include downloading an authorization code to the vehicle through the secure channel between the host platform and the vehicle, A step of receiving the authorization code from a mobile application installed on a mobile device, wherein the mobile application includes a decryption key, The steps include: encrypting a secret that the mobile application uses to communicate with the host platform using an encryption key corresponding to the decryption key; The steps include transmitting the encrypted secret from the host platform to the mobile application, Based on the aforementioned secret, the steps include establishing a connection between the telematics system of the host platform and the mobile application, and Methods that include...

2. The method according to claim 1, comprising: identifying the secret for the mobile application from a vault on the host platform based on the identifier of the mobile application; and retrieving the secret from the vault after receiving the authorization code from the mobile application installed on the mobile device.

3. The method according to claim 1, wherein the sending step includes sending the encrypted secret to the mobile application after the mobile application has already been run on the mobile device.

4. The method according to claim 1, wherein the establishing step includes receiving a decrypted secret from the mobile application, using the decrypted secret to connect the mobile application to an application programming interface (API) associated with the telematics system on the host platform, and downloading telematics data from the telematics system to the mobile application via the API.

5. The method according to claim 1, wherein the establishing step includes receiving a decrypted secret from the mobile application, logging the mobile application to a database associated with the telematics system on the host platform based on the decrypted secret, and downloading telematics data from the database to the mobile application.

6. The method according to claim 1, wherein the step of receiving the authorization code includes receiving a Certificate Signing Request (CSR) message from the mobile application along with vehicle data, the CSR message includes the cryptographic key corresponding to the decryption key.

7. The steps include encrypting a digital certificate for the mobile application to generate an encrypted digital certificate, The method according to claim 1, wherein the transmission step includes simultaneously transmitting the encrypted digital certificate and the encrypted secret to the mobile application.

8. Memory and At least one processor communicatively coupled to the memory and A system equipped with, The at least one processor is A secure channel is established between the host platform and the vehicle based on a Transport Layer Security (TLS) handshake between the host platform and the vehicle. The authorization code is downloaded to the vehicle through the secure channel between the host platform and the vehicle. The authorization code is received from a mobile application installed on a mobile device and containing a decryption key. Using the encryption key corresponding to the decryption key, the secret that the mobile application uses to communicate with the host platform is encrypted. The encrypted secret is transmitted from the host platform to the mobile application. A system configured to establish a connection between the telematics system of the host platform and the mobile application based on the aforementioned secret.

9. The system according to claim 8, wherein the at least one processor is further configured to identify the secret for the mobile application from a vault on the host platform based on an identifier of the mobile application, and to retrieve the secret from the vault after receiving the authorization code from the mobile application installed on the mobile device.

10. The system according to claim 8, wherein the at least one processor is configured to transmit the encrypted secret to the mobile application after the mobile application has already been executed on the mobile device.

11. The system according to claim 8, wherein the at least one processor is configured to receive a decrypted secret from the mobile application, to use the decrypted secret to connect the mobile application to an application programming interface (API) associated with the telematics system on the host platform, and to download telematics data from the telematics system to the mobile application via the API.

12. The system according to claim 8, wherein the at least one processor is configured to receive a decrypted secret from the mobile application, log the mobile application to a database associated with the telematics system on the host platform based on the decrypted secret, and download telematics data from the database to the mobile application.

13. The system according to claim 8, wherein the at least one processor is configured to receive a Certificate Signing Request (CSR) message from the mobile application along with vehicle data, and the CSR message includes the cryptographic key corresponding to the decryption key.

14. The system according to claim 8, wherein the at least one processor is further configured to encrypt a digital certificate for the mobile application to generate an encrypted digital certificate, and to simultaneously transmit the encrypted digital certificate and the encrypted secret to the mobile application.

15. A computer-readable storage medium containing instructions, When the aforementioned instruction is read by the processor, the processor will: The steps include establishing a secure channel between the host platform and the vehicle based on a transport layer security (TLS) handshake between the host platform and the vehicle, The steps include downloading an authorization code to the vehicle through the secure channel between the host platform and the vehicle, A step of receiving the authorization code from a mobile application installed on a mobile device, wherein the mobile application includes a decryption key, The steps include: encrypting a secret that the mobile application uses to communicate with the host platform using an encryption key corresponding to the decryption key; The steps include transmitting the encrypted secret from the host platform to the mobile application, Based on the aforementioned secret, the steps include establishing a connection between the telematics system of the host platform and the mobile application, and A computer-readable storage medium that enables execution of [something].

16. The computer-readable storage medium according to claim 15, wherein the processor is further configured to identify the secret for the mobile application from a vault on the host platform based on the identifier of the mobile application, and to retrieve the secret from the vault after receiving the authorization code from the mobile application installed on the mobile device.

17. The computer-readable storage medium according to claim 15, wherein the transmitting step includes transmitting the encrypted secret to the mobile application after the mobile application has already been executed on the mobile device.

18. The computer-readable storage medium according to claim 15, wherein the establishing step includes receiving a decrypted secret from the mobile application, using the decrypted secret to connect the mobile application to an application programming interface (API) associated with the telematics system on the host platform, and downloading telematics data from the telematics system to the mobile application via the API.

19. The computer-readable storage medium according to claim 15, wherein the establishing step includes receiving a decrypted secret from the mobile application, logging the mobile application to a database associated with the telematics system on the host platform based on the decrypted secret, and downloading telematics data from the database to the mobile application.

20. The computer-readable storage medium according to claim 15, wherein the step of receiving the authorization code includes receiving a Certificate Signing Request (CSR) message from the mobile application along with vehicle data, the CSR message includes the encryption key corresponding to the decryption key.

21. A computer program that includes instructions, When the aforementioned instruction is read by the processor, the processor will: The steps include establishing a secure channel between the host platform and the vehicle based on a transport layer security (TLS) handshake between the host platform and the vehicle, The steps include downloading an authorization code to the vehicle through the secure channel between the host platform and the vehicle, A step of receiving the authorization code from a mobile application installed on a mobile device, wherein the mobile application includes a decryption key, The steps include: encrypting a secret that the mobile application uses to communicate with the host platform using an encryption key corresponding to the decryption key; The steps include transmitting the encrypted secret from the host platform to the mobile application, Based on the aforementioned secret, the steps include establishing a connection between the telematics system of the host platform and the mobile application, and A computer program that executes something.