An Overview of the Qi2 Wireless Charging Authentication Process

This technical blog is part two of our summary series of the GRL exclusive technical webinar [Qi2: Pioneering a New Paradigm in Wireless Charging Accessibility]. Be sure to read part one for an overview of how Qi wireless charging standards have evolved and subscribe to our newsletter or follow us on LinkedIn to be alerted on our next free technical webinar session.

Introduction to Qi Authentication and why it is important

The “Qi” wireless charging standard developed by the Wireless Power Consortium (WPC) is currently one of the most widely recognised wireless charging standards within consumer electronics. Test coverage, particularly safety hazard tests offered within the Qi certification process helps to guarantee end user experience, especially given the recent proliferation of counterfeit products within the market. 

Unlike Qi certified products, counterfeits may charge slower than the standard 15W, if at all. In worse case scenarios, these products may damage smartphones or even overheat and create fire, shock and injury to the users of smartphone. To protect the Qi brand and safeguard end users, WPC has made it mandatory for all transmitter products offering charging speeds of 5W and above to support Qi authentication, starting from version 1.3. This article will explore how the authentication process’ inner workings and how it helps eliminate counterfeit products.

Qi wireless charging authentication

Following WPC’s mandate, all power transmitters which transfer above 5W of power must have a unique certificate pre-installed during the manufacturing process, and will only be offered to transmitters that satisfy all Qi certification requirements. In turn, the certificate will be authenticated by the power receiver to ascertain the product’s genuinity, for better user experience, minimize product damage, and end user safety risk. These unique certificates are created using the X.509 format and has a minimum of three components:

1. Root certificate hash
2. Manufacture certificate
3. Product certificate

Root certificate hash

The WPC Root Certificate Hash is the 1st section of the X.509 certificate. WPC offers the self-signed Root Certificate Hash to power transmitter manufacturers who have passed the Qi Compliance Testing Requirements, which will later be installed within power transmitter products during the manufacturing process. 

Qi Receivers validates the WPC Root Certificate Hash.

Root Certificate Hash of Qi Authentication 

Manufacturer certificate for authentication

The second section of the X.509 certificate format is Manufacturer’s certificate. This is generated by a 3rd party certification authority (CA) Service Providers appointed by WPC. The Manufacturer Certificate Service Provider (MCSP) collects the manufacturer’s information as per the X.509 sign using the private keys and provides the manufacturer’s public and private keys. 

It’s important to note that the manufacturer's private keys are not stored within the certificate. Instead, manufacturers will use the private keys to create unit certificates (this is elaborated upon in the next section). What’s placed into the transmitter’s X.509 certificate is the manufacturer certificate provided by the 3rd party. Alongside the WPC Root certificate, these will be verified by the Qi receiver.

Check out the full list of WPC’s approved Manufacturer CA service providers (MCSP) here.

Manufacturer certificate of Qi authentication

Product certificate

The 3rd section of the X.509 certificate is the product unit certificate. Every Qi certified product will have its own unique certificate. This allows WPC to revoke certification statuses in the event that products, certificates, or private keys are compromised which may be misused for creating counterfeit products. This is also why private keys should always be stored securely in the tamper proof and secured memory of the transmitter to avoid any misuse. 

Product unit certificates are signed by transmitter manufacturers. Private keys generated as a part of the manufacturing certificate are used to sign the unit certificate. This unit certificate is in turn kept in the product certificate, along with the signature and public key. While the public key is shared with the receiver, the private key is instead stored within the transmitter's secured memory.

The product unit certificate is validated by the receiver using the receiver’s key.

Note, however, that this private key refers to that of the transmitter’s, not the manufacturer’s, and will later be used to send challenge responses that will be validated by the receiver. 

Product certificate of Qi authentication

Qi2 wireless charging authentication process

Authentication plays a major role in combating counterfeit products and ensuring consumer safety. Through the following mechanism, Qi wireless charging pads and compatible electronic devices can safeguard consumer safety by preventing unauthenticated products. During the manufacturing process, the transmitter manufacturer places the product’s individual unique certificate in the wireless power transmitter. Receiver and transmitters undergo the following process to validate the authenticity of the transmitter.

1. Once a wireless power receiver device (Smart phone) is placed onto a Qi wireless charging transmitter it negotiates the BPP level of power contract (Up to 5W).
2. The receiver then requests for a Qi certificate from the transmitter using “Get Certificate”. 
3. The transmitter will send the certificate if it possesses one, which will in turn be validated by the receiver.
4. To safeguard against forged certificates from alternate sources. Once a certificate is validated, the receiver will send a follow-up challenge to the transmitter, which will send a challenge response signed with the transmitter’s unique private key for further validation.
5. Upon successful validation, re-negotiation can occur to bring power levels above 5W. However, the receiver can choose not to draw power levels above 5W if certificate validation fails or if a particular unit certificate has been flagged to be faulty or compromised.

Do also note that a faster validation process known as digest based validation can be conducted if deemed necessary. 

Power transfer level authentication process 

Want to learn more about Qi wireless charging and other connectivity technologies?

Watch the full webinar on-demand or download the presentation deck here. To be alerted about our next free technical webinar, follow us on LinkedIn or subscribe to our newsletter. 

To receive personalized consultation on how you can design and certify your wireless charging products for Qi compliance, simply reach out to us or learn more about our Qi standards compliance and certification services.

About the author

Rajaraman Venkatachalam

Executive Vice President of Protocol and Power Solutions