Kempower strengthens digital trust of EV charging with first look into ChargEye’s cybersecurity backbone

Kempower, a leader in DC fast charging technology, has released details of the cybersecurity foundations of its charging station management system, ChargEye. This marks the first time Kempower has publicly shared insights into the security architecture of its software, reinforcing its commitment to transparency and digital resilience.

ChargEye, developed and designed entirely in Finland by Kempower’s in-house experts, is built with security at its core. The platform and its development process are certified under the internationally recognized ISO 27001 standard, ensuring robust information security management across the board.

Kempower was initially granted the ISO 27001 certification in 2024, and recently underwent an official audit of its information security management system to secure it for a second consecutive year. The certification recognizes the company’s high standards of cybersecurity, data protection, risk management and staff training.

“We believe cybersecurity is a shared responsibility – and that starts with openness,” said Mikko Veikkolainen, VP, Innovations & Research at Kempower. “By sharing information of the cybersecurity of ChargEye, we wish to inspire the whole EV charging industry to pay attention to cybersecurity of EV charging technology. The safety of EV charging infrastructure becomes more and more critical, as the EV adoption evolves.”

Key ChargEye cybersecurity highlights include:

• ISO 27001 certification: Kempower’s software development lifecycle for ChargEye meets the highest global standards for information security.
• Secure data storage: Data within ChargEye is handled in accordance with the EU’s General Data Protection Regulation (GDPR).
• Developed in Finland: Kempower retains full control over ChargEye’s development, enabling rigorous security oversight and rapid innovation.

ChargEye is built with security at its core, following OWASP (Open Web Application Security Project) best practices to prevent common software vulnerabilities. It incorporates V2G PKI encryption to ensure secure communication between EVs and the grid, supporting the future of smart energy systems. V2G PKI encryption refers to a cybersecurity framework used in Vehicle-to-Grid (V2G) systems, where electric vehicles can not only charge from the grid but also return electricity back to it.

The ChargEye platform is backed by 24/7 monitoring, an over 99% uptime commitment, and a clear incident response protocol.

Kempower actively tests its defenses through initiatives like Hack Day, which the company recently held for the second time in collaboration with its expert partners. At the event more than 50 ethical hackers attempted to breach Kempower’s systems in a controlled environment helping to identify and strengthen potential weak points.

To maintain high standards, ChargEye undergoes regular third-party security audits, reinforcing Kempower’s commitment to transparency and continuous improvement.

The full white paper “Certified cybersecurity with ChargEye charging station management system” is available for download on our website.

Kempower media:
Paula Savonen, VP, Communications, Kempower
paula.savonen@kempower.com
+358 29 002 1900

About Kempower
We design and manufacture reliable and user-friendly DC fast-charging solutions for electric vehicles. Our vision is to create the world’s most desired EV charging solutions for everyone, everywhere. Our product development and production are based in Finland and in the U.S., with the majority of our materials and components sourced locally. We focus on all areas of e-mobility, from electric cars, trucks, and buses to machines and marine. Our modular and scalable charging system and world-class software are designed by EV drivers for EV drivers, enabling the best user experience for our customers around the world. Kempower shares are listed on Nasdaq Helsinki Ltd. kempower.com