All users of Everon products can be certain that their user accounts are secure, because Everon applies the latest industry standard for authorizing access to user data: OAuth 2.0.
How does this work?
OAuth 2.0 is an open standard authorization framework that enables applications such as Everon to add an additional layer of security to their login flow. The extra layer allows the application to double-check that the user is authorized to access the requested services, without needing to share the user's username and password (credentials).
To do this, a user profile is stored in what's known as an authorization server. This profile contains the user's username and password, and where applicable, the extent to which they are allowed to access the requested service. When a user tries to access a particular service by logging in to an application, the application asks the authorization server to check the user profile. If the authorization server is able to verify the profile, instead of forwarding the user's credentials, it generates an access token that contains information about the user's access rights and sends this back to the application. The application uses that token to request access to the service. The service checks whether the token is valid, and if so, it allows the application to give the user access to the requested service.
While this sounds incredibly complex, it isn't very different to checking in to a hotel. Let's say you've booked a hotel room with your credit card. Upon arrival, you present your credit card to the receptionist to check in. Using your credit card, the receptionist can confirm that you've made a booking and gives you a key card that should open the door to your room. When you get to your room, you swipe your key card, the door opens and it lets you in.
How is this more secure?
What's important to note in the example of the hotel is that the key you've used to open the door doesn't contain your credit card details, because the door doesn't need to know them to let you in. The door only needs to know whether that key should be allowed to unlock it. All of your personal information is safely stored with the receptionist. In this example, the receptionist represents the authorization server, the key represents the access token, and the room represents the service that a user requests when they log in to an app.
In essence, this authorization flow is much safer due to the double layer of security without the need for sharing data that should remain strictly personal.
How does this impact users?
It's unlikely users even notice this process takes place, as it all happens in the background in a split-second after they've entered their credentials and clicked "Log in".
If anything, this flow comes with a number of benefits to Everon users. To list a few:
- Increased security through the additional layer of authorization
- Increased speed and scaleability, because Everon servers no longer need to make space for an extensive user database
- Meets industry standards, opening up the possibility to develop a solution for Single Sign On (SSO) between Everon apps in the future
With this implementation, Everon also has more time to focus on continuing to build on our core features, enhancing the EV charging experience for both you and your customers.
Important notice about user migration to authorization server
Our integration with our authorization server is a recent development and required us to migrate our user databases.
During the migration, all users are transferred from our platform service to the authorization server, but their passwords aren't transferred. This means that all users must set up a new password after the migration is complete by following the Forgot my password flow from the login screen.
For instructions on resetting your password, or for instructions for your customers, see the following FAQs: