Security Protocol

At VoltBank, the security of your vehicle and the integrity of your data are our highest priorities. We employ a multi-layered security architecture to ensure a safe and transparent experience.

​

1. Official OAuth 2.0 Authentication VoltBank strictly uses Tesla’s official OAuth 2.0 protocol for authentication. We never ask for, see, or store your Tesla account password. Access is managed through secure tokens that you can revoke at any time via your Tesla Account.

​

2. End-to-End Encryption All data transmitted between your vehicle, Tesla’s servers, and VoltBank is encrypted using AES-256 bit encryption (TLS 1.2/1.3). This ensures that your telemetry data remains private and protected from unauthorized access.

​

3. Principle of Least Privilege (PoLP) We only request the minimum API scopes necessary to optimize your charging. VoltBank does not request access to sensitive commands like remote driving, trunk access, or software updates. Our access is focused solely on Vehicle Telemetry and Charging Management.

​

4. Zero-Discharge Architecture Our system logic is hard-coded to be "Inbound-Only". The code architecture contains no functions for initiating battery discharge (V2G), physically preventing any accidental or unauthorized battery drain.

​

5. Continuous Monitoring & Auditing We conduct regular security audits of our cloud infrastructure to identify and mitigate potential vulnerabilities. Our servers are hosted in Tier-4 data centers with 24/7 physical and digital surveillance.