The experience of buying a new car and then spending days downloading six different apps just to use public chargers is a small, sharp reminder that the electric vehicle era has solved the propulsion problem without yet fixing the user experience of refuelling — or, more accurately, recharging.
Background
The core complaint is simple and familiar: more choice has produced more friction. Enthusiasts who recently adopted plug‑in or battery‑electric vehicles report having to install multiple vendor apps, create separate accounts, and re-enter payment details just to use public chargers near home. That reality persists even after the UK moved to regulate public chargers in 2023 to mandate contactless payments, roaming support, published pricing and a staffed helpline — rules meant to reduce friction but not to eliminate the software complexity drivers currently face. The policy framework is a meaningful step forward, but it treats
payment method availability and
transparency as discrete problems, not as a holistic app‑free user experience. This feature unpacks why public EV charging in 2025 still often requires juggling apps, what standards and technologies are trying to fix it, the practical and security trade‑offs operators face, and what pragmatic steps will actually reduce the number of apps drivers must carry on their phones.
Why charging still needs six apps (and what each one usually does)
The average public charging experience can require multiple services because different players perform different roles in the ecosystem:
- Charge Point Operator (CPO) app: controls the hardware, publishes live status and may manage site access.
- e‑Mobility Service Provider (MSP) / roaming app: gives you an account, billing and sometimes discounts or subscriptions.
- Payment app or wallet (Apple Pay, Google Pay) or tokenization service.
- Hardware vendor app: for on‑site diagnostics, firmware updates, or to handle edge cases.
- Aggregator or fleet management app for business users.
- OEM or vehicle app: to show charging session status and integrate Plug & Charge where supported.
These redundancies exist for reasons that make sense in isolation. Operators need revenue collection and remote management. MSPs want customer relationships and recurring revenue. Hardware vendors need tools to monitor uptime and push firmware. But the result for drivers is fractured: separate accounts, scattered receipts, varying display of price per kWh, and multiple half‑compatible payment paths.
This fragmentation also amplifies exceptions: contactless card payment may exist on one pedestal, but Plug & Charge (certificate‑based authentication) may work only on another; your OEM’s Plug & Charge certificate may be accepted by one network but not yet propagated to another roaming backbone. The upshot is a lot of fallback behaviour that pushes users back to apps.
Overview: legislative progress does not equal a single‑tap experience
The UK’s Public Charge Point Regulations 2023 set concrete minimums for public charge points: contactless payment availability for certain chargers, an average network reliability standard of 99% for rapid chargers, a free 24/7 helpline, use of open data standards, and published pricing metrics. Those are important consumer protections and enforcement levers, but they don’t magically replace the need for account holders or apps in many common charging scenarios. The rules ensure you can pay ad‑hoc with a card or wallet at many locations and that operators must publish pricing and reliability figures, but they stop short of mandating a single, universal authentication and billing flow for every charger and vehicle combination. In other words, regulation addressed the immediacy of payment access and transparency — lowering the baseline for everyday use — while market actors, business models and technical interoperability still determine whether apps vanish from the user story.
Technical building blocks that could replace apps (and why adoption is slow)
ISO 15118 and Plug & Charge: the ideal no‑app flow
ISO 15118 is the international communications standard that defines, among other things, the
Plug & Charge pattern: vehicles and chargers exchange certificates and perform mutual authentication over a secure channel so billing and authorization occur automatically when the cable is inserted. In principle, Plug & Charge removes apps and cards for authenticated sessions. The standard supports certificate‑based billing, secure TLS channels, and — in newer revisions — functionality for bidirectional energy (V2G) and stronger cryptographic defaults. Major manufacturers and networks have implemented variants of Plug & Charge, but universal coverage remains incomplete because PKI infrastructure, certificate ecosystems, and commercial roaming arrangements are still being built out. Why adoption is slow
- Certificate ecosystem complexity: Plug & Charge needs a trusted certificate authority (V2G‑PKI) and cross‑operator agreement on trust anchors.
- Legacy hardware: many existing chargers lack the compute, secure elements or firmware to support ISO 15118‑style TLS sessions.
- Business model friction: operators monetize customers with subscriptions and loyalty programs; a universal, accountless model can disrupt those plans.
Despite these hurdles, industry coordination efforts are accelerating toward broad Plug & Charge support; some countries and networks already offer seamless experiences at specific sites. Still, a universal rollout requires synchronised upgrades across cars, chargers and backend systems.
OCPI and roaming: how apps become optional between networks
OCPI (Open Charge Point Interface) is an open roaming protocol that lets e‑Mobility Service Providers (MSPs) and Charge Point Operators (CPOs) exchange tariff data, availability, session records and billing information. Where OCPI is widely deployed, a driver who has an MSP account can use multiple CPO networks without creating new local accounts — because the MSP and CPO communicate behind the scenes. OCPI is a pragmatic path to reduce app count: if your MSP has broad roaming agreements, you only need
that one app. Why OCPI alone doesn’t remove apps
- It still requires at least one MSP account to be present on your phone.
- Roaming agreements are commercial arrangements that can include complex pricing rules and restrictions.
- OCPI adoption varies by region and operator maturity; gaps in coverage leave drivers dependent on local vendor apps or on‑site contactless terminals.
Security, reliability and the hidden costs of simplification
The desire to reduce apps is legitimate, but wholesale removal of user authentication layers must be carefully balanced against security and reliability requirements.
Security incidents in EV charging stacks illustrate the stakes. Practical issues have included cleartext storage of credentials in charger firmware (requiring vendor patches), link‑layer pairing weaknesses in PLC stacks that could enable MitM attacks against charger‑to‑vehicle communications, and the broader attack surface created by connected chargers on consumer networks. These real‑world problems show why vendors and operators are cautious about enabling fully automatic flows without hardened cryptography, robust PKI management and strong operational monitoring.
Reliability is another constraint. Operators are now accountable for aggregate network reliability measurements (99% for rapid chargers in the UK), and pushing a new authentication technology across a widely distributed hardware fleet risks transient outages or intermittent authorisation failures that quickly degrade customer trust. The UK regulations therefore require operators to publish reliability and run helplines — safeguards that are necessary when adding new on‑site payment or authentication options that might not yet be bulletproof.
The commercial reasons apps persist
- Revenue and retention: MSPs and charging networks use proprietary apps to sell subscriptions, loyalty, preferred pricing and ancillary services. That commercial incentive keeps closed ecosystems alive.
- Data and customer relationship: owning the billing relationship provides valuable telemetry and marketing opportunities. Operators are reluctant to relinquish that to a one‑size‑fits‑all credentialing service.
- Hardware financing models: some sites are subsidised by retail partners who want control over how customers pay and how offers are presented.
- Granular pricing models: dynamic tariffs, session bundles, parking fees and in‑site discounts are simpler to implement inside a controlled app environment than across open roaming equivalents.
All of these create real‑world trade‑offs: yes, a single app or cardless Plug & Charge is more convenient, but it challenges the current monetisation and operational models that fund network expansion and maintenance.
Real‑world pain: the user story that started this conversation
Practical experiences reported by new owners of plug‑in vehicles show the chain of friction: discover a charge point, open the right vendor or network app to check connector compatibility, create an account and attach payment details, then either use a vendor‑specific RFID tag, app‑QR code flow, or search for a contactless tender. Even after the UK’s contactless payment rules reduce the need for pre‑registration at many high‑power sites, drivers still face gaps: some charger sites only show price per kWh inside apps, some accept only specific wallets, and others still require network accounts for lower advertised rates. That creates a cost‑benefit puzzle for drivers: should you sign up to multiple MSPs to save money, or pay a premium ad‑hoc with a card and avoid account sprawl?
This is the lived problem regulators tried to reduce — and partially solved — but it remains unsolved in totality.
What must change: pragmatic, staged steps toward one‑app or no‑app charging
Eliminating the app tax is both a technical and a commercial project. The following recommendations aim to accelerate real improvements without compromising security or business viability.
- Operators and regulators: mandate open, standardised roaming endpoints (OCPI or compatible) in public tenders and require published, machine‑readable tariffs.
- Why: lowers bar for MSPs to offer wide coverage and lets consumers rely on a single service for billing and discovery.
- How: procurement clauses and public funding can require OCPI/OCPI‑equivalent compliance.
- OEMs, PKI operators and standards bodies: accelerate coordinated V2G‑PKI and certificate trust lists for Plug & Charge with pragmatic onboarding channels.
- Why: a trusted, cross‑operator PKI is essential for secure, app‑free Plug & Charge.
- How: industry consortiums and national authorities can sponsor a neutral root CA and testbeds to stress‑test certificate lifecycle tooling.
- Rollout pathways for legacy hardware: require forward‑compatible APIs and at‑site payment terminals as transitional measures.
- Why: immediate on‑site contactless must coexist with ISO 15118 rollout to prevent regressions in user access.
- How: specify minimum contactless capabilities in regulation, allow a transition window for legacy device upgrades.
- Security by design and independent certification: require OTA patching, secure element use for key storage, and third‑party security audits for public chargers.
- Why: app reduction increases reliance on embedded authentication; that must be secure.
- How: certification programs for chargers and audits modelled on existing IoT and industrial control standards.
- Consumer‑facing fallbacks: preserve card and smartphone pay‑wave paths, and require clear on‑site signage for pricing and support.
- Why: convenience must not reduce transparency or lock out casual users.
- How: regulatory guidance and enforcement of on‑site pricing presentation and helpline availability.
- Business model experiments: pilots that share revenue with local retailers or that compensate operators for open roaming adoption.
- Why: to persuade operators to trade higher margins for broader interoperability.
- How: grant schemes, matched funding for upgrade costs, or temporary subsidies for networks that open to roaming.
Short‑term actions for drivers and fleets
- Keep a lightweight set of apps: prefer an MSP with wide roaming agreements and portable billing history. Where possible, enable contactless wallets (Apple/Google Pay) as a fallback.
- Verify Plug & Charge readiness before relying on it: not all chargers or vehicle firmware versions are fully compatible yet.
- Watch published reliability data: operators in the UK must report reliability figures and maintain a helpline; treat those indicators as proxies for sane maintenance practices.
- For fleets: centralise an MSP relationship and use fleet management tools to pre‑configure credentials and avoid driver friction.
Risks and caveats
- Security trade‑offs remain critical. Automated Plug & Charge flows amplify the impact of PKI mis‑management and certificate revocation issues; compromised credentials could enable fraudulent sessions. Independent verification and conservative revocation policies are essential.
- Legacy hardware economics are real. Many chargers in the field were installed under vendor or retail agreements that do not fund immediate, large‑scale upgrades to support ISO 15118.
- Regulation reduces some friction but cannot instantaneously rewrite operator business models. UK rules improved ad‑hoc payments and transparency, but operator cooperation and industry standards are needed to eliminate apps entirely.
- Unverifiable claims: press summaries and vendor announcements about timelines for universal Plug & Charge occasionally overstate rollout speed. Treat optimistic vendor roadmaps as useful signals but verify against live network compatibility lists and rigorous test reports.
The near term: what 2026 might look like
Expect a split‑world in the near term: larger, modern networks and premium retail sites will offer Plug & Charge and broad roaming first, reducing the need for apps for a growing segment of drivers. Smaller, older sites and some specialized retail installations will lag, preserving the mixed app landscape for casual drivers. Regulators and procurement policies will be decisive levers: where tenders require open protocols and contactless acceptance, app count will fall faster.
Longer term, if industry PKI and roaming hubs interoperate cleanly and device vendors ship chargers with secure hardware and standardized APIs, the phone‑full‑of‑apps problem will become an odd footnote — one that prompts a nostalgic ad: “There used to be an app for that.” Until then, drivers, operators and policymakers must work in parallel: drivers should choose MSPs strategically, operators should open roaming and invest in secure firmware, and policymakers should continue to write procurement rules that favour openness and security.
Conclusion
EV charging in 2025 is in a transitional phase: the right regulatory guardrails are appearing, meaningful technical standards exist to remove apps from the experience, and industry pilots are proving the concept at scale. But implementation is not instantaneous — commercial incentives, legacy hardware, PKI complexity and security concerns mean the simplest, most elegant user experience remains the result of coordinated upgrades across cars, chargers, backend systems and business models.
The sensible path forward is pragmatic: legislate for openness and transparency; fund migration of legacy hardware; accelerate secure PKI rollouts; and design roaming and billing to preserve operator revenue while prioritising driver convenience. Those steps will turn the current UX — where a week with a new car can require six apps — into the practical, seamless reality that drivers expect. In the meantime, contactless payment mandates and published reliability are real improvements, but they are a floor, not the finish line.
Source: Windows Central
https://www.windowscentral.com/soft...-ev-charging-shouldnt-require-this-many-apps/