Fleet Pseudonymization

It is possible for fleet customers to configure a production application to only return vehicle data that has been pseudonymized. This means in practice that the VIN (Vehicle Identification Number) is replaced by a pseudonym that can not directly be linked to a VIN. This has the benefit of enabling use-cases where you need statistical data from vehicles in your fleet, but do not want to associate the data with individual vehicles.

This guide brakes down the functionality and describes how to get started:

  1. Configuring a production application for pseudonymization
  2. Add vehicle VINs to a production application
  3. Receiving pseudonymized data over MQTT
  4. Revoke a vehicle from the clearance list

Own Fleet Data Only

The pseudonymization layer adds value to customers with existing fleets. For the sake of clarity, it's not possible to access anonymised data from unrelated vehicles.

Create a Production Cloud App

The pseudonymization is always added on a production application basis. It's possible for you to both have applications that receive VIN-based data and pseudonymized data within the same account, just not for the same application. The steps to set up the application is the same for both.

In the Production tab you will find your apps for retrieving data from our live environment. In the app details page you are going to set the permissions it requires and manage its credentials. Let's see how to create a new app.

  1. Go to the Production tab, click the big plus (+) button and select Cloud App. Enter a name and continue.
  2. Select the permissions that your app needs by clicking the "Select Permissions" button. Select the data points that you want to consume and hit "Save".
  3. Fill in all app information and click "Submit for review". Once done we will enable your application for live data access as soon as we have performed our app verification procedures.
  4. Please get in touch with us with a reference to your submitted application in order for us to configure it for pseudonymization.

Data delivery through MQTT

Pseudonymized data is always delivered through the MQTT broker. The REST API and other pull-based data APIs that we offer are only available for VIN-specific data querying.

Create and sign a JWT

With the app set up, it's time to use the Service Account API with the objective to activate data access for your vehicles. Before using the fleet specific endpoints of the Service Account API, it's best to get familiar with the API and what's needed in order to get a JWT for each request. Read all about it in the Service Account Tutorial.

Getting clearance for a vehicle

A vehicle has to be cleared for access in order for its data to be put onto the MQTT broker. The clearance procedure is different for each carmaker and should be considered an asynchronous process. It's possible to clear one or many vehicles at the same time, and this is done by passing in the VINs.

Control Measure

For Mercedes-Benz vehicles, it's also necessary to pass in a control_measures object with the current vehicle odometer reading. This value is verified with the actual odometer reading during the clearance procedure.

Additional resources:

  • Check out the Open API Specification to see the reference of the POST /fleets/vehicles and GET /fleets/vehicles endpoints.
  • See the Activation Process guide for a detailed description of what happens under the hood during the clearance.

If you want to cancel the clearance of a vehicle, go ahead and use the DELETE /fleets/vehicles/{vin} endpoint. Similarly to when adding a new vehicle for clearance, this endpoint is asynchronous. Once the request has been processed the vehicle will be set to canceled or revoked depending on if the activation was still pending or not.

Subscribe to the fleet_clearance_changed webhook to receive a notification once the clearance state changes to any of the possible value approved, pending, revoking, revoked, rejected, canceled. Read more about the available notifications on the webhooks page.

# change AUTH TOKEN, VIN, BRAND
curl --location --request POST 'https://api.high-mobility.com/v1/fleets/vehicles' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <AUTH TOKEN>' \
--data-raw '{"vehicles": [{"vin": "<VIN>", "brand": <BRAND>}] }'

Streaming data

Once a vehicle is in an approved state, its data will be published to the MQTT broker or to your AWS S3 bucket if that has been requested. Please refer to the MQTT Tutorial: Get Client Certificate, Connect and Subscribe sections of the MQTT tutorial in order to get subscribed to your production application data stream.

Here is the JSON format that is used for every message that is published. All data objects, that hold the specific car data payload, are formatted according to the Auto API JSON schema.

Importantly, the vin key still exists in each MQTT message but is replaced by a pseudonym.

{
   "message_id": {Unique Message ID: string},
   "version": 1,
   "vin": {Pseudonym: string},
   "capability": {Auto API Capability: string},
   "property": {Auto API Property: string},
   "data": {Auto API Schema: object}
}

Here's an example of the JSON that would be sent for the odometer data. The VIN has been replaced by 26ace79449aae32d80dd5315a23e795da9323626 both in the message topic and the payload.

Topic: /live/level13/1FBBEDED80595912588FF4FF/26ace79449aae32d80dd5315a23e795da9323626/diagnostics/get/odometer
{
   "message_id": "B10BB67D6B4D2EBAB49FD3F81D41111C2AC0D6E0816DE47F87DCDD1388F3D911",
   "version":1,
   "vin": "26ace79449aae32d80dd5315a23e795da9323626",
   "capability": "diagnostics",
   "property": "odometer",
   "data": {
      "diagnostics": {
         "odometer": {
            "data": {
               "unit": "kilometers",
               "value": 100
            },
            "timestamp": "2022-05-01T10:33:10.000Z"
         }
      }
   }
}

Pseudonym Lifecycle

A pseudonym is linked to a specific vehicle for the period of activation to the revocation. If a vehicle would be activated through the clearance procedure again at a later date, it would receive a new pseudonym.

Revoking a vehicle

It is possible to revoke a vehicle by providing the VIN to the DELETE /fleets/vehicles/{vin} endpoint, which will deactivate data access and revoke the vehicle. Once the vehicle status changes to revoked, you will no longer receive any of its data.