From Cars to Hotels: How Automotive Keyless Entry Technology Powers Hotel Check-In
Before KeyShare was a hotel technology company — before it was a building access company or a government identity platform — it was an automotive technology. The founding team built secure access technology at Continental Automotive, one of the world’s largest automotive suppliers. That technology — NFC, capacitive touch, and proximity sensing for keyless entry — is deployed across 120 million vehicles for Ford, GM, FCA, Mercedes-Benz, BMW, Audi, Renault, Peugeot, and Volkswagen.
The connection between a car door and a hotel room door is more direct than it sounds.
The automotive security problem
When you tap your phone to unlock your car, three things happen in under 200 milliseconds: the phone and the car establish an encrypted communication session, the car verifies that the phone holds a valid credential, and the car actuates the lock. If any step fails — the session doesn’t establish, the credential doesn’t verify, the lock doesn’t respond — the door stays locked.
This interaction has brutal reliability requirements. It must work in rain, in snow, at -40°C, and at 120°F. It must work when the phone’s battery is low. It must work when the car has no internet connectivity (which is always — cars don’t rely on cloud services for door locks). It must resist relay attacks, replay attacks, and cloning. And it must complete in under a second, because a driver standing next to their car in a parking lot has zero tolerance for “please wait.”
The team at Continental that solved these problems — NFC protocol engineering, secure element integration, cryptographic session management, offline operation, and sub-second latency — included two people who would go on to found KeyShare: Kabir Maiga (Technical Lead) and Simon Forster (Software Manager).
The insight: a door is a door
The technology that lets you tap your phone to open your car is, architecturally, the same technology that lets you tap your phone to check into a hotel. Both require NFC communication. Both require cryptographic credential verification. Both require offline operation (the car and the Puck both operate without cloud connectivity for the core lock interaction). Both require sub-second latency.
The difference is what happens around the tap. A car tap unlocks a door. A hotel tap verifies identity, matches a reservation, provisions a wallet key, captures payment, enrolls loyalty, and logs the interaction for compliance. The NFC interaction is the same; the orchestration is different.
This is where KeyShare began: taking the NFC hardware and protocol expertise from automotive keyless entry and building the orchestration layer that turns a tap into a complete check-in.
From Continental to KeyShare
KeyShare was incubated inside Continental Automotive and spun off in 2018. Continental recognized that the secure access technology their team had built for vehicles had applications beyond the automotive industry — but those applications required a dedicated company with a different go-to-market model.
Continental remains an investor and shareholder in KeyShare (PassiveBolt, Inc.). The technology heritage is direct: the Puck’s NFC protocol stack, the secure element integration, the offline-first architecture, and the sub-second interaction design all trace their lineage to the automotive keyless entry platform.
The third co-founder, Mike Johnson, came from Hella (now FORVIA HELLA), another major automotive supplier, where he led Advanced Engineering in power electronics. Together, the three founders bring complementary backgrounds: NFC protocol engineering (Kabir), embedded software (Simon), and hardware design (Mike).
What automotive heritage means for hotel technology
Three properties of the Puck trace directly to automotive engineering:
Offline-first operation. Cars don’t have reliable internet connectivity, so automotive keyless entry was designed to work without it. The Puck inherits this architecture — core operations (identity verification, key provisioning) execute locally without requiring cloud connectivity. The Guest Experience Platform (GEP) runs a local instance on-premise. The internet enhances the system; it doesn’t enable it. Offline-first operation is a core architectural property, not a fallback.
Hardware security. Automotive access control operates in a hostile environment — relay attacks, signal amplification, physical tampering. The Puck inherits the secure element approach (Common Criteria EAL5+), the wolfSSL cryptographic library (FIPS 140-2 validated), and the MISRA C firmware development standard from the automotive security model.
Sub-second NFC interactions. In automotive, the NFC session — from phone proximity detection to door unlock — must complete in under 200ms. The Puck’s NFC session — from tap to identity verification — completes in under 500ms (including a full ECDH P-256 key exchange). The extra time accommodates the cryptographic complexity of ISO 18013-5 identity verification, which is more demanding than simple credential presentation. But the engineering discipline of “the interaction must be instantaneous from the user’s perspective” comes from automotive.
The multi-vertical extension
The same technology that powers hotel check-in also powers building access (the Reader Library firmware for NFC readers uses the same protocol stack) and government identity verification (the Digital ID Platform uses the same ISO 18013-5 verification at the Puck). The automotive heritage didn’t create a hotel product — it created an identity verification and credential delivery platform that happens to serve hotels, buildings, and governments.
That’s the story of KeyShare: automotive secure access technology, applied to the places where people live, work, and interact with institutions.
