OCPP 1.6 vs OCPP 2.0.1: Which Protocol Should You Choose?
The Open Charge Point Protocol (OCPP) has become the de facto standard for communication between EV chargers and central management systems. As the protocol evolves, buyers and operators face a practical question: should you deploy on the mature OCPP 1.6, or invest in the newer OCPP 2.0.1?
A Brief History of OCPP
OCPP was originally developed in 2009 by the Open Charge Alliance (OCA) to solve a simple problem: chargers from different manufacturers could not talk to the same backend software. Since then, it has evolved through multiple versions:
- **OCPP 1.5** — Early adoption phase, limited feature set.
- **OCPP 1.6** — Widely deployed since 2015. Added JSON support, smart charging, and firmware management.
- **OCPP 2.0** — Major architectural rewrite with improved security and device management.
- **OCPP 2.0.1** — Current recommended version. Refines 2.0 with backward-compatible fixes and clearer specification language.
Feature Comparison
| Feature | OCPP 1.6 | OCPP 2.0.1 |
|---|---|---|
| Communication Format | SOAP or JSON | JSON only |
| Smart Charging | Basic load balancing | Advanced with ISO 15118 integration |
| Security | Basic auth / TLS | Security Profile 3 (PKI-based) |
| Device Management | Limited | Comprehensive (monitoring, config, diagnostics) |
| Plug & Charge | Not supported | Native ISO 15118 support |
| Display Management | Not supported | Message and tariff display control |
Security: The Biggest Difference
OCPP 1.6 relies on Transport Layer Security (TLS) and basic authentication (username/password) or client-side certificates. While this is adequate for many deployments, it has known vulnerabilities:
- Stolen credentials can grant unrestricted backend access.
- No standardized mechanism for certificate revocation.
- Firmware updates are signed but not always encrypted.
OCPP 2.0.1 introduces **Security Profile 3**, which uses Public Key Infrastructure (PKI) for mutual authentication between charger and backend. Each charger receives a unique certificate, and the backend verifies the charger's identity cryptographically. This eliminates password-based attacks and enables automated certificate rotation.
Smart Charging and ISO 15118
OCPP 1.6 supports basic smart charging through Load Balancing and Central Smart Charging profiles. These allow the backend to limit power output based on grid constraints.
OCPP 2.0.1 extends this with native **ISO 15118** integration, enabling:
- **Plug & Charge** — The vehicle authenticates automatically through the charging cable, eliminating RFID cards and mobile apps.
- **Bidirectional Communication** — The vehicle can communicate its state of charge, desired departure time, and energy needs directly to the charger.
- **Dynamic Pricing** — Real-time tariff signals can be pushed to the vehicle, allowing drivers to optimize charging costs.
Deployment Scenarios: Which to Choose?
Choose OCPP 1.6 If: - You are deploying a standard commercial or fleet charging site. - Your backend software only supports 1.6 (many established platforms). - You need to minimize integration risk and cost. - Your use case does not require Plug & Charge or advanced device management.
Choose OCPP 2.0.1 If: - You are building a next-generation public charging network. - Plug & Charge and seamless user experience are priorities. - You operate in a regulated market requiring the highest security standards. - You want future-proof infrastructure that will still be supported in 2035.
FBK POWER's Approach
FBK POWER's charging platform supports both OCPP 1.6 and OCPP 2.0.1. Our default configuration ships with OCPP 1.6 for maximum compatibility, with a clear firmware upgrade path to 2.0.1 as backend platforms mature. This approach gives operators flexibility without forcing premature technology bets.
Contact our engineering team for a protocol compatibility assessment based on your specific backend and deployment timeline.
