ChargePoint Lacks Pair-Settled Architecture

Vendor and Product Reality

ChargePoint Holdings (NYSE: CHPT) operates a hybrid model: it sells AC Level 2 and DC fast-charging hardware (CT4000, CP6000, Express Plus) to site hosts, and it operates the ChargePoint Network — a multi-tenant CSMS that connects those stations and many third-party stations to driver accounts, fleet accounts, and roaming partners. The protocol layer is standardized: stations communicate with the CSMS over Open Charge Point Protocol (OCPP) 1.6J or 2.0.1 for authorization, transaction telemetry, and remote command. Vehicle-to-charger communication for DC fast-charging follows ISO 15118-2 and increasingly ISO 15118-20, which together define Plug and Charge (PnC) — a TLS-secured exchange where the vehicle presents a contract certificate and the charger validates it through a Public Key Infrastructure rooted at certificate authorities such as Hubject's V2G Root or the EVerest community trust list.

Roaming between networks is brokered via Open Charge Point Interface (OCPI) — the protocol used by Hubject, Gireve, and direct peering arrangements — which exchanges location, tariff, session, and CDR (charge detail record) data between e-Mobility Service Providers (eMSPs) and Charge Point Operators (CPOs). For NEVI-funded sites, 23 CFR Part 680 imposes uptime, payment-acceptance, and data-reporting obligations that flow back to the CSMS, including the 97% uptime requirement and the obligation to support contactless payment as well as Plug and Charge. ChargePoint's commercial model layers software subscriptions (ChargePoint as a Service, fleet management) and transaction fees on top of hardware sales.

Architectural Gap

Every authorization decision in this stack ultimately depends on a central CSMS. When a driver plugs in, the charger asks the CSMS whether the presented RFID card, mobile-app token, or PnC contract certificate is authorized; the CSMS consults its account database, evaluates the tariff, and returns an authorization. When the vehicle and charger belong to different networks, OCPI relays the question through a roaming hub to the home eMSP, which answers, and the CDR is later reconciled bilaterally. Plug and Charge under ISO 15118-2 narrows the exchange — the contract certificate is presented machine-to-machine — but the contract certificate itself was issued by a CSMS-side process and is validated against a centrally maintained PKI; the charger still phones home to authorize the session against the eMSP of record.

This central-CSMS posture creates four structural costs. First, availability coupling: a NEVI site whose CSMS link is degraded cannot authorize sessions even when the vehicle and charger are physically capable, which directly threatens the 97% uptime obligation. Second, roaming friction: every cross-network session traverses a hub, adds latency, accumulates per-transaction fees, and creates reconciliation lag that frustrates fleet operators and rural drivers whose home network has thin geographic coverage. Third, data capture: session telemetry, location history, and payment data flow through the CSMS, creating privacy and antitrust exposure as networks scale. Fourth, regulatory single-point-of-failure: a CSMS outage, a payment-processor incident, or a roaming-hub dispute cascades across every site that depends on it, and the NEVI compliance burden falls on whichever party holds the CSMS contract.

ISO 15118-20 introduces bidirectional power transfer, wireless charging, and improved authentication, but it does not change the fundamental trust topology: the contract certificate is still issued by an eMSP-side process, and authorization still resolves through a CSMS.

What Matched-Pair Primitive Provides

The matched-pair primitive binds the vehicle-to-charger handshake structurally. Each vehicle carries a credentialed identity; each charger carries a credentialed identity; the two identities establish a pair-settlement context directly, exchanging the credentials, policy constraints, and metering attestations required for a valid session without requiring a CSMS to mediate the authorization decision in real time. The pair produces a signed, structurally auditable session record — what was authorized, by which authorities, against which tariff, with which energy delivered — that any number of downstream parties (the eMSP, the CPO, the regulator, the fleet, the tax authority) can verify without trusting a single intermediary.

Authority remains real. The vehicle's credential traces to an OEM or fleet authority; the charger's credential traces to a CPO or site-host authority; tariff and roaming rules trace to the eMSP and OCPI partner. But authority is declared structurally and verified locally rather than enforced by runtime callback to a central server. Outage tolerance, roaming directness, and data minimization fall out of the architecture rather than requiring per-vendor engineering.

Composition Pathway With ChargePoint

The composition pathway treats ChargePoint stations and ChargePoint-issued vehicle credentials as credentialed pair-settlement participants. Existing operational architecture continues: OCPP 2.0.1 still carries telemetry from charger to CSMS, ISO 15118-20 still negotiates the V2G session, OCPI still exchanges CDRs with roaming partners, and the ChargePoint mobile app still fronts driver accounts. The matched-pair layer sits on the vehicle-charger boundary, consuming PnC contract certificates and CPO certificates as inputs to a pair-settlement context that produces structurally verifiable session records.

ChargePoint's role expands rather than contracts. The network becomes a credentialed authority — issuing and revoking vehicle and charger credentials, providing settlement aggregation across the pair-settlement records its participants generate, offering dispute resolution and tariff arbitration, and continuing to deliver the value-added services (load management, demand response, fleet analytics) that fleets and site hosts already pay for. What changes is that an individual session no longer requires CSMS round-trip authorization to be valid; the pair settles, the record is signed, and reconciliation is structural.

Implementation can begin at the ISO 15118 boundary. The contract certificate exchange already establishes a TLS-secured pair context between vehicle and charger; extending that context with credentialed pair-settlement metadata is additive rather than disruptive. OCPP 2.0.1 transaction events continue to flow to the CSMS for telemetry, billing, and NEVI uptime reporting, but the authorization decision is decoupled from CSMS reachability. OCPI CDR exchange continues with roaming partners, now carrying structurally verifiable session records rather than unilateral CPO assertions, which materially reduces dispute volume and reconciliation lag for cross-network sessions. For NEVI sites specifically, structural pair-settlement directly supports the 97% uptime requirement by removing CSMS reachability from the critical authorization path, while continuing to satisfy the data-reporting and contactless-payment obligations through the unchanged CSMS channel.

Commercial and Licensing Posture

ChargePoint's competitive position improves under the matched-pair layer rather than degrades. The pure-CSMS network model faces increasing pressure from NEVI uptime obligations, OEM-direct charging programs (Tesla NACS adoption, Ford BlueOval Charge Network, Rivian Adventure Network), and fleet operators demanding deterministic settlement. By adopting the matched-pair primitive, ChargePoint offers structurally outage-tolerant sessions, frictionless roaming with peer authorities, and minimized data exposure — capabilities that pure-platform competitors cannot match without their own architectural inversion. Licensing the matched-pair primitive into the ChargePoint architecture is additive: hardware revenue, subscription revenue, and roaming-aggregation revenue all continue, while the network's strategic position shifts from platform intermediary at risk of disintermediation to credentialed authority in a pair-settled ecosystem.