First of all, what is the VSP Registry?
This section from NASTF should better explain what it is and why it's become necessary in today's automotive repair world:
"The NASTF Vehicle Security Professional (VSP) Registry is a service created from the NASTF Secure Data Release Model (SDRM), a project of the NASTF Vehicle Security Committee. SDRM is a data exchange system (see graphic below) conceived and designed cooperatively by automakers, the independent repair, insurance and law enforcement communities; it allows the aftermarket to access security sensitive information related to automobiles, i.e. key codes, PIN numbers, immobilizer reset information, and similar types of information. The NASTF VSP Registry program allows access to security-related information while protecting the safety and security of consumers and the integrity of automobile security systems.
Who should use the NASTF VSP Registry and why?
USA-resident* locksmiths and service technicians qualified in vehicle security system repairs need a subscription to the NASTF VSP Registry in order to purchase security codes and VIN-specific computer files directly from the OEM/automaker. Most automakers/OEMs make this information available instantly from their websites 24/7/365. See a list of the OEMs and the model year ranges available in this pdf file (click HERE).
*Canadian VSPs may be eligible to participate in the Canadian program. Email John Norris in BC. NASTF is unaware of any similar registry in other countries. Contact local automaker agents.
Parties Responsible for SDRM and the VSP Registry
There are four parties involved in SDRM and the VSP Registry:
NASTF: responsible for industry outreach, systems development, and dispute resolution. Through leadership from the NASTF Vehicle Security Committee (VSC), NASTF is responsible for bringing the parties together to identify and prioritize security information gaps and to help the Industry build and modify the systems necessary to close the gaps. The NASTF VSC has a standing Security Review Committee to manage disputes regarding enrollment in the Registry and access to security-related service information.
Automakers: responsible to host service information websites and/or call centers that serve as the portal to security-related service information. A complete list of automaker website URLs is available on the NASTF website at the OEM Service Websites link.
ASA: Under contract with NASTF, ASA is responsible for management of the VSP Registry website, database, applications, background screening, user support and registry audits.
NICB: responsible to log transactions with automakers that involve security-related information. The National Insurance Crime Bureau protects consumers and automakers and also represents the insurance and law enforcement communities. NICB maintains transaction logs for all security-related information and provides forensic evidence to law enforcement to investigate automotive related crimes.
How the VSP Registry and SDRM Works
The basic SDRM architecture is designed to provide system separation between automakers, NASTF and NICB through well defined simple interfaces. Each automaker website uses standard web services to communicate with NASTF and NICB. Communication of required data and responses are done conforming to Industry specified web protocols.
Benefits of the NASTF VSP Registry
The NASTF VSP Registry provides safeguards to automakers and their customers to allow a change in the historic/customary practice of strict limitation of access to security-related service information, tools, and components to the aftermarket.
NASTF VSP Registry provides:
Consumer choice by ensuring that vehicle owners can choose aftermarket service providers who have access to security-related information, tools and components.
Control of security-related information and tools by the owners of these resources - the automaker and the consumer. No outside entity has access to or control of the manufacturer's/consumer's data without strict security protocol and oversight.
Improved indemnity (compared to many current practices) for automakers from legal actions resulting from the unauthorized use, misuse, or illegal use of any security-related information.
The NASTF VSP Registry ensures that responsibility for governance of independent repairers falls on the independent aftermarket service industry, not automakers. The NASTF VSP Registry also meets insurance industry expectations for security with respect to release of security-related information."
(excerpted from NASTF.org)
Auto Computer & Electronics, LLC