Basically would be that easy with the right hardware. It's absolutely not a secure way to implement charging authentication. Right now, the hardware is obscure enough but it won't be forever.I wonder how easy it is to get the MAC address — if my P*2 is sitting locked somewhere, unplugged, can someone just.. open the port cover and plug in a CCS plug that’s a fake charger and read out the MAC address? Seems too easy.
I guess one improvement would be for MAC address to only be transmitted when P*2 is unlocked, but no idea if they do even that.