By Dr Roland Magiera, Giesecke & Devrient and Ramona Mache, Infineon Technologies
More than 50 major municipalities worldwide already use smart cards and smart tickets for mass transit solutions. The first high volume contactless ticketing solution, ‘Upass’, was introduced in Seoul, South Korea in 1996. Since then other schemes have been implemented in cities such as Moscow, Sao Paulo, Shanghai and Rio De Janeiro. European systems have also begun in major cities such as London, Stockholm, Paris and Rome, while in Asia the market expanded further with implementations in Tokyo, Hong Kong, Bangkok and Brisbane amongst others. This development is of significant importance to almost all countries in the world.
The inadequate provision of transport systems can restrict access to social, political and cultural activities for people with disabilities, the elderly and many other groups, which can therefore be claimed to reinforce social marginalization. Public transport can therefore be seen, for any country, to play an important role and have significant relevance upon the natural environment as well as quality of daily life.
Therefore the overall mission of Public Transport Agencies is to provide a high-quality, accessible and affordable public transport system with the strategic aims of:
- Increasing standards of living;
- Reducing pollution and energy consumption;
- Optimizing journey times in order to reduce congestion;
- Improving reliability, convenience and service for end customers.
With smart ticketing technology, the transport agencies and authorities should and will improve the services and convenience for customers as investment in new infrastructure increases globally over the coming years. More efficient services will result in higher usage, increased revenue, which in turn should limit the amount of subsidies required from both the government and the taxpayer.
History and outlook
There is a trend that the world’s largest cities will become even bigger. Referring to a UN report, it is predicted that there will be 60 ‘Mega-Cities’ with a total of more than 600 million inhabitants by 2015. Today, these cities are facing a number of challenges with their public transport systems – as the number of inhabitants and visitors increases so does the demand for more convenient and reliable mobility. Furthermore, there is a drive to integrate access to a variety of citizen services to the smart ticket, whilst also reducing the threat of crime in the city, reducing the need to carry cash, and make illegal usage and counterfeiting impractical.
One additional global future trend, which will drive increased investment in new infrastructure, is the need for more efficient energy use when travelling. Decreasing energy resources will force governments to develop energy-saving technologies for future decades to come.
Different types of transport schemes
Transport schemes can be very different: influenced by various stakeholders such as passengers, service providers, government authorities, and private companies. Each scheme also has varying regional specifics, e.g. passenger oriented schemes in US vs. operator-dominated schemes in Europe. Finally, transport schemes feature different levels of integration with other systems and services and may follow different operational specifications.
Alternative solutions offering better security against fraud are discussed with the focus on smooth migration with controlled costs (infrastructure changes cost many millions of Euro). Furthermore, talks with transport agencies have unveiled the following tendencies:
Currently, the market still favors MIFARE™- based systems split into three segments: low-end (using low cost contactless memories), medium (with contactless secure memories) and high-end applications (using certified security controllers);
- It is key to create value for the issuer and, not to destroy investment. Undisclosed proprietary encryption methods and algorithms are seen as a security risk and are no longer favored;
- Contactless banking cards are getting more and more attention driven by the US. For example, Massachusetts (MTA) plans to extend their pilot in New York to New Jersey, but it is not yet clear to what extent other regions will follow – London’s Transport for London (TfL) has publicly discussed implementing contactless EMV sometime in the future;
- Mobile phones with Near Field Communication (NFC) will be viable in the next few years. Pilots have already taken place and have been promoted worldwide, but a major rollout is not expected before 2013 when infrastructure is available, there is a range of phones deployed and business cases are implemented.
Different schemes – different requirements
Public transport systems are extremely diverse. Different regional specifics, level of integration and varying standards create the need for adaptable solutions. In general we may cluster the following levels of product requirements:
- The low-end market is focused on the Limited Use ticket application and uses designs made up from a small capacity memory IC, directly attached to a printed or etched antenna, which is laminated inside a paper ticket;
- The medium market has tailored solutions for schemes with different tariff zones, micro payment and various merchant services. The ticket is typically a plastic card with a three year life span, utilizing a secure memory IC in a module and wired antenna;
- The high-end market addresses multi-applications like transport, city services and payment, this often requires a smart card controller and wired antenna in a personalized plastic card.
It is worth mentioning that the different transport schemes are using and may use products of all three levels after starting within one level.
The most prominent success story for Limited Use Tickets is the Moscow Metro project, where the rollout started in 2005. Last year (2008) a volume of several 100 million tickets, with a low-end memory compatible to ISO 14443, were consumed as either single ride tickets or up to 16 ride tickets. Further rollouts in Russian cities like St. Petersburg are planned. The following requirements for such projects have to be considered:
Looking at the monetary values stored on such a Limited Use ticket, the solution has to be very cost sensitive;
- A fast performance, e.g. NFC Forum Tag Operation Type 2 compatibility, is an important precondition. Therefore the IC should support a fast start up;
- Proportional security, like a privacy concept using passwords and password limitation, should be considered for any system.
In the medium segment most projects have used MIFARE technology. Despite the recent security scares, it may be worth schemes staying with MIFARE if the system itself provides online security. Such examples can be found in Brazil and United States of America.
But of course there are projects, which will upgrade to another level. The most well known project is the Oyster® Card, which is the contactless smart card for London transport. Oyster began in 1998 and the roll out was in 2002. Consumers use it for daily, seasonal, annual and concessionary travel tickets for both the underground and overland buses. To visualize the challenge in London, here are some figures:
- There are 8.5 million passengers a day using London transport;
- 700 bus routes, 8000 buses, covering 3,730 km;
- 329 km underground lines;
- 26 km Docklands Light Railway line;
- 28 km tramways;
- 788 km National Rail lines in the Greater London area serving over 600 stations.
Over 20 million Oyster cards have been issued and 20,000 card terminals deployed. The challenge for London is to upgrade this single issuer closed 1990’s design with a system for the 21st century.
Such systems, which are looking to upgrade, should mitigate risk whenever possible. Any ticket alternative must therefore have a low impact on deployment and should be based on open standards. The ticket communication should not be based on proprietary command sets, which could incur license fees and/or a single supplier situation. The new system should offer ‘future-proof ’ flexible security, like the public algorithm Advanced Encryption Standard (AES) in combination with secured hardware design. Furthermore a new system should offer similar, if not better transaction times and finally, compatibility to third party solutions such as contactless banking cards using EMV security and NFC phones with eTickets.
High-end market transport cards often require multi-application designs. These designs require extra security to protect the different issuers and the user’s data. For example, the largest contactless microcontroller transportation card in China is the ‘Shenzhen Tong Card’. Shenzhen Tong Ltd., the public transportation company, has already issued more than three million Shenzhen Tong cards within 2008 in the city of Shenzhen. The city’s population is around 9 million in the Guangdong province, which has some 100 million people. ‘Shenzhen Tong’ are multi-application cards that can be used as tickets for public transportation and to pay for goods in stores. In the transportation sector, the metro and more than 10,000 buses have been fitted to use Shenzhen Tong cards.
Additionally, in the micropayment sector, more than 500 supermarkets, shopping malls and convenience stores already accept Shenzhen Tong cards for payments up to 1000 RMB (Renminbi) around 100 Euro. The Shenzhen Tong card utilizes contactless security microcontrollers with a high security profile. The chip has Common Criteria EAL security certification (the benchmark is CC EAL 5+ high).
Additionally, EMVCo certification is recommended for use in payment schemes. The Shenzhen Tong Card is also compliant to ISO standards and global application standards to support a multi-supplier base.
Challenges and conclusion
New systems or existing systems, which consider an upgrade to a new technology should take the opportunity to choose a more secure and open system which is ready for the future. Important for all transport agencies is to have the choice of a broad portfolio of products from tickets using low-end contactless memories IC, up to multi-application cards with a certified microcontroller IC. The system should be based on one security concept; tailored security is advisable especially in cost sensitive markets. The systems should be based on international and open standards to avoid higher than necessary costs due to (hidden) license fees or single supplier situations. The product of choice has to balance the best performance, security, and price ratio.
Overall, the challenge will be for the different parts of the supply chain to work closer together to understand the changing strategic aims of the transport operators and to supply ‘future proof ’ electronic ticket solutions to meet the needs of stakeholders in the public transport industry for the 21st Century.