1 Electronic Payment Systems (EPS) CITE EPS Modules 11 and 12 Version 2

Preview:

Citation preview

1

Electronic Payment Systems (EPS)

CITE EPS

Modules 11 and 12

Version 2

2

Electronic Payment Systems (EPS)1. Issues and Problems

2. EPS Requirements

3. EPS Applications

4. EPS Technologies

5. EPS Case Studies

6. EPS Evaluation

7. Summary

3

Electronic Payment Systems (EPS)1. Issues and Problems

1.1. Transportation Agency Perspective

1.2. Customer Perspective

4

Electronic Payment Systems (EPS)1. Issues and Problems

1.1. Transportation Agency Perspective• Costs and liability associated with coin and

cash collection • Accurate data collection and reporting • Intermodal coordination • Flexibility in fare policy implementation • Reduction of fare evasion and fraud

5

Electronic Payment Systems (EPS)1. Issues and Problems

1.1. Transportation Agency Perspective

1.2. Customer Perspective• Problems associated with need to have exact

change • Difficulties associated with intermodal transfer

and multiple fares • Need for a single payment medium accepted

by various transit agencies, other transportation providers, and retail stores

6

Electronic Payment Systems (EPS)2. EPS Requirements

2.1. Convenience

2.2. Flexibility

2.3. Higher throughput

2.4. Durability

2.5. Reliability

2.6. Security

2.7. Cost efficiency

2.8. Cost effectiveness

7

Electronic Payment Systems (EPS)2. EPS Requirements

2.1. Convenience• EPS should be more convenient to use then

cash or tokens • The value and frequency of card downloads

should meet customer needs • The cardholder should be able to regain value

of lost card

8

Electronic Payment Systems (EPS)2. EPS Requirements

2.2. Flexibility• EPS should facilitate the use of a single

medium for several interrelated applications such as road tolling, different modes of transit, and parking

• EPS should aid transportation providers in implementation of more efficient and equitable fare policies

9

Electronic Payment Systems (EPS)2. EPS Requirements

2.3. Higher throughput• EPS should accommodate high transaction

speeds and large volumes of transactions at peak hours

• EPS throughput performance should be at least as good as cash and token payment systems

10

Electronic Payment Systems (EPS)2. EPS Requirements

2.4. Durability• Durability of an electronic payment medium

should be in accordance with its production cost, stored value, and purpose

• All components of the EPS should be designed to address specific transportation environments such as high levels of vibration, dust, frequent and significant temperature changes, etc

11

Electronic Payment Systems (EPS)2. EPS Requirements

2.5. Reliability• Mean time between incidents (MBTI) for

various EPS components should be better than corresponding MBTI for cash and token payment systems

• Probability value of EPS incidents should be lower than this value for cash and token payment systems

12

Electronic Payment Systems (EPS)2. EPS Requirements

2.6. Security• EPS should address a set of security issues

such as accuracy of transactions and data integrity

• All customer databases should be protected against improper use and unauthorized access and be kept confidential as much as possible

• Repudiation issues should also be taken into account

13

Electronic Payment Systems (EPS)2. EPS Requirements

2.7. Cost efficiency• EPS operating costs per unit of service output

should be lower than that for cash or token payment systems

14

Electronic Payment Systems (EPS)2. EPS Requirements

2.8. Cost effectiveness• EPS operating costs per unit of service

consumption should be lower than that for cash or token payment systems

• Superior characteristics of EPS should increase patronage of a particular service

15

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit

3.2. Road Tolling

3.3. Parking

3.4. Multipurpose

16

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.1. Rail

3.1.2. Motorbus

17

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.1. Rail

– As of today, most EPSs on transit have been designed for rail rapid systems

– However, commuter rail and light rail are often integrated into regional transportation services

18

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.1. Rail

3.1.1.1. Anticipated benefits

3.1.1.2. Centralized architecture

3.1.1.3. On-line mode

19

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.1. Rail

3.1.1.1. Anticipated benefits– Increased throughput– Lower maintenance costs– More flexible fare policies

20

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.1. Rail

3.1.1.2. Centralized architecture– One of intrinsic characteristics of fare collection

systems for rail rapid transit is that fare collection equipment is permanently installed at station entrances and can be operated from a central computer

21

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.1. Rail

3.1.1.3. On-line mode– Due to the fact that all fare collection equipment

for rapid rail is permanently installed at specified locations and can be linked to a central computer, the entire fare collection system can work in an on-line mode (i.e. every payment transaction can be recorded to the main database and authorized by a central computer)

22

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.2. Motorbus

– Fewer efforts have been made to implement EPS on motorbus and light rail systems

– Major challenges associated with EPS implementation on motorbus systems result from relatively high EPS capital costs and necessity to install EPS validation and authorization equipment on individual vehicles

23

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.2. Motorbus

3.1.2.1. Anticipated benefits

3.1.2.2. Distributed architecture

3.1.2.3. Off-line mode

24

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.2. Motorbus

3.1.2.1. Anticipated benefits– EPS on motorbus systems can contribute to

substantial improvements in boarding times, help to lower stress on a driver, and lead to more flexible fare structure

25

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.2. Motorbus

3.1.2.2. Distributed architecture– EPS has not been rigorously adapted for motorbus

and light rail systems is that validation and authorization equipment has to be installed on each vehicle

– In addition, this equipment tends to be more expensive due to the fact that a card reader on each vehicle performs many functions of the central computer in a centralized system

– Lower throughput and higher equipment costs make it more difficult to justify investment in EPS

26

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit3.1.2. Motorbus

3.1.2.3. Off-line mode– In addition to higher equipment costs

associated with the distributed architecture EPS, the necessity to operate the system in off-line mode creates a greater potential for data loss and fraud and significantly complicate testing, maintenance, and repair of equipment

27

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit

3.2. Road Tolling– The use of EPS for road tolling promises

two major benefits to toll road operators and users. The first benefit results from a large reduction in operating costs of toll collection. The second benefit results form alleviating congestion on toll plazas

– However, some critics argue that road users do not save much time because of electronic toll collection. They say that "we are just relieving traffic on the way into more congested areas"

28

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit

3.2. Road Tolling3.2.1. Wireless communication

system

3.2.2. Centralized architecture

3.2.3. On-line mode

29

Electronic Payment Systems (EPS)3. EPS Applications

3.2. Road Tolling3.2.1. Wireless communication

system– Capability of validation equipment on toll

plazas to communicate with electronic tags in moving vehicles

– The system should operate reliably in hostile weather conditions (rain, snow, fog, etc.), be protected against radio interference, and satisfy all security EPS requirements

30

Electronic Payment Systems (EPS)3. EPS Applications

3.2. Road Tolling3.2.2. Centralized architecture

(CA)– All validation and authorization equipment

is connected to the host computer– CA employs one database for all client

accounts and track all transactions. – While this approach helps to eliminate

data loss, discrepancy, and fraud, it provides ground for misuse of sensitive personal information (e.g. travel behavior, travel destinations, etc.) and other privacy concerns

31

Electronic Payment Systems (EPS)3. EPS Applications

3.2. Road Tolling3.2.3. On-line mode

– EPS for road tolling operates in the on-line mode (all transactions are authorized in real time)

– Benefits of the on-line mode include higher security and better system diagnosing and management.

– Drawbacks include higher then for the off-line mode requirements regarding throughput, reliability, and security of the system

32

Electronic Payment Systems (EPS)

3. EPS Applications 3.1. Public Transit

3.2. Road Tolling

3.3. ParkingMost often sited benefits of EPS for parking

include:– reduction in collection costs, – increase in meter up-time, – reduction in theft-motivated meter vandalism, – improvement in rate flexibility, potentials for

parking trend monitoring, and – reduction of fraud

33

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit

3.2. Road Tolling

3.3. Parking3.3.1. Distributed architecture

3.3.2. Off-line mode

3.3.3. Vandalism concerns

3.3.4. Security concerns

34

Electronic Payment Systems (EPS)3. EPS Applications

3.3. Parking3.3.1. Distributed architecture

– EPS for parking employ distributed architecture concept where some of the functions of a central computer are performed by individual parking meter equipment

– Parking service personnel uploads data from parking meters and transfers it to the central computer database on a regular basis

35

Electronic Payment Systems (EPS)3. EPS Applications

3.3. Parking3.3.2. Off-line mode

– Individual parking meter EPS equipment operates in off-line mode

– Since there is no direct communication link between the central computer and the parking meter EPS equipment, each piece of equipment should meet requirements toward its own power supply, security, memory capacity, and other essential parameters

36

Electronic Payment Systems (EPS)3. EPS Applications

3.3. Parking3.3.3. Security concerns

– Security concerns become especially important for parking EPS

– While EPS for rail and road tolling operate in the on-line mode (thus making it easier to detect malfunctioning of equipment or breach of security) and EPS equipment on motorbus is monitored by a bus driver (again making it easier to detect malfunctioning of equipment or breach of security), parking meter EPS equipment operates in the off-line mode and is not monitored on a continuous basis

37

Electronic Payment Systems (EPS)3. EPS Applications

3.3. Parking3.3.4. Vandalism concerns

– Theft-related and other meter vandalism is yet another question that should be considered

– The data loss caused by vandalism should not jeopardize the integrity of the whole system

38

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit

3.2. Road Tolling

3.3. Parking

3.4. Multipurpose– Multipurpose EPS can integrate a variety of

services and be operated by several institutional parties

– The ultimate solution to the multipurpose card concept is the so-called "e-purse" that would permit its holder to pay for all small purchases and services within a large geographic region with a single card

39

Electronic Payment Systems (EPS)3. EPS Applications

3.1. Public Transit

3.2. Road Tolling

3.3. Parking

3.4. Multipurpose3.4.1. Transit-Parking

3.4.2. Transit-Parking-Tolling

3.4.3. Transit-Parking-Tolling-Gas/Phone/Vendors/Bank

40

Electronic Payment Systems (EPS)3. EPS Applications

3.4. Multipurpose3.4.1. Transit-Parking

– One of the most basic schemes of multipurpose EPS is the one that serves one or more transit modes and parking at park-and-ride facilities

– Such a scheme can be administered by a single transit agency or a group of transit agencies

– Fares, transfers, and discounts can be coordinated by participating agencies in order to provide incentives for transit riders

41

Electronic Payment Systems (EPS)3. EPS Applications

3.4. Multipurpose3.4.2. Transit-Parking-Tolling

– A higher level of integration is achieved when transit agencies, toll road authorities, and parking service providers join their efforts to administer a single payment medium for all transportation services in a given region

42

Electronic Payment Systems (EPS)3. EPS Applications

3.4. Multipurpose3.4.2. Transit-Parking-Tolling

43

Electronic Payment Systems (EPS)3. EPS Applications

3.4. Multipurpose3.4.3. Transit-Parking-Tolling-

Gas/Phone/Vendors/Bank– The highest level of integration is reached

when a single payment medium is used to pay for transportation, gas, and phone and to make purchases at retail stores and restaurants

– In this case, a single party or a consortium can administer the system whereas the number of participants in the scheme can be unlimited

44

Electronic Payment Systems (EPS)4. EPS Technologies

4.1. Security Criteria

4.2. EPS Architecture and Components

4.3. Electronic Media Types and Characteristics

45

Electronic Payment Systems (EPS)4. EPS Technologies

4.1. Security Criteria4.1.1. Accuracy

4.1.2. Data Integrity

4.1.3. Confidentiality

4.1.4. Impersonality

4.1.5. Repudiation

46

Electronic Payment Systems (EPS)4. EPS Technologies

4.1. Security Criteria4.1.1. Accuracy

– The risk of a random error (most often due to a poor mechanical contact between the card and reader or radio/magnetic interference) should be minimized

– A number of security techniques, such as message authentication checks, should be incorporated into system design in order to provide high level of accuracy

47

Electronic Payment Systems (EPS)4. EPS Technologies

4.1. Security Criteria4.1.2. Data Integrity

– Any accidental alteration of or unauthorized access to the data stored on the card or transmitted over the network should be minimized

– Different forms of encryption help to maintain data integrity on the card and during data transmission

48

Electronic Payment Systems (EPS)4. EPS Technologies

4.1. Security Criteria4.1.2. Data Integrity

49

Electronic Payment Systems (EPS)4. EPS Technologies

4.1. Security Criteria4.1.3. Confidentiality

– Information stored in the system or on the card must be protected against improper use and unauthorized access (either malicious or accidental)

– Strict access control and encryption should be employed to protect confidentiality and privacy of clients

50

Electronic Payment Systems (EPS)4. EPS Technologies

4.1. Security Criteria4.1.4. Impersonality

– Different personal identification techniques should be considered in order to avoid access to the system by someone other than the cardholder

– Passwords and personal identification numbers (PINs) can be used to approach this problem

51

Electronic Payment Systems (EPS)4. EPS Technologies

4.1. Security Criteria4.1.5. Repudiation

– A detailed log of all activities taking place on the system and their proper authorizations should be maintained in order to demonstrate clients of the system its integrity and guard system operators against repudiation

52

Electronic Payment Systems (EPS)4. EPS Technologies

4.1. Security Criteria

4.2. EPS Architecture and Components4.2.1. Cards

4.2.2. Terminals and Readers

4.2.3. Network

4.2.4. Host System

4.2.5. Clearinghouse

53

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.1.1. Carrier (material, dimensions, other characteristics)

4.2.1.2. Security features (signature, photograph, hologram, microprinting, other)

4.2.1.3. Memory (magnetic stripe, chip)

4.2.1.4. Integrated circuit (features and functions)

4.2.1.5. Mask

4.2.1.6. Interface (contacts, antenna)

54

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

55

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.1.1. Carrier (material, dimensions, other characteristics)

– Mechanical characteristics of the card's body determine the life span of the card

– Most cards are made of polyvinyl chloride (PVC) or a similar thermoplastic

– The card's body should provide adequate flexibility and withstand high temperatures

– Dimensions of the card should conform to international standards for interoperability

56

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.1.2. Security features (signature, photograph, hologram, microprinting, other)

– Security features of a magnetic stripe card can include cardholder signature and photograph, hologram, microprinting, and UV sensitive ink.

– However, these features have limited effect in authenticating the card and its holder

– Electronic encryption of the information on the card (available on smart cards only) in conjunction with a PIN required to use the card provide a much higher level of security

57

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.1.3. Memory (magnetic stripe, chip)

– Different types of memory to store electronic information on the card can be used

– Magnetic stripe cards store data on a strip of magnetic tape bonded to the external surface of the card. Its capacity is limited by 1 Kbits and is prone to corruption by strong magnetic fields

– Smart cards store data on various types of semiconductor memory, such as ROM, RAM, and EEPROM

– The total capacity of a smart card can be as high as 20-30 Kbits

58

4. EPS Technologies4.2. EPS Architecture and Components

4.2.1. Cards4.2.1.3. Memory (magnetic

stripe, chip)

– Different types of memory to store electronic information on the card can be used

– Magnetic stripe cards store data on a strip of magnetic tape bonded to the external surface of the card. Its capacity is limited by 1 Kbits and is prone to corruption by strong magnetic fields

– Smart cards store data on various types of semiconductor memory, such as ROM, RAM, and EEPROM

– The total capacity of a smart card can be as high as 20-30 Kbits

Electronic Payment Systems (EPS)

59

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.1.3. Memory (magnetic stripe, chip)Maxim um

Data Capacity

Processing Pow er Cost of Card

Cost of Reader and Connection

Magnetic Stripe Cards

140 bytes None $0.20 - $0.75 $750

Integrated Circuit Mem ory Cards

1 Kbyte None $1 - $2.50 $500

Integrated Circuit Processor Cards 8 Kbytes

8-bit cpu, moving to 16-

and 32-bit$7-$15 $500

Optical Mem ory Cards

4.9 Mbytes None $7 - $12 $3,500 - $4,000

Source: Gartner Group

60

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.1.3. Memory (magnetic stripe, chip)

61

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.1.4. Integrated circuit (features and functions)

– Integrated circuit (or chip) is embedded into the body of the smart card

– Its major functions include data communication and card control, data encryption and decryption, and memory management

– Most chips are 8-bit microprocessors with speeds up to 5 MHz

62

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.1.5. Mask– Mask is the "operating system" of the

smart card– The type of mask installed onto the smart

card determines its features– Major functions of the mask include

communications management, encryption/decryption, command handling, file management, and data access control

63

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.1.6. Interface (contacts, antenna)

– The magnetic stripe card interface is represented by the magnetic stripe that when passed in front of the reading head induces pulses of current in the head's coil

– These pulses are decoded into meaningful information that is read by the card reader

– In the case of smart cards, the data can be transported to the reader either via metal contacts or an antenna

64

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.2. Terminals and Readers Terminals and readers

perform several functions that may include:

– communication with the card and host system, – encryption and decryption of data, – validation of the card, and – data processing

65

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.2. Terminals and Readers 4.2.2.1. Types

4.2.2.1.1. Insertion-type

4.2.2.1.2. Motorized-type

4.2.2.1.3. Radio Frequency (RF) Readers

4.2.2.2. Functions

4.2.2.2.1. Communication with the card

4.2.2.2.2. Data reading and validation

4.2.2.2.3. Data decryption and writing

66

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.2. Terminals and Readers

4.2.2.1. Types

4.2.2.1.1. Insertion-type

» The major advantage of the insertion-type readers (swipe-card terminals) is their simplicity and low cost

» However, these devices are disposed to vandalism and dependant on atmospheric conditions and proper card insertion

67

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.2. Terminals and Readers

4.2.2.1. Types

4.2.2.1.2. Motorized-type » Motorized-type readers can operate in

hostile atmospheric conditions and better protected against vandalism

» Their reliability in terms of proper card validation and transaction handling is much higher than that of insertion-type readers

» The drawback of the motorized-type readers is higher cost and greater maintenance expenses

68

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.2. Terminals and Readers

4.2.2.1. Types

4.2.2.1.3. Radio Frequency (RF) Readers» No need for physical contact between RF

Reader and wireless smart card» Reduction in operating and maintenance

costs of the equipment » Increase in throughput of the EPS» Ease of use and convenience» Vulnerability to radio/magnetic interference» Potential threat of RF eavesdropping » No formal authorization from a cardholder

69

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.2. Terminals and Readers

4.2.2.2. Functions

4.2.2.2.1. Communication with the card» The first and main function of the card reader is to establish a communication link

with the card» Depending on whether the reader works on-line or off-line (i.e. connected to the

host system or not), it may also perform validating and processing functions

70

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.2. Terminals and Readers

4.2.2.2. Functions

4.2.2.2.2. Data reading and validation» The second function of the card reader is to read the data from the card, encrypt

sensitive data (if necessary) and pass it to the host system for validation and processing

71

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.2. Terminals and Readers

4.2.2.2. Functions

4.2.2.2.3. Data decryption and writing» Upon receiving response from the host system the reader performs data decryption

(if necessary) and closes the session with the card

72

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.2. Terminals and Readers

4.2.3. NetworkThe network serves as a link

connecting card readers, the host system, and the clearinghouse

4.2.3.1. Closed Networks

4.2.3.2. Open Networks

73

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.3. Network

4.2.3.1. Closed Networks

Usually, the closed network subsystem:

– accepts transactions from a limited number of card readers and terminals;

– serves limited applications, and – maintained by a single operator

74

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.3. Network

4.2.3.1. Closed Networks

75

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.3. Network

4.2.3.2. Open Networks

– Contrary, the open network subsystem can always be expanded to serve a greater number of card readers and new applications and to be interconnected to other networks

76

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.2. Terminals and Readers

4.2.3. Network

4.2.4. Host SystemThe core of the host

system is a powerful computer with a strong security protection

4.2.4.1. Functions

4.2.4.2. Features

77

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.4. Host System

4.2.4.1. Functions

Among the major functions of the host system are:

– account management, – data encryption and decryption, – communication with card readers and

terminals, and – overall monitoring of the EPS operations

78

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.4. Host System

4.2.4.1. Functions

79

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.4. Host System

4.2.4.2. Features– The special characteristics of the host

system include provision of very high stability, reliability, and security

– To ensure that these requirements are met at all times the host system may feature multiple mirror-sites, on-line back-up systems and independent power stations

80

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.1. Cards

4.2.2. Terminals and Readers

4.2.3. Network

4.2.4. Host System

4.2.5. Clearinghouse

81

Electronic Payment Systems (EPS)4. EPS Technologies

4.2. EPS Architecture and Components4.2.5. Clearinghouse

– Usually, the clearinghouse is necessary to operate an open-system EPS, where multiple parties are involved

– Its major function is to ensure the proper use of the system by all clients and operators and maintain its integrity

– Specifically, the clearinghouse provides encryption-key and Personal Identification Number (PIN) management, authenticates cards, and validates transactions

– Sometimes, the host system can perform functions of a clearinghouse

82

Electronic Payment Systems (EPS)4. EPS Technologies

4.1. Security Criteria

4.2. EPS Architecture and Components

4.3. Electronic Media Types and Characteristics

4.3.1. Magnetic Stripe Cards

4.3.2. Chip Cards

4.3.3. Hybrids

83

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics4.3.1. Magnetic Stripe Cards

Magnetic stripe cards are those that store data on a strip of magnetic tape bonded to the external surface of the card

4.3.1.1. Paper tickets

4.3.1.2. Plastic

84

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics4.3.1. Magnetic Stripe Cards

4.3.1.1. Paper tickets (PT)

– Flexible carrier of various shapes and sizes

– Its memory capacity is the lowest among all types of EP media (less than 1000 bits of data)

– PT are used with the motorized-type reader that reads data from PT, performs transaction, erases the data from PT, and writes new data on PT

– PT are not personalized and rarely have any security features in excess to data encoding and ticket's distinctive shape and size

– The life span of PT is usually limited to less than 100 erase-write cycles

– PT can be easily corrupted by stray magnetic fields

85

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics4.3.1. Magnetic Stripe Cards

4.3.1.1. Paper tickets (PT)

86

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics4.3.1. Magnetic Stripe Cards

4.3.1.2. Plastic (MSPC)– MSPC are made of polyvinyl chloride (PVC) and usually come in a

standard "credit card" size– Its magnetic tape stripe can hold up to 1,000 bits of encoded data and

is capable to withstand magnetic fields generated by natural magnets– These cards can be used with both insertion- and motorized-type

readers– Additional security features such as cardholder's name, signature,

photograph, etc. – Magnetic stripe plastic cards hold information regarding cardholder

account number and PIN– Upon insertion of the card the card reader does not erase or writes

any new information on the card– The life span of these cards is about several thousand read cycles

87

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics4.3.1. Magnetic Stripe Cards

4.3.2. Chip Cards– Chip cards can feature different types of silicon

memory chips and a central processing unit (CPU)

– There is an "operating system" that depending of application can perform such functions as communications management, encryption/decryption, command handling, file management, and data access control

– Chip cards have either a metal contact or an antenna interface

88

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics4.3.1. Magnetic Stripe Cards

4.3.2. Chip Cards

89

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics

4.3.2. Chip Cards4.3.2.1. Contact

4.3.2.2. Contactless

90

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics4.3.2. Chip Cards

4.3.2.1. Contact– Contact cards have standardized interface

of several metal contacts that serve to establish power data flow links between the card and the reader

91

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics4.3.2. Chip Cards

4.3.2.2. Contactless– Contactless card uses wire coil embedded

into the card's carrier to generate power needed to operate the card and to receive and transmit data from and to the card reader

92

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics4.3.1. Magnetic Stripe Cards

4.3.2. Chip Cards

4.3.3. Hybrids– Hybrid cards can feature a magnetic stripe

and components of a contact and contactless chip card, thus providing multiple interfaces to perform a transaction

93

Electronic Payment Systems (EPS)4. EPS Technologies

4.3. Electronic Media Types and Characteristics4.3.1. Magnetic Stripe Cards

4.3.2. Chip Cards

4.3.3. Hybrids

94

Electronic Payment Systems (EPS)5. EPS Case Studies

5.1. Washington, DC -- WMATA

5.2. Seattle, WA

5.3. New York, NY -- MTA

5.4. Other systems (Cleveland, OH - GCRTA; Atlanta, GA - MARTA; Twin Cities, MN; Boston, MA - parking; Ann Arbor, MI; Los Angeles, CA; San Francisco, CA; Ventura Co, CA; Chicago, IL; Delaware; Phoenix, AZ; Europe; Asia-Pacific)

95

Electronic Payment Systems (EPS)6. EPS Evaluation

6.1. Costs

6.2. Benefits

Recommended