Open Bank Card Payments for Transit - securetechalliance.org · • M/Chip™ profile New specification: M/Chip™ Advance • Fully integrates PayPass™ • Enhanced on-card risk

Property of the Smart Card Alliance © 2011

Following a Standards Based Approach for Open Transit Payments   Stephanie EL RHOMRI   New Services Marketing Manager, FIME

Open Bank Card Payments for Transit A Smart Card Alliance Educational Institute Workshop

2011 Mobile and Transit Payments Summit Marriott City Center Hotel, Salt Lake City, UT ― February 15-18, 2011


Agenda

 Overall picture  The contactless specifications  Native Card vs Open Platform  Application specifications  Technical challenges of a migration


Overall Picture  Scope of all specifications


A complex environment

Felica

NFC

FOR

UM

ISO/IEC14443

CFM

S

Mifare


Smartcard specifications mapping

Physical RF Layer

Protocol Layer

OS

Application

Leve

l 1

Leve

l 2

ISO

/IEC

144

43 A

/B

EM

V c

tls

Global Platform

Mifa

re C

lass

ic

Mifa

re

Des

fire

Felic

a

Cal

ypso

VC

PS

MC

HIP

CFM

S

Exp

ress

Pay

ISO

/IEC

180

92

ISO

/IEC

144

43 A

ISO

/IEC

14

443

A

ISO/IEC 7816-4

Multos JavaCard

ISO/IEC 14443 A/B


The contactless specifications  Scope of ISO/IEC14443, EMV Contactless, Mifare family, Felica  From the physical layer to the security of the card


Smartcard specifications mapping

ISO/IEC 14443 – 1 physical characteristic

EMV ctls communication protocol

Mifare Classic

Mifare Desfire

ISO/IEC7816 – 4 Organization, security and commands for interchange

ISO/IEC 14443 – 2 RF power and signal interface

ISO/IEC 14443 – 3 Initialization and Anti-collision

ISO/IEC 14443 – 4 Transmission protocol

Type A Type A or Type B Type A Type A or Type B

ISO/IEC 15693- 1

ISO/IEC 15693- 2 Air Interface and

Initialization

ISO/IEC 15693 – 3 Anti-collision and

transmission protocol

Felic

a R

F Fe

lica

OS


Relation between current standards and NFC

ISO/IEC 21481 = ECMA 356 = NFC IP 2

NFC Forum

ISO/IEC18092 = ECMA 340 = NFC IP 1

ISO/IEC 14443 Type A

106 kbits/s

Felica 212,424 kbits/s

ISO/IEC 14443 Type B

106 kbits/s

ISO/IEC 15693


Features

Specs ISO/IEC 14443

EMVctls ISO/IEC 18092

Mifare Classic

Mifare Desfire

Felica

Version 2008 2.0.1 2004

Protocol Type A Type B

Type A Type B

Type A Felica

Type A Type A Felica

Command set

14443-3 14443-4

14443-3 Felica

14443-3 Mifare

14443-3 14443-4 Mifare

Felica

Security No No No Proprietary DES DES

Baudrate 106,212, 424,848

kbps

106 kbps 106, 212, 424 kps

106 kbps 106 kbps 212 kbps

Multi-app Yes Yes Yes Yes Yes Yes


Native card vs Open Platform  From a card product to an application based solution


Native Platform

 Native code = specific language for a silicon chip.

 Code stored in ROM, can’t be modified.

 Chip card with small E2PROM (2-4kb) without RSA coprocessor meets the minimum requirements of EMV


Javacard

 Open Standard  Define a virtual machine (JCVM) and an API  Able to load and execute applications on a JCVM

 Applications loaded in E2PROM  Applications compatible from one card to another


Native vs Open Native card Open standard

Benefits  Small memory  Cost effective  Fast execution time

 Applications can be modified post-issuance  Possibility to add applications  Card vendors independent  Fast prototype development

Drawbacks  No application modification  Can only support applications developed in native card and "hidden" in ROM  Costly for security side  Prototypes development uneasy (difficult??)  Card vendor dependant

 Memory required for JVM with associated API  Computational speed limited (Byte code interpreted at runtime)


GlobalPlatform

 Card specifications  Current version 2.2  Amendments  Configuration: UICC Configuration, Mapping Guidelines

 Other specifications  Device  System


GP – one application for any business model

Co issuer with another PTA

Hosted by a Mobile Network Operator


GP – one interface for many form factors

Over-the-air

platform

SIM Card as SE

Same

scripts

eSE or SMC

as SE

Card

3rd Party

(optional)

Over-the-internet

platform Contactless

device

Contactless

device

Personalization

center

USB - SMC

device


Features Native Card Open OS GP Card

Card OS Proprietary Java Card - Multos Java Card - Multos or other

Back office Specific integration

Easy but not standardized

-  Application loading -  Application Personalization

Multi application

Difficult Supported - Separate management - Secure communication

Application Card vendor dependent

- Card vendor independent -  Form factor independent

- Card vendor independent -  Form factor independent


Application Specifications  Focus on the Transportation Market  Focus on the Payment Market


Calypso outlook

 Suited to transport and mobility needs.

 Fast, secure contactless transaction

 Set of technical specifications  Card and SAM Security Mechanism  Data Model (recommendation)  Terminal Applicative Software  Security Management and Architecture

 Standardized and multi-application solution

Physical RF or electrical Layer

Protocol Layer

OS

Application

ISO

/IEC

144

43 A

/B

ISO/IEC7816-4

Calypso Data model

ISO

/IEC

781

6 1

to 3

CEN EN 1545

Calypso Security Mechanism


Calypso Secure Transaction

Secure session  Authentication of the card  Authentication of the

terminal  Authentication of all the

data exchanged  Proof of card

modifications Ratification SAM


CFMS Application

Standard defined by APTA UTFS Aim:

 Transit, Parking, Tolling, Colleges and Universities, Corporate

 Interoperability, intermodality  Accept multi-applicative supports

Contactless Fare Media System Standard  From the card structure to the central system interface  A common set of data objects  Based on ISO/IEC 14443 and ISO/IEC 7816-4  Security Guidelines


CFMS Architecture

PICC

Regional Central System

Part II – Contactless Fare

Media Data Format and

Interface Standard

Part III – Regional Central System

Interface Standard

Par

t I –

Intro

duct

ion

and

Ove

rvie

w

Par

t IV

– S

yste

m S

ecur

ity P

lann

ing

and

Impl

emen

tatio

n G

uide

lines

Par

t V –

Com

plia

nce

Cer

tific

atio

n an

d Te

stin

g S

tand

ard

Card Interface Device

Concentrator

Agency Central System

Card Interface Device

Concentrator

Agency Central System


MasterCard

MasterCard® PayPass™ •  Mag-stripe profile •  M/Chip™ profile

New specification: M/Chip™ Advance •  Fully integrates PayPass™ •  Enhanced on-card risk management •  Enhanced payment and related services •  Integrated Data Storage supporting new third party schemes •  Backwards compatibility with existing M/Chip™ platforms

MasterCard Proprietary Information


MasterCard

 Data storage integrated in the payment application  On-card data slots  Data reading/writing integrated in transaction flow  Data storage access over contact and contactless

interface  Secure high speed on card data storage  Write access control for stored data  Skimming controls & replay prevention  Handle separate data for different operators

MasterCard Proprietary Information


EMV Contactless Reader Specification

Combined terminal specification Contactless kernels approval process will be managed by EMVCo

 Book A; Architecture and General Requirements  Book B: Entry Point  Book Cs:

  Kernel Visa   Kernel MasterCard   Kernel American Express   Kernel JCB

 Book D: Contactless Communication Protocol


ISO TC204 WG8

 ISO/PDTR 14806 Public transport requirements for the use of payment applications for fare media

 Various use cases  Requirements with or without Data Storage


Technical challenges of a migration  Migration impact


Key questions

Key questions Comments Legacy infrastructure -  EMV contactless compliance (L1)

-  Payment brand compliance (L2) -  Migration from proprietary solution -  Terminal integration

Fare model Flat fare, distance based fare, season ticket

Commuters or occasional customers -  Issuance of banks card with Data Storage functionality -  Acceptance of card without the Data Storage functionality

Communication with the reader Real time or upload at the depot


Key questions

Key questions Comments Back office implementation Management of both transit and

payment functions Risk Accept the risk to lose the first fare Revenue inspection -  Access to deny list

-  Data Storage PCI DSS Merchant that deals with credit cards

Compliance requirements adapted according to the amount of transactions -  Tokenization -  Encryption -  Key management


 Smart Card Alliance  191 Clarksville Rd. · Princeton Junction, NJ 08550 · (800) 556-6828  www.smartcardalliance.org

Stephanie EL RHOMRI [email protected] www.fime.com

Documents

Open Bank Card Payments for Transit - securetechalliance.org · • M/Chip™ profile New specification: M/Chip™ Advance • Fully integrates PayPass™ • Enhanced on-card risk