Thursday, May 15 Track B Payments & Applications · 2008-05-29 · Thursday, May 15 Track B Payments & Applications Session: Transportation Payments Time: 10:15 AM – 12:00 PM Room:

Thursday, May 15

Track B Payments & Applications

Session: Transportation Payments

Time: 10:15 AM – 12:00 PM

Room: W203 A&B

Moderator:

Paul Korczak Assistant Chief Officer

MTA NYC Transit

Speakers: Jay Walder

Partner McKinskey & Co.

Martin Schroeder

Sr. Manager--Rail Programs American Public Transportation Association

Michael Nash

VP ACS

Gilles de Chanterac

President Calypso Networks Association

1

CALYPSO open specifications

for secure & interoperable transactions

Gilles de ChantéracPresident of Calypso Networks Association

Who we are

CALYPSO NETWORKS ASSOCIATIONis not a supplier

Established in Brussels as a non profit association by the stakeholders of a European research program,

Founded by public transport business,open to other businesses and to suppliers

Objective is to maintain a set of specifications addressing transit business needs in the context of developing contactless systems.

2

•off-line transactions for fast transactions

• active data inside the card

• high real-time decentralised security can be backed by back office verifications

• possible coupling with payment or other services

contactless media specificationsbasically designed from public transport needs

can adress other businesses

Highlines• Secure transaction for off line transactions

– High Security Level for revenue protection – Trust in multi-application contexts

• Open and flexible solution– multiple vendors– compatible with international standards – adaptable to technological progresses :

new chips,new form factors (not only cards)new transmissions (NFC)new application management (Global Platform)

• Compatible with existing organisation– of PTA, transit agencies or operators & associated commercial operators– other businesses (banks, telephone, etc.)

3

8% of public transit cards85% of microprocessor cards in transport schemes

(outside SONY FELICA)

mainly in Europe• France, Belgium, Portugal, Italy, Greece, Switzerland …• Compliant to the British ITSO national scheme

Chosen for the national scheme in IsraelChosen by some transport agencies in America

Current implementation

4

Technical highlights

Customer media interface for user oriented interoperability.

5

• High Security Level for the media– Microprocessor media for off line security – Standard cryptography (up to 3DES)– Keys per functions (personalisation, load, unload) for each

application domain– Diversified keys per media for authentication– Stakeholders decide if they share the keys

• Set of commands

• Transactions are controlled to be complete

Open to multiapplication contextsMASTER FILE

CUSTOMER IDNUMBER

==

Mobility Brussels scheme

Car parks

Interoperability with other PTAs

Transport stored value

BruxelsPTA

TRANSP.

StoryFile(10)

TranspProducts

(10)

StoredValue

TRIANGLE

OperatorID

TranspProducts

MULTI-APP

Contracts (8)

StoryFile(10)

PARKING

Interparkingapplication

RESERVE

FUTUREapplications

SERVICE

Operator’sstaff

domesticapplications

Operations other domains

6

from the concept of card to the concept of application

• the same specs can be adapted to global platform contexts• interoperable process to load and use ticketing products in the

application (under definition)

OTA

Remote customerservice

Applicationmanagement

CardEmulation

NFCCalypso

Application

Userinterface

ISO 14443 reader

About payment and transport

• Transit industry to move people

• Financial payment industry to move money

7

Fare collection is not only paymentContactless AFC makes Transit Agencies think commercial organisation all new & customer oriented

PAYMENTFACILITIES

PRICING of ACCESS RIGHTS

RETAILCHANNELS

Transit policy& Marketing

Operation & finance

INVOICINGCLEARING

CHARGING

ACCESS CONTROL& INSPECTION

Managing products and policies is their strategic issue.

For transit industry, products are access rights and related fares

• In the ISO business framework, (ISO24014-1)transit products are access rights & associated fares (what you sell)vehicles, services, etc are the production (how you produce)

• Payment means are not products. They move the money from travellers to transit agencies

• Stored value is a transit product.Loading a stored value is paying a product

whatever payment means is chosen by the customerDebiting a stored value is using a product.

no money moves, no payment

• Electronic purse is a payment means

8

Scenarios for integrationScenarios for integration(ISO meeting (ISO meeting –– Munich Munich –– April 2008)April 2008)

•Payment medium used for ID

•Payment transaction accepted as a ticket

• PT products stored in payment application

• PT and Payment applications on one chip

Policies will be different for long

• ≠ institutions & business organisation• ≠ political choices to fund PT• ≠ geographical scales

Separate applications the most realistic generic scenario

9

Products < Application < mediumProducts < Application < medium

Product Retailer

Product Retailer

Service OperatorService Operator

Application Retailer

Application Retailer

Product Owner

Product Owner

Application Owner

Application Owner

Medium Retailer

Medium Retailer

Medium owner

Medium owner

e.g.financial institution

Or telephone industry

e.g.bus operator

e.g.regional PTA

e.g.PTA

ISO 24014-1

• Need for a common technical base• Need for an organisation framework

Open specsfor technical and business acceptance

• STANDARD SECURITY ALGORITHMSThe larger the interoperability,

the more secure the medium must be.

• FLEXIBLE PROCUREMENTThe larger the interoperability,

the more open and flexible procurement

• NEUTRAL TO BUSINESS ORGANISATIONSThe larger the interoperability,

the more neutral towards fare policies

• NEUTRAL TO SYSTEM ARCHITECTUREThe larger the interoperability,

The more different systems you meet

10

Similitude / differencebetween Calypso and contactless EMV

to be examined

• Internal work package recently decided by CNA

• Common work to be an opportunity for progress for both transit and financial payment industries

Thank you for your attention

Let’s work together

Calypso Networks [email protected]://www.calypsonet-asso.org/

1

ContactlessContactless Fare Media System Standard:Fare Media System Standard:Why Standards MatterWhy Standards Matter

Martin P. Schroeder, M.S.M.E., P.E.Martin P. Schroeder, M.S.M.E., P.E.Sr. Program ManagerSr. Program Manager

Rail Programs & UTFSRail Programs & UTFSChairChair

ISO/TC204 WAG8 CommitteeISO/TC204 WAG8 Committee

Smart Card Alliance Annual MeetingSmart Card Alliance Annual MeetingOrlando, Fl 2008Orlando, Fl 2008

Annual Meeting

2Smart Card Alliance Annual MeetingOrlando, FL 2008

Benefits of StandardsBenefits of Standards

SafetySafetyOperating / MaintenanceOperating / MaintenanceTransit CommunicationTransit CommunicationStreamline ProcurementStreamline ProcurementTrainingTrainingTransit System/Supplier RelationshipsTransit System/Supplier RelationshipsReliability and EfficiencyReliability and EfficiencyLower CostLower Cost


Where APTA is Writing StandardsWhere APTA is Writing Standards

Passenger Rail Passenger Rail Equipment SafetyEquipment SafetyRail TransitRail TransitFare SystemsFare SystemsITS (TCIP)ITS (TCIP)AccessibilityAccessibilityProcurementProcurementSecuritySecurity

4Smart Card Alliance Annual ConferenceOrlando, FL 2008

Founding Principals of CFMSFounding Principals of CFMS

Motivation to Improve Motivation to Improve Competitiveness Competitiveness -- InteroperabilityInteroperability

Provide Agencies Greater Control & Provide Agencies Greater Control & Flexibility Over their Fare Collection Flexibility Over their Fare Collection SystemsSystems

Open Architecture Environment Open Architecture Environment ––non proprietarynon proprietary

MultiMulti--modal and Multimodal and Multi--applicationapplication

Regional PartnershipsRegional Partnerships

Integration with ITSIntegration with ITS


Distinguishing Characteristics

What is in a Name?Open and Closed Terms Misleading –Fare Systems Perform Three Main Functions

AccessFare processingPayment / Reconciliation

New DefinitionsRegional Device-Based Fare System (RED)Central Account-Based Fare System (CEA)


Comparisons

RED SystemsSmart Cards (media)Ease of UseFast Processing at GateAgency Control

CEA SystemsSmart Cards – Read Only (media)Ease of UseCentral Processing by Banks

Both approaches can play a role in fare system design and can co-exist. Other design approaches such as mobile payments also have a role to play.


CContactlessontactless Fare Media System (CFMS)Fare Media System (CFMS)

PART III – Regional Central System Interface

Standard

PART IV – System Security Planning and

Implementation Guidelines

PART II – ContactlessFare Media Data Format and Interface Standard

PART V – Compliance Certification and Testing

Standard

PART I – Introduction and Overview


General DescriptionGeneral Description

Architecture is built on a set ofArchitecture is built on a set of objects made up objects made up ofof a defined set of elements.a defined set of elements.

Each core object is 16 bytes in length.Each core object is 16 bytes in length.

Standard makes provisions for additional data Standard makes provisions for additional data through extensions to core objects.through extensions to core objects.


How Does it Work?How Does it Work?

The foundation of the Standard is a set of objects The foundation of the Standard is a set of objects made up of a defined set of elements.made up of a defined set of elements.

ObjectIdentifier

Message

Object Data Elements

Object 1 Object 2 Object 3 Object n


Directory Index Object (DIO)Directory Index Object (DIO)

Contains pointers that identify the location (file) in Contains pointers that identify the location (file) in which most other data objects are storedwhich most other data objects are storedFor each file, provides:For each file, provides:

ID of the fileID of the fileSize of the fileSize of the fileType of fileType of fileOwnership (if applicable) of the fileOwnership (if applicable) of the file

Enables AFC system to quickly locate other data Enables AFC system to quickly locate other data objects, while enabling the contents of data files objects, while enabling the contents of data files to be flexible and dynamicto be flexible and dynamic


Major ComponentsMajor Components(Interface to Multiple Applications)(Interface to Multiple Applications)

Parking Application

College and Universities

Tolling Corporate

Directory Index Object

Product Index Object

Transit Application

Profile ObjectPICC Holder Profile Object

Add & Deduct

Value History Object

Transaction History Object

Fare Products


Account Linked Product Object (ALPO)Account Linked Product Object (ALPO)

Define a fare product that is tied (Define a fare product that is tied (““linkedlinked””) to a ) to a hosthost--based account, such as a credit or debit cardbased account, such as a credit or debit card

Acts like a TActs like a T--Purse product, except does not require Purse product, except does not require prepre--fundingfunding

Sample elements:Sample elements: Accumulated value used in a Accumulated value used in a particular day, definition of time period for which a particular day, definition of time period for which a transaction limit applies, time period start, number transaction limit applies, time period start, number of transactions performed during time limit.of transactions performed during time limit.


TCIP / Fare System Mechanisms

Load Software / Configuration to Fare boxesLoad Fare PoliciesRemotely Disable/Enable Fare EquipmentReport Fare Box HealthReport Fares for a Planned Itinerary


TCIP / Fare System Interface


Benefits of CFMS Work

Help Agencies Design their Fare SystemProvides a Consistent Mechanism to Process FaresProvides a Lexicon for Variables Needed for Computing Fares and Processing Payment – Open Source


Security TechniquesSecurity Techniques

Mutual authenticationMutual authenticationCard to readerCard to readerReader to cardReader to card

Key rollingKey rollingMessage authentication / integrity validationMessage authentication / integrity validationFirewallsFirewallsEncryption of sensitive dataEncryption of sensitive dataMonitoring and detectionMonitoring and detectionContingency planningContingency planning


Compliance Certification & TestingCompliance Certification & Testing

Intent is to provide a standardized approach for Intent is to provide a standardized approach for determining whether products are compliant with determining whether products are compliant with the applicable standard.the applicable standard.

Under development Under development –– Final Draft (June)Final Draft (June)Message set communicationMessage set communicationFunctional performanceFunctional performanceError checkingError checking


CFMS Embraces Diversity of ApplicationCFMS Embraces Diversity of Application

ApplicationsApplicationsTransitTransitIdentificationIdentificationStudentsStudentsSecuritySecurityCorporateCorporate

ApproachesApproachesCoCo--brandingbrandingMultiMulti--applicationapplicationNFC / Mobile PhoneNFC / Mobile Phone


Activities of the APTA UTFS Task ForceActivities of the APTA UTFS Task Force

Make CMFS an ANSI Released StandardMake CMFS an ANSI Released StandardTest Method Specification DevelopmentTest Method Specification DevelopmentIntegration with Parking, Tolling & IDIntegration with Parking, Tolling & IDNFC / Mobile Phone ApplicationNFC / Mobile Phone ApplicationRegional Training Regional Training –– Customer Focused Customer Focused (Three Parts)(Three Parts)

Fare System DesignFare System DesignOverview of standards and application Overview of standards and application considerationsconsiderationsTradeoff Discovery Between Transaction Tradeoff Discovery Between Transaction Processing MethodsProcessing Methods

Research Research –– IFMS, APEC, US Agencies, IFMS, APEC, US Agencies, Technology, Future TrendsTechnology, Future Trends


Further InformationFurther Information……

Martin P. Schroeder, M.S.M.E., P.E.Martin P. Schroeder, M.S.M.E., P.E.Sr. Manager Sr. Manager –– Rail Programs, UTFSRail Programs, UTFS

Chair, ISO TCChair, ISO TC--204 WAG8204 WAG8

Phone: 202 Phone: 202 –– 496 496 –– 48854885EE--mail: mail: [email protected]@apta.com

www.aptastandards.comwww.aptastandards.com

American Public Transportation AssociationAmerican Public Transportation AssociationWashington, DCWashington, DC

NOTES

Documents

Thursday, May 15 Track B Payments & Applications · 2008-05-29 · Thursday, May 15 Track B Payments & Applications Session: Transportation Payments Time: 10:15 AM – 12:00 PM Room: