Cover Image

Not for Sale

View/Hide Left Panel
Click for next page ( 53

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement

Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page 52
52 Smartcard Interoperability Issues for the Transit Industry issue of interoperability. Table 11 lists documents reviewed contributing to interoperability, describes the organizations promulgating the standards or specifications, and describes the scope. Table 12 lists additional literature, potentially related to interoperability. 4.2 Description of Required Data Elements This section discusses the data required to complete a fare payment transaction. The infor- mation exchange required for an interoperable farecollection system is a limited subset of the informational capabilities of these systems. The results of the survey described in Chapter 2 val- idate that interoperability can be accomplished by defining the following four critical layers: Physical Layer-Includes the form factor of the card itself (particularly relevant for dual inter- face [contact/contactless] card deployments), electrical and radio frequency characteristics, and basic communications and transmission characteristics for Type A and Type B cards; Data Layer-Defines the essential data elements for the card, the reader, and the back-office system; Application Layer-Includes the card file structure ("card application") as well as how data on the card are stored and accessed; and Security Layer-Includes overall security approach (symmetric or asymmetric) and key man- agement throughout the system. Figure 9 illustrates the critical layers mapped against the minimal data elements. This section of the report addresses each layer, focusing on what is required for interoperability. 4.2.1 Physical Layer At the most basic level, before any information can be exchanged, there must be a physical interface that supports communication. The starting point for this commonality is the ISO, which created standard definitions for communication protocol for smartcards. Smartcards can be contact (i.e., the interface of the card must touch the reader), contactless (i.e., the reader cre- ates a radio field to activate and communicate with the card), or both. ISO 14443 defines the stan- dards for contactless smartcards, and ISO 7816 defines the standards for contact smartcards. Given that ISO 14443 focuses on standardizing aspects of the communication channel between a contactless card and a reader, the next level of commonality focuses on how an appli- cation would interact within the communication channel. The obvious selection for standardiz- ing application interaction would be ISO 7816 Part 4 for application commands. These application commands, normally referred to as APDUs, are an application-based protocol that can be used within the ISO 14443-established communication channel. Although ISO 7816 Part 4 defines the template for each of these APDU commands, the precise implementation of these commands and their specific command options must be defined to ensure interoperability. Agencies implementing disparate options will have difficulty communicating properly. However, supplier interoperability that enables multiple suppliers to supply equipment into the system requires definition at the physical level. Because ISO 14443 and ISO 7816 exist as recognized international standards, they are the logical common denominator for the physical elements. The key information required to ensure interoperability within the physical element are quite simple from a system perspective. The interoperability of fare media requires the exchange of information in the following areas: Fare media communication protocol and Application communication protocol

OCR for page 52
Table 11. Description of primary references. Organization Document Title Description Calypso Specification for Contactless Smart Cards and Card The Calypso standard is a privately owned European licensable specification that describes the transaction Readers between a contactless card and card reader. The specification offers a standardized approach that is supplier independent and provides the following benefits to transit operators: Multi-modal (management of different interconnected transit systems) Interoperable (enables sharing between different transit operators) Multi-application (supports other card applications beyond transit ticketing) Calypso is also available to all industrial partners (card manufacturers, chip manufacturers, systems integrators, etc.) through a license agreement. This facilitates open development according to the Calypso standards. CEN ENV 1545 The European Committee for Standardization (CEN) is the European counterpart to the ISO, charged with 1545-1Codification of data elements for public planning, developing, and adopting European standards. The organization develops and maintains standards transport for over 16 broad areas of business. A sample of the CEN specifications are listed below: 1545-2ID Card systems CEN ENV 1545 addresses public transit ticketing data elements. 1545-3Tachograph-related data elements CEN Workshop Agreement (CWA) FINREAD is a set of technical specifications for a secure 1545-4Driving license-related data elements card reader connected to a PC to carry out, essentially but not exclusively, payment and global financial as 1545-5Freight ID-related data elements well as e-commerce transactions on the Internet. 1545-6Vehicle-related data elements CEN Workshop Agreement (CWA) 13987 addresses user-related information for interoperable citizen services within smart card systems Findings of Key Information to be Exchanged Between Agencies CWA FINREAD Parts 18 CWA13987: Smart Card Systems: Interoperable Citizen Services: User-Related Information Part 1Definition of User-Related Information Part 2Implementation Guidelines Part 3Guidelines for Creating, Operating, and Maintaining an Interoperable Card Community CEN/ISS Application Interface for Smartcards Used as Secure Signature Creation Devices, Part 1Basic Requirements EM V 2000 Integrated Circuit Specification for Payment EMV 2000 is an integrated circuit specification that ensures single terminal and card approval processes are Systems, Version 4.0 developed at a level that will allow cross payment system interoperability through compliance with the "EMV" specifications (Europay Mastercard Visa Integrated Chip Card Standard). (continued on next page) 53

OCR for page 52
54 Smartcard Interoperability Issues for the Transit Industry Table 11. (Continued). Organization Document Title Description Global Platform Global Platform Card Specification, Version 2.1.1 Global Platform is an international smartcard association, responsible for creating and advancing interoperable technical specifications for smartcards, acceptance devices, and systems infrastructure. Formed in 1999, it is made up of a cross-industry member base comprising over 50 organizations. ISO ISO 14443 The International Organization for Standardization (ISO) is a 148-member country body charged with ISO 7816 developing worldwide standards. ISO standards include ISO 14443 (parts 1-4), the standard that governs contactless smartcards, and ISO 7816 (parts 1-6), the standard that describes integrated circuit cards with contacts. ITSO Interoperable Public Transport Specification The International Ticketing SmartCard Organization (ITSO), founded in 1998, is a collaboration between various UK passenger transport authorities addressing the lack of suitable standards for interoperable smart card ticketing. ITSO was formed to build and maintain a specification for secure end-to-end interoperable ticketing transactions, utilizing relevant ISO and emerging CEN standards. MTC San Francisco Bay Area TransLink Project The Metropolitan Transportation Commission (MTC) is the transportation planning, coordinating, and Conformed Statement of Work, June 1999 financing agency for the nine-county San Francisco Bay Area. MTC is responsible for administering the Bay Area's TransLink smartcard project. A data message and format specification owned by MTC and participating operators defines data elements in the system. PANYNJ Regional Interoperability Standard (RIS) The Port Authority of New York and New Jersey (PANYNJ) Regional Interoperability Standard (RIS) identifies and defines the required operations and data elements between a contactless smartcard and card interface device. RKF RKF Travel Card The Resekortisforeningen I Norden (RKF) is an association of transit operators in Denmark, Norway, and Travel Card Specification Sweden. The purpose of the RKF travel card is to facilitate one travel card within the public transport in the Nordic countries. The RKF Travel Card Technical Requirement Specification identifies requirements for Requirement Specification, Version 2.00 selected IC-card technologies for the RKF travel card. Technical Requirements Specification Implementation Specification Details Type 1, Version 2.00 Implementation Guide RKF Type CL-1 WMATA Washington, DC SmarTrip Regional Customer The Washington Metropolitan Area Transit Authority (WMATA) is developing the SmarTrip Service Center Contract Book and Draft SmarTrip Interoperability Regional Specification (SIRS) that defines the interface between agency equipment and the Interoperability Regional Specification third-party service provider of the SmarTrip Regional Customer Service Center (RCSC).

OCR for page 52
Findings of Key Information to be Exchanged Between Agencies 55 Table 12. Additional literature reviewed. Organization Document Title American Pubic Transit Association (APTA) Business Issues Guidelines for Regional Transportation Payment Systems and Clearinghouse (draft) Work Package #4 Functional Interface Description (draft) Applied Security Technologies Security Standards for Smartcards Smartcard Lifecycle Security Guidelines e-Government Interoperability Framework Government Data Standards Catalogue (e-GIF) Volume 1General Principles Volume 2Data Standards The e-Government Interoperability Framework (e-GIF) mandates the adoption of XML and the development of XML schemas as the basis of the government interoperability and integration strategy. In addition, the Government Data Standards (GDS) catalogue specifies the rationale, approach for using XML schema, and other interchange processes. Part 1Framework Part 2Technical Policies and Specifications Version 5.1 eEurope Smart Card (eESC) Open SmartCard Infrastructure for Europe Volume 2Contactless Technology Volume 9Referenced Standards e-Europe Smart Cards (eESC) is an initiative developed by the European Commission to further the development of smart cards across Europe and promote the following objectives: Interoperability Multi-application cards Secure transactions User acceptance Accessibility National Institute of Science and Technology Government SmartCard Interoperability Specification, Version 2.1 (NIST) Smart Card Alliance Transit and Retail Payment: Opportunities for Collaboration and Convergence Transit Cooperative Research Program Report 10Fare Policies, Structures, and Technologies (TCRP) Report 32Multipurpose Transit Payment Media TCRPResearch Results Digest Developing a Recommended Standard for Automated Fare Collection of Transit Multipurpose Fare Media: Developments and Issues Coordinated Intermodal Transportation Pricing and Funding Strategies Fare Media Communication Protocol ISO 14443 was established as the standard from which contactless smartcards establish a communication protocol with con- tactless smartcard readers. Within ISO 14443, there are four parts: Part 1: Physical Characteristics-Defines the physical and electrical specification for smartcards in a standard credit card format. Part 2: RF Power and Signal Interface-Defines two types of RF modulation scheme known as Type A and Type B. Part 3: Initialization and Anti-collision-Defines the initial communications when the smartcard is brought into the RF field of the smartcard reader. Also defines the anti-collision scheme to allow multiple cards to enter the field simultaneously--

OCR for page 52
56 Smartcard Interoperability Issues for the Transit Industry Card Card Data Data C Caard rd Identific Identifica ation tion N Nuum mbber er C Caard rd IIssu ssuer er Identific Identifica ation tion P Paatron tron Profile Profile Code Code C Caard rd V Vaalidity lidity Period Period Information Information Product Product Data Data Exchange Exchange Layers Layers Prod Produuct ct Identific Identifica ation tion N Nuum mbber er Physical Physical Layer Layer Prod Produuct ct V Vaalidity lidity Period Period Electronic Electronic P Puurr sse e Data Data Layer Layer Journey Journey Data Data 1 1 Application Application Layer Layer Agency Agency Identific Identifica ation tion N Nuum mbber er 1 1 D Daate te & & Time Time of of jo jou urney rney event event 1 Security Security Layer Layer 1 Entry Entry aand nd Exit Exit loc loca ation tion of of jo jou urney rney11 Ro Rouute te from from n nuum mbber er 1 1 Journey Journey Data DataNN Identification nnuu mmbb er erN N Figure 9. Critical interoperability elements matrix. determining which card to select for communication. Type A uses bit-wise anti-collision, Type B uses slotted anti-collision. Part 4: Transmission Protocol-Defines the communication protocol and framing for data exchange. Because of its transparency, it can encapsulate any application command, which per- mits a variety of functionality and flexibility. Application Command Protocol ISO 7816 was established as the standard from which contact readers and smartcards were to enable application interaction. Although ISO 7816 establishes the framework for application commands, the data and parameters contained in each of these ISO commands can be exclusive to an application and are not defined by ISO. One objective of this report is to identify the sub- set of ISO 7816 commands to use for a transit application and then define the data and param- eters that will be contained within these commands for transit interoperability. In the ISO 7816 standard, there are six parts, of which only Part 4 applies to this discussion. In Part 4 of ISO 7816, the following subset of application-related commands is provided: SELECT FILE--Selects files, directories, or applications on the smartcard file system for read and update operations. READ BINARY--Retrieves data from a transparent (non-record-based) file on the smartcard. WRITE BINARY--Writes data to a transparent (non-record-based) file on the smartcard. UPDATE BINARY--Modifies existing data within a transparent (non-record-based) file on the smartcard. READ RECORD--Retrieves data from a record-based (non-transparent-based) file on the smartcard. WRITE RECORD--Writes data to a record-based (non-transparent-based) file on the smartcard.