Contactless (or NFC) tokens can be cloneable. Using this kind of tokens as means of payments, means of personal identification, or (in our case) means of access to transit services would be risky. That is why payment card systems and open loop transit systems deal with non-cloneable tokens.
We somehow understand that credit cards and debit cards are non-cloneable. But what this really means? What other types of non-cloneable tokens can be used in OpenFare?
This is explained below.
An NFC token is just a computer chip with an antenna. It is relatively easy to buy or produce another one. You do not even need to create another one of the same shape or type. It would be sufficient if a validator or point-of-sale cannot tell which tag is genuine and which is not.
What makes validator to believe that this token is genuine?
A non-cloneable token has the following mandatory features:
- It keeps some unique secret data in its memory.
- It never discloses this secret data to anybody. It is also not feasible to extract this data from the token chip using any kind of technical equipment.
- It can prove to the outer world (validators, point of sales, etc.) that it has that sacred unique data, without disclosing that data.
There are two main methods used in payment card industry and beyond to verify the token authenticity. Let’s look at them closer.
Online Token Authentication
The token issuer computer host and the token share an encryption key. Each token has its own unique and secret encryption key and the host knows them.
When the token is engaged with a card acceptance device, the device sporadically creates some number (each time a new one and unpredictable) and asks the token to encrypt this number. The device then sends both encrypted number and clear form (not encrypted) number to the issuer host. The issuer host verifies that the number was encrypted correctly. Only the genuine token can do this. Other tokens do not know this particular encryption key.
After that, the the host responds to the card acceptance device with the verdict: the token is (or is not) genuine.
This type of token authentication takes rather long time because of the issuer request/response message latency.
Offline Token Authentication
This method is based on Public Key Cryptography. The contactless token secretly keeps so-called private key in its memory which can be used for electronically signing digital documents. In the payment card industry this method is called Dynamic Data Authentication (DDA) or, in case of contactless payment cards, Combined Data Authentication (CDA).
The card acceptance device, just as in case of Online Authentication, produces an unpredictable number and asks the token to sign it. Upon receiving the signed number from the token (as it were a signed document), the card acceptance device verifies the signature without any participation of the card issuer or other agent host.
This method becomes more and more popular but, it requires more cryptographic power and some card acceptance devices and contactless cards (tokens) can be slow. Apart from that, there are still many rather old contactless cards in the world that do not have this feature and require online authentication by the issuer host.
Closed Loop Authentication
Closed loop cards used in many transit systems also can prove to the transit validator that they are genuine. They do it offline, without any presence of card issuing host. This is achieved by sharing the encryption key between validators (all validators have them) and cards.
This makes the validators “members” of the closed loop, the particular transit system. Validators that do not belong to this family (do not have these specific encryption keys) cannot tell whether the alien contactless closed loop card is genuine or not.
Contactless Personal Identification Tokens
ID-like contactless tokens behave similar to closed loop cards; however public key cryptography is used there. The electronic contactless passport or a good contactless ID, such as a driver license, etc. will never disclose its data to a contactless reader that is not authorized to have this data. Of course, such tokens are non-cloneable, so they can prove to an authorized card reader that they are authentic.
OpenFare and Non-Clonable Tokens
Let’s see what types of non-cloneable tokens OpenFare can deal with.
All types of contactless (NFC) payment cards, including credit, debit, bank, and ATM cards, can be used. The cards with Combined Data Authentication (CDA) are fraud-proof. Cards without CDA possess a certain risk but it is lower than in classic open loop. Remember? OpenFare validators accept only those cards that are registered in the system. The fraudster must simulate the card that is in the system. It is possible but harder than simulating any other credit card.
Smartphone Payment Applications
Apart from credit and debit payment applications that classic open loop systems deal with, OpenFare can also accept any smartphone-kept contactless token that is proved to be non-cloneable. They can be reliably created and kept within known applications, including Android Pay or Apple Pay.
Personal Identification Tokens
Providing transit validators with capabilities to communicate with international contactless passports is hardly reasonable or practical.
Using local (state, provincial, etc) driver’s licenses or other ID’s (senior, student, etc) in local public transit within the OpenFare realm is reasonable, especially if these tokens provide special discounts for certain categories of patrons. These tokens can hardly be used in validators outside the designated region.
Closed Loop Cards in OpenFare
Closed loop systems may allow the OpenFare validators to accept their closed loop cards as contactless tokens, associated with OpenFare accounts. In some cases this can be reasonable, especially when a traditional closed loop systems want to collaborate with some other transit agencies that have open loop preferences.
There is CIPURSE standard (see www.osptalliance.org) which provides interoperability across closed loop validators and cards. The CIPURSE card is an example of a non-cloneable token.
This standard is very helpful and it allows to reduce the implementation cost of closed loop fare systems. Unfortunately, it does no make these systems open. Money and encryption keys cannot be shared across closed loop fare systems. OpenFare “opens” CIPURSE fare systems.
- OpenFare provides the shared balance and takes care of reconciliation across the participating agencies.
- OpenFare treats CIPURSE cards as non-cloneable tokens. If such cards are actually application in smartphones (e.g. constitute a content of a Google Wallet), sharing the keys across various transit agencies via OpenFare proactive data propagation becomes non-risky.