A Practical Set-Membership Proof for Privacy-Preserving NFC Mobile Ticketing

To ensure the privacy of users in transport systems, researchers are working on new protocols providing the best security guarantees while respecting functional requirements of transport operators. In this paper, we design a secure NFC m-ticketing protocol for public transport that preserves users' anonymity and prevents transport operators from tracing their customers' trips. To this end, we introduce a new practical set-membership proof that does not require provers nor verifiers (but in a specific scenario for verifiers) to perform pairing computations. It is therefore particularly suitable for our (ticketing) setting where provers hold SIM/UICC cards that do not support such costly computations. We also propose several optimizations of Boneh-Boyen type signature schemes, which are of independent interest, increasing their performance and efficiency during NFC transactions. Our m-ticketing protocol offers greater flexibility compared to previous solutions as it enables the post-payment and the off-line validation of m-tickets. By implementing a prototype using a standard NFC SIM card, we show that it fulfils the stringent functional requirement imposed by transport operators whilst using strong security parameters. In particular, a validation can be completed in 184.25 ms when the mobile is switched on, and in 266.52 ms when the mobile is switched off or its battery is flat

Future prospects for personal security in travel by public transport

This work was supported by the Engineering and Physical Sciences Research Council [grant number EP/I037032/1]. No other funding support from any other bodies was provided.Peer reviewedPublisher PD

Multi-RFID embedded Ticketing Kernel for MaaS

Trabalho de projeto de mestrado, Engenharia Informática (Engenharia de Software) Universidade de Lisboa, Faculdade de Ciências, 2020The fast-growing human population is causing an ever-increasing trend of hyper urbanisation and globalisation, along with the popularisation of private cars to commute, which contributes to several environmental and health problems, for instance, high lev els of noise, congestion, and pollution. Hence, most cities are facilitating and enhancing commuting travel, thus, fostering the development of transportation. Today’s urban transport networks are part of the daily lives of millions of people around the world, and in this era of digitalisation, servicising, and cashless economy the public transportation must also readjust. Therefore, contactless bank cards will make it reasonable to travel by public transport. It will be the first time in Portugal that a contactless bank card enables public transport to be accessed, travelled and charged. Such a solution would encourage the contactless debit or credit card to be an alternative to the proprietary transit card, thereby helping to enhance the usability and accessibility of public transport. With the launch of the contactless solution in public transport, a metropolitan area in Portugal will very well integrate a growing list of the world’s major cities such as London, Singapore, Rio de Janeiro and New York. Moreover, new passengers gradually shift from maintaining a private car to the use of public transport means, which allows a diminution on the emission of fuel gases, and a reduction of the global pollution. In addition to that, public transport operators pains also decrease because proprietary cards are handled and managed by financial institutions, enabling the transport agencies to turn their attention to the core of their business, like the multi-modal mass transit and fare calculation. This pioneering project in Portugal involved several stakeholders, including Card4B, Visa, and Unicre. Accordingly, the project aimed to provide an open-loop model with con tactless and post-paid payments to integrate into the existing operation of transportation ticketing. Finally, the developed solution supports contactless transactions, and followed the “Contactless Specifications for Payment Systems”. Successfully, the delivered solution was certified with an EMV Level 3 Certification for both Visa PayWave and MasterCard Contactless transactions

Contributions to the security and privacy of electronic ticketing systems

Un bitllet electrònic és un contracte en format digital entre dues parts, l'usuari i el proveïdor de serveis, on hi queda reflectit l'acord entre ambdós per tal que l'usuari rebi el servei que desitja per part del proveïdor. Els bitllets són emprats en diferents tipus de serveis, com esdeveniments lúdics o esportius, i especialment en l'àmbit del transport. En aquest cas permet reduir costos donat l'alt volum d'usuaris, a més de facilitar la identificació del flux de viatges. Aquesta informació permet preveure i planificar els sistemes de transport de forma més dinàmica. La seguretat dels bitllets electrònics és clau perquè es despleguin a l'entorn real, com també ho és la privadesa dels seus usuaris. La privadesa inclou tant l'anonimitat dels usuaris, és a dir, una acció no s'ha de poder atribuir fàcilment a un determinat usuari, com també la no enllaçabilitat dels diferents moviments d'un determinat usuari. En aquesta tesi proposem protocols de bitllets electrònics que mantinguin les propietats dels bitllets en paper juntament amb els avantatges dels bitllets digitals. Primerament fem un estat de l'art amb les propostes relacionades, analitzant-ne els requisits de seguretat que compleixen. Presentem un protocol de bitllets electrònics que incorpora els nous requisits de seguretat d'exculpabilitat i reutilització, diferents dels que haviem analitzat, tot complint també la privadesa pels usuaris. Posteriorment, presentem una proposta de bitllets electrònics adaptada als sistemes de pagament depenent de l'ús, bàsicament enfocat al transport, que incorpora tant l'anonimat pels usuaris, com també la enllaçabilitat a curt termini, és a dir, complint la no enllaçabilitat dels diferents moviments del mateix usuari, però permetent la enllaçabilitat de les accions relacionades amb el mateix trajecte (p.ex. entrada i sortida). Finalment, mitjançant una evolució de la mateixa tècnica criptogràfica utilitzada en el sistema de pagament per ús, millorant-ne el temps de verificació per a múltiples bitllets alhora (verificació en ``batch''), presentem una proposta que pot ser útil per a varis sistemes de verificació massiva de missatges, posant com a cas d'ús l'aplicació a sistemes de xarxes vehiculars.An electronic ticket is a digital contract between two parties, that is, the user and the service provider. An agreement between them is established in order that the user can receive the desired service. These tickets are used in different types of services, such as sports or entertainment events, especially in the field of transport. In the case of transport, costs can be reduced due to the high volume of users, and the identification of the travel flow is facilitated. This information allows the forecast and planification of transport systems more dynamically. The security of electronic tickets is very important to be deployed in the real scenarios, as well as the privacy for their users. Privacy includes both the anonymity of users, which implies that an action cannot be easily attributed to a particular user, and also the unlinkability of the different movements of that user. This thesis presents protocols which keep the same security requirements of paper tickets while offering the advantages of digital tickets. Firstly, we perform a state of the art with the related proposals, by analysing the security requirements considered. We then present an electronic ticketing system that includes the security requirements of exculpability and reusability, thus guaranteeing the privacy for users. We later present a proposal of electronic ticketing systems adapted to use-dependant payment systems, especially focused on transport, which includes both the anonymity of users and the short-term linkability of their movements. The related actions of a journey of a determined user can be linkable between them (i.e. entrance and exit of the system) but not with other movements that the user performs. Finally, as an extension of the previous use-dependant payment system solution, we introduce the case of mass-verification systems, where many messages have to be verified in short time, and we present a proposal as a vehicular network use case that guarantees privacy for users with short-term linkability and can verify these messages efficiently

Exploring rail futures using scenarios: experience and potential

In 1995 the author of this paper undertook a scenario exercise for British Rail to identify priorities for rail science and technology developments under the new privatised regime. Four marketbased 2010 scenarios were developed for UK rail transport: 1) cost driven; 2) quality driven, 3)technology driven and 4) environmentally driven. These helped to identify areas of strategic R&D that were needed to improve rail’s competitiveness. It is now over a decade since this scenario exercise took place. This paper, updating an earlier review (Potter and Roy, 2000), revisits the 1995 scenarios and compares them to what actual market strategies emerged within the privatised railway industry. It explores whether the four scenarios did succeed in capturing the range of market responses that emerged from rail privatisation and what lessons this contains for the use of scenarios transport research

Revisiting public transport service delivery: exploring rail commuters’ attitudes towards fare collection and verification systems

Making Public Transport services more attractive and effective requires attractive and effective ticketing. This requires a clear understanding of user attitudes, needs and expectations. This study explored commuters’ attitudes to fare collection and verification and the underlying factors, their acceptance of the policy of “No-ticket-purchase on-board” and their preferences for fare verification options. Commuters rated their agreement with 17 ticketing related statements in a cross-sectional questionnaire survey conducted along the corridor with the largest proportion of cross-county commuting in Sweden, Stockholm – Uppsala. Four sets of hypotheses were then tested. The average scores were normally distributed and hence analysed using a two-way ANOVA. A One-way chi-square test was conducted to determine the commuters’ preference for fare verification approach. A t-test was used to analyse the perceived quality of ticketing and the commuters’ reaction to the policy of “No-ticket-purchase on-board PT vehicle”. Whilst the results showed that the commuters were relatively uniform in their attitudes, income, commuting route, ticket type and ticket purchase channel affected their attitudes. They were neutral to the policy of “No-ticket-purchase on-board”. Their attitude to fare collection was more positive than that of fare verification and they showed a preference for automatic fare verification. The study highlights a number of policy implications and recommends further research on the feasibility of passive fare verification and on commuters’ preferred options for fare verification

Blockchain based Identity Management and Ticketing for MaaS

Trabalho de projeto de mestrado, Engenharia Informatica (Engenharia de Software) Universidade de Lisboa, Faculdade de Ciências, 2020As time moves further into the 21st century, the world is progressively becoming more sophisticated, and our capacity to forecast the future is decreasing at the same rate. The emerging global problems require new kinds of tools paving the way to move forward. Across Europe, privatised public transport systems are frequently conceived in separation by an operator resulting in legacy systems with proprietary ticketing solutions causing fragmentation and lack of uniformity of information. The Mobility-as-a-Service (MaaS) concept promises to solve existing problems in the transport industry since it allows the integration of different mobility services, such as car and bicycle sharing, among others, with traditional public transport. To plan a trip, passengers have several mobility options, interconnected to each other, with a range of alternatives according to their preferences. However, it is a huge challenge to expand the MaaS network that includes several operators. Recent innovations in Blockchain and distributed ledger technologies, especially the current developments of smart contracts, it is expected that a novel distributed approach to MaaS is finally feasible. MaaS systems benefit from the power of Blockchain disruptive technology, improving transparency and trust among service providers thereby eliminat ing the middle tier. In order to implement the new MaaS concept and take advantage of the high volumes of data relating to passengers and their tickets, it is essential that trans port operators have a unified system, thus allowing each participant to create, view and modify the information. This project enables the development of a new ticketing solution based on Blockchain, with an Identity Management module capable of managing the identities of passengers across the entire system, as well as the creation of a MaaS application mock-up for the passenger. Finally, the proposed system is evaluated in terms of operation and perfor mance, according predefined use cases and requirements. Results are achieved in terms of the collaboration between multiple service providers operating on a single platform