‘Transparent NFC’ connects the Leap Card to solve comms and top-up challenges

Today the Leap Card is now accepted by 15 major public and private transport providers across Ireland. It was an immediate success, largely replacing magnetic stripe tickets and other schemes and making public transport interoperability a reality. The NTA has since rolled out a succession of ticketing products, and recently celebrated the sale of the two millionth Leap Card. Riders have taken more than 350 million journeys using the smart card, and in 2016, Leap accounted for 47% of all public transport journeys in Ireland. 

I had the opportunity to present the technology behind the Leap Card system at an NFC Forum technology summit in Vienna, Austria at the end of last year. The NFC Forum is a non-profit industry association that develops the technology standards and specifications to advance the use of Near Field Communication (NFC). NFC is a set of communication protocols¹ that enable two electronic devices – one of which is usually a portable device such as a smartphone – to establish communication by bringing them within 4cm (1.6in) of each other.

NFC devices are used in contactless payment systems, similar to those used in credit cards and electronic ticket smartcards, and allow mobile payment to replace or supplement these systems.  The use of NFC technology to provide mobile ticketing and gate access in public transportation is rapidly increasing with the continuing rise of smartphone use in the world. This combination of accessibility and the standardisation of NFC technology on smartphones means that NFC offers the simplest solution with the ‘path of least resistance’ to adoption and use in public transportation applications. According to Paula Hunter, Executive Director of the NFC Forum, over two billion NFC-enabled devices, like smartphones, are already in use worldwide. This figure is expected to rise to three billion in a few short years – equal to approximately half the number of people living on Earth. 

“NFC is a standard feature on most smartphones and enables communication between a reader and a card up to 10cm in proximity, making it ideal for public transportation and payment applications,” says Paula. “NFC technology enables simple and safe two-way interactions between electronic devices, allowing consumers to perform contactless transactions, access digital content, and connect electronic devices with a single touch of their mobile device to a reader. We’ve experienced a rapid adoption for payment applications and expect that the public transportation sector will be the next area to see an explosion of deployments and consumer acceptance.”

The NFC Forum played a pivotal role by establishing the overall NFC global specifications and standards that made implementing public transport mobile ticketing solutions possible. At NTA, we place huge importance on the role of the NFC Forum bringing together expertise and promoting interoperability across the globe. That’s essential to us because, in the longer term, it means it will be much easier to integrate and deliver new and different services to customers, to offer a better choice of suppliers, and to enable a more efficient market. The NFC Forum’s free public transport white paper titled NFC-enabled e-Ticketing in Public Transport: Clearing the Route to Interoperability² is a good read that summarises NFC technology and the benefits it brings to public transportation mobile ticketing. 

The Leap Card need: More current information and easier top-ups

By December 2016, top-ups using the NFC app had exceeded €1.4 million per month

One distinguishing aspect of the Leap Card system is that the smartcard itself contains the master record of balance and recent journey history for each passenger. While this ensures that card readers can check for sufficient credit to enable a passenger to travel, transactions could only be transmitted to back-office systems when transport system devices were able to communicate. In the case of buses, which are offline most of the day, that can mean processing delays of up to 24 hours. As a result, Leap Card users could not easily access up-to-the-minute balances.

Top-ups and ticket purchases were another inconvenience. While passengers could add funds to their accounts via a website, the only way for that information to be loaded onto their Leap Cards was to visit one of the 740 Payzone point-of-sale shops or at Irish Rail or Luas light-rail ticket vending machines. Consumers were concerned that when they topped up their Leap Card online the money was not immediately making it onto their Leap Card. Our mobile-optimised website wasn’t sufficient because, in the age of mobile comms, apps and downloads, the idea that a passenger would order something and have to wait 12 to 24 hours to collect it was no longer acceptable. In 2013, the NTA began looking at more user-friendly and convenient ways to enable passengers to securely access their Leap Card accounts for updated information and get a faster response on top-ups and ticket purchases. Various technology solutions were tested and piloted before a solution was found.

The solution: ‘Transparent NFC’ connects the card

By early 2014, NTA’s ticketing team had determined that the most promising way to address the issues was to use NFC. NFC was rapidly becoming a standard feature on smartphones, and by 2014 smartphone adoption in Ireland had grown to 2.7 million users, approximately half of whom were using Android-based devices. That meant a sizeable number of Leap Card users would be able to make use of it, and that number would grow as NFC adoption grew. 

NFC technology was the secure, easy to use solution that would work with existing cards and card readers across multiple transport systems. However, the way in which we had designed our card system and its security was not conducive to just putting the card on the phone. Through one of our suppliers, we became aware of an interesting solution that was operating in New Zealand. When we learned what was behind that approach, we realised it was a viable option for us, given the constraints we had in our technology.

The solution was called Snapper and had been developed for public transport in New Zealand, although it used a different smartcard and encryption key approach to that of the Leap Card. In the Snapper scheme, NFC on the smartphone is used as a conduit to the card, reading and writing to the card to update the master balance and user journey history. Users could top-up their accounts via a mobile app, then tap their smartcards to their phones and have them immediately updated via NFC.

We didn’t simply put the Leap Card into the mobile phone because of the technical limitations of getting the card into the phone, which would have required a much larger investment from us. The other factor was ergonomics; our ticket machines are not designed for holding a phone to.

Snapper and its European partner, Vix Technology, developed the solution we called ‘Transparent NFC’. NFC enables the smartcard to be read and updated. Users interact with the solution via a mobile app. The Transparent NFC server provides the functionality to support the read/write use cases, including the capability to authenticate to all types of Leap Cards. The command is constructed on the server and executed on the mobile application. The encryption keys required to perform the read/write operation are retrieved from the secure Hardware Security Module (HSM). Nothing is constructed on the mobile app and no encryption keys are required to be stored on the mobile app, thereby ensuring a very secure solution for the user and the scheme. Key components of the solution are hosted in the cloud by Amazon Web Services, which scales automatically to guarantee performance during peak times.

The solution is based on Snapper’s Smartware ticketing solution that abstracts the complexity of the Leap Card back-office and provides modern APIs and a branded Android app. To ensure that the solution is conveniently interoperable, all interfaces use standard technologies, such as SOAP web services. The solution is designed to protect the integrity of Leap Card security, with all keys protected in a dedicated Hardware Security Module (HSM) linked with a low latency connection to the NFC Server in order to optimise performance.

The ‘Transparent NFC’ solution

The major components of the solution are:

• An Integration Server designed to securely manage communication with the existing Leap back-office system
• A Transparent NFC Server designed to coordinate and effect each action requested by a customer
• A Web Server to host the management and customer care web interfaces and to provide for management reporting
• A Database Server to host the data stores
• A Hardware Security Module (HSM) designed to preserve the security and integrity of cryptographic keys
• A Transparent NFC Library designed to integrate the NFC system capabilities into the Android Mobile Application.

The solution provides full implementation of Leap’s ePurse business rules, configuration data and action lists and also integrates with a Payment Gateway for customer payments. The payment gateway supports tokenisation of debit/credit card details and the app redirects users into the Payment Gateway’s hosted environment in order to minimise the NTA’s operational responsibility for managing debit/credit card details and associated PCI-DSS compliance requirements. The design of the solution also provides possibilities for NTA to extend into support for other customer offerings including retail kiosks and self-service terminals.

Results and looking ahead down the road

NTA’s ‘Transparent NFC’ solution has been a success by any measure. However, because it was Android-only initially, there was a lot of push-back from iPhone users. Still, we saw the number of installations grow steadily from zero to 150,000 installs within 12 months. More importantly, passengers have become ongoing users of the solution, which has received reviews averaging more than 3.5 stars at the Google Play store. By December 2016, top-ups using the NFC app had exceeded €1.4 million per month.

Recent usage figures for May 2017 are in and it’s over €2 million. Looking ahead, we’ll continue to increase our use of mobile and NFC. This will include supporting greater customer choice by offering customers the ability to identify themselves and pay for public transport directly using their phone as an identifier. We also want to provide the option to use Apple Pay and Samsung Pay to pay directly.

References

1. https://en.wikipedia.org/wiki/Communications_protocol
2. http://nfc-forum.org/transport-stakeholders/