Table of Contents - APTAStandards.com
Table of Contents - APTAStandards.com
Table of Contents - APTAStandards.com
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
SMART CARD STANDARDS<br />
AND SPECIFICATIONS<br />
RESEARCH<br />
American Public Transportation<br />
Association (APTA)<br />
Version 1.2<br />
San Francisco<br />
March 2005<br />
This report is confidential and intended solely for the use and<br />
information <strong>of</strong> the <strong>com</strong>pany to whom it is addressed.
<strong>Table</strong> <strong>of</strong> <strong>Contents</strong><br />
1.0 INTRODUCTION....................................................................................................... 4<br />
1.1 OBJECTIVES ............................................................................................................... 4<br />
1.1.1 APTA Objective...................................................................................................... 4<br />
1.1.2 Objectives <strong>of</strong> the Analysis....................................................................................... 6<br />
1.2 APTA EFFORTS TO DATE ...................................................................................... 8<br />
2.0 METHODOLOGY ..................................................................................................... 8<br />
3.0 PROJECT SCREENING CRITERIA ...................................................................... 9<br />
4.0 ANALYSIS OF STANDARDS AND SPECIFICATIONS.................................... 12<br />
4.1 ISO/IEC 8583............................................................................................................ 13<br />
4.1.1 Description <strong>of</strong> the Standard.................................................................................. 13<br />
4.1.2 Applicability to UTFS Effort ................................................................................ 14<br />
4.1.3 Common Message Structure ................................................................................ 14<br />
4.1.4 Message Types ...................................................................................................... 16<br />
4.1.5 Data Elements....................................................................................................... 18<br />
4.1.6 Message Sequences ............................................................................................... 19<br />
4.1.7 Security Requirements.......................................................................................... 20<br />
4.1.8 Timing & Routing ................................................................................................ 20<br />
4.1.9 Usability................................................................................................................ 22<br />
4.2 INTEGRATED TRANSPORT SMARTCARD ORGANIZATION (ITSO)........ 23<br />
4.2.1 Description <strong>of</strong> the Specification ............................................................................ 23<br />
4.2.2 Applicability to UTFS Effort ................................................................................ 24<br />
4.2.3 Common Message Structure ............................................................................... 24<br />
4.2.4 Message Types ...................................................................................................... 25<br />
4.2.5 Data Elements....................................................................................................... 29<br />
4.2.6 Message Sequences ............................................................................................... 30<br />
4.2.7 Security Requirements.......................................................................................... 30<br />
4.2.8 Timing & Routing ................................................................................................ 30<br />
4.2.9 Usability................................................................................................................ 30<br />
4.3 OPEN FINANCIAL EXCHANGE (OFX) ............................................................. 31<br />
4.3.1 Description <strong>of</strong> the Specification ............................................................................ 31<br />
4.3.2 Applicability to UTFS Effort ................................................................................ 32<br />
4.3.3 Common Message Structure ................................................................................ 33<br />
4.3.4 Message Types ..................................................................................................... 34<br />
4.3.5 Data Elements....................................................................................................... 36<br />
4.3.6 Message Sequences ............................................................................................... 38<br />
4.3.7 Security Requirements.......................................................................................... 38<br />
4.3.8 Timing & Routing ................................................................................................ 39<br />
4.3.9 Usability................................................................................................................ 39<br />
4.4 VENDING EQUIPMENT INTERFACE (VEI) ..................................................... 40<br />
4.4.1 Description <strong>of</strong> the Specification ............................................................................ 40<br />
4.4.2 Applicability to UTFS Effort ................................................................................ 40<br />
4.4.3 Common Message Structure ................................................................................ 41<br />
4.4.4 Message Types ...................................................................................................... 42<br />
4.4.5 Data Elements....................................................................................................... 44<br />
4.4.6 Message Sequences ............................................................................................... 44
4.4.7 Security Requirements.......................................................................................... 45<br />
4.4.8 Timing & Routing ................................................................................................ 45<br />
4.4.9 Usability................................................................................................................ 45<br />
4.5 CEN TC278 – INTEROPERABLE PUBLIC TRANSPORT FARE<br />
MANAGEMENT SYSTEM ARCHITECTURE (IFMSA) .................................... 46<br />
4.5.1 Description <strong>of</strong> the Standard.................................................................................. 46<br />
4.5.2 Applicability to UTFS Effort ................................................................................ 46<br />
4.5.3 Common Message Structure ................................................................................ 47<br />
4.5.4 Message Types ...................................................................................................... 47<br />
4.5.5 Data Elements....................................................................................................... 48<br />
4.5.6 Message Sequences ............................................................................................... 48<br />
4.5.7 Security Requirements.......................................................................................... 48<br />
4.5.8 Timing & Routing ................................................................................................ 48<br />
4.5.9 Usability................................................................................................................ 48<br />
4.6 CUBIC TRANSPORTATION SYSTEM (CTS) CID EDGE INTERFACES ....... 48<br />
4.6.1 Description <strong>of</strong> the Specification ............................................................................ 48<br />
4.6.2 Applicability to UTFS Effort ................................................................................ 48<br />
4.6.3 Common Message Structure ............................................................................... 48<br />
4.6.4 Message Types ...................................................................................................... 49<br />
4.6.5 Data Elements....................................................................................................... 50<br />
4.6.6 Message Sequences ............................................................................................... 50<br />
4.6.7 Security Requirements.......................................................................................... 50<br />
4.6.8 Timing and Routing ............................................................................................. 51<br />
4.6.9 Usability................................................................................................................ 51<br />
4.7 TRANSLINK ® ........................................................................................................... 51<br />
4.7.1 Description <strong>of</strong> the Specification ............................................................................ 51<br />
4.7.2 Applicability to UTFS Effort ................................................................................ 52<br />
4.7.3 Common Message Structure ................................................................................ 52<br />
4.7.4 Message Types ...................................................................................................... 52<br />
4.7.5 Data Elements....................................................................................................... 56<br />
4.7.6 Message Sequences ............................................................................................... 56<br />
4.7.7 Security Requirements.......................................................................................... 56<br />
4.7.8 Timing and Routing ............................................................................................. 57<br />
4.7.9 Usability................................................................................................................ 58<br />
4.8 ERG APTA SPECIFICATIONS .............................................................................. 58<br />
4.8.1 Description <strong>of</strong> the Specification ............................................................................ 58<br />
4.8.2 Applicability to UTFS Effort ................................................................................ 58<br />
4.8.3 Common Message Structure ................................................................................ 59<br />
4.8.3.1 APTA System Header............................................................................................ 59<br />
4.8.3.2 APTA System Common Header ............................................................................ 60<br />
4.8.3.3 Variant Data .......................................................................................................... 61<br />
4.8.4 Message Types ...................................................................................................... 61<br />
4.8.5 Data Elements....................................................................................................... 65<br />
4.8.6 Message Sequences ............................................................................................... 65<br />
4.8.7 Security Requirements.......................................................................................... 65<br />
4.8.8 Timing and Routing ............................................................................................. 65<br />
4.8.9 Usability................................................................................................................ 65
4.9 REGIONAL INTEROPERABILITY STANDARD (RIS) PART 4....................... 66<br />
4.9.1 Description <strong>of</strong> the Standard.................................................................................. 66<br />
4.9.2 Applicability to UTFS Effort ................................................................................ 66<br />
4.9.3 Common Message Structure ................................................................................ 67<br />
4.9.3.1 PART 1 ............................................................................................................. 67<br />
4.9.3.2 PART 2 ............................................................................................................. 67<br />
4.9.3.3 PART 3 ............................................................................................................. 67<br />
4.9.3.4 PART 4 ............................................................................................................. 68<br />
4.9.4 Message Types ...................................................................................................... 68<br />
4.8.6 Data Elements....................................................................................................... 74<br />
4.8.7 Message Sequences ............................................................................................... 74<br />
4.8.8 Security Requirements.......................................................................................... 74<br />
4.8.9 Timing and Routing ............................................................................................. 74<br />
4.8.9 Usability................................................................................................................ 74<br />
5.0 FINDINGS................................................................................................................. 75<br />
5.1 SUMMARY ............................................................................................................... 77<br />
APPENDIX A RESEARCH CONTACTS ............................................................................. 80<br />
APPENDIX B COMPLETED CRITERIA FORMS ............................................................ 83<br />
VENDING EQUIPMENT INTERFACE (VEI) VERSION 1.2 ........................................ 83<br />
ITSO ..................................................................................................................................... 84<br />
ISO/IEC 8583........................................................................................................................ 85<br />
CID EDGE INTERFACES ................................................................................................... 86<br />
TRANSLINK ® ....................................................................................................................... 87<br />
ERG APTA ............................................................................................................................ 88<br />
RIS PART 4............................................................................................................................ 89<br />
APPENDIX C DATA ELEMENTS........................................................................................ 90<br />
VENDING EQUIPMENT INTERFACE (VEI) VERSION 1.2 ........................................ 90<br />
ITSO DATA ELEMENTS .................................................................................................... 91<br />
ISO/IEC 8583 DATA ELEMENTS..................................................................................... 95<br />
CID EDGE INTERFACES DATA ELEMENTS................................................................ 97<br />
TRANSLINK......................................................................................................................... 99<br />
ERG APTA .......................................................................................................................... 102<br />
RIS PART 4 ......................................................................................................................... 105<br />
Appendix D RIS PART 4 RCH-To-RCH Messages........................................................ 106
Document History<br />
Revision Reason For Issue Date<br />
0.1 Initial Draft June 1, 2004<br />
1.0 Final Draft July 30, 2004<br />
1.1 Inclusion <strong>of</strong> RIS Part 4 and ERG December 15,<br />
APTA-000 review and analysis 2004<br />
1.2 Clarified scope <strong>of</strong> WP4 March, 2005<br />
Page 1
Acronym List<br />
ACCTRQ Activation Request Aggregate<br />
APTA American Public Transportation Association<br />
ASCII American Standard Code for Information Interchange<br />
ASL Agent Session Layer<br />
ATIP Australian Transport Interoperability Protocol<br />
ATL Agent Transport Layer<br />
CEN European Committee for Standardization<br />
CEPS Common Electronic Purse Specification<br />
CID Card Interface Device<br />
CSC Contactless Smart Card<br />
DAC Data Authentication Code<br />
EFT Electronic Financial Transaction<br />
EMV Europay Mastercard Visa<br />
GSC-IS Government Smart Card Interoperability Standard<br />
HOPS Host Operator or Processing System (ITSO)<br />
HTML Hyper Text Mark Up Language<br />
ICC Integrated Circuit Card<br />
IFMSA Interoperable Public Transport Fare Management System<br />
IOPTA Interoperable PT Applications for Smart Cards<br />
IPE ITSO Product Entities<br />
ISAM ITSO Specific SAM Module<br />
ISO/IEC International Organization for<br />
Standardization/International Electrotechnical Commission<br />
ITSO Integrated Transport Smartcard Organization<br />
MAC Message Authentication Code<br />
MTC Metropolitan Transportation Commission<br />
NIST National Institute <strong>of</strong> Standards and Technology<br />
NTTWG National Ticketing and Tolling Workgroup<br />
OFX Open Financial Exchange<br />
OSI Open System Interconnection<br />
PANY/NJ Port Authority <strong>of</strong> New York and New Jersey<br />
PICC Proximity Integrated Circuit Card<br />
POS Point <strong>of</strong> Sale<br />
POST Point <strong>of</strong> Service Terminal<br />
RCH Regional Clearing House<br />
RIS Regional Interoperability Standard<br />
SGML Standard Generalized Mark Up Language<br />
SSL Secure Socket Layer<br />
SV Stored Value<br />
TCP/IP Transmission Control Protocol/Internet Protocol<br />
TLV Tag Length Value<br />
TVM Ticket Vending Machine<br />
Page 2
Acronym List<br />
UTFS Universal Transit Farecard Standards<br />
VDV Verband Deutscher Verkehsunternehmen<br />
VEI Vending Equipment Interface<br />
WMATA Washington Metropolitan Area Transit Authority<br />
XML eXtensible Markup Language<br />
Page 3
1.0 INTRODUCTION<br />
A growing trend in North America and abroad is a move towards regional fare<br />
payment systems. Regional programs involve multiple transit systems linked by a<br />
<strong>com</strong>mon fare payment instrument, most <strong>com</strong>monly a smart card. Open standards and<br />
interoperability between different vendor equipment within an electronic fare payment<br />
system have be<strong>com</strong>e highly desirable, and in some instances, necessary.<br />
Interoperability is defined in this report as follows:<br />
1. The ability <strong>of</strong> fare payment devices to exchange data with other vendor devices<br />
within a single fare collection payment system<br />
2. The ability for independently implemented multiple fare payment systems to be<br />
operable with each other regardless <strong>of</strong> the underlying technology <strong>of</strong> the each<br />
system<br />
Transit agencies deploying smart card technology have very few industry standards to<br />
facilitate interoperability and reduce their reliance on proprietary technology. Agencies<br />
locked into proprietary technology have fewer procurement options and limited ability<br />
to participate in regional systems. Moving forward, individual transit agency devices<br />
and <strong>com</strong>puter systems must be interoperable, and preferably based on open standards.<br />
Today, transit agencies participating in regional programs, absent <strong>of</strong> industry wide<br />
standards, have encountered difficulties such as the following:<br />
• New systems<br />
- Increased coordination required between participating agencies before<br />
equipment procurements<br />
- No independent source to <strong>com</strong>pare different proprietary approaches<br />
between <strong>com</strong>peting vendors<br />
- Less <strong>com</strong>petitive initial marketplace<br />
• Existing systems<br />
- Post implementation equipment options are constrained<br />
- Reduced ability to collaborate with non-transit industry partners due to<br />
proprietary interfaces<br />
- Few options for replacing non-performing vendors in mid-stream<br />
1.1 Objectives<br />
1.1.1 APTA Objective<br />
The American Public Transportation Association (APTA) standards activity, through<br />
the work <strong>of</strong> the Universal Transit Farecard Standards (UTFS) Program, defines interface<br />
standards and best practices for use at transit systems throughout the United States that<br />
provide uniform guidelines for system interoperability. The program aims to produce<br />
standards and re<strong>com</strong>mended practices to help transit systems deploying smart card<br />
Page 4
technology to achieve interoperability with peer transit systems, and interoperability<br />
between systems provided by different vendors. WP4 focuses primarily on producing<br />
standards and guidelines to achieve the following objectives:<br />
• Interoperability between a single transit system’s fare payment devices, and a<br />
central system as illustrated in Exhibit 1.1-1.<br />
• Interoperability (possibly limited) between two regional central systems as<br />
illustrated in 1.1-2<br />
These objectives support APTA’s goal <strong>of</strong> increasing interoperability among smart card<br />
based transit systems in the U.S. This will benefit all transit systems by increasing<br />
<strong>com</strong>petition among vendors when expanding or upgrading their systems and<br />
facilitating a staged regional rollout approach. The typical regional payment system<br />
has four tiers <strong>of</strong> devices and <strong>com</strong>puter systems:<br />
• Regional Central System – Consolidates and processes transactions and<br />
establishes settlement positions between agencies<br />
• Headquarters Computer/Operator Central Tier – Utilized by participating<br />
agencies to collect transactions for internal auditing and reporting and/or<br />
control agency specific functionality. This tier is optional, as some agencies pass<br />
data straight from the station/depot <strong>com</strong>puter tier to the central system. In<br />
addition, some systems will include an “audit <strong>com</strong>puter” to audit the data in the<br />
central system instead <strong>of</strong> a headquarter <strong>com</strong>puter system.<br />
• Station/Depot Computer Tier – Deployed in stations or bus depots to collect<br />
usage data from fare payment devices and download configuration data to<br />
devices from the Headquarters Computer/Operator Central Tier. This tier is<br />
optional, as some agencies have opted to pass data straight from the Device Tier<br />
to the Headquarters Computer/Operator Central Tier.<br />
• Device Tier – Deployed on vehicles or at stations and other points where the<br />
patron’s card interfaces with the system<br />
The system tiers and related interfaces explained in this section are illustrated in<br />
Exhibits 1.1-1 and 1.1-2.<br />
Page 5
Regional System<br />
Interface<br />
Operator System<br />
Interface<br />
Station<br />
Computer<br />
Operator CID Interface Device<br />
Interface<br />
Exhibit 1.1-1 Regional Smart Card System Interface<br />
Operator Central<br />
System<br />
Station<br />
Computer<br />
Faregate POS<br />
TVM TVM<br />
Terminal<br />
Regional Central<br />
System<br />
Operator Central<br />
System<br />
Depot<br />
Computer<br />
Farebox<br />
Smart Card<br />
Validator<br />
TVM<br />
Operator Central<br />
System<br />
Smart Card<br />
Validator<br />
Rail Operator Bus Operator Bus Operator<br />
Regional Central<br />
System<br />
Operator<br />
Network<br />
Exhibit 1.1-2 Regional Peer to Peer System Interface<br />
Operator<br />
Network<br />
1.1.2 Objectives <strong>of</strong> the Analysis<br />
Operator Central<br />
System<br />
Regional Peer-to-Peer<br />
Interface<br />
Page 6<br />
Operator<br />
Network<br />
Operator<br />
Network<br />
Regional Central<br />
System<br />
Operator Central<br />
System<br />
Depot<br />
Computer
This report en<strong>com</strong>passe s the review and analysis<br />
<strong>of</strong> existing smart card interoperability<br />
standards and smart card related specifications. The terms “Standard” and<br />
“Specification” have been used per the document<br />
titles as defined by their issuing<br />
organizations.<br />
The d ocuments listed in Exhibit 1.1-3 below were<br />
reviewed in this effort.<br />
Exhibit 1.1-3 Documents Reviewed<br />
for This Report<br />
Document Issuer Title Comments<br />
Smart Card Industry Specifications<br />
Innovatron-RATP-SNCF Calypso Smart card ticketing application<br />
RKF RKF Specification for interoperable electronic<br />
ticketing system<br />
VDV VDV German public transit specification<br />
ITSO ITSO Interoperable Transit Smart Card<br />
Specification<br />
IOPTA IOPTA Interoperable<br />
Public Transit Application<br />
SNCF Intercode Interoperable French ticketing<br />
specification<br />
OFX OFX Non-smart card XML specification<br />
EMVCO EMV Interoperable contact smart card<br />
specification for credit/debit cards<br />
Global Platform Global Platform Multi application smart card platform for<br />
financial institutions<br />
NIST GSC-IS U.S. government smart card specification<br />
CEPS<br />
Smart Card Standards<br />
CEPS Interoperable e-purse specification<br />
CEN CEN TC278/IFM Interoperable fare management system<br />
for public transit fare collection system<br />
ISO/IEC ISO/IEC 8583 Message type and structure for financial<br />
data exchange between banks and<br />
financial institutions.<br />
ISO/IEC ISO/IEC 14443 Contactless smart card standards<br />
ISO/IEC ISO/IEC 7816<br />
Contact-based smart card standards<br />
NTTWG<br />
Vendor Specifications<br />
ATIP Australian, transit<br />
ticketing and tolling<br />
standard<br />
Agent Systems VEI Control and monitoring <strong>of</strong> networked<br />
equipment<br />
Cubic CID Edge<br />
Interfaces Message type and structures for device to<br />
Central System data exchange<br />
Mark IV EZ-Pass Message<br />
Back <strong>of</strong>fice transaction and clearing and<br />
Specifications<br />
settlement messages<br />
ERG APTA WG4 Transaction Device to Higher Level Computer Data<br />
Definitions Elements/Messaging Specifications<br />
Smart Card Project Specific Specifications<br />
Washington<br />
®<br />
SmartTrip<br />
Back <strong>of</strong>fice transaction exchange<br />
Metropolitan Area Interoperability<br />
Regional including clearing and settlement<br />
Transit Authority<br />
(WMATA)<br />
Specification (SIRS)<br />
Page 7
Document Issuer Title Comments<br />
Metropolitan<br />
®<br />
TransLink Data and Transaction and data types for back <strong>of</strong>fice<br />
Transportation<br />
Messaging Format<br />
messaging between CID and the higher<br />
Commission<br />
(MTC) Specification<br />
tier<br />
Port<br />
Authority New Regional Interoperability RIS scope is defined to detail card, card to<br />
York/New<br />
Jersey Specification (RIS) Part 4 CID and agency Central Computer (ACC)<br />
( PANY/NJ)<br />
to Regional Clearing House (RCH)<br />
specifications<br />
OCTOPUS Documentation Relevant to Back-<strong>of</strong>fice clearing and settlement<br />
the UTFS Effort<br />
messaging<br />
1.2 APTA Efforts<br />
To Date<br />
As a preliminary activity to the development <strong>of</strong> WP4 interface specifications, the UTFS<br />
Financial Management Committee Systems Workpackage 4 developed the Interface<br />
Specification Functional Description document that describes the following interfaces<br />
in<br />
detail:<br />
• Regional System Interface<br />
• Operator System Interface<br />
• Operator to Operator Interface<br />
Additionally, the Functional Description document defines the<br />
functionality that must<br />
be present for each interface in order to be deemed “<strong>com</strong>pliant” by the future APTA<br />
standards. The document also provides a framework to evaluate the required<br />
functionality by the following criteria:<br />
• Messages<br />
• Data structures<br />
• Commands<br />
2.0 METHODOLOGY<br />
For this research effort Booz Allen employed a methodology that first included an<br />
identification<br />
<strong>of</strong> relevant smart card standards and specifications (transit and nontransit).<br />
The next step<br />
in the methodology was to apply screening criteria to each <strong>of</strong> the<br />
documents in order to determine their relevancy to the UTFS effort. The documents<br />
that fulfilled the project screening criteria became candidates for detailed analysis.<br />
The<br />
methodology is illustrated in Exhibit 2-1.<br />
Page 8
Identify S m art Card<br />
Indust ry S ta ndards &<br />
Sp ecif ica tions<br />
Exhibit 2-1 Selection Methodology<br />
Apply Project<br />
Screening Criteria<br />
Does it Meet<br />
all the<br />
Criteria?<br />
Yes<br />
Detailed An alysis<br />
(Section 3.0) (Section 4.0)<br />
Not Applicable to the<br />
UTFS Effort<br />
No<br />
Relevant but Unable to<br />
Obtain Permission<br />
(Exhibit 3-1) (Exhibit 3-2)<br />
Could Not Obtain –<br />
Can’t Ascertain<br />
Relevance<br />
(Exhibit 3-2)<br />
Booz Allen began this research effort by identifying a candidate pool <strong>of</strong> standards and<br />
specifications that address smart card or electronic payment transactions. We selected<br />
the documentation based on the following factors:<br />
• Our work on various smart card implementations in North America,<br />
Europe and<br />
Asia/Australia<br />
• Our relationships with vendors in the<br />
smart card <strong>com</strong>munity<br />
• Our knowledge <strong>of</strong> smart card or messaging specifications introduced in other<br />
industries (e.g. financial, electronic toll collection) that may have applicability<br />
to the<br />
UTFS<br />
effort<br />
In addition, APTA, through its work in UTFS Workpackages, identified several<br />
standards and specifications for analysis.<br />
3.0 PROJECT SCREENING CRITERIA Two preliminary criteria were established to evaluate<br />
each standard and specification in<br />
order to identify those that qualified for further analysis.<br />
• Relevance <strong>of</strong> the standard or specification to the UTFS efforts<br />
- Tiers the standard or specification<br />
is targeted to match WP4 focus (see<br />
Exhibits 3.1-1 and 3.1-2)<br />
• Availability for use by APTA<br />
- Timeline for acquisition <strong>of</strong> the documentation<br />
- Willingness <strong>of</strong> the issuing agency to share documentation with APTA<br />
- Requirements for use (licensing fee or contractual agreements)<br />
The<br />
first criterion was applied to each <strong>of</strong> the standards or specifications; if the document<br />
failed,<br />
it was deemed not applicable to the UTFS effort. If the standard or specification<br />
passed<br />
the first criteria, the second was applied. If it failed the second criteria it fell into<br />
one<br />
<strong>of</strong> the categories in Exhibit 3-2. The disposition for each <strong>of</strong> the standards and<br />
specifications is documented in the discussion and exhibits <strong>of</strong> this section.<br />
Page 9
Exhibit 3-1 lists the standards or specifications that did not meet the initial project<br />
screening criteria, and were determined not applicable to the UTFS, based on their card<br />
level interoperability foc us.<br />
Exhibit 3-1 Not Applicable to APTA’s Efforts<br />
Title<br />
Sm art Card Specifications<br />
Description <strong>of</strong> Non-Applicability<br />
Calypso Card architecture and device-to-card interface<br />
specification<br />
RKF Card architecture and device-to-card interface<br />
specification<br />
Intercode Card architecture and device-to-card interface<br />
specification<br />
VDV (Interoperability Standard In<br />
Card architecture and device-to-card interface<br />
Germany)<br />
Smart Card Specifications (non-Transit)<br />
specification<br />
EMV (Europay MasterCard Visa) Card architecture and device-to-card interface<br />
specification<br />
Global Platform Smart card multi-application card platform<br />
CEPS (Common Electronic Purse<br />
Specification)<br />
Card based universal purse application specification<br />
GSC-IS (Government Smart Card<br />
Card architecture and device-to-card interface<br />
Interoperability Standard)<br />
specification<br />
Exhibit 3-2 illustrates the standards or specifications that are deemed relevant to the<br />
UTFS effort by passing the first project screening criteria. However, attempts to contact<br />
project sponsoring organizations to obtain the necessary documentation were either<br />
unsuccessful (as <strong>of</strong> December, 2004) or permission for APTA’s use was not granted.<br />
Therefore, these documents failed the second screening criteria.<br />
Exhibit 3-2: Documentation That Failed Second Criteria<br />
Document Issuer Title Comments<br />
Smart Card Standards<br />
NTTWG ATIP Standard is in<strong>com</strong>plete<br />
Smart Card Specifications<br />
IOPTA IOPTA Unable to obtain, Relevance is unknown<br />
Smart Card Project Specific Specifications<br />
Octopus OCTOPUS No Response from the Issuer<br />
At the time <strong>of</strong> the release <strong>of</strong> this report, explicit authorization is still being worked on<br />
and has not been worked out for the inclusion <strong>of</strong> the SmartTrip® Interoperability<br />
Regional Specification (SIRS).<br />
Page 10
The standards and specifications that passed the two initial screening criteria qualified<br />
for further analysis. The results <strong>of</strong> the analysis are presented in Section 4.0.<br />
Page 11
4.0 ANALYSIS OF STANDARDS AND SPECIFICATIONS<br />
Each <strong>of</strong> the standards and specifications in this section were analyzed for their<br />
adherence to the criteria outlined in Section 3.0 and their overall relevance to the<br />
UTFS<br />
effort.<br />
The information presented in this section was obtained through various<br />
including:<br />
channels<br />
• Discussions with transit operator personnel, smart card equipment<br />
vendors and<br />
project managers<br />
• A review <strong>of</strong> public information (web sites and project documents)<br />
• Booz Allen’s<br />
direct involvement through engagements with the planning, design<br />
and implementation <strong>of</strong> many <strong>of</strong> the regional fare payment systems.<br />
Exhibit<br />
4-1 illustrates the documentation that met the entire project screening criteria<br />
explained in Section 3, and are included in the analysis presented in this section.<br />
Exhibit 4-1 Documentation That Met All Criteria<br />
Document Issuer<br />
Smart Card Standards<br />
Title Comments<br />
European Committee for<br />
Standardization (CEN)<br />
Smart Card Specifications<br />
CEN TC278/IFM<br />
Analyzed in detail<br />
ITSO Integrated Transport<br />
Smartcard<br />
Organization (ITSO)<br />
Analyzed in detail<br />
Smart Card Standards (non-Transit)<br />
International Standards<br />
Organization (ISO/IEC)<br />
ISO/IEC 8583 Analyzed in detail<br />
Smart Card Specifications (non-Transit)<br />
OFX<br />
Vendor Specifications<br />
Open Financial<br />
Exchange (OFX)<br />
Analyzed in detail<br />
Agent Systems Vending Equipment<br />
Interface (VEI)<br />
Analyzed in detail<br />
Cubic CID Edge Interfaces Analyzed in detail<br />
ERG APTA WG4<br />
Transaction Definitions<br />
Analyzed in detail<br />
Smart Card Project Specific Specifications<br />
Metropolitan<br />
Transportation<br />
Commission (MTC)<br />
®<br />
TransLink<br />
Analyzed in detail<br />
Port Authority New Regional<br />
Analyzed in detail<br />
York/New Jersey Interoperability<br />
(PANY/NJ)<br />
Specification (RIS)<br />
Part 4<br />
Page 12
These standards and specifications were subjected to detailed analysis in order to assess<br />
their level <strong>of</strong> applicability to UTFS WP4 efforts. The established criteria for the level <strong>of</strong><br />
applicability were developed based on the input from the APTA Financial Committee’s<br />
Interface<br />
Specification Functional Description and Booz Allen’s experience in<br />
implementing regional fare payment systems.<br />
The criteria included:<br />
• Common Message Structure that is supported by all data exchange<br />
• Message Types that are applicable to UTFS WP4 proposed messages<br />
• Data Elements that are specific to the transit industry<br />
• Message Sequences that support an organized flow <strong>of</strong> data<br />
• Security Requirements to allow for the protection <strong>of</strong> sensitive transit data and the<br />
fiscal integrity <strong>of</strong> the larger payments scheme implemented for all participant in a<br />
region<br />
• Timing and Routing that dictates the operational requirements <strong>of</strong> the system<br />
• Usability <strong>of</strong> the standard or specification by APTA<br />
The following sections include the detailed analysis for each <strong>of</strong> the standards<br />
and<br />
specifications listed in the Exhibit 4-1.<br />
4.1 ISO/IEC 8583<br />
4.1.1 Description <strong>of</strong> the Standard<br />
ISO/IEC<br />
8583 is designed as an interface standard enabling messages to be exchanged<br />
between systems that employ different application specifications. This standard <strong>of</strong>fers<br />
application designers freedom from overall design<br />
constraints because messages can be<br />
converted<br />
to the format <strong>of</strong> this interface for international interchange to take place.<br />
This international standard uses a concept called bitmap, whereby each data element is<br />
assigned a pos ition indicator in a control field (or bitma p). A “1” in the assigned<br />
position indicates the presence <strong>of</strong> a data element in a specific message, and a “0” in the<br />
assigned<br />
position, indicates the absence <strong>of</strong> a data element. This will allow application<br />
designers to choose variable length data elements and messages, and the flexibility to<br />
utilize data element types that are best suited for a specific application.<br />
The standard is designed to<br />
ac<strong>com</strong>modate real-time “request-response,” and batch and<br />
file<br />
transfer type information exchange. It can also be utilized for both peer-to-peer and<br />
centralized settlement schemes due to its flexible design.<br />
ISO/IEC 8583 specifies a well-defined message structure, and message format and<br />
content.<br />
It is widely used in the financial industry, particularly in the handling <strong>of</strong> all<br />
credit and debit card transactions among financial institutions and merchants around<br />
the world.<br />
Page 13
Though the majority <strong>of</strong> the messages and related data elements have been designed for<br />
financial transaction interchange, they share some <strong>com</strong>monalities with public transit<br />
electronic fare payment transactions.<br />
4.1.2 Applicability to UTFS Effort<br />
ISO/IEC 8583 lacks transit industry specific data elements and message types that need<br />
to be defined by APTA. The addition <strong>of</strong> this new information requires their submission<br />
to ISO/IEC, the international standards body that controls and maintains the changes to<br />
the standard. The timeline for an effort such as this is largely unknown, but estimated<br />
to be lengthy. For all the benefits <strong>of</strong>fered, this standard may serve as a model for<br />
UTFS<br />
WP4 efforts.<br />
Of all the standards and specifications analyzed, ISO/IEC 8583 is the most established<br />
and widely implemented standard throughout the world. Financial data exchange<br />
<strong>of</strong><br />
all magnetic stripe based credit card transactions follows this standard. Following the<br />
advancements in the card technologies, ISO/IEC 8583 has been updated to<br />
ac<strong>com</strong>modate mostly contact based smart card transactions. Its financial industry focus<br />
led<br />
to the presence <strong>of</strong> a variety <strong>of</strong> clearing and settlement transactions exchanged<br />
between entities. Though it is mostly used for on-line real time “request-response”<br />
type<br />
transactions, the standard provides details for batch<br />
and file transfer mechanisms.<br />
4.1.3 Common Message Structure<br />
ISO/IEC 8583 provides a <strong>com</strong>mon message structure, which defines three main sections<br />
for<br />
each message as illustrated in Exhibit 4.1-1.<br />
Exhibit 4.1-1 Common Message Structure<br />
Message Type Message Bitmap(s) Data Elements<br />
Message type consists <strong>of</strong> two elements, a version number and a message type identifier.<br />
The version number is allocated to indicate the version <strong>of</strong> the ISO/IEC 8583 standard<br />
followed by the interchange. The message type identifier is a three digit numeric field<br />
identifying the following:<br />
• Message class<br />
• Message function<br />
• Transaction originator<br />
Message class identifies whether it is a financial, administrative, or network<br />
management type <strong>of</strong> a message. Message function specifies if it is a request, response,<br />
notification or advice. The transaction originator digit identifies the originator <strong>of</strong> the<br />
message (e.g., issuer or acquirer).<br />
Page 14
Although there is no “one-to-one” relationship between UTFS defined<br />
message types<br />
and<br />
ISO/IEC 8583 defined message classes, this standard provides a flexible model, or<br />
foundation<br />
to further define transit industry related data elements in its body.<br />
The<br />
second element in the message structure defines whether it contains one or two<br />
bitmaps.<br />
A “1” in the bitmap indicates the presence <strong>of</strong> the corresponding data element<br />
in the message. Each bitmap has 64 bits, thus two bitmaps can provide the total <strong>of</strong> 128<br />
data<br />
elements, as defined by the standard. The first (primary) bitmap is mandatory and<br />
represents<br />
the most frequently used data elements. The presence <strong>of</strong> the secondary<br />
bitmap is signified by a “1” in bit 01 <strong>of</strong> the primary bitmap.<br />
Bitmaps provide the application providers with the flexibility <strong>of</strong> choosing among a<br />
greater pool <strong>of</strong> data elements for varying industry segments, however, they tend to<br />
add<br />
extra<br />
overhead to the transaction speeds, especially in real-time data processing<br />
environments. The effects <strong>of</strong> this overhead may not be as significant for backend,<br />
processing environments such as clearing and settlement or reporting that are not as<br />
time sensitive as card to reader transactions.<br />
Messages are constructed using the message bit map as an index <strong>of</strong> present data<br />
elements. There are three types <strong>of</strong> data elements:<br />
• Primitive data element<br />
• Constructed data element<br />
• Composite data element<br />
Primitive data elements represent a single piece <strong>of</strong> information, whereas the constructed<br />
data element consists <strong>of</strong> a fixed number <strong>of</strong> sub-elements, all <strong>of</strong> which must be present.<br />
Composite data element consists <strong>of</strong> a large number <strong>of</strong> sub-elements. Most <strong>of</strong> these sub-<br />
elements fall into industry related categories such as auto rental data, or airline data. In<br />
order to define these categories, the concept <strong>of</strong> a “dataset” has been introduced. All<br />
the<br />
sub elements in<br />
a <strong>com</strong>posite data element are divided into a certain number <strong>of</strong> datasets,<br />
each<br />
<strong>of</strong> which relates to an industry and contain a dataset identifier. The structure <strong>of</strong> a<br />
dataset is based on the message structure explained in this standard. There is also a<br />
provision<br />
for identifying sub-elements using the TLV data encoding method as an<br />
alternative to using a second level bitmap. Each <strong>com</strong>posite data element can therefore<br />
contain a variable number <strong>of</strong> different datasets and can include both TLV and bitmap<br />
formats as illustrated in Exhibit 4.1-2.<br />
Page 15
Dataset<br />
Identifier<br />
4.1.4<br />
Message Types<br />
Exhibit 4.1-2 Composite Data Element<br />
Dataset<br />
Length<br />
The standard provides the following general message classes, some <strong>of</strong> which can<br />
be<br />
applied<br />
to back end transaction types for public transit as defined by UTFS WP4.<br />
• Authorization Messages<br />
• Verification Messages<br />
• Financial Presentment Messages<br />
• Financial Accumulation Presentment<br />
• File action messages<br />
• Reversal Message Class<br />
• Chargeback message class<br />
• Reconciliation message class<br />
• Administrative message class<br />
• Error messages<br />
• Fee collection messages<br />
• Network Management messages<br />
• Key management messages<br />
The following sections addresses the relevance and application <strong>of</strong> the messages to the<br />
message types defined by the UTFS WP4 in<br />
the Interface Specification Functional<br />
Description.<br />
4.1.4.1 Transaction<br />
Data<br />
Composite Data Element<br />
Dataset Sub Optional TLV<br />
Bitmap(s)<br />
Element Sub Elements<br />
The MTI 240, Financial Presentment Notification Messages have been designed to<br />
<strong>com</strong>municate the financial data for an approved transaction amount for billing or<br />
posting purposes. This<br />
message type can be applied to Fare Card Usage and Add Value<br />
Transaction types defined by UTFS. The message has 37 optional and mandatory data<br />
elements. (See Appendix C for a full list <strong>of</strong> data elements in this message)<br />
In addition to its standard financial transaction message types, this standard allocates<br />
further<br />
sub-classification for an electronic purse transaction type within the financial<br />
presentment message class.<br />
Page 16
4.1.4.2 Card Management Data<br />
The standard provides MTI 800 series network management message class to control<br />
the following types <strong>of</strong> network management activity:<br />
• System condition management, which is used to establish and report system<br />
availability and to give instructions<br />
pertaining to message handling during<br />
periods <strong>of</strong> system unavailability<br />
• System security management, which is used to control security aspects <strong>of</strong> the<br />
interchange system<br />
such as key and password management and security alerts.<br />
These messages may be used as part <strong>of</strong> a security procedure, e.g., automatic<br />
periodic key changes<br />
• System accounting management, which is used to identify the end <strong>of</strong> a<br />
reconciliation period. These messages may be used as part <strong>of</strong><br />
a reconciliation<br />
process<br />
• System audit controls management, which is used to test integrity <strong>of</strong> interchange<br />
links and/or used as a part <strong>of</strong> an integrity check or failure recovery scheme<br />
• Batch and file transfer header and trailer control management, which is used<br />
to<br />
denote the start and/or end <strong>of</strong> batch or file transfer<br />
File Action Instruction/Notification Messages (362/340) can be utilized to inform the<br />
receiver <strong>of</strong> a file action to be <strong>com</strong>pleted. The sender can periodically specify<br />
that the<br />
receiver<br />
acknowledge the receipt <strong>of</strong> the most recently sent group <strong>of</strong> instruction<br />
messages. The Da ta Record data element present in these<br />
message classes is utilized for<br />
the<br />
actual transfer <strong>of</strong> data and may or may not be based on the message types identified<br />
in this standard. Data Record data element is variable length and its structure and the<br />
content can be specified by the parties involved in the exchange. This allows parties<br />
in<br />
the transmission to further define the requirements <strong>of</strong> the Data Record data element,<br />
allowing the File Action Instruction/Notification messages to be utilized for Card<br />
Management transactions as proposed by the WP4. The types <strong>of</strong> file actions that are<br />
defined by the standard<br />
are listed below:<br />
• Add record<br />
• Change record<br />
• Delete record<br />
• Replace record<br />
• Inquiry<br />
• Replace file<br />
• Add file<br />
• Delete File<br />
• Card administration<br />
• Reserved for private<br />
use<br />
Page 17
4.1.4.3 System and Device Data<br />
The system and device data related messages are not addressed by this standard.<br />
However, the MTI 300 series File Action message class (including 362/340), as<br />
explained in the previous section, provides some flexibility to achieve the functionality<br />
similar to what is proposed by the Interface Specification Functional Description. The<br />
File Action messages<br />
are used to:<br />
• Add, change,<br />
delete or replace a file or record<br />
• Inquire into a file<br />
• Perform card administration (such as reporting lost or stolen cards)<br />
Therefore<br />
this message class can be utilized for Negative List, Hotlist, CID Parameter<br />
update<br />
and Application Update messages proposed by the WG4.<br />
4.1.4.4 Event Data<br />
Similar<br />
to the schema in the System and Device Data section, there is no specific<br />
coverage for this message type in this standard. The MTI 300 series File Action Message<br />
class (including 362/340)<br />
can also be utilized to carry event data in the Data Record<br />
data element <strong>of</strong> the message.<br />
Further definition <strong>of</strong> the structure, format and content <strong>of</strong><br />
this<br />
data element would be required for the event data transmission.<br />
4.1.4.5<br />
Peer to Peer Clearing & Settlement<br />
The ISO/IEC 8583 provides support for bo th peer-to-peer and central system based<br />
clearing and settlement schemes. The reconciliation message class supports the<br />
exchange <strong>of</strong> data between<br />
two institutions to reach agreement on financial totals. The<br />
calculation <strong>of</strong> the Amount Net Reconciliation data element is achieved by netting<br />
the<br />
debit and credit amounts in the reconciliation message. The standard<br />
defines two types<br />
<strong>of</strong> reconciliation:<br />
• Checkpoint reconciliation<br />
• Final reconciliation<br />
Checkpoint reconciliation period is defined by the Reconciliation Indicator field in the<br />
message. A final reconciliation period is ident ified with the Date Reconciliation field<br />
and contains any number <strong>of</strong> checkpoint reconciliation periods. The Reconciliation<br />
Data<br />
Primary<br />
<strong>of</strong> 12 parts contains all the individual values needed to calculate the net<br />
reconciliation in the Amount Net Reconciliation data element.<br />
4.1.5 Data Elements<br />
Bit 55 is the Integrated Circuit Card (ICC) data element and is a special form <strong>of</strong><br />
<strong>com</strong>posite data element used to transmit ICC related data. If the data is in accordance<br />
Page 18
with ISO/IEC 7816-6, there is no requirement for a dataset identifier or dataset bitmap<br />
as these functions are covered by the ISO/IEC 7816-6 TLV coding structures. The result<br />
is that the dataset identifier is replaced by the “T” element, the dataset length object<br />
by<br />
the “L” element, and the sub elements by the “V” element. Data that is not <strong>com</strong>pliant<br />
with the ISO/IEC 7816-6 can still be submitted in this<br />
field as long as it follows the<br />
standard <strong>com</strong>posite data element structure as defined by the standard as illustrated in<br />
Exhibit 4.1-3.<br />
Exhibit 4.1-3 Standard Composite Data Element Structure<br />
Dataset<br />
Identifier<br />
Field 55 ICC Related Data<br />
Dataset<br />
Length<br />
Dataset<br />
Bitmaps<br />
Sub<br />
Element<br />
Exhibit 4.1-4 contains a sample application <strong>of</strong> the ICC field with the transit industry<br />
related data elements.<br />
Exhibit 4.1-4 Sample Structure <strong>of</strong> Field 55<br />
Field 55 ICC Data<br />
Name Value Description<br />
Dataset Identifier 71 Fare Transaction<br />
Dataset Length 512 Total length <strong>of</strong> the sub-elements present<br />
Dataset Bitmap 0110000001100000 Indicates the following fields that are present<br />
Sub-elements<br />
Transit Application Pr<strong>of</strong>ile Object<br />
Product Index Object<br />
Pass and Transfer Object<br />
Transaction History Object<br />
Dataset Identifier 43 Load Value Transaction<br />
Dataset Length 384 Total length <strong>of</strong> the sub-elements present<br />
Dataset Bitmap 0001010000100000 Indicates the following fields that are present<br />
Sub-elements<br />
Stored Value (SV) Product Object<br />
Add Value Transaction History Object<br />
Transaction History Object<br />
4.1.6 Message Sequences<br />
The standard provides detailed sequences for message exchange and routing rules.<br />
Typically messages consist <strong>of</strong> a “request-response” pair that is initiated by either card<br />
issuers or acquirers, as illustrated in Exhibit 4.1-5. There are provisions for message<br />
repetitions when original request message is not responded. Additionally, the standard<br />
Page 19
defines instruction, notification and advice message types for unique operating<br />
conditions. “Request-Response” message pairs were originally intended for exchange<br />
between an operator central system and a regional central system. However,<br />
depending on the system architecture, the message pairs can be configured for<br />
exchange between two operator central systems.<br />
Operator Central<br />
System<br />
4.1.7 Security Requirements<br />
Exhibit 4.1-5 Request Response Pair<br />
Regional Central<br />
System<br />
Request/Response Request/Response<br />
Request/Response<br />
Operator Central<br />
System<br />
The standard mandates th e last bit position within any message bit map to be reserved<br />
for<br />
the Message Authentication Code (MAC) data element to validate<br />
the source and<br />
the<br />
text <strong>of</strong> the message between the sender and the receiver. The standard also makes<br />
reference to ISO/IEC 9807 (Banking and Related Financial Services) for message<br />
authentication.<br />
4.1.8 Timing & Routing<br />
ISO Standard 8583 defines two alternative information exchange schemes including<br />
examples to ac<strong>com</strong>modate transfer <strong>of</strong> data, in a batch or a file transfer format, in<br />
addition to the standard real-time “request-response” messages. These alternative<br />
approaches can be especially beneficial in a back-end information exchange, where a<br />
real time transfer <strong>of</strong> data to the higher tier or the central system is not as critical. These<br />
two alternatives provide a viable foundation for information exchange between both<br />
intra<br />
agency system <strong>com</strong>ponents and different central systems that operate on a peer-topeer<br />
basis. Therefore these exchange schemes are applicable to the UTFS efforts.<br />
ISO/IEC 8583 describes a file transfer process that is designed to allow transfer <strong>of</strong> larger<br />
volumes <strong>of</strong> data in the minimum number <strong>of</strong> messages. The file transfer consists <strong>of</strong><br />
submission <strong>of</strong> a group <strong>of</strong> file action messages (300 series), where the total number <strong>of</strong><br />
Page 20
these messages constitutes a file. The File Name data element in the message indicates<br />
the name <strong>of</strong> the file to be updated<br />
at the receiver’s location. The Data Record data<br />
element<br />
in each one <strong>of</strong> these messages contains data from a number <strong>of</strong> business<br />
transactions. The data contained in the Data Record data element may, or may not be<br />
based on the message types identified<br />
in this standard. The structure <strong>of</strong> this data<br />
element<br />
is left to the parties involved in the exchange. A file transfer is initiated with a<br />
network message set (804/814), followed by a series <strong>of</strong> file action (340)<br />
messages and<br />
ended with another network message, as illustrated<br />
in Exhibit 4.1-6.<br />
Device<br />
Or<br />
Station/Depot<br />
Computer<br />
Exhibit 4.1-6 File Transfer Process<br />
804<br />
814<br />
340<br />
340<br />
350<br />
804<br />
814<br />
N times<br />
File<br />
Operator Central<br />
System<br />
or<br />
Regional Central<br />
System<br />
Batch transfer allows transaction details to be sent as a series <strong>of</strong> notification, or<br />
instruction messages with an optional reconciliation transaction. The Batch Transfer<br />
does not require a response message for every message sent. Control is maintained by<br />
the use <strong>of</strong> notification, or instruction acknowledgement messages, which may be sent<br />
periodically within the transmission <strong>of</strong> a batch. There are no specific message types<br />
needed to support the Batch Transfer. It is achieved<br />
by the use <strong>of</strong> the existing message<br />
types provided<br />
by the standard.<br />
The batch transfer is initiated by an 804/814 network management messages that define<br />
transfer related control data such as number <strong>of</strong> messages contained in the batch. In the<br />
example flow illustrated in Exhibit 4.1-7, a series <strong>of</strong> Financial Presentment Notification<br />
Messages (240) are used in the batch transfer.<br />
Page 21
ACQUIRER<br />
4.1.9 Usability<br />
Exhibit 4.1-7 Batch Transfer Process<br />
804<br />
814<br />
240<br />
240<br />
250<br />
804<br />
814<br />
N times<br />
BATCH<br />
ISSUER<br />
ISO 8583 is a standard developed in ISO Technical Committee #68, which is represented<br />
by the Accredited Standards Committee X9, Inc., also referred to as ASC X9, in the US.<br />
Due to the organizational structure <strong>of</strong> ISO, APTA can pursue its adoption efforts by<br />
be<strong>com</strong>ing<br />
a member <strong>of</strong> X9.<br />
The following fee schedule is based on the membership level and effective the fiscal<br />
year <strong>of</strong> September 1 – August 31:<br />
Category A – Board Membership and Full Privileges $8,000<br />
Category B - Voting Privileges $4,750<br />
Category C - Limited Voting $2,500<br />
Category D – Non Voting $1,150<br />
Category E -- Workgroup Only $ 400<br />
Membership applications are usually processed in 24-48 hours. There is no cost<br />
involved in obtaining (or adapting to transit) the standard for membership categories A,<br />
B and C. However, the members can only distribute the standard within their own<br />
organization. Members can request changes to the standard and the length <strong>of</strong> the change process<br />
depends upon urgency <strong>of</strong> the<br />
change. Typically, the review and approval process takes<br />
somewhere between three months to a year, based on the type <strong>of</strong> changes to the<br />
standard,<br />
which are reviewed every 5-6 years.<br />
The<br />
use <strong>of</strong> the standard by non-members is subject to royalties, which are based on the<br />
amount <strong>of</strong> information extracted from the standard. The process <strong>of</strong> using<br />
the standard<br />
for non-members involves a written request identifying the parts <strong>of</strong> the standard<br />
intended<br />
for use.<br />
Page 22
Phone<br />
interviews and/or email correspondence were used to obtain this information,<br />
and<br />
it is accurate as <strong>of</strong> July 2004. However, if APTA is interested in using any parts <strong>of</strong><br />
the standard, formal negotiations are necessary.<br />
4.2 Integrated Transport Smartcard Organization (ITSO)<br />
4.2.1 Description <strong>of</strong> the Specification<br />
The<br />
International Ticketing Smart Card Organization (ITSO) was founded in 1998 as<br />
collaboration between various UK Passenger Transport Authorities<br />
addressing the lack<br />
<strong>of</strong><br />
suitable standards for interoperable smart card ticketing. ITSO was formed to build<br />
and maintain a specification for secure end-to-end interoperable ticketing transactions,<br />
utilizing relevant ISO/IEC and emerging<br />
European Committee for Standardization<br />
(CE N ) standards.<br />
The ITSO set <strong>of</strong> specifications is advisory and not<br />
binding. They aim to provide a<br />
platform and the toolbox for the provision <strong>of</strong> interoperable contactless smart card<br />
public<br />
transport ticketing and related services in the UK. The specification is divided<br />
into ten parts to cover the various entities involved<br />
in a typical fare payment system:<br />
• Part 0 – Concept and Content<br />
• Part 1 – General Reference<br />
• Part 2 – Customer Media Data and Customer Media Architecture<br />
• Part 3 – Terminals<br />
• Part 4 – Host Operator<br />
or Processing System (HOPS)<br />
• Part 5 – Customer Media Data<br />
Record Definitions<br />
• Part 6 – Message Data<br />
• Part 7 – ITSO Security Subsystem<br />
• Part 8 – ITSO Specific SAM Module (ISAM) Detailed Operation<br />
• Part 9 – Communications<br />
• Part 10 – Customer Media Definitions<br />
The emphasis <strong>of</strong> this analysis is on the Parts 4, 5 and 6 due to the scope <strong>of</strong> this project<br />
and the objectives <strong>of</strong> the WP4. The back <strong>of</strong>fice messages are designed to allow<br />
flexibility<br />
for adopting the specification for either peer-to-peer, or central system<br />
clearing and settlement operations.<br />
ITSO has deliberately opted to minimize data storage space requirements in order to<br />
allow organizations the most flexibility. This is especially critical where the data<br />
storage space is at a premium, such as in a bus driver controller module. To achieve<br />
this, data fields<br />
mainly have fixed sequences and lengths, freeing them from the<br />
requirements<br />
<strong>of</strong> a TLV type <strong>of</strong> encoding such as the one defined in ANS.1 specification.<br />
However, the specification still allows the use <strong>of</strong> TLV coding in number <strong>of</strong> ways at<br />
several levels when desired.<br />
Page 23
4.2.2 Applicability to UTFS Effort<br />
The ITSO specifications are very applicable to the UTFS WP4 efforts for the following<br />
reasons: • Detailed coverage for all the <strong>com</strong>ponents involved in a fare collection system<br />
• Transit industry<br />
specific messages and data elements<br />
• Smart card oriented architecture<br />
• Availablity to APTA<br />
• Easily adaptable by APTA<br />
Despite its advantages, ITSO does have some disadvantages:<br />
• ITSO has not been implemented in a public transit environment<br />
• ITSO defines Security Access<br />
Module (ISAM) currently provided through a<br />
single vendor<br />
• No support for clearing and settlement messages<br />
• Adoption <strong>of</strong> specification may cause impact on other APTA Workpackage efforts<br />
4.2.3 Common Message Structure<br />
ITSO<br />
uses the ISO/IEC/ENV 14904 model for the data messages described in the<br />
specification. Message Header:<br />
The ITSO message header (including the frame header) contains:<br />
• Message sender identification<br />
• Message recipient identification<br />
• Unique message<br />
identifier<br />
• Starting and ending<br />
sequence numbers<br />
• Stored Value<br />
deductions and additions<br />
• Message Authentication<br />
Code (MA<br />
Message Body and Transaction Data Blocks:<br />
The message body consists <strong>of</strong> ITSO Transaction Data Blocks, each <strong>of</strong> which includes the<br />
following data elements:<br />
• Sequence Number<br />
• Date and time stamp<br />
• Data, or transaction record<br />
• MAC Certificate based on the first three fields <strong>of</strong> the data block<br />
Page 24
The ITSO message body consists <strong>of</strong> individual transaction blocks,<br />
each one representing<br />
a single business transaction, or device event as illustrated in Exhibit 4.2-1.<br />
Message Header Message Frame<br />
ITSO Message Header<br />
Exhibit 4.2-1 ITSO Message<br />
Structure<br />
Frame Header Message Body<br />
Seq Time Stamp Data MAC<br />
Transaction<br />
Data<br />
Blocks<br />
Message Code Count <strong>of</strong> Destinations Destinations Data Content<br />
The<br />
data portion <strong>of</strong> the<br />
transaction data blocks is dependent upon the message type and<br />
c an be configured to send to multiple<br />
destinations. This provision allows flexibility to<br />
separate “on-us” and “not on-us” transactions at the card reader level, and route them<br />
to their respective destinations if desired. Individual transaction data blocks<br />
can<br />
transmit<br />
multiple transactions, essentially acting as a file or batch transfer<br />
<strong>of</strong><br />
information.<br />
Listed below are the parts <strong>of</strong> the Data or the transaction record <strong>com</strong>ponent <strong>of</strong> the<br />
transaction<br />
data block:<br />
• Message Code<br />
• Count <strong>of</strong> destinations<br />
• Destinations<br />
• Data content<br />
The actual data elements are contained within<br />
the data content <strong>com</strong>ponent <strong>of</strong> the<br />
tr ansaction record.<br />
4.2.4 Message Types<br />
The ITSO specification provides the data flows and processes for card issuer, product<br />
owner, and retailer and transit service provider.<br />
The specification provides for data to<br />
be directed to any <strong>of</strong> the following entities:<br />
• A single entity (HOPS)<br />
Page 25
• A number <strong>of</strong> entities<br />
• Proprietary scheme data<br />
transmission systems<br />
Every message consists <strong>of</strong> 12 standard fields with a total <strong>of</strong> 34 bytes and a set <strong>of</strong><br />
additional fields based on the type <strong>of</strong> message. Listed below are the main ITSO<br />
message types:<br />
• ITSO Shell<br />
• IPE Administration<br />
• Card Issue Records<br />
• ITSO ID<br />
• Stored Value<br />
• Charge to account<br />
• Loyalty<br />
• Predefined ticket and journey ticket<br />
• Refund<br />
• Journey Record<br />
• Exception<br />
• Miscellaneous<br />
4.2.4.1 Transaction<br />
Data<br />
Stored value use and load transactions are treated different than the non-stored value<br />
load transactions. In general, pass and ticket-book loads are treated as new product<br />
creations and require addition <strong>of</strong> product type specific data to the message. The ITSO<br />
product ty pes are illustrated<br />
in Exhibit 4.2-2.<br />
Page 26
Exhibit 4.2-2 Product Types<br />
Type Code IPE (Product) Title<br />
0 Private Entry within ITSO Directory<br />
16 ITSO ID<br />
2 Stored Value<br />
3 Loyalty Type 1<br />
4 Charge to Account<br />
17 Loyalty Type 2<br />
22 Pre-defined Ticket (Area Based)<br />
6 Pre-defined ticket with days selection and action list capability<br />
23 Pre-defined specif ic journey ticket<br />
7 Pre-defined specif ic journey ticket with multi-ride and action list capability<br />
24 Pre-defined specific journey ticket including reservation and restrictions<br />
8 Pre-defined specific journey<br />
ticket including reservation<br />
and restrictions<br />
with action list capability<br />
25 Travel related Voucher<br />
9 Travel related Vouc her with multi-use and<br />
action list capability<br />
26 Open system tolling<br />
10 Open system tolling with multi-use and action list capability<br />
In non-stored value product usage and loads, the messages are structured<br />
in the<br />
following sequence:<br />
• Common data (required)<br />
• Stored Use data (Present when the product supports free transfers)<br />
• Product Specific Data (presence dependent on product type)<br />
Product specific data includes the following additional elements to the 53-byte long<br />
<strong>com</strong>mon data that is required in the message as described<br />
in Exhibit 4.2-3.<br />
Exhibit 4.2-3 Product Specific Data<br />
Product Type Additional Bytes<br />
6,22 37 and 2 Variable Length fields<br />
7,23 59<br />
8, 24 57 and 2 variable length fields<br />
9, 25 34<br />
10,26 26<br />
4.2.4.2 Card Management Data<br />
The ITSO Shell is the ITSO application with a file structure, directory entries and a<br />
security schema loaded onto the smart card platform. The ITSO Shell transactions fall<br />
into one <strong>of</strong> the following four groups:<br />
• Creating an ITSO Shell<br />
• Activating an ITSO Shell<br />
Page 27
•<br />
Create/amend ITSO ID<br />
• Deleting an ITSO Shell<br />
The Creating ITSO Shell message would be the equivalent <strong>of</strong> an initialization message,<br />
while Activating ITSO Shell is the equivalent <strong>of</strong> an issuing transaction. The<br />
Create/Amend ITSO ID message is designed to transmit cardholder specific data (see<br />
Appendix C) and would represent both the Registration and Personalization messages<br />
<strong>of</strong> UTFS. The Interoperability List Transaction is intended to exchange operating<br />
parameters between the host and the CID. Even though the specification allows the<br />
definition <strong>of</strong> implementation specific parameter types, the following list contains the<br />
currently set-up parameter tables:<br />
• Card Type<br />
Parameters<br />
• Peak Times<br />
• Public Holidays<br />
• Transfers<br />
• Rebates<br />
• Loyalty Rules<br />
• Currency<br />
• Zone <strong>Table</strong> Reference<br />
• Zone <strong>Table</strong> Bitmap<br />
• Sale Price<br />
• Format Version Code parameters<br />
• Change Instructions<br />
4.2.4.3 System and Device Data<br />
HOPS<br />
to POST Configuration messages are designed to update or change the main<br />
devic e and application related parameters between a central system and a CID as<br />
illustrated<br />
in Exhibit 4.2-4.<br />
Exhibit 4.2-4 HOPS to POST Configuration Messages<br />
Capability Values<br />
Location 0=Not Used<br />
1=Fixed<br />
2= mobile<br />
or RFU<br />
Security 0= Not Used<br />
1=Not tamper pro<strong>of</strong>,<br />
2=Tamper Pro<strong>of</strong>,<br />
3= Tamper pro<strong>of</strong> and no radiation<br />
Communication 0= Not Used<br />
1= Offline,<br />
2=permanently online<br />
3= dial out capability,<br />
4=dial in/polled capability<br />
Page 28
Capability Values<br />
or RFU<br />
Product Priority Selection Prioritization according to a table<br />
Message Security 0=Not Used<br />
1=Messages Saved after<br />
Transmission<br />
2= Messages Not Saved after<br />
Transmission<br />
RFU<br />
Printing Capability 0=Not Used<br />
1=Receipt Printer Available<br />
RFU<br />
Cardholder Display 0=Not Used<br />
1=Display Facing Cardholder<br />
RFU<br />
Maximum Purse Value 0=Not Used<br />
1=Cannot Modify<br />
2=Can modify<br />
IPE Priority Selection 0=Not Used<br />
1=Prioritization According to<br />
parameter table<br />
2= Prioritization According to<br />
customer stated preference<br />
RFU<br />
The device level <strong>com</strong>mands are intended for very high-level device configuration<br />
settings and not for low-level device hardware status data, or parameter update.<br />
4.2.4.4 Event Data<br />
ITSO<br />
does not define any device level message types.<br />
4.2.4.5 Peer to Peer Clearing & Settlement<br />
Since<br />
the clearing and reimbursement arrangements may vary dramatically between<br />
schemes, ITSO does not define financial settlement between entities. Settlement is<br />
beyond the scope <strong>of</strong> this specification.<br />
4.2.5 Data Elements<br />
The specification provides a wide variety <strong>of</strong> data elements that represent most product<br />
types and entities <strong>of</strong>fered in Europe and North America. ITSO includes 34 fixed length<br />
standard data elements (fields) that are present in every message, and supplemented<br />
with transaction specific data based on the message type. The fields that are not utilized<br />
by a particular implementation should be “0” filled and presented in messages where<br />
required. This may create messages with lengths up to 100 bytes per message.<br />
Page 29
4.2.6 Message Sequences<br />
The structure <strong>of</strong> data within messages is designed to support error-free transmission in<br />
that steps are taken to ensure that system is able to determine that losses may have<br />
occurred or data otherwise corrupted. A positive mechanism <strong>of</strong> acknowledgement is<br />
used to guarantee error-free transmission. The recipient <strong>of</strong> the message will return<br />
a<br />
positive or negative acknowledgement <strong>of</strong> the message to the sender. If the sender<br />
receives positive acknowledgement, the original message may<br />
be deleted, or it will be<br />
retained for re-transmission. Each data block includes a certificate to validate its<br />
contents as well as to sequence the data block within a set <strong>of</strong> data blocks. A header<br />
block, containing relevant summary information, precedes each set <strong>of</strong> data blocks in all<br />
messages. Data blocks holding different types <strong>of</strong> data may be mixed without restriction<br />
in messages.<br />
4.2.7 Security Requirements<br />
The end-to-end “loss-less” transmission objective led to a design solution involving an<br />
ITSO specific SAM module (ISAM). All the <strong>com</strong>ponents that are involved in the<br />
processing <strong>of</strong> data within the system (such as card reader devices and central systems)<br />
are required to carry ISAMs accredited by ITSO. Individual transaction and batch<br />
headers are also required to contain MAC fields. Each transmitted record/data block<br />
has a certificate associated with it. The certificate is an ISAM generated MAC <strong>of</strong> the<br />
transmission<br />
block data. All records transmitted must be sequence numbered.<br />
4.2.8 Timing & Routing<br />
ITSO provides the following minimum suggested performance<br />
levels in processing<br />
back <strong>of</strong>fice transactions:<br />
• 98% <strong>of</strong> data should be received by the owner <strong>of</strong> data and processed against the<br />
IPA by 5:00 am on the day after the POST activity for that item<br />
• Remaining data should be received and processed within the following 24 hours<br />
Each<br />
HOPS must perform the following actions between midnight and 5:00 am:<br />
• Poll and collect batches from any POSTs directly under its control<br />
• Distribute not on-us transactions<br />
- Receive on-us transactions from other<br />
HOPS<br />
- Process the data<br />
4.2.9 Usability<br />
The ITSO specification requires that a central body provide the core facilities <strong>of</strong> Security<br />
Management (provision <strong>of</strong> keys), Compliance Management, Certification Service and<br />
Registrar (to register the schemes and products for provision <strong>of</strong> security keys. ITSO has<br />
Page 30
opted to contract these services out in the UK and <strong>of</strong>fered the Request For Proposals<br />
for<br />
these activities to be made available to APTA without charge if needed. ITSO<br />
representatives from UK <strong>of</strong>fered two alternative scenarios for adoption <strong>of</strong> the<br />
specification.<br />
• APTA is allowed to use and modify the current ITSO specification in any way<br />
they desire to <strong>com</strong>e up with their own specification based on ITSO. No licensing<br />
or memberships fees are required. Only the specification documents on the<br />
Internet will be available in this option, therefore APTA will have to 'reverse<br />
engineer' the SIM card Secure Application Module and the security key<br />
management service, if needed<br />
• A subset <strong>of</strong> ITSO can be formed in the US, which APTA can manage. There<br />
is no<br />
cost involved in this option. A USA implementation <strong>of</strong> ITSO under the APTA<br />
name would constitute a separate security domain and therefore all the keys<br />
would be different. APTA can therefore set its own rules. The ITSO rules will be<br />
made available to APTA to implement at will. APTA does not need to use the<br />
ITSO <strong>of</strong>ficial name or logo.<br />
Setting up an APTA equivalent to ITSO can be done as soon as their membership<br />
groups are defined and the membership is elected. This process can take approximately<br />
three months. Putting in place the (few) full-time people, the contracts and the<br />
processes raises the time estimate to at least six months. The current suppliers to ITSO<br />
(ecebs for the ISAMs, Integri for Certifcation and Royal Bank <strong>of</strong> Scotland for Security<br />
Key Management) would all be willing to supply the sub-contract services at a fee, if<br />
necessary.<br />
4.3<br />
Open Financial Exchange (OFX)<br />
4.3.1 Description <strong>of</strong> the Specification<br />
Open Financial Exchange is a specification for the electronic exchange <strong>of</strong> financial<br />
data<br />
between financial institutions, businesses and consumers via the Internet. Created by<br />
CheckFree,<br />
Intuit and Micros<strong>of</strong>t in early 1997, Open Financial Exchange supports a<br />
wide range <strong>of</strong> financial<br />
activities, including consumer and small business banking,<br />
consumer and small business bill payment, bill presentment and investments tracking<br />
(including stocks,<br />
bonds, mutual funds, and 401(k) account details). Since the 2000<br />
release <strong>of</strong> the Version<br />
2.0, OFX has be<strong>com</strong>e XML 1.0 <strong>com</strong>pliant and has added 1098,<br />
1099 and W2 tax form<br />
download capabilities. Open Financial Exchange (OFX) is a<br />
broad-based<br />
framework<br />
for exchanging financial data and instructions between<br />
customers and their financial institutions. It is based on open standards for data<br />
formatting (such as XML), connectivity (TCP/IP), and security (SSL). It defines the<br />
request and response messages used by each financial service as well as the <strong>com</strong>mon<br />
framework and infrastructure to support the <strong>com</strong>munication <strong>of</strong> those messages.<br />
Page 31
eXtensible Markup Language (XML) is a standard for the <strong>com</strong>munication<br />
<strong>of</strong><br />
information in a text format that is structured, well formed and validated against a<br />
model (schema). XML grew out <strong>of</strong> Standard Generalized Mark Up Language<br />
(SGML), a<br />
presentation-oriented language designed to display information<br />
in printed and<br />
electronic form in a wide variety <strong>of</strong> formats. Hyper Text Mark Up Language (HTML),<br />
the language <strong>of</strong> web browsers, is another cousin <strong>of</strong> XML. XML focuses on data<br />
structures and document formatting. The data can be validated for both structure and<br />
content, to whatever extent desired by the schema designer.<br />
OFX is based on XML, a “tagged” protocol, where each aggregate and data element has<br />
a name. The data is presented as a serial string, where<br />
each aggregate, or data element<br />
is preceded by a “” and followed by a ““. Naming <strong>of</strong> tags<br />
within an XML schema is <strong>com</strong>pletely up to the user, as is their organization<br />
and<br />
structure.<br />
The entire message strings can be encrypted or <strong>com</strong>pressed, or individual<br />
aggregates can be encrypted. All that is required is that both the sender and the<br />
receiver operate the same schema to define the contents<br />
<strong>of</strong> the messages. This makes<br />
<strong>com</strong>munication among different <strong>com</strong>puter architectures<br />
very simple, since they only<br />
have to agree on a character representation (normally ASCII) and a schema. Binary,<br />
Boolean, decimal and bitwise data are all represented as character data during<br />
transmission. Attributes can further define a tag’s values<br />
by permitting defaults and<br />
mandating content or enumerations <strong>of</strong> acceptable<br />
values. For example, a “rideroute”<br />
aggregate might consi st <strong>of</strong> a bus id, a route id and a direction<br />
as illustrated in Exhibit<br />
4.3-1.<br />
Exhibit 4.3-1 Example Rideroute Aggregate<br />
<br />
1456<br />
2671<br />
inbound<br />
<br />
In order to <strong>com</strong>municate among a number <strong>of</strong> parties or organizations, schemas are<br />
being standardized within many industries and groups with <strong>com</strong>mon needs. One such<br />
schema that defines tags attributes and aggregates for the financial <strong>com</strong>munity is OFX.<br />
The<br />
Open Financial Exchange specification is publicly available for implementation by<br />
any financial institution or vendor. As <strong>of</strong> September 2003, over 2400 banks and<br />
brokerages, as well as major payroll processing <strong>com</strong>panies support OFX. The latest<br />
version <strong>of</strong> OFX as <strong>of</strong> July 2004 is version 2.0.1.<br />
4.3.2 Applicability to UTFS Effort<br />
Althou gh a well-defined and widely implemented specification, OFX, in its current<br />
form, does not provide schemas that are applicable to the efforts <strong>of</strong> the UTFS.<br />
However, it certainly serves as a viable model for the development <strong>of</strong> a similar transit<br />
industry standard based on XML. Even though XML is admittedly bulky, it should<br />
Page 32
e given careful consideration for adoption as the basis for development <strong>of</strong> an<br />
interchan ge specification for transit. This will require<br />
significant efforts to define<br />
<strong>com</strong>mon elements and aggregates <strong>of</strong> the transit industry specific data elements in XML.<br />
Secondly, it requires definition <strong>of</strong> the APTA proposed message types<br />
as XML schemas.<br />
XML is widely accepted, and replacing a variety<br />
<strong>of</strong> fixed and variable format messages<br />
in other industries. With the rapid emergence <strong>of</strong> fast and efficient<br />
XML parsers,<br />
interface s<strong>of</strong>tware development is minimized. XML parsers that create and breakdown<br />
XML messages and convert them to and from<br />
internal formats are widely available.<br />
Micros<strong>of</strong>t is s trongly supporting XML throughout their s<strong>of</strong>tware products, which<br />
encourages even wider familiarity and adoption <strong>of</strong> the standard.<br />
Tags theoretically add<br />
bulk to data transmission, however,<br />
this is be<strong>com</strong>ing<br />
less significant in practice with the<br />
advent <strong>of</strong> faster and cheaper <strong>com</strong>munication networks. Also, schemas are traditionally<br />
more <strong>com</strong>plicated than message layouts but are more powerful, describing<br />
the<br />
requirements, and enumerations <strong>of</strong> values in a consistent, and standard manner.<br />
Extensibility is critical when designing a message protocol. A consistent problem with<br />
fixed and vari able format messaging is that new needs are <strong>of</strong>ten difficult to<br />
ac<strong>com</strong>modate.<br />
XML is easier to extend to new device and message needs.<br />
4.3.3 Common Message Structure<br />
Basic OFX data consists <strong>of</strong> a declaration and an OFX data block. The standard XML<br />
declaration must <strong>com</strong>e first, which includes an option to specify the version <strong>of</strong> XML<br />
being used, and options to show such things as the encoding declaration and the<br />
standalone status <strong>of</strong> the document as illustrated in Exhibit 4.3-2.<br />
Exhibit 4.3-2 Processing Instructions<br />
<br />
The OFX declaration must <strong>com</strong>e next in the file with the following attributes as<br />
described in the following list and Exhibit 4.3-3.<br />
• OFXHEADER<br />
• VERSION<br />
• SECURITY<br />
• OLDFILEUID<br />
• NEWFILEUID<br />
Page 33
Exhibit<br />
4.3-3 OFX XML Declaration Attributes<br />
<br />
The OFX data block<br />
includes a Sign-on message and optional additional messages. A<br />
message is the unit <strong>of</strong> work in OFX. It refers<br />
to a request<br />
and response pair, and the<br />
status codes as sociated with the response. For example, the message to download a<br />
bank statement consists <strong>of</strong> the request and the response . OFX<br />
uses several <strong>com</strong>mon message types to perform specific functions,<br />
which <strong>com</strong>ply with<br />
the naming conventions illustrated in Exhibit 4.3-4:<br />
Exhibit 4.3-4 OFX Naming Conventions<br />
Function Type<br />
ADD<br />
Format<br />
Request <br />
Response<br />
MODIFY<br />
<br />
Request<br />
<br />
Response<br />
DELETE<br />
<br />
Request<br />
<br />
Response<br />
CANCEL<br />
<br />
Request <br />
Response<br />
<br />
4.3.4 Message Types<br />
OFX<br />
schemas would be the equivalent <strong>of</strong> different messages as defined in the UTFS<br />
WP4 Interface Specification Functional<br />
Description. Currently, there are no publicly<br />
shared<br />
transit industry schemas. However, some <strong>of</strong> the financial industry related<br />
schemas <strong>of</strong>fer simila rities to the proposed message types and may be utilized by the<br />
UTFS.<br />
Currently, the OFX provides over 40 financial industry related schemas none <strong>of</strong><br />
which are directly applicable to UTFS.<br />
Since OFX does not <strong>of</strong>fer any transit industry specific schemas,<br />
each APTA proposed<br />
message<br />
type needs to be defined as a schema in XML. The applicability <strong>of</strong> XML<br />
schemas is illustrated in the examples provided in the following sections. The process<br />
<strong>of</strong><br />
specifying an interchange begins with an agreement about the minimum data that<br />
needs to be exchanged. The following Farecard Usage Transaction and Add Value<br />
Transaction<br />
examples are based on data elements provided for illustrative purposes.<br />
• The Farecard Usage Transaction data elements might include:<br />
- Card Number<br />
- Agency providing service<br />
- Route ID<br />
Page 34
- Transaction date and time<br />
- Transaction sequence number on card<br />
- Fare amount<br />
- Remaining balance in purse<br />
• Value add transaction data elements might include:<br />
- Card Number<br />
- Agency providing value add<br />
- Machine or<br />
terminal ID<br />
- Transaction sequence nu mber on terminal<br />
- Value add date and time<br />
- Payment method indicator (credit card, debit card, cash)<br />
- Value add amount<br />
- Transaction sequence numb er on card<br />
- New balance<br />
in purse<br />
• Settlement transaction at end <strong>of</strong> day ( one side settles<br />
to other via bank transfer)<br />
Data elements might include:<br />
- Count <strong>of</strong> rides A cards in B<br />
- Value <strong>of</strong> rides<br />
A cards in B<br />
- Count <strong>of</strong> rides B cards in A<br />
- Value <strong>of</strong> rides B cards in A<br />
- Count <strong>of</strong> value adds for A cards in B<br />
- Sum <strong>of</strong> value adds for A cards in B<br />
- Count <strong>of</strong> value adds for B cards in A<br />
- Sum <strong>of</strong> value<br />
adds for B cards in A<br />
- Net settlement money transferred (credit or debit)<br />
- Batch<br />
start date and time<br />
- Batch end date and time<br />
Each <strong>of</strong> the potential messages is the n modeled in XML, giving each tag an aggregate an<br />
appropriate name that can be used across arbitrary regional boundaries.<br />
A very small batch <strong>of</strong> transactions (two + a control total) might<br />
look like the example<br />
provided in Exhibit 4.3-5.<br />
Page 35
Exhibit 4.3-5 Example Transaction Batch<br />
<br />
<br />
6847102847615489<br />
S F Muni<br />
1265<br />
Sequence=”23643” TimeStamp=”04/23/04 16:23:06”<br />
Type=”Credit” <br />
10.00<br />
Sequence=”1021” PurseAfter=”10.75” <br />
<br />
<br />
6847102847615489<br />
S F Muni<br />
2102<br />
Sequence=”4343” TimeStamp=”04/23/04 16:27:42”<br />
1.50<br />
Sequence=”1022” PurseAfter=”9.25”<br />
<br />
< BatchControl><br />
Count=”1” Total=”10.00” <br />
Count=”1”<br />
Total=”1.50” <br />
< NetAmount>8.50CR<br />
<br />
<br />
4.3.4.2 Card Management Data<br />
OFX does not specify card management data.<br />
4.3.4.3 System and Device Data<br />
OFX does not specify system and device data.<br />
4.3.4.4 Event Data<br />
OFX does not specify event data.<br />
4.3.4.5 Peer to Peer Clearing & Settlement<br />
OFX does not specify peer-to-peer clearing and settlement data.<br />
4.3.4.5 Additional Messages Offered<br />
Not applicable to OFX.<br />
4.3.5 Data Elements<br />
Data elements fall into two main categories in OFX, “Elements” and “Aggregates”. An<br />
element is data bounded by a leading start tag and a trailing end tag. An OFX element<br />
must contain data and may not contain other elements. This is different than the more<br />
generic definition <strong>of</strong> an element in XML. An aggregate is a collection <strong>of</strong> elements<br />
and/or other aggregates. The enrollment request aggregate can be utilized to transmit<br />
Page 36
cardholder related data as in the case <strong>of</strong> Registration and Personalization messages as<br />
proposed by WP4. The structure <strong>of</strong> the ENROLLRQ aggregate is described in Exhibit<br />
4.3-6.<br />
Exhibit 4.3-6 ENROLLQ Description<br />
Tag Description<br />
<br />
Enrollment request Aggregate<br />
First Name<br />
Middle Name<br />
Last Name<br />
<br />
Address Line 1<br />
<br />
Address Line 2<br />
<br />
Address Line 3<br />
<br />
City<br />
<br />
State or Province<br />
Postal Code<br />
3-letter Country Code<br />
Daytime Phone<br />
Evening Phone<br />
<br />
E-mail<br />
<br />
Actual User ID if known<br />
<br />
ID Used for tax purposes<br />
<br />
Mother’s maiden name or other<br />
<br />
<br />
Date <strong>of</strong> birth<br />
Service activation request aggregates are utilized to start, modify, or terminate a service<br />
for<br />
an account by sending service activation requests. These requests can be utilized to<br />
represent CID/card parameter and application update messages in UTFS. The<br />
description <strong>of</strong> the activation request aggregate in OFX is illustrated in<br />
Exhibit 4.3-7.<br />
Exhibit 4.3-7 Activation Request Aggregate (ACCTRQ)<br />
Tag Description<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Account Service Request Aggregate<br />
Service Addition Aggregate<br />
Service Change Aggregate<br />
Service deletion Aggregate<br />
Service to be added/changed/deleted<br />
Page 37
For example, the element could be further defined to represent some <strong>of</strong> the<br />
transit industry related services as follows:<br />
• CARDSRV= Card services (e.g. Autoload, Balance Protection)<br />
• CIDPRMT= Device Parameter Services (e.g. Display and Audio Configuration)<br />
• CIDAPPL = Transit Application Services (e.g. Business end-<strong>of</strong>-day)<br />
Each Service aggregate above needs to be further defined<br />
for structure and content for<br />
the<br />
sub-services available underneath them. Exhibit 4.3-8 below provides an example <strong>of</strong><br />
possible elements in the card services (CARDSRV) aggregate.<br />
Exhibit 4.3-8 CARDSV Aggregate Elements<br />
<br />
TYPE = “Threshold” THRESHVAL= “10.00” LOADAMNT=”20.0 0”<br />
<br />
<br />
<br />
4.3.6 Message Sequences<br />
OFX is a client-server system where an end-user uses a client application to<br />
<strong>com</strong>municate with a server at a financial institution. The form <strong>of</strong> <strong>com</strong>munication is<br />
requests<br />
from the client to the server and responses from the server back to the client.<br />
One or more requests can be batched in a single file.<br />
4.3.7 Security Requirements<br />
The main goals <strong>of</strong> OFX security are privacy, authentication and integrity. OFX utilizes<br />
encryption to maintain privacy, certificates to identify and authenticate servers, and a<br />
cryptographic hash to assist integrity verification. With OFX, security is applied at two<br />
different levels in the message exchange process, channel level and application level.<br />
The<br />
channel level security refers to the lower level security that is implemented in the<br />
<strong>com</strong>munication layer, whereas the application level security is independent <strong>of</strong> the<br />
underlying <strong>com</strong>munication protocol and aimed at protecting the data at the user level,<br />
just like password protecting word-processing documents. Exhibit 4.3-9 illustrates how<br />
these two level security schemes are applied.<br />
Page 38
CLIENT<br />
Exhibit 4.3-9 OFX Security Schemes<br />
The password is encrypted by both the client<br />
application and the Secure Socket Layer<br />
(SSL)<br />
protocol. The web server removes the SSL encryption and forwards the<br />
encrypted password and the plaintext OFX data. The channel level<br />
security is sufficient<br />
for most transit related messages, provided that<br />
the network architecture is adequately<br />
secure. However, the application level password encryption can allow a higher level <strong>of</strong><br />
security when desired.<br />
4.3.8 Timing & Routing<br />
OFX does not provide any timing and routing requirements.<br />
4.3.9 Usability<br />
SSL ENCRYPTION<br />
OFX DATA<br />
OFX DATA<br />
WEB<br />
OFX<br />
SERVER SERVER<br />
Encrypted Encrypted<br />
Password Password<br />
The OFX board maintains<br />
the OFX specification with members from a wide industry<br />
base. Membership to OFX is free and the process required<br />
for joining the organization,<br />
depending on the work group, typically involves an informal request. There are no<br />
royalties for adapting the specification<br />
to transit. Furthermore, OFX does not require<br />
any fees for<br />
making changes and/or additions to the specification<br />
for members.<br />
Typically,<br />
it takes about six months to process and finalize a change, such as adding 10<br />
new data<br />
elements (aggregates). The process<br />
is estimated to take somewhere between<br />
9-12 months to add a new scheme such<br />
as transit fare collection. This process assumes<br />
the design and development work is <strong>com</strong>pleted by APTA. This data was obtained<br />
through phone interviews and/or email correspondence.<br />
The information is accurate<br />
as <strong>of</strong> July 2004. If APTA is interested in<br />
using any parts <strong>of</strong> the specification, formal<br />
notification and/or negotiations are necessary.<br />
Page 39
4.4 Vending Equipment Interface (VEI)<br />
4.4.1 Description <strong>of</strong> the Specification<br />
The Vending Equipment Interface (VE I) specification was developed by Agent Systems<br />
<strong>of</strong> Texas to provide a <strong>com</strong>mon interface that allows managed data exchange between<br />
central<br />
c omputing systems and vending equipment. This interface was developed<br />
for<br />
use<br />
between any type <strong>of</strong> vending<br />
equipment<br />
and central <strong>com</strong>puting environment and is<br />
operating system and manufacturer independent.<br />
The development <strong>of</strong> VEI came about as<br />
a natural response to the trend towards<br />
automation<br />
in vending equipment.<br />
Market segments that have<br />
interest in this interface<br />
include,<br />
mass transit, parking<br />
and merchandise<br />
vending. There is an increasing need<br />
for<br />
encapsulation <strong>of</strong> Electronic Financial<br />
Transaction (EFT) data in a secure manner.<br />
Along with the <strong>com</strong>mands<br />
and event data that are normally exchanged between<br />
vending<br />
equipment<br />
and a managing server, VEI <strong>of</strong>fers a vehicle for EFT data handling.<br />
The VEI specification permits the development and deployment <strong>of</strong> an integrated<br />
network <strong>of</strong><br />
vending equipment and managing servers using an open standard free <strong>of</strong><br />
proprietary<br />
restrictions. As VEI is adopted by industry, the possibility <strong>of</strong> procuring <strong>of</strong>fthe-shelf<br />
vending equipment<br />
and pre-written server s<strong>of</strong>tware applications that have a<br />
<strong>com</strong>patible<br />
messaging format increases dramatically.<br />
4.4.2 Applicability to UTFS Effort<br />
As it stands<br />
today, VEI requires considerable amount <strong>of</strong> work by the WP4 to be<br />
modeled<br />
for the UTFS efforts. Additional data elements would need to be added to<br />
t his protocol specification in order to fully support the UTFS<br />
WP4 proposed<br />
requirements<br />
and it lacks an industry wide implementation<br />
base. However, there is<br />
an inhere nt mechanism built into the<br />
specification, which involves submission and<br />
acceptanc e <strong>of</strong> proposed changes by the issuer, Agent Systems.<br />
The VEI protocol can serve<br />
as a messaging protocol between servers <strong>of</strong> different<br />
organizations (i.e. local and regional entities); however, it is not<br />
the optimal solution.<br />
Unfortunately,<br />
the use <strong>of</strong> VEI can be costly, as each service that must be re-programmed<br />
by the application developer<br />
requires layering <strong>of</strong> services. The mechanisms in VEI used<br />
to preserve data integrity and sequencing are very useful, however, they<br />
are redundant<br />
to those in an underlying transport protocol such as TCP/IP. This amounts to<br />
additional overhead in each<br />
frame and provides no real advantage when running on<br />
top<br />
<strong>of</strong> a reliable network protocol. This overhead is likely to have little influence on<br />
transaction times, as most transaction decisions (e.g. accept or reject card) are made<br />
locally between the device and the card. The biggest cost inherent with the use <strong>of</strong> VEI<br />
is<br />
the level <strong>of</strong> effort in developing and testing the protocol. Because <strong>of</strong> the <strong>com</strong>plexity<br />
<strong>of</strong><br />
additional layers, an inordinate amount <strong>of</strong> time is required to fully test and deploy a<br />
VEI solution, when <strong>com</strong>pared to XML or another simple strategy. This disadvantage<br />
Page 40
may well be eliminated if, and when, <strong>of</strong>f the shelf VEI parsers or server<br />
applications<br />
be<strong>com</strong>e<br />
available.<br />
4.4.3 Common Message Structure<br />
T he VEI protocol is similar to the OSI model, with a well-defined dialog sequence<br />
in the<br />
application layer.<br />
Each message that is a <strong>com</strong>ponent <strong>of</strong> a dialog adheres to a standard format. A message<br />
always<br />
contains a message header, followed by the body <strong>of</strong> the message (see Exhibit<br />
4.4-1). The body <strong>of</strong> the message differs for each<br />
<strong>of</strong> the six dialogs explained in the<br />
following<br />
sections. An initial message sent is referred to<br />
as the request message. A<br />
request message can have a response message returned. Also, an acknowledgement<br />
message can follow a response message.<br />
Exhibit 4.4-1 VEI Message Structure<br />
Data Link Header Transport Header Session Header<br />
Message Header:<br />
Protocol Headers Exhibit 4.4-2 further describes the message header.<br />
Message Header Message<br />
File Transfer Direction File Name<br />
File Attributes<br />
Exhibit 4.4-2 Message Header<br />
Field # Field Name Description<br />
1 Message Identifier This field specifies uniquely the dialog class and the service<br />
2 Message Type This field specifies the part <strong>of</strong> the<br />
dialog that this message<br />
constitutes. For example, request,<br />
response, or<br />
acknowledgment<br />
3 Message Sequence Number For the first request<br />
message <strong>of</strong> a dialog, its value is always<br />
one. For<br />
the first response to a request, its value is echoed<br />
back. For acknowledgments,<br />
its value is always echoed<br />
back. For subsequent requests or responses, its value<br />
increments on each message<br />
4 Dialog Sequence Number A number that the requester increments after each dialog<br />
(set <strong>of</strong> messages), but the responder and acknowledger<br />
only echo back<br />
5 Message length Number <strong>of</strong> bytes in the message, including the header,<br />
records and field separators<br />
6 Sender’s Device ID A unique number within a system that identifies the device<br />
Page 41
Field # Field Name Description<br />
that is sending the message. This may be used for return<br />
routing through a gateway<br />
7 Receiver’s Device ID A unique number within a system that identifies the<br />
device. This may be used for routing through a gateway.<br />
When messages are used in a broadcast (instead <strong>of</strong> a<br />
device-to-device connection), this field is empty<br />
8 Routing Information The type <strong>of</strong> this field is unspecified. It shall be used to<br />
further direct intermediate sites how to deliver the message<br />
to its final destination. An example<br />
usage would be the<br />
channel number <strong>of</strong> a device in a multi-drop<br />
connection<br />
9 Version The Vending Equipment Interface<br />
Specification Version.<br />
The value shall be “1.1"<br />
10 Response Needed Needed True if the sender<br />
expects a response or<br />
acknowledgment. False if not. Always false for broadcasts<br />
Message<br />
Body:<br />
The message body consists <strong>of</strong> three or four fields depending on the type <strong>of</strong> the dialogue<br />
being utilized. The details <strong>of</strong> the message body are further evaluated in the following<br />
sections.<br />
4.4.4 Message Types<br />
VEI<br />
defines six dialog classes with several services provided by each. A dialog class<br />
is a<br />
grouping <strong>of</strong> functionally similar services, which are fulfilled by sending and receiving a<br />
set<br />
<strong>of</strong> messages. The table in Exhibit 4.4-3 describes the six<br />
dialog classes <strong>of</strong>fered by<br />
VEI.<br />
Exhibit 4.4-3 Dialog Classes<br />
Dialogue Description<br />
Condition A particular circumstance or situation at a device<br />
Variable Access Access, by name, data items that are resident on the device<br />
Log Files Historic record <strong>of</strong> events and other archived information that can be used to<br />
determine a sequence <strong>of</strong> events at the device<br />
File Management Allows remote access to file systems<br />
Transaction Support use<br />
<strong>of</strong> credit/debit cards as a payment medium at the vending<br />
equipment<br />
Program Execution Action or set <strong>of</strong> actions to be carried out by the device<br />
4.4.4.1 Transaction Data<br />
Condition dialogues are best suited for Transaction Data messages proposed by WP4.<br />
A condition dialogue is used to report a particular circumstance, or a situation at a<br />
device, such as an intrusion alarm, a <strong>com</strong>ponent failure, or a sale <strong>of</strong> a product.<br />
Ac<strong>com</strong>panying attributes might include for example the time <strong>of</strong> day, the value <strong>of</strong><br />
products<br />
sold, or the method <strong>of</strong> payment. The structure <strong>of</strong> the condition dialogue is<br />
contained<br />
in Exhibit 4.4-4.<br />
Page 42
Exhibit 4.4-4 Condition Dialogue Structure<br />
Field Description <strong>of</strong> Field/Attributes<br />
1 Message Header<br />
2 Condition Attributes<br />
3 Additional Attributes<br />
By incorporating the relevant Additional Attributes (Full list <strong>of</strong> attributes can be found<br />
in Chapter 17 <strong>of</strong> the specification), the conditional dialogue can be configured to<br />
ac<strong>com</strong>modate the Farecard Usage and Add Value Transactions as proposed by WP4.<br />
4.4.4.2 Card Management Data<br />
Variable access dialogue can be utilized for Financial Audit Data and Negative List<br />
messages. Variable access dialogues are related to accessing, by name, data items that<br />
are resident on the device. A variable is a data item that can assume any one <strong>of</strong> a set <strong>of</strong><br />
values. The Variable Access dialogue structure is illustrated in Exhibit 4.4-5.<br />
Exhibit 4.4-5 Variable<br />
Access Dialogue Structure<br />
Field Description <strong>of</strong> Field/Attributes<br />
1 Message Header<br />
2 List <strong>of</strong> Variable Names<br />
3 Variable Value List<br />
By adding the relevant Variables indicated in the field three <strong>of</strong> the message (Full list <strong>of</strong><br />
variables<br />
can be found in Chapter 17 <strong>of</strong> the specification), the Variable dialogue can be<br />
configured to ac<strong>com</strong>modate the Negative List and Financial Audit Data messages as<br />
proposed by WP4.<br />
File management dialogues allow remote access to file systems on the devices and are<br />
structured as illustrated in Exhibit 4.4-6.<br />
Exhibit 4.4-6 File Management Dialogue Structure<br />
Field Description <strong>of</strong> Field/Attributes<br />
1 Message Header<br />
2 File Transfer Direction<br />
3 File Name<br />
4 File Attributes<br />
The File Management dialogue can be formatted to ac<strong>com</strong>modate certain WP4 Card<br />
Management Data and System and Device Data messages (Appendix B). This can be<br />
achieved by incorporating the appropriate File Attributes (Full list <strong>of</strong> attributes can be<br />
found in Chapter 17 <strong>of</strong> the specification) into the dialogue.<br />
Page 43
4.4.4.3 System and Device Data<br />
Most <strong>of</strong> the system and device data messages can be represented with the Condition,<br />
Variable and the File Management Dialogues as explained in the previous sections.<br />
However,<br />
Program Execution Dialogue is the most suitable for Device Command<br />
messages. A Program Execution is an action or set <strong>of</strong> actions to be carried out by the<br />
CID. The format <strong>of</strong> this dialogue is illustrated in Exhibit 4.4-7.<br />
Exhibit 4.4-7 Program Execution Dialogue<br />
Field Description <strong>of</strong> Field/Attributes<br />
1 Message Header<br />
2 Program Needing Input<br />
3 Program Producing Output<br />
4 Program Name<br />
5 Parameter List<br />
Program Name is the same format as the File Name explained in the previous section.<br />
The Parameter List consists <strong>of</strong> parameters that are unspecified and in ASCII Text<br />
forma t.<br />
4.4.4.4 Event Data<br />
The event data messages are represented by Condition Dialogues (Appendix B).<br />
4.4.4.5 Peer to Peer Clearing & Settlement<br />
The VEI does not define any clearing and settlement related messages.<br />
4. 4.5 Data Elements<br />
Wh ile V EI was not designed with smart cards in mind, it is a flexible protocol and can<br />
be extended to include smart card related data elements. It is also possible to define<br />
implementation<br />
specific data types within the protocol when used within a closed<br />
system; although the greatest benefit is obtained by using VEI in its standard identifiers.<br />
4.4.6 Message Sequences<br />
The VEI provides a simple structure <strong>of</strong> dialogue exchanges between a requester and a<br />
responder. A dialog consists <strong>of</strong> a request message, a response message( s) and<br />
sometimes<br />
an acknowledgement <strong>of</strong> the response(s). A request message with or without<br />
data may require a response at the discretion <strong>of</strong> the requester. A response message that<br />
contains data may require an acknowledgement, at the discretion <strong>of</strong> the responder.<br />
However,<br />
some responses contain no data and act as acknowledgements. In this case<br />
no<br />
separate acknowledgement message is required.<br />
Page 44
4.4.7 Security Requirements<br />
The Message Sequences and Data Integrity requirements<br />
from the Applicability Matrix<br />
are<br />
supported natively within VEI via the Agent Transport Layer (ATL). The transport<br />
layer is entrusted with end-to-end data integrity achieved by retransmitting <strong>of</strong> lost<br />
blocks and discarding duplicated blocks. This layer is also in charge <strong>of</strong> sequence<br />
control to ensure that the higher levels <strong>of</strong> the protocol receive packets in the<br />
exact order<br />
in which they were sent. The ATL achieves this integrity and sequencing by assigning a<br />
sequence number to each block and acknowledging<br />
blocks by sequence number at the<br />
message<br />
level.<br />
The<br />
Authentication and Encryption requirements from the Applicability Matrix are<br />
supported by VEI via the Agent Session Layer (ASL). The session layer handles<br />
identification,<br />
authentication and optional <strong>com</strong>pression and encryption <strong>of</strong> messages.<br />
Any time a connection is established, it must successfully<br />
exchange the identification<br />
and<br />
authentication messages before normal <strong>com</strong>munication can continue. If messages<br />
are sent without the identification/authentication,<br />
the receiver must disconnect, and<br />
optionally<br />
attempt to reconnect.<br />
4.4.8 Timing & Routing<br />
VEI<br />
leaves timing and routing <strong>of</strong> the messages to the discretion <strong>of</strong> implementing<br />
organization.<br />
4.4.9 Usability<br />
The VEI specification is available for public use without any patent<br />
and copyright<br />
requirements.<br />
Based on a phone interview with Agent Systems, APTA can take any, or<br />
all parts <strong>of</strong> it for its individual use. However, if APTA desires to adapt the VEI<br />
specification<br />
in its entirety and request for changes and additions, these modifications<br />
will be handled by Agent Systems for a consulting fee.<br />
This data was obtained through<br />
phone<br />
interviews and/or email correspondence. The information is accurate as <strong>of</strong> July<br />
2004. If APTA is interested in using any part <strong>of</strong> the specification,<br />
formal notification<br />
and/or<br />
negotiations are necessary.<br />
Page 45
4.5 CEN TC278 – Interoperable Public Transport Fare Management System<br />
Architecture (IFMSA)<br />
4.5.1 Description <strong>of</strong> the Standard<br />
CEN TC278 provides the basis for the development <strong>of</strong> a multi-operator/multi-modal<br />
interoperable<br />
Public Transport Fare Management System (IFM). The IFM system<br />
provides a reference functional architecture for electronic fare payment systems and<br />
identifies<br />
requirements that are relevant to ensure interoperability between the entities<br />
in the system.<br />
The IFM system addresses all the functions involved in the fare management<br />
process<br />
including:<br />
• Management <strong>of</strong> application(s)<br />
• Management <strong>of</strong> products<br />
• Security management<br />
• Customer management<br />
• Inspection/enforcement<br />
• Reporting and monitoring<br />
When<br />
<strong>com</strong>pleted, this standard will <strong>com</strong>prise several parts; currently only Part 1 is<br />
available in draft format. Part 1 describes the following main elements:<br />
• Identification <strong>of</strong> the different functional entities in relation to the overall fare<br />
management system<br />
• Definition <strong>of</strong> a generic model <strong>of</strong> IFM system describing the logical and<br />
functional architecture and the interfaces within the system and with other IFM<br />
systems<br />
• Use cases describing the interactions and data flows between the entities<br />
• Definition <strong>of</strong> the security requirements<br />
4.5.2 Applicability<br />
to UTFS Effort<br />
Although IFM provides a well-defined<br />
model for the management <strong>of</strong> an interoperable<br />
transit fare collection system, it is an in<strong>com</strong>plete draft as <strong>of</strong> today. In its current<br />
form,<br />
IFM is a high level document and does not include the<br />
level <strong>of</strong> detail that APTA is<br />
looking for and therefore is not applicable to APTA’s scope <strong>of</strong> work.<br />
On a higher level, this document is useful in defining the <strong>com</strong>ponents and entities<br />
involved in an electronic fare payment system as illustrated in Exhibit 4.5-1.<br />
Page 46
Application<br />
Retailer Product<br />
Retailer<br />
Custome<br />
r<br />
Exhibit 4.5-1 IFM Components<br />
Product<br />
Owner<br />
Customer<br />
Service<br />
Applic Application ation<br />
Owner<br />
Collection<br />
&<br />
Forwarding<br />
Service<br />
Operator<br />
Security<br />
Manager<br />
Registrar<br />
Roles and responsibi lities <strong>of</strong> each entity and the flow <strong>of</strong><br />
information between entities<br />
have clearly been defined on a summary level. Lower level details <strong>of</strong> the interfaces<br />
between entities are to be addressed by up<strong>com</strong>ing parts<br />
<strong>of</strong> the standard.<br />
4.5.3 Common Message Structure<br />
IFM does not specify <strong>com</strong>mon message structure in its current form.<br />
4.5.4 Message Types<br />
IFM<br />
does not specify message types in its current form.<br />
4.5.4.1 Transaction Data<br />
IFM does not specify transaction data in its current form.<br />
4.5.4.2<br />
Card Management Data<br />
IFM does not specify card management data in its current form.<br />
4.5.4.3 System<br />
and Device Data<br />
IFM does not specify system and device data in its current form.<br />
4.5.4.4 Event Data<br />
IFM<br />
does not specify event data in its current form.<br />
Page 47
4.5.4.5 Peer to Peer Clearing & Settlement<br />
IFM does not specify peer-to-peer clearing and settlement in its current form.<br />
4.5.5 Data Elements<br />
IFM does not specify data elements in its current form.<br />
4.5.6 Message Sequences<br />
IFM<br />
does not specify message sequences in its current form.<br />
4.5.7 Security Requirements<br />
IFM<br />
does not specify security requirements in its current form.<br />
4.5.8 Timing & Routing<br />
IFM<br />
does not specify timing and routing in its current form.<br />
4.5.9 Usability<br />
IFM is not usable<br />
by APTA in its current form.<br />
4.6 Cubic Transportation System (CTS) CID EDGE<br />
INTERFACES<br />
4.6.1 Description <strong>of</strong> the Specification<br />
This document is based on CTS's suggestions for future RIS based “CID to Back End”<br />
System<br />
protocols and not meant to represent any <strong>of</strong> Cubic's existing implementations.<br />
Data elements defined by the Edge Interfaces are based on RIS Part 03 v1.1 data formats<br />
and still subject to change by APTA UTFS WG1.<br />
4.6.2 Applicability to UTFS Effort<br />
CID<br />
Edge Interfaces defined messages are directly applicable to the WP4’s efforts<br />
since messages have been based on transit industry related smart<br />
card data. However,<br />
this<br />
specification lacks real life implementation. The document’s <strong>com</strong>pliance with the<br />
UTFS Workpackage 1 defined card data structure would simplify the additional work<br />
necessary<br />
by WP4.<br />
4.6.3 Common Message Structure<br />
CID Edge Interfaces’ message structure consists <strong>of</strong> a header followed by individual sub-<br />
groups<br />
and a MAC. The description and structure <strong>of</strong> the header is illustrated in Exhibit<br />
4.6-1.<br />
Page 48
Exhibit 4.6-1 CID Edge Interface Message Header Structure<br />
Sequence Name Data Type Range Description<br />
1 Header<br />
[..]<br />
1.1 Transtype<br />
1.2 date-time DATETIM<br />
E<br />
1.3 Normalorenhanced<br />
1.4<br />
Transstatus<br />
UBYTE 0=Reserved<br />
1=PICC Initialized<br />
2=PICC Issued<br />
3=PICC Negative<br />
Listed/Disabled<br />
4=Value Product<br />
Add/Deduct<br />
5=Pass Product Load<br />
6= Pass Product<br />
Remove<br />
7=Product/ s<br />
Validation/Use<br />
UBYTE 0 - Normal Transaction<br />
1 - Data Enhancement<br />
Transaction<br />
UBYTE 0=Normal<br />
1=Not confirmed by<br />
PICC<br />
Type <strong>of</strong> Transaction:<br />
1-Transmitted on PICC Initialization<br />
2-Transmitted on PICC Issue<br />
3-Transmitted on PICC Negative<br />
Listing<br />
4-Transmitted on Value add, deduct,<br />
or Autoload/Auto-unload<br />
5-Transmitted on Product Load or<br />
Autoload<br />
6-Transmitted on Product un-load or<br />
Auto-unload<br />
7-Transmitted on Product/s [Pass<br />
&/or SV/Purse] Validations & Uses<br />
Device’s Date and Time <strong>of</strong> this<br />
transaction. Seconds since Jan 1 1970<br />
Indicates a Data Enhancement<br />
transaction.<br />
This contains the<br />
transmission <strong>of</strong> the PICC’s previous<br />
Transaction Details<br />
Status <strong>of</strong> the transaction. This field can<br />
be used to identify whether the write<br />
to the card was confirmed or not.<br />
Optional - not available for an<br />
Enhancement Transaction<br />
The body <strong>of</strong> a message consists <strong>of</strong> a series <strong>of</strong> sub-groups. Each sub-group contains<br />
individual data elements with similar functional characteristics such as the CID Details<br />
and the Location Details as listed in Appendix C.<br />
4.6.4 Message Types<br />
CID Edge Interfaces currently defines the following six message types that can serve<br />
a model for device to backend data exchange:<br />
• PiccUse<br />
• PiccPurseLoad<br />
• PiccPassLoad<br />
• PiccInitialize<br />
• PiccNegativeList<br />
• PiccAutoLoadUnloadList<br />
Page 49<br />
as
4.6.4.1 Transaction Data<br />
The PiccUse message consists <strong>of</strong> 10 sub-groups to represent the Farecard Usage<br />
Transaction as proposed by WP4. Both the PiccPurseLoad, and the PiccPassLoad<br />
messages are equivalent <strong>of</strong> the Add Value Transaction Data message.<br />
4.6.4.2 Card Management Data<br />
The PiccInitialize message is designed to exchange data related to card issuance and<br />
initialization,<br />
and would be <strong>com</strong>parable to the Initialization and Issuance message types<br />
as proposed by WP4. Both PiccNegativeList and PiccAutoLoadUnloadList messages<br />
would be the equivalents <strong>of</strong> Negative List and Action List message types respectively.<br />
4.6.4.3 System and Device Data<br />
This<br />
specification does not define any system and device data category messages.<br />
4.6.4.4 Event Data<br />
The CID Edge Interfaces does not define any event data category messages.<br />
4.6.4.5 Peer to Peer<br />
Clearing & Settlement<br />
The CID Edge Interf aces does not define any clearing and settlement data category<br />
messages.<br />
4.6.4.6 Additional Mes sages Offered<br />
The<br />
CID Edge Interfaces does not define any additional messages.<br />
4.6.5 Data Elements<br />
Most messages consist <strong>of</strong> constructed type data elements called sub-groups. Each subgroup<br />
includes one or more individual data elements. The type and format <strong>of</strong> the data<br />
elements follow those defined in the RIS Part 03 v1.1 data formats.<br />
4.6.6 Message Sequences<br />
The CID Edge Interfaces does not define message sequences.<br />
4.6.7 Security Requirements<br />
The CID Edge Interfaces defines MAC to be appended to the end <strong>of</strong> every message and<br />
ensures the integrity <strong>of</strong> the message between a sender and a recipient.<br />
Page 50
4.6.8 Timing and Routing<br />
The CID Edge Interfaces does not define timing or routing requirements.<br />
4.6.9 Usability<br />
CID Edge Interfaces is under development by CTS. APTA can openly<br />
review the CID<br />
Edge Interface documentation and make changes, or use it as a model, without any cost<br />
and intellectual property rights. Since the CID Edge Interfaces is not a living<br />
specification or standard, there is no managing body or organization.<br />
Therefore, there<br />
is no change process, cost, or timeline other than the one APTA would like to undertake<br />
at its own discretion. This data was collected in phone interviews and/or email<br />
correspondence. The data is accurate as <strong>of</strong> July 2004. If APTA is interested in using any<br />
parts <strong>of</strong> the documentation, formal notification should take place.<br />
.7 TRANSLINK ®<br />
4<br />
4.7.1 Description <strong>of</strong> the Specification<br />
The Metropolitan Transportation Commission (MTC) and several San Francisco Bay<br />
Area transit agencies are currently implementing TransLink<br />
t rail, <strong>com</strong>muter rail and ferry services<br />
rovided by multiple operators throughout the Bay Area.<br />
®, a regional fare collection<br />
program for public transit in the Bay Area. TransLink ® cardholders can use a single<br />
smart card to utilize bus, heavy rail, ligh<br />
p<br />
The contractor, ERG Group, is providing a full range <strong>of</strong> cardholder customer services<br />
and financial clearing and settlement among participants. Customer services include<br />
a<br />
live<br />
operator help desk, 24-hour automated customer service, registration for Autoload<br />
and balance protection and card distribution services.<br />
The TransLink ® card is an ISO 14443 Type B smart<br />
card containing both contact and<br />
contac tless interfaces. TransLink ® cardholders place their card within range <strong>of</strong> a card<br />
interfa ce device (CID) onboard a vehicle or at<br />
a station platform. The CID automatically<br />
deducts the correct fare, calculating transfers and<br />
appropriate senior, disabled and<br />
you th discounts.<br />
The TransLink ers dedicated to<br />
®<br />
® Fare Payment System (FPS) consists <strong>of</strong> separate ti<br />
specific processing tasks required by the TransLink scheme. When a patron uses a<br />
smart card at any TransLink ® device, usage data (UD) is created and uploaded through<br />
the TransLink ® network to the central system.<br />
There are four major tiers within the TransLink stem:<br />
® cility (TCF)<br />
m (HCS)<br />
® Sy<br />
• TransLink Central Fa<br />
• Headquarters Computer Syste<br />
• TransLink ® Data Server (TDS)<br />
Page 51
• Front-end devices<br />
4.7.2 Applicability to UTFS Effort<br />
TransLink<br />
modate the unique fare and business<br />
le structures <strong>of</strong> at least 26 participating transit agencies. It currently supports majority<br />
<strong>of</strong> the fare t t the US public transit industry. Of all the<br />
ocuments analyzed, this specification is the only one that is based on an actual<br />
d<br />
® is the first smart card based regional transit fare payment system in the<br />
United States. The system is designed to ac<strong>com</strong><br />
ru<br />
produc ypes that are available in<br />
d<br />
implementation. There is a one to one match between most <strong>of</strong> the TransLink UD an<br />
WP 4 message types.<br />
ERG stated that the APTA-000 specifications analyzed in the Section 4.9 <strong>of</strong> this<br />
document will supercede the Phase I TransLink document analyzed below, and<br />
represent<br />
the foundation <strong>of</strong> the Translink Phase II messages.<br />
4.7.3 Common Message Structure<br />
The TransLink ® message structure consists <strong>of</strong> a header followed by a UD record, which<br />
contains the tr ansaction specific usage data as illustrated<br />
in Figure 4.7-1. The structure<br />
is designed to allow bat ch transmission <strong>of</strong> multiple card transactions or event data<br />
under a sin gle header. The UD record consists <strong>of</strong> 18 sub fields, which include both<br />
financial and non-financial transaction data and support VEI data structures by<br />
utilizing VEI log file dialogs.<br />
Header<br />
Version<br />
Header<br />
Header<br />
Length<br />
Card<br />
SN<br />
Transaction<br />
Sequence<br />
Batch<br />
Sequence<br />
Contract<br />
ID<br />
Operator<br />
ID<br />
Exhibit 4.7-1 TransLink ® Usage Data Records<br />
Header UD RECORD<br />
Contract<br />
SN<br />
4.7.4 Message Types<br />
Security<br />
Module<br />
ID<br />
Contract<br />
Sequence<br />
#<br />
Device<br />
ID<br />
Contract<br />
Sync<br />
#<br />
Payment<br />
Method<br />
Key UD UD<br />
Version<br />
NO<br />
Transaction<br />
Qualifier<br />
MAC Header<br />
Version<br />
Amount<br />
Operator<br />
ID<br />
Sequence<br />
#<br />
Date<br />
and<br />
Time<br />
Location Balance<br />
UD<br />
Type<br />
Last<br />
Add<br />
Value<br />
Summary<br />
The TransL ink transactions fall into one <strong>of</strong> the following six UD types:<br />
®<br />
• Fare Transaction<br />
• Add Value Transaction<br />
• Card Management Events<br />
• Device Events<br />
• Audit Register Snapshots<br />
UD<br />
Sub-<br />
Type<br />
Card<br />
Sync<br />
No<br />
UD<br />
Version<br />
Each UD type is further divided into subtypes within them as listed in Appendix B.<br />
Page 52<br />
Fare<br />
Category<br />
Usage<br />
Data<br />
Destination<br />
Location<br />
MAC<br />
MAC
4.7.4.1 Transaction Data<br />
The “Fare Transaction” UD record is generated by card reader devices and can be<br />
considered the equivalent <strong>of</strong> the “Farecard Usage Transaction” as proposed by the<br />
WG4. Different subtypes <strong>of</strong> the Fare Transaction record are defined as follows:<br />
• Single-tag fare payment, ride destination unknown<br />
• Dual-tag entry transaction,<br />
maximum fare deducted (purse debit)<br />
• Dual-tag exit transaction,<br />
fare adjustment (purse rebate)<br />
• Dual-tag entry transaction, no fare deduction<br />
• Dual-tag exit transaction, fare payment<br />
• Single-tag fare payment, known ride destination<br />
Two record subtypes are defined for a single-tag system. One subtype is generated<br />
when<br />
the reader does not know the destination, and the other subtype is generated<br />
when the reader device obtains the destination location from either the driver console<br />
or the patron.<br />
Using<br />
a card in a dual-tag system results in two Fare Transaction UD records being<br />
genera ted. A dual-tag entry transaction (maximum fare deducted) record is generated<br />
at the start <strong>of</strong> a ride on an open two-tag system, with a matching dual-tag exit<br />
transaction (fare adjustment) record being generated at then end <strong>of</strong> the ride. Similarly, a<br />
dual-tag entry transaction (no fare deduction) record will be generated at the start <strong>of</strong> a<br />
ride on a closed-barrier two-tag system, matched by a dual-tag exit transaction (fare<br />
payment) record at the end <strong>of</strong> the ride.<br />
An “Add Value Transaction” UD record, the equivalent <strong>of</strong> WG4 proposed Add Value<br />
Transaction Data message, is generated by all devices that add value to TransLink<br />
cards. The following record subtypes reflect the variances in the payment method:<br />
• Cash payment at a Ticket Office Terminal (TOT) or Add Value Machine (AVM)<br />
• Check payment at a TOT<br />
• Credit card payment at a TOT or AVM<br />
• Debit card payment at a TOT or AVM<br />
• Periodic Autoload at a reader device<br />
• ThresholdAutoload at a reader device<br />
• Remote re-load at a reader device<br />
• Remote load <strong>of</strong> a new pass or ride book at a reader device<br />
Tra L udit register snapshots. Audit<br />
gisters are non-resettable counters and accumulators used within the TransLink ®<br />
ns ink<br />
it<br />
® also provides a separate message type for a<br />
re<br />
system to give an independent method <strong>of</strong> verifying UD <strong>com</strong>pleteness. Different aud<br />
register snapshot subtypes are defined as follows:<br />
• CID audit registers<br />
Page 53
• Driver console audit registers<br />
• Distribution device audit registers<br />
CID audit registers specifies the audit registers maintained by all the CID devices<br />
and<br />
other devices that use the TransLink r<br />
mote loading <strong>of</strong> value onto the card. The driver console audit registers and the<br />
console<br />
® card for payment, or support autoloading o<br />
re<br />
distribution device audit registers specify the registers maintained by driver<br />
devices and distribution devices respectively.<br />
4.7.4.2 Card Management Data<br />
® <strong>of</strong>fers card management event UD records (Type 3) that are generated in<br />
sponse to an exception or a specific event occurred on a TransLink ® card. There is a<br />
one-to-on be e WG4 proposed message<br />
pes. TransLink ® TransLink<br />
re<br />
e match tween the TransLink<br />
also <strong>of</strong>fers additional card management event messages as listed in<br />
® messages and th<br />
ty<br />
Exhibit 4.7-2.<br />
Exhibit 4.7-2: TransLink ® Additional Card Management Messages<br />
Sub Type Description<br />
1 Product block/unblock<br />
2 Product block/unblock<br />
3 Card block/unblock at Ticket Office Terminal (TOT)<br />
4 Card block via hotlist<br />
5 Card Validation failure<br />
6 Card <strong>com</strong>munication failure<br />
7 Business rules rejected transaction<br />
8 Reserved<br />
9 Autoload failed<br />
10 Not used<br />
11 Autoload enabled/disabled<br />
12 Fare Category Changed<br />
13 Card Issue<br />
14 Card Registration<br />
15 Card de-registration<br />
16 Balance protection<br />
17 Card Retention<br />
18 Pass-back condition cleared<br />
19 Overstay Condition cleared<br />
20 EFT Transaction Reversal<br />
Page 54
4.7.4.3 System and Device Data<br />
The data that customizes TransLink e in<br />
le<br />
re<br />
® device s<strong>of</strong>tware operation to support the devic<br />
a specific operational context is referred to as “Configuration Data” (CD). The CD<br />
includes all s<strong>of</strong>tware <strong>com</strong>ponents that are transferred to the device as downloadab<br />
files including device application s<strong>of</strong>tware executable images and parameters. There a<br />
three main types <strong>of</strong> CD:<br />
• Common CD<br />
• Device specific CD<br />
• Operator specific CD<br />
Common CD contains data elements that apply to all TransLink devices for all<br />
perators in the system such as system parameters and hotlists. System parameters<br />
a<br />
®<br />
o<br />
have potentially different values for different operators. All devices supporting<br />
particular operator will be loaded with the same system parameters.<br />
Device specific CD depends as much on a devices internal s<strong>of</strong>tware design, as on the<br />
external<br />
functional requirements it supports. A sample <strong>of</strong> the device specific CD<br />
payloads is as follows:<br />
• TOT, AVM, DC, HCR and CID parameters<br />
• Action List<br />
• Contracts<br />
• Transfers<br />
• Calendar<br />
• Fare Patterns<br />
• Fare Code Matrix<br />
• Fare <strong>Table</strong><br />
• Max Fare <strong>Table</strong><br />
• Routes<br />
• Zone <strong>Table</strong><br />
• UI Resources<br />
4.7.4.4 Event Data<br />
TransLink ® system generates device event UD records in response to non-card related<br />
device actions and changes <strong>of</strong> state. Event data messages consist <strong>of</strong> three subtypes:<br />
• Subtype 1 – Simple event with no additional information<br />
• Subtype 5 – Device event with status information<br />
• Subtype 16 – Device event with additional data<br />
Subtype 1 is designed to report only the event code together with the standard UD<br />
record header in order to specify the event. Device simple events are usually non-<br />
Page 55
emergency routine activities (e.g. start <strong>of</strong> business day, end <strong>of</strong> business day, operator<br />
logged-on, device access door opened), that will serve as the diary for device actions.<br />
Subtype 5, device event with status, conveys more information about an event in the<br />
device. The event code is supplemented with a status field, as well as the standard<br />
UD<br />
record header fields. This type <strong>of</strong> message is used to report information on<br />
configuration<br />
errors, with the additional status field providing type <strong>of</strong> the error.<br />
The<br />
device event with data messages, Subtype 16, has a variable amount <strong>of</strong><br />
ac<strong>com</strong>panying data. In addition to specifying the underlying event, this UD record<br />
provides additional details. For<br />
example, where “valid maintenance card presented” is<br />
a device event code, “Card Serial Number” would be the additional event data that is<br />
sent in the UD. The interpretation <strong>of</strong> the data is specific to a particular event being<br />
reported.<br />
4.7.4.5 Peer-to-Peer Clearing and Settlement<br />
TransLink ® does not provide any messages for peer-to-peer clearing. The system is<br />
designed and implemented based on a regional settlement approach.<br />
4.7.4.6 Additional Messages Offered<br />
TransLink ® does not define any additional messages.<br />
4.7.5 Data Elements<br />
Listed below are the standard data types used to represent TransLink<br />
tion data:<br />
® card data, usage<br />
data and configura<br />
• ASCII<br />
• Bitmap<br />
• Binary<br />
TransLink<br />
lements is provided in Appendix C)<br />
® data elements cover a majority <strong>of</strong> the data elements supported by the UTFS<br />
Workpackage 1. (A full list <strong>of</strong> data e<br />
4.7.6 Message Sequences<br />
Not part <strong>of</strong> the documents reviewed.<br />
4.7.7 Security Requirements<br />
To achieve high data integrity both parties involved in a <strong>com</strong>munication session<br />
authenticate each other through three-pass authentication scheme using MAC.<br />
Page 56
Following the authentication process a session<br />
key is generated for each transmission.<br />
All data transfers are also encrypted against eavesdropping.<br />
4.7.8 Timing<br />
and Routing<br />
The TransLink ® system architecture i l structure with the TransLink ®<br />
Central System (TCS) at the top. The T d to all platforms at the next tier<br />
rough Headquarter Computer Systems (HCS). An HCS has connections to, and<br />
anages many TransLink ® s a hierarchica<br />
CS is connecte<br />
th<br />
m<br />
Data Servers (TDS). The TDS manages one or more Card<br />
Interface Devices (CID)<br />
or Distribution Devices (AVM).<br />
Each node at a tier in the system <strong>com</strong>municates to all subordinate nodes and has a<br />
single connection to the next higher tier. This requires all transactions in the TransLin<br />
Fare Payment System (FPS) to be transported through each processing tier before<br />
arriving at the TCS. The processing requirements <strong>of</strong> each level<br />
determine what<br />
transactions<br />
are filtered and formatted into database structures.<br />
All messages<br />
must be forwarded to a higher<br />
level until they reach the TCS. For<br />
example, a message generated at a device is submitted<br />
to the TDS then forwarded to the<br />
HCS. The HCS then has the responsibility for sending<br />
its transactions to the TCS.<br />
provides four different date definitions in operation cycle as follows:<br />
TransLink ®<br />
• Operating<br />
Date<br />
• Business<br />
Date<br />
• Reconciliation Date<br />
• Settlement<br />
Date<br />
T he current operating date is a date tha t may be different from the current calendar<br />
date. For example, the current cal endar date may already be 18 February<br />
2004, at 1:00<br />
am, but the current operating date is still 17 February 2004 because the operating<br />
date<br />
changes eve ry day at 3:00 am.<br />
The transaction business date is generated by a device, and added to the transaction<br />
at<br />
the TDS level. It is the current operating date <strong>of</strong> the device or TDS acquiring the device<br />
UD. Typically, business dates reflect the operational business date <strong>of</strong> a transit<br />
operator—the<br />
period <strong>of</strong> their normal daily business hours. For example, if a transit<br />
oper ator operates from 6:00 am to 2:00<br />
am, (their business day), the business date<br />
changeover will occur at 2:00 am. This allows the system to generate operational reports<br />
that reflect transaction/passenger loads tied to their operational schedules. The<br />
business date usually is applied at the devices or the TDS because these nodes typically<br />
operate <strong>of</strong>fline. The business date is typically incremented during the<br />
transit operator<br />
end-<strong>of</strong>-day<br />
process.<br />
The reconciliation date is added to the transaction<br />
at the transit operator level. It is the<br />
current operating date on the transit<br />
operator’s central system. This date is used to<br />
Page 57<br />
k ®
econcile between the Central Clearinghouse (CCH), acquirer, and the transit operator<br />
systems. This date stamp is applied when the transaction is received by the TCS and<br />
used for re conciliation. This allows for more direct reconciliation between<br />
the TCS and<br />
the CCH/I ssuer than would be possible<br />
with the business date.<br />
The settlement date is added<br />
to the transaction at the CCH. It is the current<br />
operating<br />
date on the CCH system. This is the date used to perform daily CCH financial<br />
operations related to distribution <strong>of</strong> funds.<br />
4.7.9 Usability<br />
As <strong>of</strong> the production date <strong>of</strong> this report, no response<br />
has been received from the<br />
owners’ <strong>of</strong> this specification.<br />
4.8 ERG APTA SPECIFICATIONS<br />
4.8.1 Description <strong>of</strong> the Specification<br />
ERG APTA Sepcifications consist <strong>of</strong> 3 documents which are based on the evolution <strong>of</strong><br />
the TransLink rk in Hong Kong, Rome, Las Vegas<br />
and Singa<br />
device central<br />
® specification and ERG’s similar wo<br />
pore. These documents provide information<br />
on message specifications from<br />
level to regional system.<br />
The first document, APTA-001 , “Device to Higher Level Computer Data Elements/Messaging<br />
Specifications”, provides the APTA WG4 equivalent transaction definitions. The second<br />
document, APTA-002 “APTA Base Types Re<strong>com</strong>mendation”,<br />
defines data types for the<br />
message content and <strong>com</strong>pliments<br />
the APTA-001. The third document, APTA-003<br />
APTA T ransaction and CD Security,<br />
defines the requirement for the "security"<br />
mechanisms to be implemente d in the message exchange between the devices and the<br />
backend systems.<br />
The ERG Business Model is based on the principle that there exists a contract between<br />
system s participants and the regional scheme manager. The contact represents a<br />
registration to the scheme and regulates rights, business rules and obligations <strong>of</strong> the<br />
respective participants. The transit operators, as participants, accept fare payment from<br />
valid cards <strong>of</strong> the scheme at face value and clear<br />
and settle the transaction data through<br />
the regional central<br />
clearinghouse.<br />
4.8.2 Applicability to UTFS<br />
Effort<br />
ERG APTA specifications have been based on ERG’s implementations <strong>of</strong> smart card<br />
based fare collection systems around the world. The specifications provide a wide<br />
variety <strong>of</strong> data elements designed to en<strong>com</strong>pass the most fare product types <strong>of</strong>fered<br />
in<br />
the transit industry. Though th e documents do not support the “System and Device<br />
Page 58
Data” transaction messages proposed by the WP4, the “Transaction Data” and the<br />
“Card Management Data” equivalent messages are applicable to APTA UTFS efforts.<br />
4.8.3 Common Message Structure<br />
The ERG APTA-0001 proposed message layout consists <strong>of</strong> two parts as illustrated<br />
in<br />
Exhibit 4.8-1:<br />
Exhibit 4.8-1<br />
APTA Header Variant Data<br />
APTA System Header APTA System Common Header<br />
Both APTA System Header and the APTA System Common Header make up the<br />
header <strong>of</strong> the message. The body <strong>of</strong> the message, called “Variant Data”, is made <strong>of</strong><br />
a<br />
series <strong>of</strong> data structures, each containing individual data elements. Exhibit 4.8-2<br />
provides a list <strong>of</strong> data structures used in all the messages.<br />
4.8.3.1 APTA System Header<br />
Exhibit 4.8-2 Data Structures<br />
HEADER VARIANT DATA SCOPE<br />
{SysHdr_t} ALL messages<br />
{SysComHdr_t} ALL messages-<br />
{SysFinDetails_t} or {SysFinDetails2_t}<br />
ALL messages with CbTxnPurpose = “F”<br />
{SysSecurityHdr_t}<br />
ALL messages requiring a secured payload<br />
{SysPiccCom_t}<br />
Messages with picc details<br />
{SysApplicationCom_t}<br />
Messages with application details<br />
{SysProductCom_t} Messages with product details<br />
{SysPiccHolderCom_t}<br />
Messages with piccHolder details<br />
{DevPurseCommonHdr_t} Transactions involving a purse product<br />
{DevPassCommonHdr_t} Transactions involving a pass product<br />
{DevMultirideCommonHdr_t} Transactions involving a multiride product<br />
{DevJourneyHdr_t} Transactions journey data involving a any product<br />
{DevPurseJourneyHdr_t} Transactions with journey data involving a purse product<br />
{DevPassJourneyHdr_t} Transactions with journey data involving a pass product<br />
{DevMultirideJourneyHdr_t} Transactions with journey data involving a multiride product<br />
{DevPurseLavHdr_t} Transactions with last add value data involving a purse product<br />
{DevPassLavHdr_t} Transactions with last add value data involving a pass product<br />
{DevMultirideLavHdr_t} Transactions with last add value data involving a multiride product<br />
This<br />
header contains system related information required to enable validations and<br />
reporting<br />
to be performed on the transactions and is present in every message. Exhibit<br />
4.8-2<br />
lists the data elements contained in the APTA System Header:<br />
Page 59
4.8-3 APTA System<br />
Header<br />
Field Name Description<br />
SettlementDate Current<br />
settlement date <strong>of</strong> the system.<br />
ReconciliationDate Agency operation date<br />
Hostname Host<br />
name <strong>of</strong> the Site Computer that<br />
receives<br />
transaction from the Picc Device<br />
AcquirerId The Unique ID <strong>of</strong> the Acquirer involved in<br />
the transaction.<br />
4.8.3.2 APTA System Common Header<br />
This<br />
is the <strong>com</strong>mon header structu re that immediately follows the System Header in<br />
every UD message. UD is defined as “Usage Data” in the context <strong>of</strong> the ERG<br />
specifications.<br />
Exhibit 4.8-4 APTA System Common Header<br />
Field Name Description<br />
formatVersion Format version (ie structure) <strong>of</strong> the usage data<br />
payload. This field is updated every time a new<br />
structure definition is released.<br />
The formatVersion <strong>of</strong> this APTA Data Definition<br />
is: 0x000001<br />
txnDateTime The time (in seconds) at which the UD record is<br />
generated. Format is Unix Time_t (UTC 0) i.e. 0 =<br />
1/1/1970,<br />
00:00:00 UTC.<br />
BusinessDate The Business Date on which this UD record was<br />
generated<br />
sourceParticipantId The Unique ID <strong>of</strong> the Operator associated with<br />
the Picc device on which the UD transaction<br />
is<br />
generated.<br />
DeviceId A unique number<br />
assigned to each device<br />
SamId The numeric identification <strong>of</strong> the Security Access<br />
Module (SAM) used in the transaction. This field<br />
is 0 if no sam was involved.<br />
This field should be used to identify the source<br />
device <strong>of</strong> the transaction since it is<br />
the SAM that<br />
MACs the transaction. A mapping between<br />
SamId and deviceId could be maintained<br />
by<br />
Page 60
Field Name Description<br />
reading the SamId and DeviceId data arriving in<br />
the header.<br />
Udsn UD sequence number. The UDSN will reset back<br />
to 0 when it increments past 0xFFFFFFFF.<br />
Transac tion Status Indicates if the UD transaction is a normal<br />
or test<br />
transaction. Test transactions are ignored.<br />
UdTyp e Main UD group that defines the type <strong>of</strong><br />
transaction.<br />
UdSubtype Sub UD groups within UD.<br />
4.8.3.3 Variant Data<br />
Variant<br />
Data consist <strong>of</strong> a group <strong>of</strong> selected data structures to form the body <strong>of</strong> a<br />
message. The message type determines the kind and quantity <strong>of</strong> data structures to exist<br />
in a message.<br />
For example a “Product Purse Use” Message contains the following data<br />
structures<br />
from the Exhibit 4.8-2:<br />
• SysComHdr_t<br />
• SysPiccCom_t<br />
• SysApplicationCom_t • DevUdPurseCommonHdr_t<br />
• SysFinDetails_t<br />
• DevUdPurseLavHdr_t • SysSecurityHdr_t 4.8.4 Message Types<br />
As in the TransLink system, ERG specifications break transaction data into types and<br />
subtypes to provide the system with a unique level <strong>of</strong> message identification.<br />
Messages fall into one <strong>of</strong> the following<br />
seven main transaction types (UdType), as<br />
illustrated<br />
in Exhibit 4.8-5. Each transaction group contains further message types<br />
(UDSubType)<br />
within them.<br />
Page 61
Exhibit 4.8-5 Transaction Groups<br />
Group UdType Description<br />
Picc 1 Picc transactions- transactions related<br />
to Picc<br />
ad justments such as issue, unblock<br />
Application 2 Application transactions- transactions<br />
related to<br />
Application adjustment such as create, delete, block,<br />
unblock<br />
Product 3 Product transactions- transactions<br />
related to fare<br />
processing, autoloads, add values, actionlists, product<br />
usage<br />
Other 4 Other transactions<br />
Audit registers 5 Audit registers<br />
Events 6 Event records<br />
Project Specific Txns 7 Project specific transactions. Use <strong>of</strong> the UDSubType<br />
values must be non-overlapping across projects.<br />
The “Audit Registers”, “Events”, “Project Specific Transactions”<br />
and the “Other”<br />
transactions are deemed optional and beyond the scope <strong>of</strong> this specification. The<br />
messages that fall into these transaction groups depend<br />
on the requirements <strong>of</strong> the<br />
specific operator/scheme manager.<br />
All messages have a purpose field, which allows transactions <strong>of</strong> the same purpose to be<br />
processed<br />
via different paths from transactions <strong>of</strong> another purpose. They also allow<br />
grouping for reporting purposes. Exhibit 4.8-6 provides a list <strong>of</strong> the purpose codes<br />
supported by the specification.<br />
4.8-6 Transaction Purposes<br />
Transaction Description<br />
Purpose<br />
code<br />
M Maintenance Transactions<br />
F Financial Transactions which affect the<br />
Master Database<br />
B Blocking Transactions<br />
S Miscellaneous Transactions<br />
U Non Financial Usage Transactions<br />
4.8.4.1<br />
Transaction Data<br />
The<br />
Product Transaction Group (UD Type=3) messages, listed in exhibit 4.8-7, are ERG<br />
equivalent to the “Farecard Usage Transaction” messages as proposed by the WG4.<br />
Each message in every transaction group is assigned a unique sub-type ID based on the<br />
fare product used and the entry/exit condition <strong>of</strong> the journey.<br />
Page 62
4.8-7 Product Transactions Usage Messages<br />
UdSubType MESSAGE<br />
8 TXN_PRODUCT_PURSE_USE<br />
31 TXN_PRODUCT_PURSE_USE_JOURNEY<br />
32 TXN_PRODUCT_PASS_USE_JOURNEY<br />
33 TXN_PRODUCT_MULTIRIDE_USE_JOURNEY<br />
34 TXN_PRODUCT_PURSE_REBATE_ON_EXIT<br />
35 TXN_PRODUCT_PURSE_USE_ON_ENTRY<br />
41 TXN_PRODUCT_PASS_USE_ON_ENTRY<br />
36 TXN_PRODUCT_MULTIRIDE_USE_ON_ENTRY<br />
37 TXN_PRODUCT_PURSE_USE_ON_EXIT<br />
38 TXN_PRODUCT_PASS_USE_ON_EXIT<br />
39 TXN_PRODUCT_MULTIRIDE_USE_ON_EXIT<br />
40 TXN_PRODUCT_SURCHARGE_REBATE_ON_EXIT<br />
The following Product Transaction Group messages, listed on exhibit 4.8-8, are<br />
equivalent to the “Add Value Transaction” messages as proposed by the WG4.<br />
ERG specifications do not <strong>of</strong>fer any messages that are equivalent <strong>of</strong> “Financial Audit<br />
Data”.<br />
Exhibit 4.8-8 Product Transactions Add Value Messages<br />
UdSubType Description<br />
1 TXN_PRODUCT_PURSE_ADD<br />
2 TXN_PRODUCT_PASS_ADD<br />
3 TXN_PRODUCT_MULTIRIDE_ADD<br />
9 TXN_PRODUCT_PURSE_ADD_REVERSE<br />
10 TXN_PRODUCT_PASS_ADD_REVERSE<br />
11 TXN_PRODUCT_MULTIRIDE_ADD_REVERSE<br />
4.8.4.2 Card Management Data<br />
The “PICC related transactions” group <strong>of</strong>fers fourteen messages that are generated in<br />
response<br />
to an exception or a specific event occurred on a card. Ten <strong>of</strong> these messages<br />
are listed in Exhibit 4.8-9, and have direct equivalents in the WP4 proposed Card<br />
Management Data messages:<br />
Page 63
UdSubType Title<br />
Exhibit 4.8-9 Picc Transaction Messages<br />
Description<br />
1 TXN_PICC_INITIALISE PICC initialization <strong>of</strong> reinitialization<br />
2 TXN_PICC_ISSUE Issue <strong>of</strong> personalized or<br />
anonymous card.<br />
3 TXN_PICC_PERSONALISE Personalization <strong>of</strong> the card.<br />
4 TXN_PICC_PERSONALISE_UP Personalization details are<br />
DATE<br />
amended.<br />
5 TXN_PICC_BLOCK CID blocks a PICC from usage<br />
due to hotlisting or failure to<br />
meet other validity processing<br />
rules such as expiry. Or as part<br />
<strong>of</strong> the initialization/issuing<br />
process.<br />
6 TXN_PICC_UNBLOCK CID unblocks a previously<br />
blocked PICC.<br />
7 TXN_PICC_KEYS_UPDATE CID upgrades the security keys<br />
on a PICC to a later version.<br />
12 TXN_PICC_ACTIONLIST Actionlist performed on a PICC.<br />
13 TXN_PICC_UNACTIONLIST Un-actionlist a PICC.<br />
14 TXN_PICC_RANGE_ACTIONLI<br />
ST_UPDATE<br />
A new PICC range actionlist is<br />
generated.<br />
The “ Application<br />
Transactions” group <strong>of</strong>fers messages intended for the creation and<br />
management <strong>of</strong> a transit application on the card. The following are the message types<br />
<strong>of</strong>fered<br />
by the specification:<br />
• Create<br />
• Delete<br />
• Block<br />
• Unblock<br />
• Replace<br />
The ERG APTA specifications do not provide any messages for CID in the “Card<br />
Parameter Update” category.<br />
4.8.4.3 System and Device Data<br />
This specification does not define any System and Device Data category messages.<br />
4.8.4.4 Event Data<br />
This specification does not define any Event Data category messages.<br />
Page 64
4.8.4.5 Peer-to-Peer Clearing and Settlement<br />
ERG APTA Specifications have been developed for the regional system settlement<br />
approach but some <strong>of</strong> the messages could be conceivably used for a peer-peer<br />
settlement<br />
model.<br />
4.8.4.6 Additional Messages<br />
Offered<br />
The following additional messages are <strong>of</strong>fered by the ERG specifications and intended<br />
for card/product activities conducted by customer service personnel.<br />
• Product and e-cash refund<br />
• Product replacement<br />
• Bad Debt settlement<br />
• Issuing reversal<br />
4.8.5 Data Elements<br />
The ERG APTA specifications<br />
cover the data elements supported by the UTFS<br />
Workpackage 1 and are listed in Appendix C. The APTA-002 specification provides the<br />
type definitions for the data elements used in conjunction with the APTA-001<br />
specification.<br />
4.8.6 Message Sequences<br />
The<br />
ERG APTA Specifications do not define message sequences.<br />
4.8.7<br />
Security Requirements<br />
ERG’s approach to message security is to protect each transaction with a MAC,<br />
ensuring that the content and source <strong>of</strong> the transaction can be validated. This<br />
MAC is<br />
applied<br />
over a subset <strong>of</strong> the <strong>com</strong>plete message structure.<br />
4.8.8 Timing and Routing<br />
The ERG APTA Specification s do not define Timing and Routing requirements.<br />
4.8.9 Usability<br />
ERG<br />
provided the specification in its entirety for APTA to use within their APTA UTFS<br />
WP 4 efforts at no cost. It<br />
may be openly reviewed and changed if necessary. However,<br />
ERG prefers that it be not used piecemeal. In case APTA prefers to adapt the<br />
specification in its entirety and submit changes to it, ERG is willing to <strong>of</strong>fer their<br />
internal change process to maintain the central control <strong>of</strong> the document in return for a<br />
fee based on time and materials.<br />
Page 65
4.9 REGIONAL INTEROPERABILITY STANDARD (RIS) PART 4<br />
4.9.1 Description <strong>of</strong> the Standard<br />
RIS, the smart card based Regional Interoperability Standard for Electronic Transit Fare<br />
Payments, has been developed for Port Authority <strong>of</strong> New York and New Jersey<br />
(PANY/NJ), and currently consists <strong>of</strong> four parts. Part-1 is the User Guide and provides<br />
an overview <strong>of</strong> the RIS system approach. Part-2 <strong>of</strong> the RIS establishes the physical and<br />
electrical<br />
requirements for a Proximity Integrated Circuit Card (PICC) and a Card<br />
Interface Device (CID). Part-3 addresses the data structure <strong>of</strong> a PICC at a technical<br />
specification level <strong>of</strong> detail. RIS Part 4 defines standards for the exchange <strong>of</strong> messages<br />
between the Regional Clearing House (RCH) and other <strong>com</strong>puter systems required to<br />
interface to it. Other <strong>com</strong>puter systems include transit agency fare collection systems,<br />
card<br />
reload agent payment systems, transit benefits operators’ transaction processing<br />
systems, and card issuers’ card management systems.<br />
The message protocols and formats defined and standardized in RIS Part 4 cover the<br />
following exchange <strong>of</strong> data:<br />
• All messages originating from<br />
the RCH for management and accounting <strong>of</strong> all<br />
cards under its control.<br />
• Receipt <strong>of</strong> all issuance and fare payment-related transactional<br />
data generated<br />
within or for the benefit <strong>of</strong> a regional<br />
program for smart card-based electronic<br />
fare payments.<br />
• Settlement <strong>of</strong> transactions between multiple RCHs<br />
for instances where a PICC<br />
from one region is used to perform a fare payment-related transaction in a<br />
different<br />
region.<br />
RIS Part 4 messages are primarily designed to transmit card data objects defined in RIS<br />
Part 3 and provide flexibility for transmitting<br />
four additional non-RIS Part 3 objects.<br />
4.9.2 Applicability to UTFS Effort<br />
Overall RIS Part 4 is a well-documented standard that is applicable to WP 4 efforts.<br />
The<br />
standard provides a conceptual fare system model where functions and responsibilities<br />
<strong>of</strong> a regional clearinghouse and system participants are defined. The establishment <strong>of</strong><br />
this model is a crucial prerequisite to the WP 4 standard development effort. Following<br />
are<br />
the key advantages <strong>of</strong> the standard.<br />
• Direct support<br />
for WP1 card data structure due to its <strong>com</strong>pliance with RIS Part 3<br />
• Availability for APTA WP4 to adapt<br />
RIS Part 4 defines the requirements for messages to and from the RCH(s). Although the<br />
RIS Part 4 can be applied to messages generated by CIDs, in its current form, the<br />
Page 66
standard does not mandate the <strong>com</strong>pliance <strong>of</strong> transactions originating from Tier 1<br />
devices. Following are some <strong>of</strong> the disadvantages <strong>of</strong> RIS Part 4.<br />
• Limited support for data elements (objects) not <strong>com</strong>pliant with WP1 data formats<br />
• In a draft form and not implemented<br />
4.9.3 Com mon Message<br />
Structure<br />
RIS messages consist <strong>of</strong> four<br />
parts as shown in Exhibit 4.8-1. The total message length<br />
varies based on the number <strong>of</strong> objects included in Part<br />
3 <strong>of</strong> the message. Each<br />
individual mes sage is iden tified by the “Message Identifier” and contains<br />
the message<br />
specific mandatory and optional data objects as designated by the object<br />
map. The<br />
details <strong>of</strong> these messages have been described in the following sections. 4.9.3.1 PART 1<br />
Exhibit 4.9-1 RIS Message Structure<br />
T he Part 1 consists <strong>of</strong> fixed number <strong>of</strong> fields within each message category described in<br />
Section<br />
4.9.4.<br />
The “Message Identifier” determines type<br />
<strong>of</strong> the message such as “Product Activation”<br />
or<br />
“Use <strong>of</strong> Stored Value”.<br />
4.9.3.2 PART 2<br />
The<br />
Part 2 includes message authentication data represented by the<br />
“AuthenticationDataGroup”. This group contains the data elements that will be<br />
required by the receiver to authenticate the message or series <strong>of</strong> messages.<br />
4.9.3.3<br />
PART 3<br />
Exhibit<br />
4.9-9<br />
AuthenticationDataGroup<br />
MessageAuthCode<br />
MACKeyID<br />
AlgorithmID, optional<br />
MACHashID, optional<br />
This part contains the standard RIS object map and the objects required to be included<br />
in a specific transaction. The purpose <strong>of</strong> the object map is similar to the “bitmap” in<br />
ISO/IEC<br />
8583, as explained in section 4.1.1. The Object Map is an 8 Byte, (64 Bit) binary<br />
Page 67
it map where each bit represents the presence or absence<br />
<strong>of</strong> a specific RIS Data Object.<br />
E ach “1” in the object map indicates the presence <strong>of</strong><br />
the corresponding object in the<br />
message,<br />
and each “0” indicates the absence <strong>of</strong> the object. Any additional<br />
object may be<br />
adde d to the message simply by marking the Object bit map and<br />
placing the objects in<br />
the correct sequence in part 3 <strong>of</strong> the message. There are four extra<br />
bits that are reserved<br />
for implementer definition in the object bitmap. These<br />
extra bits can be utilized to send<br />
implementation<br />
specific objects or data elements that are not necessarily <strong>com</strong>pliant with<br />
RIS Part 3.<br />
4.9.3.4 PART 4<br />
Part 4 contains transaction specific data elements that<br />
are unique to the type <strong>of</strong> the<br />
message such as the cardholder personal information in a “PICC Registration” message.<br />
4.9.4 Message Types<br />
R IS Part 4 provides the following six main<br />
message categories with unique individual<br />
messages within the each<br />
category.<br />
• CID Transaction<br />
Messages<br />
• PICC Scheme Control<br />
Messages<br />
• Interface to Transit Benefits Processors<br />
• Interface to Other Clearing houses<br />
• ISO 8583 Interchange message specifications<br />
• ACH – Automated Clearing house messages<br />
4.9.4.1 CID Transaction<br />
Messages<br />
CID Transaction messages include the following<br />
three categories <strong>of</strong> transactions that are<br />
based on the CID to PICC interactions:<br />
• PICC Initialization messages include such card activities as initialization,<br />
issuance, registration, card inquiry, and limited use card initialization<br />
• Load and Unload messages include all direct load and autoload activities<br />
performed on the card<br />
• Fare payment (Usage) messages document in- and out-<strong>of</strong>-region card use for all<br />
<strong>com</strong>mon fare product types available in the US.<br />
The Part 1 <strong>of</strong> the CID Transaction Messages contains twelve<br />
data elements as illustrated<br />
in Exhibit 4.9-2.<br />
Page 68
Item<br />
Number<br />
Exhibit 4.9-2 Part 1 Fields<br />
Data Element Name Exhibit<br />
1.1 MessageIdentifier<br />
1.2 MessageVersion<br />
1.3 MessageRevision<br />
1.4 LocationDataGroup (GRP) 4.8-3<br />
1.5 VehicleDataGroup (GRP) 4.8-4<br />
1.6 EquipmentDataGroup (GRP) 4.8-5<br />
1.7 PICCDataGroup (GRP) 4.8-6<br />
1.8 TransactionDatetime<br />
1.9 EmployeeDataGroup (GRP)* 4.8-7<br />
1.10 PostDateTime<br />
1.11 ApplicationCertCode<br />
1.12 ActionEventDataGroup (GRP) 4.8-8<br />
The location data group describes different characteristics <strong>of</strong> the location a transaction<br />
occurred as listed in Exhibit 4.9-3.<br />
Exhibit 4.9-3<br />
LocationDataGroup<br />
CountryID<br />
RegionID<br />
AgencyID<br />
LocationID<br />
LocationIDDestination (Optional)<br />
LocationIDSubArea (Optional)<br />
Exhibit 4.9 -4 lists the data elements <strong>of</strong> the “Vehicle Data Group”<br />
which provides the<br />
details <strong>of</strong> the transit vehicle where the transaction took place.<br />
Exhibit 4.9-4<br />
VehicleDataGroup<br />
VehicleID (Optional)<br />
RouteID (Optional)<br />
ZoneID (Optional)<br />
ZoneIDDestination (Optional)<br />
RunID (Optional)<br />
Direction-code (Optional)<br />
“ Equipment Data Group”, shown in Exhibit 4.9-5, contains the data elements that<br />
describe<br />
the device that performed the transaction.<br />
Page 69
Exhibit 4.9-5<br />
EquipmentDataGroup<br />
DeviceID<br />
DeviceTransactionSeq (Optional)<br />
CIDID<br />
CIDTransactionSeq<br />
“PICCDataGroup” contains the data elements that describe the characteristic <strong>of</strong> the<br />
card used in the transaction, Exhibit 4.9-6.<br />
Exhibit 4.9-6<br />
PICCDataGroup<br />
PICCSerialNumber<br />
PICCDataStatusAsRead<br />
PICCDataStatusAsWritten<br />
PICCKeySetID<br />
PICCTransactionSeq<br />
PICCTransitApplicationStatus (Optional)<br />
PICCPurseSVUse (Optional)<br />
The<br />
“ EmployeeDataGroup”<br />
<strong>com</strong>prises the data elements displayed in Exhibit<br />
4.9-7, and<br />
identifies<br />
the employee who is logged on to the device at the time<br />
<strong>of</strong> the transaction.<br />
Exhibit 4.9-7<br />
EmployeeDataGroup<br />
EmployeeID<br />
EmployeeType<br />
EmployeePICCID (Optional)<br />
The “ActionEventDataGroup” group contains the data elements that are used to<br />
document the current<br />
state <strong>of</strong> action event directives as listed in Exhibit<br />
4.9-8<br />
Exhibit 4.9-8<br />
ActionEventDataGroup<br />
ActionEventIDAsRead<br />
ActionEventIDAsWritten<br />
ActionEventMapAsRead<br />
ActionEventMapAsWritten<br />
Page 70
4.9.4.2 PICC Scheme Control Messages<br />
The RIS Part 4 defines<br />
a central control body that is responsible for the administration<br />
and the governance <strong>of</strong> the fare collection scheme. The following are the message<br />
categories that are issued by the “control body” in order to distribute the<br />
implementation<br />
specific application parameters:<br />
• Action List<br />
• Negative List<br />
• Fare Policy Framework<br />
• Key Management<br />
4.9.4.3 Interface to Transit Benefits Processors<br />
The<br />
messages in this category are used by Third Party Transit Benefits Administrators<br />
to <strong>com</strong>municate benefit load instructions<br />
and action confirmations to the party who<br />
manages the action list administration. The Action List Administration facility returns<br />
confirmations when the Action List directives are fulfilled. For example, a C101 benefit<br />
load request message originating from the Transit Benefits Processor, is responded with<br />
a C10 2 Benefit load Confirmation<br />
message from the Regional Clearing House or Action<br />
List Administrator<br />
4.9.4.4 Interface to Other Clearing houses (RCH-to-RCH)<br />
This category <strong>of</strong> messages are used between<br />
clearing houses, when a card from a certain<br />
region is used in another region belonging to a different RCH, to notify each other <strong>of</strong><br />
the activity associated with that card. The messages exchanged<br />
are a subset <strong>of</strong> those<br />
defined<br />
for a single RCH, and listed in Appendix D.<br />
4.9.4.5 ISO 8583 Interchange message specifications<br />
The RIS Part 4 supports the ISO/IEC 8583 messages for all credit/debit card processing<br />
related transactions between the RCH and the third party financial transaction<br />
acquirers.<br />
4.9.4.6 ACH – Automated Clearing house messages<br />
The<br />
specification supports the ACH messages as defined by the Electronic Payments<br />
Associatio n (NACHA) for message exchanges between the RCH and the third party<br />
Automated Clearing Houses (ACH).<br />
Page 71
4.9.5.1 Transaction Data<br />
The Exhibits 4.9-10 and 4.9-11 provide the RIS Part 4 defined CID Transaction messages<br />
that are <strong>com</strong>parable to “Farecard Usage Transaction Messages” and “Add Value<br />
Transaction<br />
Data “ as proposed by the WP4 functional document.<br />
Message<br />
Identifier<br />
4.9-10 Farecard Usage Transaction Messages<br />
Description<br />
A401 Use <strong>of</strong> Regional T-Purse<br />
A402 Use <strong>of</strong> Regional Pass Product with or without a step-up fare<br />
A403 Use <strong>of</strong> Agency Specific Product product with or without a step-up fare<br />
A405 Use <strong>of</strong> Agency Stored Value Product<br />
A406 Use <strong>of</strong> Special Limited Use Value PICC<br />
A407 Use <strong>of</strong> Special Limited Use Product PICC<br />
A408 Transfer on Special Limited Use Product PICC<br />
A409 Transfer with or without a step-up fare<br />
A411 Product Activation (First use <strong>of</strong> rolling product)<br />
A412 Use <strong>of</strong> Account Linked Product<br />
A414 Use <strong>of</strong> Regional T-purse on an Out <strong>of</strong> Region PICC<br />
A415 Use/travel on an Autovalue Product<br />
A419 Use <strong>of</strong> Stored Value from Multiple SV Sources<br />
4.9-11 Add Value Transaction Data<br />
Message Description<br />
Identifier<br />
A201 Load <strong>of</strong> Regional T-Purse<br />
A202 Load <strong>of</strong> Regional Pass Product<br />
A203 Load <strong>of</strong> Agency Pass Product<br />
A204 Load <strong>of</strong> Agency Stored Value Product<br />
A205 Load <strong>of</strong> Account Linked Product<br />
A206 Load <strong>of</strong> Value to a Special Limited Use PICC<br />
A207 Load <strong>of</strong> Product to a Special Limited Use PICC<br />
A208 Load Product and Value to a Special Limited Use PICC<br />
A209 Load <strong>of</strong> Out <strong>of</strong> Region T-Purse<br />
RIS Part 4 does not <strong>of</strong>fer any messages that are equivalent <strong>of</strong> “Financial Audit Data”<br />
4.8.5.2 Card Management Data<br />
The following RIS Part 4 messages have direct equivalents in the Card Management<br />
Message<br />
category <strong>of</strong> the WP4 proposed message types.<br />
• Initialization<br />
• Issuing<br />
Page 72
• Registration<br />
• Negative List<br />
• Action List<br />
• Card Parameter Update<br />
• Key Change<br />
The actionlist messages supported by RIS Part 4 are as follows:<br />
• Set-up and withdrawal (cancellation) <strong>of</strong> card autoload events<br />
• Set-up and withdrawal (cancellation) <strong>of</strong> card autovalue events,<br />
• Unloading <strong>of</strong> products and e-purses<br />
• Block and unblock <strong>of</strong> the card and the individual products<br />
RIS Part 4 also supports the following key management messages:<br />
• Load PICC Access Key-Set • Load<br />
MAC Key-Set<br />
• Load DAC Key-Set<br />
• Control Key-Set<br />
4.8.5.3 System and Device Data<br />
RIS Part 4 does not support any System and Device data messages<br />
4.8.5.4 Event Data<br />
RIS Part 4 does not support any Event data messages<br />
4.8.5.5<br />
Peer-to-Peer Clearing and Settlement<br />
Although the standard is designed to support a central/regional clearing and<br />
settlement scheme, some <strong>of</strong> the messages can be applied to a peer-to-peer clearing and<br />
settlement model. The “End <strong>of</strong> Day Position” and the “End <strong>of</strong> Day Transaction Receipt”<br />
messages provide summaries <strong>of</strong> previously forwarded transactions for the period<br />
specified in the message in order to perform a high level reconciliation <strong>of</strong> the financial<br />
data.<br />
RCH-to-RCH message set can also be adapted by a peer-to-peer system, each peer<br />
central system acting as a single RCH.<br />
4.8.5.6 Additional Messages Offered<br />
RIS Part 4 provides “Fare Policy Framework” messages to transmit transit scheme<br />
related parameters such as products Ids, Agency IDs and “rider pr<strong>of</strong>ile<br />
codes” to the<br />
scheme participant s.<br />
Page 73
The “Transit Benefi t Messages”, explained in section 4.8.4.3, are another<br />
set <strong>of</strong><br />
additional messages <strong>of</strong>fered by the standard.<br />
4.8.6 Data Elements<br />
RIS Part 4 supports all the objects and data elements defined in RIS Part 3. The objects<br />
are 16 bytes and contain data elements <strong>of</strong> varying lengths. RIS Part 4 utilizes these exact<br />
objects<br />
in their “as read” and “as written” status. “As read” refers to the state <strong>of</strong> the<br />
object when it is first read from the PICC at the start <strong>of</strong> a PICC/CID transaction.<br />
Subsequently,<br />
“as written” refers to the state <strong>of</strong> the object when it is written to the PICC<br />
as a result <strong>of</strong> the transaction sequence. The ‘as read’ and ‘as written’ status <strong>of</strong> the<br />
product objects are placed together with other data elements to form the message<br />
structure that is sent from the CID through the agency<br />
<strong>com</strong>puter systems to the RCH.<br />
4.8.7 Message Sequences<br />
Act ion list messages originating from the RCH are responded with confirmation<br />
messages with separate message identifiers by AFC devices when the action directive is<br />
successfully implemented. For example, when a RCH sends the message A715, “Block<br />
a Product”, devices respond with an A416 message, “Product Blocked”, when the action<br />
succeeded.<br />
The standard does not define any other message sequences.<br />
4.8.8 Security Requirements<br />
RIS Part 4 supports transmission level data integrity through the use <strong>of</strong> MACs<br />
appended to every message. The MAC provides the<br />
RCH with the ability to validate the<br />
authenticity<br />
<strong>of</strong> transaction messages after they have been forwarded from a CID. The<br />
authenticity c heck is achieved through the secret keys stored only in CIDs and the RCH.<br />
4.8.9 Timing and Routing<br />
RIS Part 4 does not define any timing requirements.<br />
4.8.9 Usability<br />
The information provided in RIS<br />
Part 4 is <strong>of</strong>fered free <strong>of</strong> charge and can be incorporated<br />
within<br />
UTFS WP4’s efforts in order to facilitate the standardization <strong>of</strong> the interface<br />
between PICC’s host device and a Regional Clearing House (RCH). The Port Authority<br />
prohibits the licensing or charging <strong>of</strong> fees for use and development<br />
<strong>of</strong> any portion <strong>of</strong><br />
this Regional Interoperability Standard for Electronic Transit Fare Payments.<br />
Page 74
5.0 FINDINGS<br />
This section presents the findings resulting from the analysis <strong>of</strong> the standards and<br />
specifications contained in this report effort. The five<br />
standards and specifications<br />
illustrated<br />
in Figure 5-1 were reviewed and analyzed in accordance with the<br />
methodology and the techn ical criteria presented in Sections 2.0 and 3.0. Moreover, five<br />
additional criteria, as illustrated in Exhibits 5-1 and 5-2, were used to evaluate these<br />
standards and specifications in terms<br />
<strong>of</strong> their general usability and relevance to the<br />
UTFS effort. Both the exhibits provide a qualitative measure <strong>of</strong> the analysis<br />
results.<br />
Exhibit<br />
5-1<br />
Standard/ Technical UTFS Adoption<br />
UTFS<br />
Adoption UTFS Effort<br />
Specification<br />
ISO/IEC 8583<br />
Compliance<br />
4<br />
Costs<br />
1<br />
Time<br />
1<br />
Required<br />
1<br />
ITSO 3 4<br />
4 3<br />
VEI 3 N/A<br />
N/A 2<br />
OFX 1 4 1 0<br />
CID Edge<br />
Interfaces<br />
1 4 4<br />
1<br />
TransLink® 4 N/A N/A 4<br />
ERG APTA-000 3 4 4 3<br />
RIS PART 4 3 4 4 3<br />
N/A – Cost and adoption time were not able to be obtained during phone interview<br />
Legend<br />
4 More Favorable 0 Less Favorable<br />
Each <strong>of</strong> the sponsoring organizations for the respective standard or specification was<br />
contacted to discuss the process for obtaining permission to use the documentation.<br />
The results <strong>of</strong> those conversations were factored into the findings in this section.<br />
•<br />
The following categories have been established as measuring criteria:<br />
Technical Compliance is measured in terms <strong>of</strong> how the standard or specification<br />
<strong>com</strong>plies with the detailed analysis criteria in Section 4.0. The following criteria has<br />
been established and measured in quantities relative to other<br />
standards/specifications analyzed:<br />
o Definition <strong>of</strong> message structure<br />
o Number <strong>of</strong> message types matching with that <strong>of</strong> WG 4<br />
Approximately >90% match – Very Favorable<br />
Approximately 75% match – Favorable<br />
Approximately 50% match – Somewhat favorable<br />
Page 75
Approximately 25% match – Less Favorable<br />
o Estimated number <strong>of</strong> data elements associated with each message<br />
o Definition <strong>of</strong> security level<br />
o Other characteristics (e.g. operation, timing and message routing<br />
parameters defined)<br />
• UTFS Adoption Cost reflects the additional cost that may be required by APTA to<br />
adopt the standard or specification, such as membership dues and application fees.<br />
This category does not represent the actual labor cost <strong>of</strong> implementation.<br />
o 0-$1000 – Very Favorable<br />
o $1001- $5,000 Favorable<br />
o $5,000 – $10,000 Somewhat Favorable<br />
o $10,000 and up – Less Favorable<br />
• UTFS Adoption Time represents an estimate <strong>of</strong><br />
the time required to implement the<br />
UTFS changes in the relevant standard or specification, or to derive a UTFS<br />
derivative <strong>of</strong> the standard. Therefore it reflects the time necessary to navigate the<br />
approval process. This does not include the time APTA spends developing the<br />
changes to the specification:<br />
o 0-3 Months – Very Favorable<br />
o 6-9 Months – Favorable<br />
o 9-12 Months – Somewhat Favorable<br />
o 13 Months and up – Less Favorable<br />
• UTFS Effort Required aims to represent an estimate <strong>of</strong> the time and effort WP4 will<br />
require to adopt the standard or specification:<br />
o Approximate number <strong>of</strong> additional messages or message types that WP 4<br />
needs to define and add to the standard<br />
o Estimated number <strong>of</strong> new data elements or fields that WP 4 needs to<br />
define and add to the standard<br />
o Approximate number <strong>of</strong> matching messages that needs to be further<br />
defined<br />
The following three additional weighting criteria were established to evaluate the<br />
standards and specifications:<br />
• Smart Card Based represents the degree the standards or the specifications can<br />
ac<strong>com</strong>modate smart card data types and structure<br />
• Widely Implemented shows the degree the standard or specification is in use<br />
• Relevance to Transit represents the level <strong>of</strong> relevancy <strong>of</strong> the standard or<br />
specification to the transit industry. (Determined by the number <strong>of</strong> transit industry<br />
related data elements and message types supported).<br />
Page 76
Exhibit 5-2 illustrates the relevance to the WP4 efforts and the viability <strong>of</strong> using the<br />
standard or specification for a transit application.<br />
Exhibit 5-2<br />
Standard/ Smart Card Widely Relevance to<br />
Specification<br />
ISO/IEC 8583<br />
Based<br />
2<br />
Implemented<br />
4<br />
Transit<br />
1<br />
ITSO<br />
5.1 SUMMARY<br />
4 0 4<br />
VEI 2 1 4<br />
OFX 0 4 1<br />
CID Edge<br />
Interfaces<br />
4 0 4<br />
TransLink® 4 1 4<br />
ERG APTA-000 4 3 4<br />
RIS PART 4 4 0 4<br />
Legend<br />
4 More Favorable 0 Less Favorable<br />
Based on the analysis, ITSO, RIS PART 4 and ERG APTA Specifications are more<br />
favorable to adopt and more relevant to WP4 than all the other standards or<br />
specifications evaluated. Therefore, these three specifications are the best candidates for<br />
further analysis.<br />
That said, the other standards and specifications have some applicability to the UTFS<br />
efforts in various areas. The remainder <strong>of</strong> this section highlights these areas. ISO/IEC<br />
8583 standard’s batch/file transfer mechanisms and the OFX’s general schema structure<br />
should also be considered for reference in APTA’s future standard or specification<br />
development. Although scored very favorable on both “Technical Compliance” and<br />
“UTFS Effort Required” categories, TransLink did not qualify for a ranking on the other<br />
two categories due to lack <strong>of</strong> response from ERG Transit Systems as yet.<br />
According to Figure 5-1, the ISO/IEC 8583 scored favorable only on the Technical<br />
Compliance category. This standard has been determined to be less favorable in terms<br />
<strong>of</strong> usability, based on the time, cost and effort required to adapt it to WP4 purposes.<br />
However, this standard could serve as an effective model for WP4, due specifically to<br />
its extended focus on the definition <strong>of</strong> batch and file transfer mechanisms.<br />
Although it has not been implemented, the ITSO specification is one <strong>of</strong> the<br />
specifications that scored as the most favorable in almost all categories per Exhibits 5-1<br />
Page 77
and 5-2. The lack <strong>of</strong> existing implementation<br />
was the only drawback for this<br />
specification, resulting in a less favorable rating<br />
in the “Widely Implemented” category.<br />
Overall, ITSO is highly applicable to the UTFS.<br />
Although VEI scored as favorably in the technical <strong>com</strong>pliance category, it did not<br />
receive any scoring on the UTFS Adoption Costs<br />
and Adoption Time. This is because<br />
there is no definitive fee structure,<br />
or change request schedule that could be identified<br />
by the Agent Systems point <strong>of</strong> contact.<br />
If APTA were interested in pursuing VEI,<br />
detailed<br />
discussions with Agent Systems<br />
to determine these elements would be<br />
necessary. This specification scored as somewhat favorable in the UTFS Effort Required<br />
category, for the following reasons:<br />
• The level <strong>of</strong> effort required further defining and<br />
mapping<br />
all t he matching VEI<br />
dialogues to<br />
WP4<br />
proposed<br />
exact<br />
message<br />
types<br />
• The<br />
estimated number<br />
<strong>of</strong> additional<br />
data<br />
elements<br />
that need to be defined for<br />
smart card related transaction processing<br />
Compared to Exhibit 5-1, the VEI scored better in terms <strong>of</strong> relevance per Exhibit 5-2.<br />
OFX did not score as favorably because it lacks relevance to the transit industry. This<br />
adversely affects its score in all the other categories as well, and therefore, is the least<br />
applicable to UTFS efforts. It is gaining rapid acceptance in other industries (e.g.<br />
Financial) and support from major vendors such as Micros<strong>of</strong>t. APTA should consider<br />
this specification as it matures and be<strong>com</strong>es more widely adopted.<br />
Although in<strong>com</strong>plete, the CID Edge Interfaces scored very favorably in terms <strong>of</strong><br />
Adoption Costs and Adoption Time. This specification is a viable candidate for a model<br />
for WP4 efforts, due to its reliance on Workpackage 1 smart card data formats, and the<br />
relatively low adoption cost to UTFS. Its low score on Technical Compliance reflected<br />
adversely on the Level <strong>of</strong> UTFS Effort Required<br />
in implementing this specification.<br />
CID<br />
Edge Interfaces<br />
also scored very favorable on two <strong>of</strong> the three categories in Exhibit 5-2.<br />
Despite its low scores on Technical Compliance<br />
and UTFS Effort Required, WP4 should<br />
consider<br />
using this draft specification.<br />
TransLink is the most favorable specification in terms <strong>of</strong> technical <strong>com</strong>pliance. It fulfills<br />
most <strong>of</strong> the criteria established in this category<br />
by<br />
providing a match for all the message<br />
types proposed by the WP4. Its <strong>com</strong>pliance with<br />
the technical criteria also reduces the<br />
time required for APTA to adopt this specification<br />
because <strong>of</strong> the relatively smaller<br />
number <strong>of</strong> changes that need to be undertaken.<br />
Due to its regional and smart card based<br />
focus, TransLink also scored the highest in Exhibit 5-2. If APTA will be allowed to<br />
adopt this specification, TransLink should certainly<br />
be considered for WP4 efforts.<br />
ERG APTA specifications scored very favorably in all categories<br />
<strong>of</strong> the criteria. Its<br />
support for relatively fewer number <strong>of</strong> WP4 proposed messages resulted in a<br />
“Favorable” ranking in both the Technical Complian ce and the Level <strong>of</strong> UTFS Effort<br />
Page 78
Required. This set <strong>of</strong> specifications provides<br />
one <strong>of</strong> the highest level <strong>of</strong> applicability in<br />
terms <strong>of</strong> both<br />
Exhibits 5-1 and 5-2.<br />
Together with ITSO and ERG APTA specifications,<br />
RIS Part 4 scored as one <strong>of</strong> the three<br />
highest standards<br />
analyzed<br />
in Exhibit 5-1. Due to its relatively short history it lacks<br />
industry acceptance and real life implementation as reflected in Exhibit 5-2. This<br />
standard is a strong candidate<br />
for WP4 to consider. However, it should be expanded to<br />
allow the flexibility to support<br />
non-WP1 defined card data structures as well.<br />
Due to their exclusive focus on the North American transit industry, RIS PART 4 and<br />
the ERG APTA specifications are preferred candidates for further analysis by WP4.<br />
Page 79
APPENDIX A RESEARCH CONTACTS<br />
Project/Specification/Standard Sponsoring<br />
Organization/POC<br />
Email Address<br />
Smart Card Project Implementation Contacts<br />
TransLink ® MTC – Russell Driver rdriver@mtc.ca.gov Russell Driver<br />
Metropolitan Transportation Commission<br />
Lake Merritt Plaza<br />
1999 HarrISO/IECn<br />
Street<br />
Oakland, CA 94612<br />
WMATA – SIRS v0.6<br />
WMATA – Douglas ddeckert@wmata.<strong>com</strong> Douglas D. Deckert<br />
Specifications<br />
Deckert<br />
WMATA<br />
600 Fifth St., N.W.<br />
Washington, D.C. 20001-2693<br />
OCTOPUS OCTOPUS octopusuk@btinternet.<strong>com</strong> Brian Chambers<br />
International Operations Director<br />
Octopus Cards Ltd<br />
P.O. Box 2993<br />
BA3 5JT Radstock<br />
Smart Card Standards/Specifications<br />
Calypso RATP – Michel<br />
Michel.Barjansky@ratp.fr Michel Barjansky<br />
Barjansky<br />
RATP/SIT/ISV<br />
Immeuble Central IV<br />
1, avenue Montaigne<br />
93160.Noisy le Grand<br />
France.<br />
ITSO ITSO- Jeremy Acklam Jeremy Acklam<br />
Deputy Chairman <strong>of</strong> the Integrated Transport<br />
Smartcard Organisation<br />
Virgin Trains<br />
Euston Station (West Wing)<br />
NWI 2 DS London<br />
VEI N/A vei@agentsystems.<strong>com</strong> Agent Systems<br />
RKF Stockholm Lokaltrafik bjorn.holmberg@sl.se Bjorn Holmberg<br />
AB Storstockholms Lokaltrafik<br />
S-120 80 Stockholm, Sweden<br />
Page 80
Project/Specification/Standard Sponsoring<br />
Organization/POC<br />
Email Address VDV VDV- Till Ackermann N/A Till Ackermann<br />
Fachbereichsleiter<br />
Volswirthschaft<br />
Verband<br />
Deutscher Verkehrsunternehmen (VDV)<br />
Kamekestrasse, 37-39<br />
50672 Koeln, Germany<br />
Intercode SNCF gilles.de-chanterac@sncf.fr Gilles de Chanterec<br />
President <strong>of</strong> the Commiss ion <strong>of</strong><br />
Normalization<br />
Information System Policies Manager<br />
SNCF Direction du transport public<br />
209/211, Rue de Bercy-Tour Paris-Lyon<br />
75585 Paris, France ATIP Transport<br />
Ticketing R ichard.Parker@doi .vic.gov .au Richard Parker<br />
Authority<br />
Transport Ticketing Authority General<br />
Mana ger,<br />
Operations Level 16,<br />
589 Collins<br />
Street Melbourne, 3000<br />
Smart Card System Vendor Specifications<br />
Back <strong>of</strong>fice message<br />
Scheidt & Bachmann lbucci@scheidt-bachmann-<br />
Lisa Bucci<br />
specifications<br />
usa.<strong>com</strong><br />
Scheidt & Bachmann, USA<br />
31 North Avenue<br />
Burlington, MA 01803<br />
Back <strong>of</strong>fice message<br />
ERG – Michael Nash mnash@erggroup.<strong>com</strong> Michael Nash<br />
specifications<br />
ERG Transit Systems USA, Inc.<br />
1800 Sutter Street, Suite 900<br />
Concord, CA 94520<br />
CID Edge Interfaces Cubic brian.monk@cubic.<strong>com</strong> Brian Monk<br />
Cubic Transportation<br />
Systems<br />
5650 Kearny<br />
Mesa<br />
Road<br />
San Diego, CA 92111<br />
ERG APTA Specification ERG mlaezza@erggroup.<strong>com</strong> Michael Laezza<br />
ERG Transit Systems<br />
905-890-2794 ext 224<br />
Back <strong>of</strong>fice message Thales geraud.najman@thales- Geraud Najman and Ian Woodro<strong>of</strong>e<br />
Page 81
Project/Specification/Standard Sponsoring<br />
Organization/POC<br />
Email Address<br />
specifications transportservices.<strong>com</strong><br />
ian.woodro<strong>of</strong>e@thales<br />
transportservices.<strong>com</strong><br />
Back Office Message<br />
ASCOM sanford.weinberg@as<strong>com</strong>.<strong>com</strong> Sanford Weinberg<br />
Specifications<br />
As<strong>com</strong> Transport<br />
Systems, Inc.<br />
68 Veronica<br />
Avenue<br />
Unit<br />
10<br />
Somer set, NJ 08873<br />
Page 82
APPENDIX B COMPLETED CRITERIA FORMS<br />
VENDING EQUIPMENT INTERFACE ( VEI) VERSION<br />
1.2<br />
Criteria<br />
Transaction Data<br />
Message Type Data Element(s)<br />
Farecard Usage Transaction Condition Dialog _CAA048<br />
Add Value Transaction Data Condition Dialog _CAA010<br />
Financial Audit Data<br />
Card Management Data<br />
Variable Access Dialog Acct.*<br />
Initialization Condition Dialog _CAA031<br />
_CAA032<br />
_CAA033<br />
Issuing Condition Dialog _CAA025<br />
_CAA031<br />
_CAA032<br />
_CAA033<br />
Registration Condition Dialog _CAA043<br />
_CAA045<br />
_CAA046<br />
_CAA068<br />
Personalization<br />
Condition Dialog _CAA043<br />
_CAA045<br />
_CAA046<br />
_CAA068<br />
Negative List Variable Access Dialog Sysconf.bl[]<br />
Action List NA<br />
Transit Application Updates File Management Dialog Transfer Request<br />
Card Parameter Update File Management Dialog Transfer Request<br />
Key Load File Management Dialog Transfer Request<br />
Key Change<br />
System and Device Data<br />
Variable Access Dialog sysconf.sa.sversion<br />
Device Status Request Conditional Dialog RecConditionAttributes<br />
Device Command Program Execution Dialog RecParamterList<br />
Device Data File Management Dialog Transfer Block<br />
Event Data Conditional Dialog RecConditionAttributes<br />
Equipment Status Data Conditional Dialog RecConditionAttributes<br />
Peer<br />
to Peer Clearing and<br />
Settlement<br />
NA<br />
Not on-us transactions NA<br />
Clearing and Settlement reporting Log File Dialog Upload Log<br />
Page 83
ITSO<br />
Criteria<br />
Transaction Data<br />
Message Type Data Element(s)<br />
Farecard Usage Transaction Stored Value Usage(0100 and 0110), Journey Record (0209)<br />
Add Value Transaction Data Stored Value Load(0100 through 010A), First Use <strong>of</strong> Stored Value<br />
(0106) , Create or Amend Ticket IPE (0207,208), Create/Ammend<br />
IPE,<br />
Initialize/Amend Auto-Renew (0304)<br />
Financial Audit Data<br />
Card Management Data<br />
NA<br />
Initialization Create ITSO Shell<br />
Issuing Activate ITSO Shell<br />
Registration Create or Amend ITSO ID<br />
Personalization Create or Amend ITSO ID<br />
Negative List POST Configuration (Hotlist)<br />
Action List POST Configuration (Actionlist)<br />
Transit Application Updates Interoperability<br />
List Transaction<br />
Card Parameter Update Interoperability<br />
List Transaction<br />
Key Load Not Disclosed<br />
Key Change<br />
System and Device Data<br />
Not Disclosed<br />
Device Status Request POST Configuration (Capability List 1 and 2)<br />
Device Command POST Configuration (Capability List 1 and 2)<br />
Device Data Interoperability List Transaction<br />
Event Data POST Configuration (Capability List 1 and 2)<br />
Equipment Status Data POST Configuration (Capability List 1 and 2)<br />
Peer to Peer Clearing and<br />
Settlement<br />
NA<br />
Not on-us transactions NA<br />
Clearing and Settlement reporting<br />
Additional Messages<br />
NA<br />
Stored value transaction cancellation (0107, 0117)<br />
Full/Partial Refund for a purchased ticket (0108, 0118, 010D)<br />
Add/Delete Loyalty Scheme (020B, 0202)<br />
Loyalty add points and redemption (0203, 0204)<br />
Transaction cancellation (0300)<br />
Deposit Received or Refunded (0302, 0303)<br />
Exception (0400, 0405)<br />
Page 84
ISO/IEC 8583<br />
Criteria<br />
Transaction Data<br />
Message Type Data Element(s)<br />
Farecard Usage Transaction Financial Presentment Notification Message 240<br />
Add Value Transaction Data Financial Presentment Notification Message 240<br />
Financial Audit Data<br />
Card Management Data<br />
Network Management Messages 804/814<br />
Initialization File Action Instruction/Notification Message 362/340<br />
Issuing File Action Instruction/Notification Message 362/340<br />
Registration File Action Instruction/Notification Message 362/340<br />
Personalization File Action Instruction/Notification Message 362/340<br />
Negative List File Action Instruction/Notification Message 362/340<br />
Action List File Action Instruction/Notification Message 362/340<br />
Transit Application Updates File Action Instruction/Notification Message 362/340<br />
Card Parameter Update File Action Instruction/Notification Message 362/340<br />
Key Load Network Management Messages 824/834<br />
Key Change<br />
System and Device Data<br />
Network Management Messages 824/834<br />
Device Status Request File Action Instruction/Notification Message 362/340<br />
Device Command File Action Instruction/Notification Message 362/340<br />
Device Data File Action Instruction/Notification Message 362/340<br />
Event Data File Action Instruction/Notification Message 362/340<br />
Equipment Status Data File Action Instruction/Notification Message 362/340<br />
Not on-us transactions Reconciliation Advice Message 520/530<br />
Clearing and Settlement reporting Reconciliation<br />
Notification Message 540/550<br />
Page 85
CID EDGE INTERFACES<br />
Criteria Message Type Data Element(s)<br />
Transaction Data<br />
Farecard Usage Transaction PiccUse<br />
Add Value Transaction Data PiccPurseLoad, PiccPassLoad<br />
Financial Audit Data NA<br />
Card Management Data<br />
Initialization PiccInitialize<br />
Issuing PiccInitialize<br />
Registration NA<br />
Personalization NA<br />
Negative List PiccNegativeList<br />
Action List PiccAutoLoadUnloadList<br />
Transit Application Updates NA<br />
Card Parameter Update NA<br />
Key Load NA<br />
Key Change<br />
System and Device Data<br />
NA<br />
Device Status Request NA<br />
Device Command NA<br />
Device Data NA<br />
Event Data NA<br />
Equipment Status Data NA<br />
Peer to Peer Clearing and<br />
Settlement<br />
NA<br />
Not on-us transactions NA<br />
Clearing and Settlement reporting NA<br />
Page 86
TRANSLINK ®<br />
Criteria<br />
Transaction Data<br />
Message Type Data Element(s)<br />
Farecard Usage Transaction UD Type=1, Sub Type=1,2,3,4,5 or 6<br />
Add Value Transaction Data UD Type=2, Sub type=1,2,3,4,5,6,7<br />
or 8<br />
Financial Audit Data<br />
Card Management Data<br />
UD Type=5, Sub Type=1,2 or 3<br />
Initialization UD Type=3, Sub Type=13<br />
Issuing UD Type=3, Sub Type=13<br />
Registration UD Type=3, Sub Type=14 or 15<br />
Personalization UD Type=3, Sub Type= 14 or 15<br />
Negative List UD Type=3, Sub Type=4 - Hotlist CD Payload<br />
Action List UD Type=3, Sub Type=10<br />
Transit Application Updates Service Parameters CD Payload<br />
Card Parameter Update UD Type=3, Sub Type=1,2,3,11,12,16,17,18,19,20<br />
Key Load Device Specific CD Payload<br />
Key Change<br />
System and Device Data<br />
Device Specific CD Payload<br />
Device Status Request System Parameters CD Payload<br />
Device Command System Parameters CD Payload<br />
Device Data UD Type=6, Sub Type=1, 5 or 16<br />
Event Data UD Type=6, Sub Type=1, 5 or 16<br />
Equipment Status Data UD Type=6,<br />
Sub Type=1, 5 or 16<br />
Peer to Peer Clearing and<br />
Settlement<br />
NA<br />
Not on-us transactions NA<br />
Clearing and Settlement reporting Undisclosed<br />
Page 87
ERG APTA<br />
Criteria<br />
Transaction Data<br />
Message Type Data Element(s)<br />
Farecard Usage Transaction UD Type=3,<br />
Sub Type=8,31,32,33,34,35,36,37,38,39,40,41<br />
Add Value Transaction Data UD Type=3, Sub Type=1,2,3,9,10,11<br />
Financial Audit Data<br />
Card Management Data<br />
NA<br />
Initialization UD Type=1, Sub Type=1<br />
Issuing UD Type=1, Sub Type=2<br />
Registration UD Type=1, Sub Type=3<br />
Personalization<br />
UD Type=1, Sub Type=3<br />
Negative List UD Type=1, Sub Type=5,6<br />
Action List UD Type=1, Sub Type=12,13,14<br />
Transit Application Updates NA<br />
Card Parameter Update NA<br />
Key Load UD Type=1, Sub Type= 7<br />
Key Change<br />
System and Device Data<br />
UD Type=1, Sub Type=7<br />
Device Status Request NA<br />
Device Command NA<br />
Device Data NA<br />
Event Data NA<br />
Equipment Status Data NA<br />
Peer to Peer Clearing and<br />
Settlement<br />
NA<br />
Not on-us transactions NA<br />
Clearing and Settlement reporting NA<br />
Page 88
RIS PART 4<br />
Criteria<br />
Transaction Data<br />
Message Type Data Element(s)<br />
Farecard Usage Transaction A401, A402, A403, A405,<br />
A406, A407, A408, A409, A412, A414,<br />
A415,<br />
A416, A417, A418, A419<br />
Add Value Transaction Data T-Purse Load (A201), Regional<br />
Pass Load (A202)<br />
Load <strong>of</strong> Account<br />
Linked Product (A205)<br />
Financial Audit Data<br />
Card Management Data<br />
NA<br />
Initialization PICC Initialization<br />
(A101, A105)<br />
Issuing PICC Issuance<br />
(A102)<br />
Registration PICC Registration (A103)<br />
Personalization PICC Registration (A103)<br />
Negative List Negative<br />
List B110<br />
Action List Stored<br />
Value Autoload (A210), Block Product (A715)<br />
Unblock Product (A716), Setup/Cancel<br />
Product (A718, A719, A720,<br />
A721, A722)<br />
Transit Application Updates NA<br />
Card Parameter Update Directed PICC Data Change (A717)<br />
Key Load Load PICC<br />
Access Key-Set (B130, B131, B132)<br />
Key Change<br />
System and Device Data<br />
Control Key-Set B133<br />
Device Status Request NA<br />
Device Command NA<br />
Device Data NA<br />
Event Data NA<br />
Equipment Status Data NA<br />
Peer to Peer Clearing and<br />
Settlement<br />
NA<br />
Not on-us transactions RCH-to-RCH Messages<br />
Clearing and Settlement reporting End <strong>of</strong> Day<br />
Position (A501), (A502)<br />
Page 89
APPENDIX C DATA ELEMENTS<br />
VENDING EQUIPMENT INTERFACE (VEI) VERSION<br />
1.2<br />
Data Element(s)/Action Description<br />
Conditional Dialog<br />
_CAA010 Item value transacted (added / subtracted)<br />
_CAA025 Original issuing machine number<br />
_CAA031 Number <strong>of</strong> items sold<br />
_CAA032 Item type<br />
_CAA033 Serial number <strong>of</strong> item<br />
_CAA043 Issuing agency ID<br />
_CAA045 Rider category ID<br />
_CAA046 Rider category<br />
name<br />
_CAA048 Usage record<br />
_CAA068 User name<br />
Variable Dialog<br />
acct.* All variables dealing with sales counts<br />
sysconf.bl[] Blacklist structure<br />
sysconf.sa.sversion S<strong>of</strong>tware version <strong>of</strong> I-th sub-assembly<br />
Log File Dialog<br />
Upload Log To retrieve a range <strong>of</strong> records<br />
from the log file<br />
File Management Dialog<br />
Transfer Request Request permission to begin sending or receiving a file<br />
Transfer Block To send a file to the receiver<br />
Data Types<br />
RecParamterList Count <strong>of</strong> items<br />
in list (N)<br />
Parameter<br />
RecConditionAttributes Date and Time<br />
Condition ID<br />
Condition Status<br />
Condition Priority<br />
Condition Severity<br />
Condition Enabled<br />
Condition Incident<br />
Date and Time<br />
last became active<br />
Date and Time last became active<br />
Overall device<br />
status is dependent on this Condition status<br />
Overall device<br />
status<br />
Additional Attributes<br />
List<br />
Page 90
ITSO DATA ELEMENTS<br />
Message Type Data Element(s)<br />
Standard Fields<br />
Record Format Revision<br />
SAMID<br />
ITSOCardReferenceNumber<br />
CardFormatVersion<br />
KeyStrategyVersion<br />
KeyVersion<br />
TransactionDate<br />
TransactionTime<br />
TransactionInformation<br />
IPEID<br />
IPEIssuerID<br />
StaffID<br />
Create and/or Activate ITSO Shell<br />
DepositAmount<br />
DepositAmountCurrencyCode<br />
MethodOfPayment<br />
VATSalesTax<br />
Delete ITSO Shell<br />
DepositRefundAmount<br />
DepsoitAmountCurrencyCodre<br />
Create or Amend IPE<br />
Expiry Date<br />
Remove Data<br />
Create or Amend ITSO ID<br />
Amount<br />
AmountCurrencyCode<br />
HolderTitle<br />
HolderName<br />
HolderAddres<br />
HolderPostalCode<br />
HolderPhoneDay<br />
HolderPhoneHome<br />
HolderEmail<br />
Expiry Date<br />
PassbackTime<br />
CustomerPr<strong>of</strong>ile<br />
IDFlags<br />
DateOfBirth<br />
PersonID<br />
Language<br />
SecondaryHolderID<br />
PhotoID<br />
EntitlementExpiryDate<br />
DepositAmount<br />
DepositCurrencyCode<br />
MethodOfPayment<br />
VATSalesTax<br />
UserDefined<br />
Page 91
ITSO DATA ELEMENTS<br />
Message Type Data Element(s)<br />
Stored Value or CTA usage<br />
Value<br />
IPEAmount<br />
ValueCurrencyCode<br />
POSTAmount<br />
PosTAmountCurrencyCode<br />
ActionSequenceNumber<br />
PurseIssuer<br />
ValueATPAFlags<br />
Stored Value<br />
Load<br />
Value<br />
IPEAmount<br />
ValueCurrencyCode<br />
POSTAmount<br />
PosTAmountCurrencyCode<br />
ActionSequenceNumber<br />
PurseIssuer<br />
ValueATPAFlags<br />
Initialize Auto<br />
Top-Up<br />
PurseIssuer<br />
CurrencyCode<br />
AutoTopUpAmount<br />
AutoTopUpThreshold<br />
BankName<br />
BankACNumber<br />
BankCardExpiryDate<br />
BankCardStartDate<br />
BankCardIssueNumber<br />
Initialize or Ammend Auto Renew<br />
Auto-RenewAmount<br />
Auto-RenewThreshold<br />
AutoRenewValue<br />
BankName<br />
BankACNumber<br />
Expiry Date<br />
StartDate<br />
IssueNumber<br />
First Use Of Stored Value<br />
PurseIssuer<br />
AutoTopUpThreshold<br />
TopUpAmount<br />
MaxValue<br />
ValueCurrencyCode<br />
StartDate<br />
EndDate<br />
DepositAmount<br />
DepositCurrencyCode<br />
Stored Value Transaction Cancellation<br />
Value<br />
Page 92
ITSO DATA ELEMENTS<br />
Message Type Data Element(s)<br />
IPEAmount<br />
ValueCurrencyCode<br />
POSTAmount<br />
POSTAmountCurrencyCode<br />
ActionSequenceNumber<br />
PurseIssuer<br />
Refund for a Purchased Ticket<br />
IPEValue<br />
IPEAmount<br />
IPECurrencyCode<br />
POSTAmount<br />
PosTAmountCurrencyCode<br />
ActionSequenceNumber<br />
Transaction Cancellation<br />
AmountPaid<br />
NormalPrice<br />
CurrencyCode<br />
StoredUsesRefunded<br />
StoredUses<br />
TicketNumber<br />
AmountPaid<br />
Create or Ammend Ticket<br />
IPE<br />
ISAMID<br />
ISAM S#<br />
AmountPaid<br />
NormalPrice<br />
CurrencyCode<br />
IPEFormatRevision<br />
ActionSequenceNumber<br />
RemoveDate<br />
TransactionFlags<br />
RecordSubType<br />
PassbackTime<br />
CountRidesJourneys<br />
Mode<br />
MaxTransfers<br />
TimeLimit<br />
Expiry Date<br />
IssuerID<br />
PassFlags<br />
TicketType<br />
TypeNumber<br />
IssueDate<br />
IssueTime<br />
Class<br />
ExpiryTime<br />
ValidityStartDate<br />
PromotionCode<br />
ValidOnDayTypeCode<br />
Page 93
ITSO DATA ELEMENTS<br />
Message Type Data Element(s)<br />
PartySizeAdult<br />
PartySizeChild<br />
PartySizeConcession<br />
FarePaid<br />
FarePaidCurrencyCode<br />
FarePaidMethodOfPayment<br />
FarePaidVATSalesTax<br />
UserDefined<br />
ValidFrom<br />
ValidTo<br />
NumberOfPasses<br />
TYP6Flags<br />
Journey Record<br />
AmountPaid<br />
NormalPrice<br />
CurrencyCode<br />
RemainingUses<br />
EntryExitType<br />
EntryExit<br />
Deposit Received or Refunded<br />
DepositAmount<br />
DepositAmountCurrency<br />
Exception<br />
ExceptionType<br />
POSTType<br />
Result<br />
Capability List 1<br />
CapabilityListIdentifier<br />
CapabilityListAction<br />
Location<br />
Security<br />
UnHotProtectionNumberOfDays<br />
Communication<br />
MessageSecurity<br />
PrintingCapability<br />
CardholderDisplay<br />
MaxPurseValue<br />
IPEPrioritySelection<br />
Hotlist<br />
HotlistIdentifier<br />
HotlistAction<br />
HotType<br />
Action<br />
CardDisposition<br />
CRNStart<br />
CRNEnd<br />
StartISAMIDOfIPECreator<br />
EndISAMIDOfIPECreator<br />
StartISAMSequenceNumberIPECreator<br />
Page 94
ITSO DATA ELEMENTS<br />
Message Type Data Element(s)<br />
EndISAMSequenceNumberIPECreator<br />
IPETYP<br />
IPEPTYP<br />
IIN<br />
IssuerID<br />
CardIssuerID<br />
Action List<br />
ActionListIdentifier<br />
ActionToTake<br />
CRN<br />
CreditCardNumber<br />
IPETYP<br />
IPEPTYP<br />
IINL<br />
IPEIssuerOID<br />
TicketNumber<br />
ActionSequenceNumber<br />
VariableData<br />
ISO/IEC 8583 DATA ELEMENTS<br />
Message Type Data Element(s)<br />
Financial Presentment Notification<br />
Message 240<br />
Primary Account Number<br />
Processing Code<br />
Amount Transaction<br />
Amount Reconciliation<br />
Date and Time Transmission<br />
Conversion Rate Reconcilation<br />
Conversion Rate Cardholder Billing<br />
System Trace Audit Number<br />
Date and Time Local Transaction<br />
Date Effective<br />
Date Expiration<br />
Date Conversion<br />
Date Capture<br />
Transaction Life Cycle Identification Data<br />
Point <strong>of</strong> Service Data Code<br />
Card Sequence Number<br />
Function Code<br />
Message Reason Code<br />
Merchant Category Code<br />
Date Reconciliation<br />
Reconciliation Indicator<br />
Amounts Original<br />
Acquiring Institution Identification Code<br />
Forwarding Institution Identification Code<br />
Track 2 Data<br />
Track 3 Data<br />
Page 95
Approval Code<br />
Action Code<br />
Service Code<br />
Card Acceptor Terminal Identification<br />
Card Acceptor Identification Code<br />
Card Acceptor Name/Location<br />
Track 1 Data<br />
Amounts Fees<br />
Authorizing Agent Institution Identification Code<br />
Batch/File Transfer Message Control<br />
Receiving Institution Identification Code<br />
Network Management Message<br />
Date and Time Transmission<br />
System Trace Audit Number<br />
Date and Time Local Transaction<br />
Function Code<br />
Message Reason Code<br />
Date Reconciliation<br />
Reconciliation Indicator<br />
Forwarding Institution Identification Code<br />
Batch/File Transfer Control Data<br />
File Transfer Description Data<br />
Transaction Destination Institution Identification Code<br />
Transaction Originator Institution Identification Code<br />
Receiving Institution Identification Code<br />
File Action Instruction/Notification<br />
Message<br />
System Trace Audit Number<br />
Date and Time Local Transaction<br />
Function Code<br />
Message Reason Code<br />
Forwarding Institution Identification Code<br />
Action Code<br />
Batch/File Transfer Message Control<br />
Batch/File Transfer Control Data<br />
File Transfer Description Data<br />
Data Record<br />
Transaction Destination Institution Identification Code<br />
Transaction Originator Institution Identification Code<br />
Receiving Institution Identification Code<br />
File Name<br />
Reconciliation Advice Message 520/530<br />
Primary Account Number<br />
Date and Time Transmission<br />
System Trace Audit Number<br />
Date and Time Local Transaction<br />
Transaction Life Cycle Identification Data<br />
Function Code<br />
Date Reconciliation<br />
Reconciliation Indicator<br />
Acquiring Institution Identification Code<br />
Forwarding Institution Identification Code<br />
Reconciliation Data Primary<br />
Page 96
Amount Net Reconciliation<br />
Receiving Institution Identification Code<br />
Reconciliation Fee Amounts Credit<br />
Reconciliation Fee Amounts Debit<br />
CID EDGE INTERFACES DATA ELEMENTS<br />
Message Type Data Element(s)<br />
PiccInitialize<br />
header [..]<br />
location-details [..]<br />
cid-details [..]<br />
device-details [..]<br />
employee-details[..]<br />
picc-replaced<br />
picc-details [..]<br />
ris-picc-pr<strong>of</strong>iles [..]<br />
ris-picc-product-index […]<br />
ris-picc-transaction-history [..]<br />
message-authenticate [..]<br />
PiccUse Message<br />
header [..]<br />
location-details [..]<br />
cid details [..]<br />
dev-details [..]<br />
employee-details[..]<br />
picc-details [..]<br />
ris-picc-pr<strong>of</strong>iles [..]<br />
ris-picc-product-index [..]<br />
ris-picc-transaction-history [..]<br />
ris-pass-product [..]<br />
ris-sv-purse-list[..]<br />
message-authenticate [..]<br />
PiccPurseLoad Message<br />
header [..]<br />
location-details [..]<br />
cid details [..]<br />
device-details [..]<br />
employee-details[..]<br />
picc-trade-in list[..]<br />
picc-details [..]<br />
ris-picc-pr<strong>of</strong>iles [..]<br />
ris-picc-product-index [..]<br />
ris-picc-transaction-history [..]<br />
ris-sv-purse [..]<br />
message-authenticate [..]<br />
PiccPassLoad Message<br />
header [..]<br />
location-details [..]<br />
cid details [..]<br />
dev-details [..]<br />
employee-details[..]<br />
Page 97
picc-trade-in-list[..]<br />
picc-details [..]<br />
ris-picc-pr<strong>of</strong>iles [..]<br />
ris-picc-product-index [..]<br />
ris-picc-transaction-history [..]<br />
ris-pass-product [..]<br />
ris-pass-product [..]<br />
ris-sv-purse-list[..]<br />
message-authenticate [..]<br />
PiccNegativeList Message<br />
id<br />
picc-issuer<br />
start-date<br />
expire-date<br />
hotlist-groups[..]<br />
first-picc-id<br />
last- picc-id<br />
list-action<br />
entries[…]<br />
message-authenticate [..]<br />
PiccAutolodUnloadList Message<br />
id<br />
picc-Issuer<br />
start-date<br />
expire-date<br />
autoload-list [..]<br />
picc-id<br />
picc-event-id<br />
load-unload-action<br />
agency-id<br />
picc-class<br />
prod-type<br />
loc-value-encoding<br />
loc-value<br />
prod-expiry-date<br />
autoload-threshold<br />
autoload-recurrence<br />
message-authenticate [..]<br />
Page 98
TRANSLINK<br />
Message Type Data Element(s)<br />
UD Record - Fare Transaction<br />
Card S/N<br />
Card Transaction Sequence Number<br />
Contrcat ID<br />
Contrcat S/N<br />
Transaction Qualifier<br />
Fare Category<br />
Fare Payment Method<br />
Transaction Amount<br />
Last Operator<br />
Transaction Location<br />
Destination Location<br />
Purse Balance<br />
Card Synchronization Number<br />
Contract Sequence Number<br />
Contract Synchronization Number<br />
Last Add Value Summary<br />
UD Authentication Code<br />
UD Record - Add Value Transaction<br />
Card Serial #<br />
Transaction Sequence #<br />
Contract ID<br />
Contract S/N<br />
Transaction Qualifier<br />
Card Syn. Number<br />
Value Added<br />
Transaction Amount<br />
Current Stored Value<br />
Device ID<br />
EFT System Trace Audit #<br />
EFT Response<br />
EFT Authorization ID<br />
Last Add Value Summary<br />
Block/unblock event data elements<br />
card SN<br />
Transaction Sequence #<br />
Card Syn. Number<br />
Card Status (ud type=3 sub-type 3 or 4 only)<br />
hotlist serial number<br />
Contract ID<br />
Contract S/N<br />
ontract Sequence number<br />
Contract SYNC number<br />
Contract Flags<br />
Contract status<br />
Contract expiry date<br />
Transaction qualifier<br />
Failed transaction event data elements<br />
card s/n<br />
Page 99
card status<br />
failure reason<br />
Business rule exception event<br />
card SN<br />
Contract ID<br />
Contract S/N (sub-type 9 only)<br />
failure reason<br />
Purse Balance (sub-type 7 only)<br />
fare category<br />
failure reason<br />
Autoload enable/disable<br />
card s/n<br />
Contract ID<br />
Contract Flags<br />
enabled autoload flags<br />
disabled autoload flags<br />
Card issue event<br />
card s/n<br />
card type<br />
Card Syn. Number<br />
card contracts limit<br />
issuer ID<br />
card expiry date<br />
fare category<br />
transaction amount<br />
deposit value<br />
Card registration event<br />
card s/n<br />
date <strong>of</strong> birth<br />
name<br />
address<br />
telephone number 1<br />
telephone number 2<br />
e-mail address<br />
Balance protection event<br />
card s/n<br />
amount <strong>of</strong> transaction<br />
card retention event<br />
card s/n<br />
receipt number<br />
retention reason<br />
CID Audit register snapshot data elements<br />
batch sequence number<br />
ud sequence number<br />
fares debit counter<br />
fares purse debit accumulator<br />
fares credit counter<br />
fares purse credit accumulator<br />
autoload purse counter<br />
autoload purse accumulator<br />
remote load purse counter<br />
remote load purse accumulator<br />
Page 100
Autoload non-purse counter<br />
remote load non-purse counter<br />
Distribution device Audit Register snapshot data elements<br />
batch sequence<br />
number<br />
ud sequence number<br />
Purse add value counter, cash payments<br />
Purse add value Value, cash payments<br />
Purse add value counter, EFT payments<br />
Purse add value<br />
Value, EFT payments<br />
Non-purse add value counter (own products cash payments)<br />
Non-purse add value value<br />
(own products cash payments)<br />
Non-purse add value counter (other products cash payments)<br />
Non-purse add value value (other products cash payments)<br />
Non-purse add value<br />
counter (own products EFT payments)<br />
Non-purse add value value (own products EFT payments)<br />
Non-purse add value counter (other products EFT payments)<br />
Non-purse add value value (other products EFT payments)<br />
Card issued<br />
counter, cash payments<br />
Card issued value, cash payments<br />
Card issued counter, EFT payments<br />
Card issued Value, cash payments<br />
Card issued<br />
counter, other means<br />
Card issued value, other means<br />
Balance protection<br />
counter, cash payments<br />
Balance protection value,<br />
cash payments<br />
Balance protection counter, EFT payments<br />
Balance protection value, EFT payments<br />
Other fare media counter, cash payments<br />
Other fare media<br />
value, cash payments<br />
Other fare media counter, EFT payments<br />
Other fare media value, EFT payments<br />
Page 101
ERG APTA<br />
Message Type Data Element(s)<br />
UD Record - Fare Transaction<br />
Card S/N<br />
Card Transaction Sequence Number<br />
Contrcat ID<br />
Contrcat S/N<br />
Transaction Qualifier<br />
Fare Category<br />
Fare Payment Method<br />
Transaction Amount<br />
Last Operator<br />
Transaction Location<br />
Destination Location<br />
Purse Balance<br />
Card Synchronization Number<br />
Contract Sequence Number<br />
Contract Synchronization Number<br />
Last Add Value Summary<br />
UD Authentication Code<br />
UD Record - Add Value Transaction<br />
Card Serial #<br />
Transaction Sequence #<br />
Contract ID<br />
Contract S/N<br />
Transaction Qualifier<br />
Card Syn. Number<br />
Value Added<br />
Transaction Amount<br />
Current Stored Value<br />
Device ID<br />
EFT System Trace Audit #<br />
EFT Response<br />
EFT Authorization ID<br />
Last Add Value Summary<br />
Block/unblock event data elements<br />
card SN<br />
Transaction Sequence #<br />
Card Syn. Number<br />
Card Status (ud type=3 sub-type 3 or 4 only)<br />
hotlist serial number<br />
Contract ID<br />
Contract S/N<br />
ontract Sequence number<br />
Contract SYNC number<br />
Contract Flags<br />
Contract status<br />
Contract expiry date<br />
Transaction qualifier<br />
Failed transaction event data elements<br />
card s/n<br />
Page 102
card status<br />
failure reason<br />
Business rule exception event<br />
card SN<br />
Contract ID<br />
Contract S/N (sub-type 9 only)<br />
failure reason<br />
Purse Balance (sub-type 7 only)<br />
fare category<br />
failure reason<br />
Autoload enable/disable<br />
card s/n<br />
Contract ID<br />
Contract Flags<br />
enabled autoload flags<br />
disabled autoload flags<br />
Card issue event<br />
card s/n<br />
card type<br />
Card Syn. Number<br />
card contracts limit<br />
issuer ID<br />
card expiry date<br />
fare category<br />
transaction amount<br />
deposit value<br />
Card registration event<br />
card s/n<br />
date <strong>of</strong> birth<br />
name<br />
address<br />
telephone number 1<br />
telephone number 2<br />
e-mail address<br />
Balance protection event<br />
card s/n<br />
amount <strong>of</strong> transaction<br />
card retention event<br />
card s/n<br />
receipt number<br />
retention reason<br />
CID Audit register snapshot data elements<br />
batch sequence number<br />
ud sequence number<br />
fares debit counter<br />
fares purse debit accumulator<br />
fares credit counter<br />
fares purse credit accumulator<br />
autoload purse counter<br />
autoload purse accumulator<br />
remote load purse counter<br />
remote load purse accumulator<br />
Page 103
Autoload non-purse counter<br />
remote load non-purse counter<br />
Distribution device Audit Register snapshot data elements<br />
batch sequence number<br />
ud sequence<br />
number<br />
Purse add value counter, cash payments<br />
Purse add value Value, cash payments<br />
Purse add value counter, EFT payments<br />
Purse add value Value, EFT payments<br />
Non-purse add value counter (own products cash payments)<br />
Non-purse add value value (own products cash payments)<br />
Non-purse add value counter (other products cash payment s)<br />
Non-purse add value value (other products cash payments)<br />
Non-purse add value counter (own products EFT payments)<br />
Non-purse add value value (own products EFT payments)<br />
Non-purse add value counter (other products EFT payment s)<br />
Non-purse add value value (other products EFT payments)<br />
Card issued counter, cash payments<br />
Card issued value, cash payments<br />
Card issued counter, EFT payments<br />
Card issued Value, cash payments<br />
Card issued counter, other means<br />
Card issued value, other means<br />
Balance protection counter, cash payments<br />
Balance protection value, cash payments<br />
Balance protection counter, EFT payments<br />
Balance protection value, EFT payments<br />
Other fare media counter, cash payments<br />
Other fare media value, cash payments<br />
Other fare media counter, EFT payments<br />
Other fare media value, EFT payments<br />
Page 104
RIS PART 4: FOR A LIST OF DATA OBJECTS AND ELEMENTS SEE THE RIS<br />
STANDARD DOCUMENTATION<br />
Page 105
Appendix D RIS PART 4 RCH-To-RCH Messages<br />
Message Required Optional<br />
A201 – Regional T-Purse Loaded X<br />
A209 - Out <strong>of</strong> Region T-Purse Loaded X<br />
A250 – Regional T-Purse Unloaded X<br />
A401 – Use <strong>of</strong> Regional T-purse X<br />
A410 – Attempted use <strong>of</strong> a Negative listed PICC X<br />
A412 - Use <strong>of</strong> Account Linked Product X<br />
A413 – Rejected Transaction X<br />
A414 – Use <strong>of</strong> Regional T-purse on an Out <strong>of</strong> Region PICC. X<br />
A501 – End <strong>of</strong> Day Position X<br />
A502 – End <strong>of</strong> Day Transaction Receipt X<br />
B110 – Negative List Header X<br />
B111 - Negative List Directive X<br />
B112 – Negative List Authentication X<br />
B120 – Fare Policy Framework – Header X<br />
B121 – Fare Policy Framework – Regional Pr<strong>of</strong>ile Codes X<br />
B122 – Fare Policy Framework – Regional Product IDs X<br />
B123 – Fare Policy Framework – Regional Agency IDs X<br />
B124 – Fare Policy Framework – Authentication Entry X<br />
Page 106