ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the...
-
Upload
allan-triggs -
Category
Documents
-
view
249 -
download
2
Transcript of ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the...
![Page 1: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/1.jpg)
ITSOAn Introduction
![Page 2: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/2.jpg)
•History of ITSO•ITSO the Specification•ITSO the Environment•ITSO the Organisation
ITSO
![Page 3: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/3.jpg)
Started in 1998 as a membership organisation, the Integrated Transport Smartcard Organisation
ITSO has set about creating a common specification at both the smart media and application level, to enable the use of interoperable smart cards and other media in transport.
History of ITSO
![Page 4: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/4.jpg)
ITSO is a:• non-profit sharing or distributing organisation • owned by its members including
– bus operators, – train companies, – suppliers to the industry, – regional and local authorities,
• supported by the UK Department for Transport.
Who is ITSO?
![Page 5: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/5.jpg)
ITSO is here to:– enable the use of smart cards and other smart media– allow operators to ‘mix and match’ smart cards and
other smart media, – use a range of point of sale and back office systems – hold Entitlement, Value and Tickets securely– encourage genuine interoperability.
But ITSO is potentially wider than just transport – it can enable Citizen Cards
ITSO – its aims
![Page 6: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/6.jpg)
ITSO’s objective is:• to facilitate the development of an
interoperable smart environment by developing, and then operating and managing a specification for an interoperable smart media environment.
.
What Does ITSO Do?
![Page 7: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/7.jpg)
The ITSO specification covers:– cards– points-of-sale/service– back office systems– data formats and transfer protocols,
as well as an end-to-end security architecture …
What Does ITSO Do?
![Page 8: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/8.jpg)
ITSO :• provides the environment/infrastructure
that enables the deployment of ITSO-compliant schemes, by its members.
• encourages the use of these specifications throughout the UK and internationally, both for transport and related applications.
What Does ITSO Do?
![Page 9: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/9.jpg)
The environment consists of;• The Specification• The Security or Trust Device• The Security Domain• The method for showing compliance • The ‘Business Rules’ and Registrar
The ITSO Environment
![Page 10: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/10.jpg)
The Security
Management
SecurityManagement
CertificationCertification SpecificationSpecification
The‘CLUB’
The‘CLUB’
ISAMISAM
![Page 11: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/11.jpg)
The ITSO Environment
![Page 12: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/12.jpg)
ITSO supports the following Standards:•Media: ISO/IEC 7816 and 14443•Architecture: ISO/DIS 24014-1 IFM•Data Elements: EN 1545 IOPTA
ITSO Standards
![Page 13: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/13.jpg)
The ITSO Specification has the following parts:•Part 0: General Introduction•Part 1: Terminology, References•Part 2: Customer Media (CM)•Part 3: Point of Service Terminals (POSTs)•Part 4: Host Operator or Processing Systems (HOPS)
and Asset Management (AMS)•Part 5: Data Record Definitions (IPEs) on Customer
Media•Part 6: Message Data•Part 7: Security Sub-system•Part 8: Security Management System•Part 9: Communications•Part 10: Customer Media Types
The ITSO Specification
![Page 14: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/14.jpg)
The ITSO relationship between media, shell, application and product instance:
ITSO Data Structures
Applicationlayer
Productlayer
Cardlayer
Card or other device
One or more applications
One or more products in each application
CM
Shell
IPE
Generic description ITSO equivalent
Applicationlayer
Productlayer
Cardlayer
Applicationlayer
Productlayer
Cardlayer
Card or other device
One or more applications
One or more products in each application
CM
Shell
IPE
Generic description ITSO equivalent
![Page 15: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/15.jpg)
ITSO Data Structures (2)
Directory
Shell Environment
EMV ????
Directory
ID STR Ticket ????
Card IssuerMCRN CM layer
Shell (application) layer
IPE layer
ITSO Shell
Credit/debit
Directory
Shell Environment
EMV ????
Directory
ID STR Ticket ????
Card IssuerMCRN CM layer
Shell (application) layer
IPE layer
ITSO Shell
Credit/debit
![Page 16: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/16.jpg)
ISAM Identity
Instance number
Key versionISAM Sequence
number
Implied from FVC, AID
Not present
For IPE and Value Record Data Groups
For Directory Data Group
For Shell Environment Data Group
For IPE and Value Record Data Groups = Dir Entry
For Shell Environment Data Group label not present
For all Datasets Data Element 1
ISAM Identity
Instance number
Key version
IPE sub typeIPE TypeOperator ID Flags Expiry Date
binary For Directory and IPE Data Groups
Implied from Shell Environment
For Directory Data Group Label not present
Not presentFor Shell Environment Data Group
Dataset
Instance IDentifier
Label
Seal
Data Structures Data Groups Data Elements
As defined in ITSO TS 1000 Parts 2 and 5
Data Element nData Element 2
ISAM Identity
Instance number
Key versionISAM Sequence
numberISAM Identity
Instance number
Key versionISAM Sequence
number
Implied from FVC, AID
Not present
For IPE and Value Record Data Groups
For Directory Data Group
For Shell Environment Data Group
For IPE and Value Record Data Groups = Dir Entry
For Shell Environment Data Group label not present
For all Datasets Data Element 1
ISAM Identity
Instance number
Key versionISAM Identity
Instance number
Key version
IPE sub typeIPE TypeOperator ID Flags Expiry DateIPE sub typeIPE TypeOperator ID Flags Expiry Date
binary For Directory and IPE Data Groups
Implied from Shell Environment
For Directory Data Group Label not present
Not presentFor Shell Environment Data Group
Dataset
Instance IDentifier
Label
Seal
Data Structures Data Groups Data Elements
As defined in ITSO TS 1000 Parts 2 and 5
Data Element nData Element 2
![Page 17: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/17.jpg)
ITSO supports the following Customer Media:•CMD1: Mifare® standard 1K•CMD2: Generic Micro-processor•CMD3: Mifare® standard 4K•CMD4: Mifare® ultra light•CMD5: Innovision Jewel – 0301/70•CMD6: TfL /Transys Oyster®•CMD7: Mifare® DESfire•CMD8: Calypso
The ITSO Customer Media
![Page 18: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/18.jpg)
ITSO has an ITSO Secure Application Module (ISAM), which resides in all ITSO-compliant point-of-sale equipment and back offices.
The ITSO SAM (ISAM)
ISAM
![Page 19: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/19.jpg)
The ITSO Secure Application Module:•Provides secure key distribution and storage for product management and usage
•Allows operators to issue/accept products from a multitude of providers and retailers.
•Certifies and validates card & transaction data using 1536 bit encryption.
•Provides 4MB of secure data storage.•Provides an environment where all data transactions reach the intended recipient without being 'lost' or tampered.
ISAM Functionality
![Page 20: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/20.jpg)
ITSO supports the following Product Types:•TYP0: Private Application•TYP2: Stored Value•TYP3,17: Loyalty•TYP4,5: Charge to Account•TYP14,16: Entitlement and ID•TYP22,23,24: Pre-defined Tickets•TYP25: Voucher•TYP26: Tolling•TYP27,28,29: Space-saving Tickets•TYP34: Transient Ticket
The ITSO Products
![Page 21: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/21.jpg)
Any ITSO compliant media (contactless smart card or other) can be used in any participating sales location to “load” ITSO products available from that sales location, for use in the product’s (product owner’s) acceptance network.
•Transparency for the user •Users can use their “media” anywhere in
the environment
The Principle of ITSO Interoperability
![Page 22: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/22.jpg)
• ITSO Products are still usable only where they are sold and accepted. (The Product “Owner” decides.)
• ITSO interoperability does not mean that all products must be sold everywhere.
• ITSO interoperability does not mean that all products must be accepted everywhere.
• ITSO Interoperability does mean that all products that are interoperable are accepted interoperably.
The Principles of ITSO Interoperability (2)
![Page 23: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/23.jpg)
• An ITSO License (and membership)• ITSO Customer Media (1 or more)• ITSO POSTs (including Personalisation)• ITSO Security - ISAMs for each device• Back Office (ITSO HOPS)• Access to an ITSO AMS (to manage
ISAMs)
…and ITSO provides the Security Management
The Requirements for an ITSO Scheme
![Page 24: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/24.jpg)
Who can benefit from ITSO?
![Page 25: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/25.jpg)
Public Transport Operators will benefit by:• reducing the need to handle cash,•lowering the potential for fraud, •participating in interoperable ticketing schemes,•using their user data to market more specifically•developing their own smart card tickets
And will no longer be tied to a particular supplier for smart ticketing. They will be able to “mix and match” elements- cards, software and equipment from different suppliers.
Who benefits from implementing ITSO?
![Page 26: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/26.jpg)
The ITSO ‘industry standard’ will make it easy for local government to introduce:
• Citizen cards for entitlement: libraries, leisure, mobility and social inclusion
• electronic purses (i.e. electronic ‘tokens’) to pay for fares, parking and other services,
• loyalty and reward schemes for regular users and to encourage green policies, or cap expenditure
Who else could benefit from ITSO?
![Page 27: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/27.jpg)
• A Board made up of member representatives• An independently chaired Security Committee• An Executive:
– General Manager– Operations Manager– Technical Manager– Registrar– Security Manager– Compliance Manager– Marketing Manager
The ITSO Organisation
![Page 28: ITSO An Introduction. History of ITSO ITSO the Specification ITSO the Environment ITSO the Organisation ITSO.](https://reader034.fdocuments.us/reader034/viewer/2022050808/551a1aa855034619378b5171/html5/thumbnails/28.jpg)
call us on +44 (0)121 233 2598
or visit www.itso.org.uk
For More Information