GERMANY: The Open Standard for Public Transport (OSPT) Alliance announced the availability of the CIPURSE V2 Mobile Guidelines, a comprehensive set of requirements and use cases for developing and deploying CIPURSE-secured transit fare mobile apps for near field communication (NFC)-enabled smart phones, tablets and other smart devices.
Providing everything developers need to implement and use the CIPURSE V2 open security standard when embedded in an NFC mobile device, the new guidelines take the CIPURSE standard to the next level by enabling transit operators to enhance their systems to support mobile ticketing with these new form factors.
“Transit tickets are already one of the most frequently used contactless card applications in the world, and now as people are looking to their NFC phones to replace their physical payment cards, it is only natural that transit fare systems should go mobile, too,” said Laurent Cremer, executive director for the OSPT Alliance.
“With the release of these new mobile guidelines, the OSPT Alliance continues to fulfill the promise of the CIPURSE standard to provide a single, consistent set of specifications for all the security, personalization, administration and life-cycle management functions needed to create a broad range of interoperable transit applications, from low to high end and across all form factors.”
Just as with other mobile applications, the CIPURSE application is personalized and installed over the air (OTA) by a trusted service manager (TSM) into a mobile device’s secure element (SE). Transit operators are free to deploy their own branded mobile app – essentially the user interface component – for Android, iOS, Windows, BlackBerry or any other platform, which interacts with the CIPURSE application to conduct transit transactions.
The guidelines define what the transport organization needs to do, define the role of the TSM, provide details on handling lost or stolen phones, detail how to purchase tickets online for the mobile phone and how to purchase tickets directly using the phone, present battery-off and battery-low considerations and much more.
The guidelines clearly lay out the requirements for certification, and are completely form factor and operating system independent, providing implementation guidelines for hosting the CIPURSE application in embedded secure elements (eSE), as well as in SIM-UICC and microSD card-based secure elements.
Especially developed for the NFC mobile industry, the guidelines provide numerous use cases that detail the interactions between end users, transport organizations, secure element owners, TSMs and other ecosystem partners in the day-to-day environment to provide a clear understanding of how the CIPURSE standard should be implemented for mobile applications. The guidelines also detail what kinds of application programming interfaces (APIs) need to be developed and which other specifications are required, such as GlobalPlatform 2.2.1.