Introducing Contactless Bank Cards

Oct. 8, 2012
Transport for London (TfL) has been preparing for the launch of contactless bank card ticketing. The first phase of the project will begin with bus passengers, who will have the option of paying their single bus fares using a contactless debit or credit card on London’s buses later this year.

Transport for London (TfL) has been preparing for the launch of contactless bank card ticketing. The first phase of the project will begin with bus passengers, who will have the option of paying their single bus fares using a contactless debit or credit card on London’s buses later this year. This payment option will then be rolled out to the rest of the transport network, including the Tube, Docklands Light Railway (DLR), Tram and London Overground Network. Discussions are also well advanced with the train operating companies about accepting contactless debit and credit cards on National Rail services where Oyster is currently accepted.

The opportunity to use contactless debit and credit cards will offer much greater convenience for passengers who travel in London, since they’ll be able to use a card that they already have, instead of having to carry and top-up an Oyster card, and will not need to take any action before they travel. Passengers arriving from outside of London with their contactless bank card in their pocket will no longer need to learn about buying an Oyster card or topping-up their credit.

Contactless ticketing will also help to reduce the production and distribution costs connected with traditional paper-based and smartcard ticketing channels, and will also provide customers with a simple, secure and convenient way of purchasing tickets.

Challenges With Contactless Cards

To bring the relevant processing, communications and security technologies together successfully required knowledge of the abilities and constraints of the technology, and also the longer-term business ramifications of any decisions that are made during the early stages of planning. 

During the planning phase, it was clear that certain aspects of the existing Oyster network would be valuable to retain as part of the upgrade. For example, Pay As You Go (PAYG) travel with daily capping has proven to be a popular model that eliminates deliberate ticket purchase as a barrier to travel and thus drives up ridership.

By comparison, the way in which the existing Oyster scheme stores data on the card has historically made it difficult to accurately offer customer information online. Likewise, a "stored-value" card like Oyster requires passengers to invest time in managing PAYG balances and season ticket expiration dates, which can be inconvenient for "non-commuters" who don’t travel every day. Both of these issues needed to be considered when deciding upon any new payment options.

The challenges related to the transaction speed that contactless debit and credit cards could accommodate also needed to be addressed, since even very small delays can quickly cause congestion. Oyster transactions, for example, can now be completed in 300 to 350 milliseconds. This processing time is very fast compared to swiping a paper ticket with a magnetic stripe on the back, which has a benchmark of 750ms. It was important to maintain this minimum speed requirement of 350ms for high volume use, yet most of today’s contactless debit and credit card technology typically transacts at around 500ms, largely because of the added security features that these cards have.

Secure Payments

Prototyping work was done to show how TfL’s card readers could be made to work with contactless payment cards both securely and effectively. The card readers across the TfL network were already planned to be upgraded to recognize cards based on ITSO, the transit smartcard standard backed by the Department for Transport. Consult Hyperion added to the design of the upgrade to also accept contactless payments via credit and debit cards so that the funds could be drawn from a bank account, rather than only being deducted from a card with a stored balance.

These new payment models have already been approved by all the major payment schemes and will make use of the payments industry's up-to-date security systems, as they need to meet not only the internal requirements set by transport operators, but also the security requirements of the global financial services industry.

A number of important controls were identified in order to guarantee the most appropriate security. For example, the international payment schemes use a standard called PCI-DSS to set out the requirements for merchants accepting credit and debit card transactions, and heavy merchant fines are associated with any breach of these requirements. As a result, the requirements of PCI-DSS have been driving much of the security design of the new contactless system.

In addition to PCI-DSS, working with the transport operators, Visa, MasterCard and American Express has ensured that the security controls of the new system are fit for purpose and proportionate, and further prototyping work ensured that the security controls wouldn’t have a negative impact on the performance of the system.

The new system will mark a shift in emphasis from the "front lines" to the back office. Ticketing logic will migrate away from the card and card readers and to the back office instead. When a payment card is touched in or out, transactions will simply be collected throughout the day and journey fares calculated in the back office at the end of each day. This will eventually deliver a massive simplification at the reader end, since complex fare tables will no longer need to be held nor used at the card readers.

Contactless Benefits

Once this upgrade is completed, the Oyster system will be able to recognize contactless debit and credit cards issued by Visa, MasterCard and American Express — as well as Oyster and ITSO cards — wherever Oyster is currently accepted on TfL and National Rail services.

Plans are also in place to enhance online customer accounts to make it even easier for passengers to see information about their travel history, their account and also query and make payments. Certain features of contactless payments will also be adapted to suit the public transport environment. For example, customers will never need to enter a PIN at the gate line or bus reader.

By utilizing this "contactless" environment, transport providers will be able to benefit from significant operational and cost savings, since cash-handling costs will be reduced, as well as smartcard issuance costs (due to more people using bank-issued payment cards). Not only is the cost of collecting, transporting and securing cash significant, the ability to minimize the use of cash will also reduce the risk of theft, particularly from buses.

Future Potential

Future developments of the system relate to the technology within contactless debit and credit cards. According to Consult Hyperion, contactless debit and credit card chips could soon have a Transit Data Area (TDA) added which will allow card readers to write transit data to the card so that a customer’s validity to travel can be checked more easily. Technological developments like these are continuing to drive progress in this area, thanks to the strategic collaboration between some of the world's leading mobile technology developers, smartcard manufacturers, service providers and standards bodies.