OSPT Alliance adds two new members

CARTES & IDENTIFICATION 2010, PARIS, FRANCE: The Open Standard for Public Transport (OSPT) Alliance, a global initiative for open standard security in public transportation, announced the addition of the first two new members of this emerging organization.

Beijing-based Watchdata Technologies Ltd. and the Open Ticketing Institute of the Netherlands have joined the OSPT Alliance. Together with the four founding members, they will help advance a new open security standard and participate in the alliance ecosystem to establish new, interoperable transit fare collection solutions based on open standard security.

"As a world leader in innovative data security and smart card technology, Watchdata can lend its extensive expertise in the research and development of data security and authentication technologies, and secure chip operating systems to help the OSPT Alliance develop the next generation of flexible fare collection solutions," said Youjun Wang, CEO at Watchdata Technologies.

"We are pleased to join the Alliance, and look forward to working with the other members to offer transport system operators a wide range of application choices with lower operating costs and greater flexibility."

With more than 1.4 billion smart cards shipped to date, Watchdata Technologies Ltd. is a leading provider of data security and smart card technology. Founded in Beijing in 1994, its products include smart cards, USB tokens, readers, platforms, key systems and other security products that cover the telecom, transportation, finance, public and enterprise sectors.

"The Open Ticketing Institute fully supports the efforts of the OSPT Alliance to address the issues faced by public transit authorities as they set out to create their next-generation fare collection systems," said Roel Testroote, director, Open Ticketing Institute.

"We believe our experience developing technologies for the OV-chipkaart will be a valuable addition to the Alliance and its ecosystem, and are excited to be joining in its efforts to create an open security standard."

The Open Ticketing Institute is the outgrowth of an initiative by Trans Link Systems (TLS) and several partners to make available the knowledge and experience of the Dutch e-ticketing system in public transport (the OV-chipkaart) to other e-ticketing schemes and interested parties.

As a separate not-for-profit foundation with its own management and supervisory board, the institute works together with several other science institutes, e-ticketing schemes and suppliers on research and development activities and on the bi-annual meetings of e-ticketing scheme providers, primarily European, who exchange their experiences in project implementation, technology and security.

"We are pleased to have Watchdata Technologies and the Open Ticketing Institute join the OSPT Alliance in its efforts to meet public transit authorities' demand for security and simplification by creating an open framework for new, standards-based fare collection solutions," said Charles Walton, COO of INSIDE Secure and a member of the OSPT steering committee. "The industry-wide efforts needed to deliver tomorrow's secure transit systems are enhanced by their involvement in the OSPT Alliance."

The new open security standard, known as Cipurse(tm), is designed to address the need by local and regional transit authorities for future-proof fare collection systems with advanced security. The Cipurse standard defines an authentication scheme, a secure messaging protocol, four minimum mandatory file types and a minimum mandatory command set to access these files types.

It also specifies encryption keys and access conditions. Its advanced security mechanisms include a unique cryptographic protocol that encourages fast and efficient implementations with robust, inherent protection against differential power analysis (DPA) and differential fault analysis (DFA) without requiring dedicated hardware measures, eliminating the need for a massive overhead of software and hardware countermeasures against these attacks.

This unique advantage makes it possible to cost-efficiently guard against counterfeiting, cloning, eavesdropping, man-in-the-middle attacks and other security risks that threaten the integrity of transit fare collection systems.