Transport for London to Discard Mifare Classic
London transit authority Transport for London is dumping its hack-prone Mifare Classic cards and will start to move its popular Oyster fare-collection program to high-end Mifare DESFire technology by early this year.
The authority and its fare-collection operator, TranSys, are the biggest names so far to move off of Mifare Classic, which fell victim to well-publicized hacks in 2008.
The authority will begin issuing the new cards soon, likely early this year, when it replaces more than 1 million discount cards for pensioners, called the Freedom Pass. Those cards will have to store both Oyster–which cardholders use to pay fares for buses, underground trains and other modes of transport in London–along with the UK’s standard transit fare-collection application, ITSO.
Transport for London also wants to put its Oyster application with more secure DESFire technology on NFC mobile phones, said Brian Dobson, technology and systems manager for Transport for London’s Future Ticketing Project, speaking at a recent conference. The large transit operator participated in a successful trial of NFC that launched two years ago with mobile operator O2 and credit card issuer Barclaycard.
The trial, along with the more than 20 million Oyster cards issued since the program launched in 2003, use Mifare Classic, the most popular technology for contactless fare collection worldwide. But hackers in 2008 demonstrated they could foil Classic’s aging encryption defenses and clone cards, setting off alarm bells among many transit and access-control operators. The operators had to rely even more on countermeasures on the back end of their systems to keep fraudsters at bay.
Transport for London remains one of the most enthusiastic backers of NFC. Shashi Verma, Transport for London’s head of ticketing, said earlier in 2009 he hopes to put Oyster on NFC phones sometime in 2010.
“If we hadn’t had the Mifare Classic security issue, I’m fairly certain we would see Oyster on (NFC) handsets now,” Dobson said at the NFC Academy conference in Milan earlier this month, adding: “We are really actively waiting for the SIMs and handsets to appear (that can support DESFire).”
Some DESFire Transit-Ticketing Cities
|Madrid, Spain||2006||2 million|
|Seattle, U.S.||2006||1.5 million|
|Melbourne, Aus.||2007||1 million|
|New Delhi, India||2006||500,000|
|Source: NXP Semiconductors. Card estimates as of 2008
While suppliers of SIM cards and embedded secure chips for NFC phones plan to support Mifare Classic for mobile-ticketing rollouts, they have yet to develop much for DESFire, except for a small trial held in the far northern Norwegian city of Tromsø in 2008.
DESFire is a microprocessor chip and protocol that uses triple DES encryption and can support multiple applications. It’s a more costly chip than either Mifare Classic or Mifare Plus. NXP is launching Mifare Plus as a natural replacement for Mifare Classic ticketing applications. It supports higher-end encryption than Mifare Classic and also packs a microprocessor on the chip. At least eight major cities use DESFire for transit ticketing with contactless cards, including Madrid, Spain; Seattle, U.S.; and Melbourne, Australia (see chart).
Dobson told the NFC Times that Oyster operator TranSys could upgrade its terminals to accept DESFire without replacing the readers.
Oyster is accepted at more than 20,000 readers onboard buses and trams and at metro and national rail gates. The transit operator, however, is planning to replace many of these readers over the next couple years as part of its normal replacement cycle. After that, it hopes to also directly accept open-loop credit, debit and prepaid bankcards for fare payment.
Some observers speculate Transport for London chose DESFire over Mifare Plus because it wants to issue multiapplication Oyster cards for use at the 2012 Olympics in London or that Mifare Plus would not be ready to use for the new pensioner cards. An NXP spokesman rejected the latter idea, saying Mifare Plus was ready for shipments.