NFC versus 2D Barcodes for Mobile Ticketing in Public Transport
April 29, 2016 - Comparing NFC and 2D-barcode technologies for mobile ticketing
The pace of change in ticketing systems for public transport is higher today than perhaps at any previous moment in history. A major driver for this change is the increasing use of the customer’s mobile phone. Smartphones can be used to provide customers with accurate and timely information relating to their travel and to allow them to load travel products on their contactless travel cards. Perhaps most conveniently, smartphones can also be used as public transport tickets directly. This can be done in a variety of ways:
- The phone may emulate a contactless travel card via its NFC interface, which is inspected by existing contactless acceptance devices.
- The screen of the phone may display a ticket that can be visually inspected by an inspector.
- The screen of the phone may display a 2D-barcode, which is inspected by barcode readers.
Especially the first of these options has drawn a lot of attention over the last few years, primarily because NFC is the only one of these technologies that can be used to virtualize EMV payment cards. However, in public transport the odds are different: visual tickets and 2D barcodes are quite strong competitors of NFC. Although exact numbers are hard to come by, mobile tickets in public transport today are based on barcodes much more often than they are based on NFC.
Barcodes come in a number of different types, among which QR codes and Aztec codes are the most used. Often, the tickets are displayed by a dedicated app on the phone, which also allows the user to perform related actions, such as buying and activating tickets and getting useful information such as time tables and route planners.
In this post, we compare NFC and 2D-barcode technologies on a number of aspects that are important for mobile ticketing: availability, reading speed and security. Want more info? UL published a whitepaper on this topic a while ago; this is available from www.ul-ts.com.
Availability and Reading Speed
From the viewpoint of availability, the use of barcodes for mobile ticketing has some major advantages over NFC-based solutions. Barcodes have a 100% market reach in terms of smartphones supporting the technology, since all such phones have a graphical screen. Moreover, the app managing the barcodes is completely under the control of the PTO and can be distributed via the standard app stores. This means that barcode-based ticketing is readily available for all phones, regardless of operating system. On the other hand, the availability of NFC is plagued by several well-known issues, such as Apple not opening up the NFC interface on its phones, NFC support on Android being limited to about 35% of all phones today and moreover being fragmented between HCE technology and different SE form factors, dependencies on third parties for ticket issuance, the problems with emulating MIFARE Classic or native DESFire on NFC phones, and the lack of ISO 14443-compliance of many transit terminals.
Barcodes have some limitations as well. Apps should be carefully designed to avoid problems with barcode size and scaling. Moreover, the usability of barcode-based ticket may be a bit less compared to NFC, since the user has to open the app and perform some actions to make it show the barcode. On the contrary, using an NFC-based mobile travel card requires the user at most to switch on the screen, at least if the travel card is set to be selectable by default.
Another important area for ticketing in public transport is reading speed. In order to guarantee good passenger throughput during rush hour, ticket reading or scanning should take 500 ms at most. For both NFC-based and barcode-based systems, it has been shown that this challenge can be met if equipment quality and set-up is good and travelers are educated on how to present their mobile tickets.
One of the most-asked questions about the use of mobile tickets, especially barcodes, relates to security. Mobile phones are known to be vulnerable to all kinds of attacks. So mobile tickets stored on such devices may be vulnerable as well. In particular, transport operators need to guard against mobile ticket cloning (copying) and fake ticket creation. For NFC-based travel cards, these threats are mitigated primarily by the cryptographic measures. The keys necessary for that are stored either on a Secure Element in the phone or protected by whitebox cryptography in combination with a secure server.
On the other hand, barcode-based travel applications often do not hold cryptographic keys. Instead, ticket cloning is made more difficult by the following measures:
- Barcodes can contain ID information of the traveler that is entitled to use this ticket. Inspectors can use this to request a passenger to identify himself in case of doubt.
- The travel app on the phone can show the barcode together with a dynamic visual animation, for example changing colors or patterns. Inspectors can recognize the pattern using a reference application and reject tickets that are static screenshots or videos of a real ticket.
- If the phone is frequently on-line, a secure issuing server can send a new barcode to the travel application regularly. These barcodes all represent the same (activated) ticket, but contain an additional timestamp that is cryptographically signed by the server. Scanning devices can therefore verify the freshness of the ticket.
- If scanning devices are frequently on-line, they can check the identifier read from the barcode against a central database of scanned tickets. They can therefore determine if the ticket has been presented elsewhere in the system, which may point to a possible cloning of the ticket.
The most common countermeasure against fake tickets is to sign the ticket data. Data encoded into a barcode ticket can include a digital signature or authentication code provided by the server that issued the ticket to the phone. This proves the authenticity of the ticket data, and prevents the fraudulent creation of new tickets or the fraudulent modification of real tickets.
In general, the back office plays a very important role in managing risk in a barcode-based system. As a validation device cannot write to a barcode, all validation, refunding or cancelling actions for a barcode ticket should be sent to a back office. The back office can prevent or detect any fraudulent activity on those tickets. The back office can also distribute data on relevant actions to any validation devices that would need to be aware of the action. This may include blacklists, for example to prevent a customer from using a refunded ticket for travelling.
A comparison between barcodes or NFC technology for mobile ticketing in public transport is not a black-or-white story. Both technologies have their advantages and drawbacks. To a large extent, they complement each other. NFC is more suitable for PTOs already having an ISO 14443-compliant acceptance infrastructure. On the other hand, barcodes enjoy broad support by smartphones today, and can therefore cover a much broader customer segment than NFC does. Barcode-based systems are also easier to introduce for PTOs currently using paper-based tickets, due to the possibility of visual inspection. For PTOs whose long-term vision for ticketing in public transport is the use of (mobile) EMV cards, barcodes can be an ideal technology to bridge the gap between today and the moment that support for NFC in mobile phones has fully matured.
Barcode-based and NFC-based mobile ticketing technology can thus actually complement each other in the same public transport system. PTOs can use the relative strength of each, and customers can choose the technology most suited to them.