A few months ago, Equity Bank in partnership with
Google launched a payment smart card for the public transport industry known as
BebaPay. The aim of this card was to introduce as cashless mode of payment that
would be convenient for both commuters and conductors. The owners of the
vehicles would also benefit as they would be assured of money in the bank for
every transaction. Commuters can load the cards using mobile money transfer or
Equity agents and while on transit, the conductors would use a card reader or
smartphones with Near-Field Communication (NFC) to deduct the fare. The
commuter then receives a text message confirming the payment. This way,
passenger do not have to keep lose change every time they require to travel by
public means.
Another interesting launch in the transport
industry was the free Wifi Internet in matatus and long-distance travel buses.
Considering the many hours we are stuck in traffic in Kenya, this is a useful
feature in public transport. It may also bring along other applied
applications, such as advertising through digital media signage and so on. In
the railways sector, the Rift Valley Railways launched the Syokimau Train
Station, which would be the first to utilize smart cards. Nairobi Commuter
Railway (NCR) prepaid card allows a commuter to pay electronically for
both Rail to Bus and Bus to Rail services. The prepaid smart card provided by
KAPS solutions provider, will improve passenger flow and efficiency at the
train station. Given this trend, the face of public transport in Kenya is set
to change in the near future.
But how does
a smart card work and what are the requirements? A smart card, chip with engrafted
integrated circuits and are made up of plastic, generally polyvinyl chloride, or
polyethylene terephthalate. A good
example of a smart card is a SIM card on your mobile phone. A smart card holds
information and it can be programmed for several applications. Smart cards can
be designed to be inserted into a slot and read by a special reader or to be
read at a distance. For a smart card read at a distance, contactless smart
card, the chip communicates with the card reader through an induction technology
similar to that of Radio-frequency identification (RFID)
at data rates of 106 to 848 kbit/s.
Contactless
cards require only close proximity to an antenna to complete a transaction and
are often used when transactions must be processed quickly or hands-free, at
train stations and parking lots. Smart phones with Near field communication (NFC) feature and communicate
with smart cards at close proximity, that is, they can be used as card readers.
Once the cards readers have obtained the required information, the data is sent
to a transport management system for authentication, say if a PIN is required
and transaction completion, in this case fare deduction. Connectivity between
the card readers and the transport management system can be on 3G or other Wide
Area Network technologies.
Globally, mass transit agencies, such as railway companies, have been
using stored value prepaid cards for electronic ticketing since the 1970s.
Through the late 1990s, this market steadily began transitioning from magnetic
stripe technology to contactless smart cards. In London, SquidCard.com, offers a smart card-powered
bicycle renting program. The program will allow members to rent one of 6,000
bicycles at 400 locations. Members of the service are issued with a plastic
card, which is used to release the bicycles. The service costs £3 to register,
with access charges of £1, £5, and £45, depending on the frequency at which the
customer uses the service. In order to keep the bikes in circulation, members
will be charged additional fees after a half hour of use. In South Africa, the use smart cards in mass public transport were
essential during the world cup in 2010. The public transport system ferried
approximately 3 Million fans in and out of stadia on daily basis.
The benefits
of smart cards are directly related to the volume of information and
applications that are programmed for use on a card. A single
contact/contactless smart card can be programmed with multiple banking
credentials, medical entitlement, driver’s license/public transport
entitlement, loyalty programs and club memberships and more. Multi-factor and
proximity authentication can and has been embedded into smart cards to increase
the security of all services on the card. There are challenges facing the smart
cards though. The most important challenge is that the cards are susceptible to
a security breach. In particular, though uncommon, malware can override
communication between the user and the underlying application and modify the
transaction input. This calls for continual scanning of the systems to ensure
that any malware is detected. Security threats can also be non-invasive. For
instance, an attacker may develop equipment that can be disguised as a normal
smart card reader. Using the gathered information, the attacker can regenerate
a similar smart card and carry out transactions. The other risk of smart cards
is physical damage; most users would keep them in wallets or back pockets
leading to damage of the chips.