Calypso for Terminals

Calypso for terminals supports security and interoperability

Calypso for terminals supports the security and interoperability of contactless ticketing systems.

Any terminal using Calypso for the secure exchange of data with a smart card (or any other portable object such as a smartphone or wearable NFC) must align to Calypso’s open standards to ensure they receive the full benefit of Calypso’s security, interoperability and the long term flexibility of using an open standard framework.

The Calypso software used for terminals is in compliance with all standards applicable to ticketing transactions (ISO/IEC 14443 and CEN/TS 16794 radio frequency standards, ISO/IEC 7816 1 to 4 card structure and file management, EN 1545 for data description in the transport field). 

The Calypso software layer supports the data exchange mechanisms between the terminal and the smart card, and ensures their security (including mutual authentication and data integrity) by linking the customer smart card to a tamper-proof secure component located in the terminal, known as the SAM. The SAM can also be remote on a server.

The terminal’s application software layer is interfaced with the Calypso layer and manages the ticketing transaction in real time by analysing the data received, processing it (e.g. checking the validity of a ticket) and modifying it. It then deduces the actions to be taken (e.g. giving an opening order to an entrance gate), and ensures the exchange of information with the central systems.

How to implement Calypso in a ticketing terminal?

  • To implement Calypso in a ticketing terminal, users may refer to the Calypso specifications in the Calypso technical document library. This information contains the interface specifications for the SAM, which can be accessed subject to the signing of a non-disclosure agreement (NDA), alongside guidance on the complete development of the different software layers.

    In order to facilitate development, CNA provides developers with three documents that define the requirements to ensure optimum operational performance, interoperability, modularity and conformance:

    • The Reader Layer Requirements which help to manage all types of cards and SAMs by a smartcard reader, at the lower level of the transaction
    • The Calypso Layer Requirements which help to specifically manage Calypso cards and SAMs in strict compliance with Calypso specifications
    • The Ticketing Layer Requirements, which outline requirements on the use of the Calypso high-level API and best practices to follow in a Calypso ticketing system

Interoperability and portability of ticketing terminal solutions

 

The TC Terminal working group, led by CNA, defines the Terminal requirements, interoperability requirements for the different software layers of a ticketing terminal: Reader layer, Calypso layer, and Ticketing layer. When a Calypso card is not supported by a ticket terminal, the most common reason is failure to comply with a terminal requirement.

The TC Terminal’s next objective will be to offer a terminal certification service to verify the support of the terminal requirements.

The first necessary step is to standardize the APIs for the reader and Calypso software layers. The adoption of these standardized interfaces will enable two major benefits to be achieved:

  • already the possibility of certifying terminal requirements.
  • But it will also enable the ‘Calypso layer’ software modules to be ported to any ‘reader layer’ implementation, and the ‘ticketing applications’ to work on any ‘Calypso layer’ implementation. Ticketing applications will be interoperable with different ticketing terminal solutions.

The Terminal APIs’ for the reader and Calypso layers are defined by CNA through UML class diagram models independently of the programming language. The interfaces and user guides are defined directly by CNA within the TC Terminal group. 

CNA also offers specific definitions in Java and C++ of these terminal APIs within the Eclipse Keypop open-source project.

The future terminal requirements certification tool will be able to support any terminal API implementation.

To facilitate the development of ticketing terminals that implement the terminal requirements, CNA has also produced an open-source framework for ticketing terminals: the Eclipse Keyple project.

Keyple implements Keypop’s APIs and offers software modules for the reader and Calypso layers, and much more.

Keyple can integrate any smart card reader solution through a plug-in interface. Any embedded or distributed terminal architecture can be supported by Keyple.