Calypso is a set of specifications describing a fast and secure off-line contactless transaction, between a portable object and a terminal. It has been created at the end of the 1990s by some european public transport operators or authority (RATP and SNCF in Paris and all France, STIB in Brussels, OTLIS in Lisbon, ACTV in Venice, Konstanz in Germany), in order to create an open , interoperable and secure standard independent from industrials to ensure a real competition.
Today Calypso represent 20% of the world market of contactless smart ticketing in 25 countries and 125 cities. It brings to his user a guarantee of security and interoperability which relies on a total compliance with existing standards (ISO 14443, ISO 7816-4, Global Platform). The Calypso standard is managed by the Calypso Networks Association (CNA) , which is led by transports operators and public authorities in order to ensure openness and independence from industrials in confront of other proprietary schemes.
The openness for a contactless ticketing standard can be evaluated for the two mains components of ticketing systems, with the complementary concern about guarantee of security:
- Cards and portable objects (mobile phones, Java objects, wearables, …)
- Terminals (validators, vending equipment, …)
We can affirm that a real openness is achieved for cards and portable objects with the Calypso standard with a large choice of products and providers (card manufacturer, OS makers and chip providers) and a real competition between them.
However, for ticketing equipment the situation is more contrasted. In fact, if the Calypso specifications are open, the terminal applications operating ticketing data (contracts, pricing, user profile) which have to be implemented on top of a smartcard management layer are proprietary of a few ticketing integrator/manufacturer, and the networks who used this solutions may only manage evolutions in a “purchase by agreement” manner, with a direct impact on the price.
Furthermore, other mobility actors (Car sharing, bike sharing…) that would like to be integrated in the mobility ecosystem led by public transport operator would like to benefit of the highly secured Calypso transaction “as a service”, and consequently be ready for global integration without being ”killed” by complexity and security issues that would oblige them to make too big investments.
In fact, from the very beginning, the scope of Calypso Networks Association is to promote the open standard Calypso which has been originally designed for Interoperability in transportation. Nowadays, we are more talking about Mobility, including very different and new modes, and “traditional transport operators are facing commercial and technical issues about providing a door to door seamless travel to their customer. Consequently, Calypso Networks Association, leaded by Public Transport operators, decided to develop and publish an Open Source SDK that could fit with any type of terminal and contactless reader architecture in order to facilitate and spread the adoption of the calypso standard. Thus new mobility actors, transport operators, Local authority will be able to focus on the travelers expectations, commercial agreements and new mobility programs development without losing time on technical issues or allowing smooth evolution of their systems.
Eclipse Keyple provides generic librairies for simplifying the development of contactless applications based on the Calypso standard, and for facilitating integration with the secure elements typically involved in a secure contactless solution. Those librairies will also be compliant with the other existing standards af the market.
The operating systems and cryptographic calculations processed in both portable objects and Secure Access Modules are out of scope of Keyple as the ticketing data model and fare calculations applications that will use the functions of Keyple to access Calypso portable objects.
The goal of Eclipse Keyple is to allow developers to easily implement fast and secure off-line contactless transactions (using NFC cards, mobile phones, …) based on the Calypso standard.
More specifically, Keyple is a set of open source libraries that will initially be available in Java and C++, designed on the same mutual Object-Oriented Model compatible with any terminal architecture: mobile, embedded or server and Interoperable with any smart card reader solution: standard or proprietary, local or remote.
It manages the advanced security features of Calypso but is also able to manage non-Calypso smartcard solutions, for ticketing or payment.
Keyple defines two layers:
- Ticketing applications relies on a high-level Calypso processing API to manage Calypso commands & security features. For a session with a Portable Object: SAM commands can be automatically generated and sent to the SAM reader or HSM.
- Secure Element (SE) readers are integrated through plugins implementing the SE Proxy API which manages the communications with a contactless secure element through ant type of contactless reader (local, remote, standard, proprietary…)
Keyple propose a Local and Remote Secure Element optimization:
Cards or SAM’s commands are grouped to limit network exchanges for mobile, embedded terminal or server solution.
Keyple can be used with Standard or Proprietary SE reader driver:
It will be packaged with plugins to manage standard Secure Element interfaces: Android NFC Reader, Android SmartCard interface, Windows/Linux PC/SC, Java SmartCard IO PC/SC interface.
Keyple can also be extended with plugins implementation to manage proprietary drivers that could be proposed by smartcard reader manufacturers.
Thanks to its modular architecture, Keyple can be used also to communicate with non Calypso contactless portable objects, using the SE Proxy API.
More informations can be found on our website : https://keyple.org/
Eclipse Keyple will open and spread contactless ticketing technology to everyone (today it is in the hand of few big players…)
It will enlarge the scope of the Eclipse IOT WorkGroup to the Contactless (NFC) technology, and it could enrich the Eclipse SENSINACT project as Public Transport is a key subject for smart city ecosystems.
All the code of the initial contribution is owned by Calypso Networks Association.
The Keyple Brand is also owned by Calypso Networks Association which will transfer its propriety to the Eclipse Fondation.
The main part of the code will be licensed only under EPL2. The BSD License will be added only for the build scripts.
The Java implementation will be formally released in July as part of the initial contribution.
The C++ part and the SE remote will be released later in Q3 2018.
We plan to offer before the end of the year a more complete Calypso processing module that will implement all additional and optional features of the last Calypso version.
We will also provide a C version of Keyple for very low memory terminals.