Reviews run for a minimum of one week. The outcome of the review is decided on this date. This is the last day to make comments or ask questions about this review.
Calypso is a set of specifications describing a fast and secure off-line contactless transaction, between a portable object and a terminal. It has been created at the end of the 1990s by some european public transport operators or authority (RATP and SNCF in Paris and all France, STIB in Brussels, OTLIS in Lisbon, ACTV in Venice, Konstanz in Germany), in order to create an open , interoperable and secure standard independent from industrials to ensure a real competition.
Today Calypso represent 20% of the world market of contactless smart ticketing in 25 countries and 125 cities. It brings to his user a guarantee of security and interoperability which relies on a total compliance with existing standards (ISO 14443, ISO 7816-4, Global Platform). The Calypso standard is managed by the Calypso Networks Association (CNA) , which is led by transports operators and public authorities in order to ensure openness and independence from industrials in confront of other proprietary schemes.
The openness for a contactless ticketing standard can be evaluated for the two mains components of ticketing systems, with the complementary concern about guarantee of security:
- Cards and portable objects (mobile phones, Java objects, wearables, …)
- Terminals (validators, vending equipment, …)
We can affirm that a real openness is achieved for cards and portable objects with the Calypso standard with a large choice of products and providers (card manufacturer, OS makers and chip providers) and a real competition between them.
However, for ticketing equipment the situation is more contrasted. In fact, if the Calypso specifications are open, the terminal applications operating ticketing data (contracts, pricing, user profile) which have to be implemented on top of a smartcard management layer are proprietary of a few ticketing integrator/manufacturer, and the networks who used this solutions may only manage evolutions in a “purchase by agreement” manner, with a direct impact on the price.
Furthermore, other mobility actors (Car sharing, bike sharing…) that would like to be integrated in the mobility ecosystem led by public transport operator would like to benefit of the highly secured Calypso transaction “as a service”, and consequently be ready for global integration without being ”killed” by complexity and security issues that would oblige them to make too big investments.
In fact, from the very beginning, the scope of Calypso Networks Association is to promote the open standard Calypso which has been originally designed for Interoperability in transportation. Nowadays, we are more talking about Mobility, including very different and new modes, and “traditional transport operators are facing commercial and technical issues about providing a door to door seamless travel to their customer. Consequently, Calypso Networks Association, leaded by Public Transport operators, decided to develop and publish an Open Source SDK that could fit with any type of terminal and contactless reader architecture in order to facilitate and spread the adoption of the calypso standard. Thus new mobility actors, transport operators, Local authority will be able to focus on the travelers expectations, commercial agreements and new mobility programs development without losing time on technical issues or allowing smooth evolution of their systems.
Eclipse Keyple provides generic librairies for simplifying the development of contactless applications based on the Calypso standard, and for facilitating integration with the secure elements typically involved in a secure contactless solution. Those librairies will also be compliant with the other existing standards af the market.
The operating systems and cryptographic calculations processed in both portable objects and Secure Access Modules are out of scope of Keyple as the ticketing data model and fare calculations applications that will use the functions of Keyple to access Calypso portable objects.
The goal of Eclipse Keyple is to allow developers to easily implement fast and secure off-line contactless transactions (using NFC cards, mobile phones, …) based on the Calypso standard.
More specifically, Keyple is a set of open source libraries that will initially be available in Java and C++, designed on the same mutual Object-Oriented Model compatible with any terminal architecture: mobile, embedded or server and Interoperable with any smart card reader solution: standard or proprietary, local or remote.
It manages the advanced security features of Calypso but is also able to manage non-Calypso smartcard solutions, for ticketing or payment.
Keyple defines two layers:
- Ticketing applications relies on a high-level Calypso processing API to manage Calypso commands & security features. For a session with a Portable Object: SAM commands can be automatically generated and sent to the SAM reader or HSM.
- Secure Element (SE) readers are integrated through plugins implementing the SE Proxy API which manages the communications with a contactless secure element through ant type of contactless reader (local, remote, standard, proprietary…)
Keyple propose a Local and Remote Secure Element optimization:
Cards or SAM’s commands are grouped to limit network exchanges for mobile, embedded terminal or server solution.
Keyple can be used with Standard or Proprietary SE reader driver:
It will be packaged with plugins to manage standard Secure Element interfaces: Android NFC Reader, Android SmartCard interface, Windows/Linux PC/SC, Java SmartCard IO PC/SC interface.
Keyple can also be extended with plugins implementation to manage proprietary drivers that could be proposed by smartcard reader manufacturers.
Thanks to its modular architecture, Keyple can be used also to communicate with non Calypso contactless portable objects, using the SE Proxy API.
More informations can be found on our website : https://keyple.org/
Eclipse Keyple will open and spread contactless ticketing technology to everyone (today it is in the hand of few big players…)
It will enlarge the scope of the Eclipse IOT WorkGroup to the Contactless (NFC) technology, and it could enrich the Eclipse SENSINACT project as Public Transport is a key subject for smart city ecosystems.
The different components of the Java implementation of the Keyple project
- the 'keyple-core' module: it’s the main library which allows to manage in a generic way any kind of smartcard reader
- the 'keyple-calypso' module: it’s an extension library which provides the support de define commands and secure transaction specific to the Calypso ticketing solution
- the 'keyple-plugin-android-nfc' module: an extension dedicated to the android environment which allows to connect the NFC reader of an Android device to the Keyple SE API.
- the 'keyple-plugin-android-omapi' module: an extension dedicated to the android environment which allows to connect contacts smartcard readers of an Android device (SIM / embedded Secure Element) to the Keyple SE API.
- the 'keyple-plugin-pcsc' module: an extension dedicated to PC running a standard JRE with the SmardCardIO API, which allows to connect any PC/SC readers to the Keyple SE API.
- the 'keyple-plugin-stub' module: an extension used to define a fake configuration, to allow to connect to the Keyple SE API different emulations of specific smart cards.
- the 'keyple-example' module: some demo applications involving all the other components of the Keyple Java to illustrate the usage of the API.
All the components are based on the API of the Java Runtime Environment Standard Edition version 6: the OpenJDK is based on the ‘GNU General Public License’ in version 2.
The two Android components use in addition some API specific Android environment: the Android Open Source Project (AOSP) is based on the ‘Apache Software License’ in Version 2.0.
The OMAPI plugin imports also API of the SEEK for Android project (https://github.com/seek-for-android/ ) based on the ‘Apache Software License’ in Version 2.0.
Unit tests & logging involve
- the Junit API distributed under the Eclipse Public License v2.0 (https://junit.org & https://github.com/junit-team/junit5/ ),
- the SLF4J API (Simple Logging Facade for Java) distributed under the ‘MIT License’ (https://www.slf4j.org & https://github.com/qos-ch/slf4j ),
- the structolg4j API (Structured logging for Java) distributed under the ‘MIT License’ (https://github.com/jacek99/structlog4j ),
- the Mokito API distributed under the ‘MIT License’ (http://site.mockito.org/ & https://github.com/mockito/mockito.github.io ).
The project uses also the Apache Commons API based on the ‘Apache Software License’ in Version 2.0.
All the code of the initial contribution is owned by Calypso Networks Association.
The Keyple Brand is also owned by Calypso Networks Association which will transfer its propriety to the Eclipse Fondation.
The main part of the code will be licensed only under EPL2. The BSD License will be added only for the build scripts.
The Java implementation will be formally released in July as part of the initial contribution.
The C++ part and the SE remote will be released later in Q3 2018.
We plan to offer before the end of the year a more complete Calypso processing module that will implement all additional and optional features of the last Calypso version.
We will also provide a C version of Keyple for very low memory terminals.