|
Work item:
|
X.abt-sec
|
|
Subject/title:
|
Security guidelines for accounting-based ticketing in intelligent transport systems
|
|
Status:
|
Under study
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2028-03 (Medium priority)
|
|
Liaison:
|
ISO/TC 204, ITU-T SG20 and CITS
|
|
Supporting members:
|
Korea (Republic of), ETRI, Hyundai
|
|
Summary:
|
Account-based ticketing (ABT) is a ticketless fare collection system for public transport where all travel rights, payment details, and journey information are managed through a digital account stored in a server in the infrastructure. Instead of purchasing a physical ticket, passengers tap or scan a token, such as a contactless IC card, smartphone, or other device, linked to their account when entering or exiting transit points. The system automatically calculates and charges the correct fare, enabling flexibility, best-fare policies, and integration with other mobility services.
Since ABT relies on communication between user devices and the central system, secure channels and authentication mechanisms are essential to prevent interception or unauthorized access. This ensures that only verified users and trusted devices can access accounts or initiate fare transactions.
To address these security considerations, this Recommendation provides a security threat analysis and specifies security requirements for ABT in intelligent transport systems. Furthermore, this Recommendation provides how to implement secure ABT systems to fulfill the security requirements.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2025-12-10 14:40:08
|
|
Last update:
2026-01-14 15:17:17
|
|
