Access to some transport systems is controlled using near-field communication (NFC) based devices used by passengers and reader devices that are mounted at entrances and/or exits. Some transport systems have automatic gates that open when a chip card is validated, some systems merely have a terminal that is tapped by the passenger device. In identity based systems, user identities are stored and associated with respective user accounts and electric tickets. The use of public transport is charged from the respective user account when use of the electric tickets at the gated or non-gated terminals is observed.
In identity based systems, the user identities are not as such used as tickets so as to mitigate the risk of identity theft by someone who might electrically eavesdrop communications between gated or non-gated terminals and passenger devices, or even use a malicious program for the purpose. Instead, electric tickets are produced such that the user identity is derivable from the electric ticket only by parties intended to do so. Furthermore, some passenger devices are provided with a secure environment for added security.
In some NFC identity based ticketing systems, the passenger device authenticates itself to the gated or non-gated terminal by communications over NFC interface, using standardized cryptographic techniques. Furthermore, in some systems, a constant communication between the passenger device and the transport authority server, either directly or through the terminal, is provided.