SMART TICKETING SOLUTION FOR TRANSPORATION

www.mkgroup.com.vn Contents

01 About MK Group

02 Global Landscape in Transportation

➢ Challenges in Transportation around

➢ Case Study around the World

03 MK Smart Ticketing Solution for Transportation

➢ Principle of Ticket System

➢ High-level Architecture

➢ System Components

➢ Ecosystem

➢ Delivery Roadmap

04 Why MK Group?

www.mkgroup.com.vn About MK GroupLoading…

www.mkgroup.com.vn Timeline

MK Smart recognized Established Smart Card Hi-tech Company Established MK Smart Established Research Research and Status by Ministry of - Card and Business and Development Development Center in Science and Technology Center in Ha Noi MK Smart earned form manufacturer Ho Chi Minh City certificate of JCB 2003 2005 2008 2013 2015

1999 2004 2007 2010 2014 2016

Established Inauguration of Established VinaPay MK Smart earned 3 MK Smart became the ● MK Smart achieved the 1st MK Technology, MK Smart Card - smart online certificates of S.A.S strategic partner of Dai license from Vietnamese the core Factory at Quang payment provider (GSMA), MasterCard Nippon Printing (DNP), Encryption Department for company of MK Minh IZ., Me and Visa manufacturing and trading Group Linh, Hanoi. civil encryption products ● MK Group became member of FIDO Alliance and OATH

www.mkgroup.com.vn Group of companies

1999 Providing Card Issuance solutions; Card applications and management solutions; and Security and Secure transaction solutions.

2003 Loading… Manufacturing Cards and Business forms; Providing EMV Perso/Issuance solutions.

2007 Providing modern services, technologies and applications on mobile phones and internet.

www.mkgroup.com.vn Facilities & Capabilities

Headquartered in Hanoi, Vietnam

700+ employees

2 factories located in Vietnam ● Quang Minh Industrial Zone, Hanoi ● Saigon Hi-tech Park, Ho Chi Minh City

2 Research & Development centers in Hanoi and Ho Chi Minh City, Vietnam

2 smart card bureau in Hanoi and Ho Chi Minh City, Vietnam

300+ millions cards capcity

2 Chip Operating Systems owned by MK Group ● MKjCOS ● MKCOS MK Smart Factory in Quang Minh IZ, Hanoi MK Smart covers 80 % of market share of banking cards in Vietnam

www.mkgroup.com.vn Certificates & Industry membership

• 1 out of 6 factories in the world fully certified by Visa, MasterCard, JCB, UPI and GSMA

• Top 2 factories in Southeast Asia for smart card manufacturing

• Top 19 factories in Asia achieved the highest security certificate for SIM card manufacturers of telecommunications and chip card.

www.mkgroup.com.vn International markets

www.mkgroup.com.vn Target markets

Finance - Banking Government Enterprises Transportation Telecommunication

Meet the growing needs Issue and Manage secure Pinpoint loyalty Implement smart Provide the latest SIM of convenience and credentials and secure customers and drive transport systems for toolkits with secure security for payment access control revenue smooth traffic flow element solutions

www.mkgroup.com.vn Core business

SIM card, EMV card, Payment card, combi card, secure ID card., PKI card, OTP tokens, PKI tokens , card readers EMV issuance solutions, smart card applications, Instant issuance solutions, 2FA OTP, PKI or Biometric authentication solutions, e-passport OTP solutions, PKI solutions, Biometrics solutions, E-wallet, Self-services kiosks solutions, HSM, SAM, secure printing; SecureACS; E-gate/Auto-gate solutions, SSL certificates

E-wallet solutions, self-services kiosks, prepaid solution; loyalty solution, AFC/e-ticketing solution ● Technical supports ● Value-added services

www.mkgroup.com.vn Global LandscapeLoading… in Transportation

www.mkgroup.com.vn Challenges and Trends Driving Change in Transportation

Safety Mobility Challenges Environment

Technology Socio- Policy Economic

• Increasing connectivity • Urbanization and • Safety and security • Increasing TCO congestion • Disparity between regions • Proprietary networks • Aging population • Sustainability • Global supply chains

www.mkgroup.com.vn Transportation: The Top Priority for Cities

Transportation: The Top Priority for Cities

Need for investment over the next 5-10 Infrastructure area most important in years by infrastructure area attracting economic investment

Survey of public & private sector stakeholders across world’s top 25 cities

www.mkgroup.com.vn Case Study: Taipei Easy Card

Taipei’s Easy Card • Inter-operate Taipei subway ticket system (EasyCard) with metro ticket system of Kaohsiung

• EasyCard can be used for buses in Taipei City, New Taipei City, Keelung City, Taichung City, Yilan County, Matsu and Tainan City

• Can be used in Taiwan High Speed Rail system

www.mkgroup.com.vn Case Study: Korea: T-Money system

Korea: T-Money system

• T-Money (formerly known as Bus Card) can be used in the entire metro system in Seoul, , Busan, Daegu, Daejeon, and Gwangju Metropolitan.

• Buses in Andong, Gyeongsan, Yeongju, Bonghwa, Sangju, Mungyeong and Pohang, Gyeongju, Yecheon, Jeju,…

• Light rail train for following lines: AREX, , , and Busan–Gimhae.

www.mkgroup.com.vn Case Study: Japan IC Card

Japan: Most of the privately owned rail transport companies have high turnover and profit. Interoperation amongst 10 major IC cards started on March 23, 2013, over 80 million cards of 142 operators are in use.

• ICOCA (JR West) Kansai Okayama and Hiroshima: 2 operators, 7,440,000 cards. • RTaPa (Surutto Kansai Association): 15 operators, 2,300,000 cards. • Hayakaten ( City Transportation): 1 operator, 440,000 cards. • Nimoca (Nishi-Nippon Railroad): 14 operators, 1,810,000 cards. • (JR Hokkaido): 1 operator, 450,000 cards. • (JR East, v.v.) – Tokyo, Sendai & Nilgata: 8 operators, 41,270,000 cards. • PASMO (Pasmo): 94 operators, 21,520,000 cards. • TOICA (JR Centre): 1 operator, 1,400,000 cards. • SUGOCA (JR Kyushu, etc.): 1 operator, 800,000 cards. • (Tranpass IC Association): 5 operator, 2,660,000 cards. www.mkgroup.com.vn

MK Smart Ticketing Solution in Transportation

www.mkgroup.com.vn MK Smart Ticketing System – Design Principles

(1) The smart card is initialized on the card system and distributed to the point of sales network;

(2) Passengers buy contactless smart card ticket at the fixed or mobile point of sales, card tickets are anonymous for regular ticket type or personalized for concession tickets.

(3) Passengers top-up the value to cards at POS network/ Vcash e-wallet/self-service kiosks;

(4) Passengers shall pay for bus tickets by tapping their cards at the bus validator that is installed on bus for bus fare payment. Paper tickets are available for passengers to pay in cash that is printed by the driver console on bus;

(5) Passenger inquiries at the point of sales, by calling to customer care center or self-service online and/or at customer enquiry machine;

(6) The on-board devices system on the bus shall record and transfer card transactions of a trip to the data center;

(7) The system shall consolidate the recorded data at the end of day in order to perform clearing and settlement for all transactions accomplished by bus operators for the day;

(8) Authority may inspect the activity on bus transportation in accordance with the regulation;

(9) The technical support and maintenance shall be provided at the bus terminal, drivers may also call to customer care center for any assistance.

www.mkgroup.com.vn Stakeholders in Smart Ticketing System Card Holder

Can be anonymous or non-anonymous. Bus Operator AFC Application Operator Provide public transportation services to the card holder and accepts payment using smart card tickets. Establish the infrastructure for the overall functionality of AFC system

Government Authority Merchant Acquirer/ Acquiring Banks Establish the specification for the public transit, select and certify entities, make necessary policies and Handle the payment transactions on behalf regulations as well as conduct inspection on the bus of the bus operators. public transportation.

Card Issuer Top-up Provide and distribute smart cards for bus tickets, responsible for all Agent value loaded onto the smart card and the management of the funds Provide load/top-up service for the card holders by using the top-up

pool, as well as making necessary system changes, developing mobile POS/Vcash e-wallet. Card holders also can do the topup marketing plans, and managing cardholder relationships. service via self-service kiosk.

www.mkgroup.com.vn High-level System Architecture

MK MK CMS1/Issuer 1 WEB-PORTAL Card Life- MK Card KMS Query Infor Cycle Mgt Webserivce Issuance Instant Personalised Key Creation & Store Cards Transaction Management Account Management Issuance Update Balance Internal Process

Integration Batchfile Transaction Collection Anonymous Settlement & Reconciliation Factory Key Derivation (ISO/API/Batch) Cards

Revenue & Payment Gateway Blaclist files Revenue & Trasaction Transaction Files Top-up Account File Distribution MK AFC System Top-up Account CMS2/ (Webservice) Operation Management MK Top-up Agent Operation Data Revenue & Transaction Files Issuer 2 Configuration (Fare Policies, Data processing) Payment Top-up Card Issue Gateway Top-up Account Front-end /Terminal Management (Webserivce)

Techncial Configuration Collect Transaction Fare Tariff Agent/Vcash/POS/Kiosk & Status Blacklist Management Online Top-up MK Solution The Smart Ticketing System compromises the key sub-systems

Techcnial Support (Repair, * AFC: Automatic Fare Collection External System Maintenance) * CMS: Card Management System

* KMS: Key Management System

www.mkgroup.com.vn MK System Components

www.mkgroup.com.vn Onboard Devices Driver Console Bus validator - Performing log in or log out of shift devices for driver. - Directly validate ticket cards of passengers - Helping driver for conducting payment process in case passengers - Communicate with driver console for data exchange paid for fare by bus ticket cards. - Selling tickets for passengers paid for fare by cash. - Exchanging data with the center.

3G SIM Card

- To be applied for Driver console / Ticket validator - Connecting such devices with the central system via cellular network. Cash box SAM Card Securely storing cryptographic keys and to compute - Supporting driver to collect and keep cash paid by cryptograms passengers for buying tickets on bus.

www.mkgroup.com.vn Smart Cards

Type A Type B Type F QR Code

• Acc. to ISO/IEC 14443A • Communication speed: 848 • Physical characteristics: ISO• Physical characteristics: • QR code is printed on the Kb/s 7810 ISO/IEC 7810 bus ticket card/one-time

• Data communication conforms • Contactless data • Communication speed: 848 paper card or can be to ISO/IEC 14443-3 UIDs communication: ISO 14443B kb/s. integrated on smartphone • Cryptography: Triple DES • Data communication applications for • Multi-layer authentication, re- and AES conforms to: ISO/IEC passengers to tap on bus writeable and reloadable • Data protection against 18092 validator as they board • Support MIFARE Crypto1 (2 x reader’s field withdrawal • Cryptography: AES/DES. the bus. 48 bit/sector) or AES (2 x 128 Secure IC Chip integrated • Compliance to bit/sector) Cryptography inside card in compliance ISO/IEC18004. to ISO/IEC 15408 www.mkgroup.com.vn Loading/Top-up Money Channels

Smart cards

Mobile Top-up POS Vcash e-wallet Self-service Kiosk • Topping up the top-up ticket values for passengers Loading the bus ticket card via Cash acceptance terminal who already have the bus ticket card. smartphone application with for loading money to the • Issuing bus ticket cards for new passengers tokenization enabled bus ticket card. • Support both online and offline top-up

www.mkgroup.com.vn AFC Management System Operation Data Configuration • Sets up, controls and maintains the databases required for the operation for the bus transportation MK AFC Management System • Operation data related to driver, vehicle, depot, route, station, card type/group and various configurable coding categories that are required by specific business operation. Operation Data Operation Configuration Management (Fare Policies, Terminal Management Data processing) Operation Management • Fare Policy Management: Allow flexible configuration on different types of tickets and various policies: o Ticket card types: Regular / adult ticket card / Concession ticket cards for Terminal Management students/pupils/senior citizens/ Free ticket card • Tracking the terminal information and records the terminal activities. This o Ticket rating policy: Single ticket for every trip, Zone-based ticket policy, Timing includes the terminal ID, merchant ID, terminal type, bus line and its ticket policy (different tariff on weekdays / weekends), Distance ticket policy, station IDs, ticket types, time slots, rebate table and fare matrix for each Monthly ticket pass card type. • Data Processing: enable automatically handling the data from and to the front-end • Communicating with front-end equipment (Bus validator) device in order devices including to send program files/operation parameters files and to get • Convert from front-end data raw file to card issuer company’s specific revenue transaction/event file; convert card issuer’s blacklist file to front-end specific blacklist file • File transfer including revenue file and blacklist file between the front end and back end system

www.mkgroup.com.vn Key Management System Key Management System MK KMS • KMS is a system that handles generation/distribution/management/discard of key through interface with HSM. Key generation is done by generating components by 3 key generators, and master key is stored at HSM. For issuing card and SAM, PerSAM is used. Key Creation & Store Key Generation All cards that are part of an AFC system undergo Requires two data security officers who enter two Multiple Keys the following KMS components: pieces of an eight-character secret, defined as the left o Card and SAM Initialization System seed and the SAM password using Smart card readers, Impact printer with PIN mailer security paper, Master o Key Generation System Security Access Module (MSAM), MSAM Activation o Key Injection System Card (MSAC) o Card Personalization System Key Injection System

Card and SAM Initialization Key derivation includes the following keys stored in SAM including Perso SAM, Purchase SAM, Load Cards delivered by the vendor have an initial SAM transport code. From a security control perspective, the card must be registered before going into the Card Personalization System inventory and becoming a part of the system A card personalization system comprises a PC devices. connected to a card personalization machine and an card reader that holds a Perso SAM Flow chart of Key Management System

www.mkgroup.com.vn Card Management System Card Personalization

• The CMS initial generates the data to the card issuance system for card personalization (using Perso SAM)

• Card Personalization includes the process to write card CAN, card type, personalized date, issue code, etc. into the card.

• Support both card personalization at factory for anonymous cards and instant issuance using desktop card printer. Card Life Cycle Management

A card goes through the following statuses in the card life cycle, but not limited to (i) Transaction Management Manufactured, (ii) Initialized, (iii) Personalized, (iv) Distributed, (v) Sold, (vi) Expired, (vii) Card Return, and other customized statues. • CMS is equipped with HSM for the cryptographic verification to confirm that the transactions collected from the AFC systems are Account Management genuine and not tampered.

• Each smart card is mapped with one account on the card management system to keep the • CMS looks into the transaction details and verifies the transaction with account balance updated on the event of recharging/top-up or deduction. The limit is the data stored in backend, e.g. terminal setting, bus line, fare, amount applicable for each type of card/account deducted, etc.

• Transaction history is logged for each account for any audit or customer inquiries via • Any mismatch of data, the CMS will mark the transactions to be customer service or web portal invalid, alert the operator and put on-hold for settlement.

www.mkgroup.com.vn Card Management System (cont.)

Integration

• The system integrate with other system including

• Card Issuance for exporting card personalized data

• Top-up system such as Mobile POS, Vcash, Kiosk for recharging the account balance

Revenue Settlement • Banking system to online recharging the account balance via Payment Gateway • The CMS records the transactions into the accounts of system participants, such as i.e. card issuers, settlement bank, acquiring • Integration is via batch file (FTP/S) or Web-service banks, etc. Depending on the role and responsibility, each Account Reconciliation participant has his own set of accounts.

• Amount of different parties for receivable, payable, service charge • Comparing the transaction amount and card balances to ensure the transaction amount is (i.e. transaction fee) paid and received and revenue could are equal to the change in card balances. calculated and shown in the Settlement Reports that must comply • Calculating the total transaction (debit and credit) amount within that period. Thus, the with the settlement file specification. backend is able to find out the discrepancy if any.

• The causes of discrepancy can be transaction lost, fraud and system error. After investigation, further settlement handling is needed for the discrepancy amount.

www.mkgroup.com.vn Card Issuance The cards to be personalized may be an anonymous card or a non-anonymous (co-branded) card.

Anonymous Card

• If it is an anonymous card, the personalization is made at the factory in which it is recommended that the UID (Unique Identification Number) is printed on the card surface during card embedding so that only a simple electrical personalization (same as the type used for initialization) is required. In this way the card personalization is faster and cheaper. Loading…• The flow chart of card factory is illustrated in the figure below

Personalized Card

• If the card to be personalized needs to have the card holder’s name and possibly the photograph to be printed, then a colored thermal-transfer printer is required. The cards after the personalization process should have zero value for better security control.

• Personalized Card can printed by desktop card printers or at the card factory

depending on the business requirements

www.mkgroup.com.vn MK Technical Design and Ecosystem

www.mkgroup.com.vn Typical Technical Design The proposed sites for the smart ticketing solution includes: • Operation & Management Central: provide the software, hardware, facilities and connection to the back-end system (Primary Data Center and Secondary DR Center) to manage the entire business operation from card issuance, customer management, bus operation, reporting and revenue settlement;

• Services Points include Fixed Point of Sales, Kiosks, Bus Terminal and Customer Enquiry shall be proposed to provide services to customers, technical support and maintenance for AFC devices, and customer enquiry for self-care services;

• Device on Bus: Ticket validator on bus and/or driver console communicate with the back-end system via 3G connection to upload the ticketing transactions and download the system data from the back-end.

• Mobile POS is deployed to reach passengers by enabling the card selling and top-up at anywhere and anytime via mobile POS.

• Inspectors are equipped with mobile POS to check the validity of the ticket holding by passengers

• External Users includes the authority, bus operators, partners may involve in the system.

www.mkgroup.com.vn Ecosystem with Smart Ticketing (Multi-payment)

Smart cards Card validator

• Communication standard: 14443A/B and 18092 (NFC) • Communication speed: 106/212/424/848 kbps, up to 424kbps for NFC P2P • At least 4 SAM sockets conforming to ISO 7816 and can be extended up to 16 sockets. Topup channels

Fine/Penalty fee Parking fee Public Service Toll fee Utility services Fees

www.mkgroup.com.vn Delivery Roadmap

Carry out final preparation for all solution Propose high-level and integration design specification components Propose revised project plan Deploy, configure and monitor all solution Produce all the programming, parameterizations base on components on the production environment functional specification and prepare documentations Project kick-off Testing

System Design & Build Implementation Planning & Analysis: Propose and finalize the project plan and timeline, Conduct tests during Provisional scope of work, project team structure, project approach Acceptance Test (PAT), User Analyze current environment and customer’s business Acceptance Test (UAT), Final requirement Acceptance Test (FAT)

www.mkgroup.com.vn Solution Benefits

For For Bus For Passengers Government Operators

• Speedy and convenient • To facilitate the management of • To reduce the operation cost • Low cost public transport • To increase the revenue • Encouraged to use public • Transparency and financial savings • Centralized control of ticket transport services • To reduce means of personal system transportation

www.mkgroup.com.vn Why MK Group?

Competitive pricing Responsive Support

Experienced in Smart card and authentication market Flexible

Reliable Partner Innovative

TRUSTED PARTNER FOR AUTHENTICATION AND SECURE TRANSACTION SOLUTIONS, CARD PERSONALIZATION SOLUTIONS AND SMART CARD PRODUCTS

www.mkgroup.com.vn VIETNAM Headquarters: F11th - F12th , TTC Tower, Duy Tan Str., Cau Giay Dist., Hanoi, Vietnam Tel: (84-24) 6266 2703 | (84-24) 6275 0240 Fax: (84-24) 6266 2705 | (84-24) 6275 0239

Sales office in Hochiminh City: F7th, Thien Son Building, 5 Nguyen Gia Thieu Str., Ward 6, District 3, Ho Chi Minh City, Vietnam Tel: (84-28) 3930 5023 Fax: (84-28) 3930 5065

USA MK America 2445 NE Division Street,, Suite 200 Bend, OR.97701

SINGAPORE MK SMART ASIA PACIFIC PTE LTD. 100 Tras Street, #16-01, The Amara Corporate Tower Singapore

FACTORIES Hanoi: Quang Minh IZ, Me Linh Tel: (84-24) 3813 4646 | Fax: (84-24) 3813 4648 Ho Chi Minh City: I3-3, N2 Street, Saigon Hi-Tech Park, District 9 Tel: (84-28) 3736 1446 | Fax: (84-28) 3736 1447

www.mkgroup.com.vn