Payment Device --> Light Vehicle OBE:
actuate secure payment

Definitions

actuate secure payment (Information Flow): Initiation of a payment action, ideally based on an encrypted token or biometric marker. Such a payment action could be a simple validation that the secure token allows the user access to the travel resource, or it could be the initiation of a payment transaction.

Payment Device (Source Physical Object): The 'Payment Device' enables the electronic transfer of funds from the user of a service (I.e. a traveler) to the provider of the service. Potential implementations include smart cards that support payment for products and services, including transportation services and general purpose devices like smart phones that support a broad array of services, including electronic payment. In addition to user account information, the payment device may also hold and update associated user information such as personal profiles, preferences, and trip histories.

Light Vehicle OBE (Destination Physical Object): The 'Light Vehicle OBE' includes traveler-oriented capabilities that apply to passenger cars, trucks, and motorcycles that are used for personal travel. The rules vary by jurisdiction, but generally light vehicles are restricted in their weight and the maximum number of passengers they can carry. In ARC-IT, the Light Vehicle OBE represents vehicles that are operated as personal vehicles that are not part of a vehicle fleet and are not used commercially; thus, the choice between the various vehicle subsystems should be based more on how the vehicle is used than how much the vehicle weighs. See also the 'Vehicle' subsystem that includes the general safety and information services that apply to all types of vehicles, including light vehicles.

Communication Solutions

No communications solutions identified.

Characteristics

Characteristic Value
Time Context Now
Spatial Context Adjacent
Acknowledgement True
Cardinality Unicast
Initiator Source
Authenticable True
Encrypt True


Interoperability Description
National This triple should be implemented consistently within the geopolitical region through which movement is essentially free (e.g., the United States, the European Union).

Security

Information Flow Security
  Confidentiality Integrity Availability
Rating Moderate Moderate High
Basis Contains an identifier linked to an individual or specific device, and thus PII by definition. Compromise of one secureID would likely impact only one user, but the nature of this flow requires that the same algorithm be used for every user; algorithm compromise would harm every user, which would have widespread impact. Payment related information needs to be correct or the user may be inconvenienced or defrauded. Contact/proximity payment mechanisms need to be very reliable or large numbers of users will be inconvenienced and the systems that use these interfaces (transit, parking etc.) will be hamstrung by interface failures.


Security Characteristics Value
Authenticable True
Encrypt True