About ITSO

Introduction | ISAM | Rules & Regulations | Members

Security Management | Certification | Back Office

Board Members | Committee Structure | User Groups

Introduction

This are quick guides to what ITSO does, how it's structured and how organisations and individuals can become involved. In particular, they look at what it means to be an ITSO member, how to become a supplier of ITSO compliant equipment, systems and services, and what's needed to operate key processes within an ITSO branded environment.

What is ITSO Introduction to ITSO Interoperability Explained

ISAM

The specially commissioned ITSO Secure Application Module (ISAM) resides in all ITSO compliant point of sales equipment and ticket franking terminals. It is similar in appearance to a SIM card and is fundamental to the operation of an ITSO environment.

The ISAM provides a number of key elements:

Operation of all levels of key management / usage thereby allowing different operators to have their products work with the ISAM and provide interoperability;
Certification and validation of card data and transaction data in turn ensuring correct information is relayed to service operators for subsequent settlement;
End to end loss less transactions;
4 Mega Bytes of secure data storage (primarily transaction data) providing ample scope for collecting transactions even in the busiest locations.

The ITSO SAM is designed and supplied by Ecebs

Scheme Rules / Regulations

ITSO is an organisation controlled by its Members. The ITSO Specification sets out the technical means by which interoperability of contactless smartcard systems can be facilitated. In addition to the Specification, each Member agrees to abide by a set of Regulations. The Regulations ensure that all parties behave consistently and fairly, both in interactions with each other and with users of ITSO smartcards.

The ITSO Regulations do not cover any commercial considerations of Members.

Members

ITSO is a non profit sharing organisation owned by its members.

These members cover the breadth of the Transport arena - Bus operators, The Train Companies (ATOC), suppliers to the industry and Local Authorities. Supported by the Department for Transport, ITSO now has links with major organisations working in local and national government as well as established smartcard schemes in the UK and overseas. The Board and committee structure of ITSO are representative of the membership through direct elections.

Security Management

ITSO provides a Security Management Service (ISMS) for the generation and distribution of security keys within an ITSO environment. These keys are the means by which Members equipment and systems can recognise and accept other Members products.

The ISMS allows ISAM's to be updated remotely with new products, amended products and other operational changes as required by the Member. As a result ITSO products can be field updated without service disruption and whilst still maintaining high levels of security.

Certification

All equipment (cards, point of sales, back office etc.) which claims to be ITSO compliant, will be certified by ITSO.

The certification process is one of mutual working with suppliers - ITSO will provide test tools and scripts for use in the development environment, prior to formal testing. However ITSO goes further than certification against the specification. ITSO will operate a test warehouse, which will contain all accredited kit against which new items will be tested to ensure that inter-operability is achieved. The certification and testing process is performed by Integri.

ITSO and the Back Office

ITSO is unique in transport smartcard schemes in that it covers all components - card, point of service and back office systems.
Security of data transmission is a key aspect of 'inter-operability'. The consequent handling and transmission of data between POS devices, operators and settlement organisations is crucial to genuine inter-operability. This is one of the primary reasons for the formation of ITSO and accordingly the ITSO Specification includes Back Office System requirements.

Board Members

The ITSO Board comprises representatives of the various Membership sectors of ITSO .
These sectors currently include:

Government
Rail Industry
Bus Industry
PTE's
Suppliers

Each sector has equal representation on the Board and the structure of the Board will evolve with changes to the Membership structure. In this fashion all Members can ensure they have representation at Board level in addition to any other avenues.

Committee Structure

The ITSO Board can choose to create and authorise various bodies to undertake specific tasks. This has resulted in the establishment of a number of committees with distinct tasks. The committees will not continue indefinitely but be reviewed as each task is completed. Where possible, ITSO includes Member representation on these committees by asking them to provide expert resource in discussion and review.

The most significant committee currently in operation is the Technical Committee. The Technical Committee is responsible for ensuring the next version of the ITSO Specification complies with any agreed changes and is updated in a fashion commensurate with the practical implementation of ITSO environment. In addition, the Technical Committee maintains close relationships with standards bodies so as to convergence with relevant emerging standards.

User Groups

ITSO Supplier members operate a group called Supplier Special Interest Group (SSIG) where joint learning and development takes place.

"SSIG is a natural progression from the successful Supplier Liaison Group and I2F. In creating SSIG the suppliers recognise not only their important role in the continuing development of ITSO, but also their input into a specification and organisation whose role is now to keep apace of the technology rather than the implementation of a specification". (The SSIG Group's Constitution)

ITSO