California transit officials have relaunched their senior discount verification program after shutting it down for six months, during which multiple state agencies conducted a review. The innovative program from the California Integrated Travel Project had been suspended for penetration testing by four state agencies. According to one agency, scalability of the original system was a problem.
Only around two dozen seniors signed up during the two months the original verification program was in place. That is low even for a small agency like Monterey-Salinas Transit, for which no more than 5% of fare payments by all customers are made with open-loop payments.
California transit officials have relaunched their senior discount verification program after shutting it down for six months, during which multiple state agencies conducted a review, including looking at security, Mobility Payments has learned. According to one state agency, scalability of the original system was a problem.
The California Integrated Travel Project, or Cal-ITP, part of the state’s Department of Transportation, quietly cut short a pilot of the innovative service around February. California bus agency Monterey-Salinas Transit, which is trialing the service, announced a “relaunch” fewer than three weeks ago.
“I’m not aware of any specific incidents or specific vulnerabilities that would have led to fraud under the original system,” Carl Sedoryk, general manager and CEO of Monterey-Salinas Transit, told Mobility Payments. “There were enough concerns from some at the state that led to the original, simpler solution to be taken down after a few months.”
The program to link open-loop cards to concessionary fare discount eligibility is the first of its kind in the U.S. and one of the first programs globally actually put into operation, even as a pilot. Any failure in this program could have implications far beyond the state, since ensuring that seniors, students, disabled persons and others entitled to special discounts has been a challenge for transit agencies offering open-loop fare payments.
During the six-month interruption in the Cal-ITP senior discount verification program, four state agencies–the Department of Transportation, known as Caltrans; California Department of Motor Vehicles; state Department of Technology; and even the California National Guard conducted penetration testing of the verification system, Mobility Payments has learned.
State officials did not immediately reveal what the security tests found, but the relaunched system now uses a much more time-consuming registration process–with many more steps required for users to verify their identity. The new system, Login.gov, is from the U.S. federal government.
Update: Cal-ITP, in a release Sept. 21, announced the new service, calling it the “debut” of the online Cal-ITP Benefits app, which it said was “first to verify their identity and benefit eligibility and link fare discounts to debit and credit cards.” The release did not mention the earlier service.
Monterey-Salinas Transit in a local announcement Sept. 1, however, had said the new service was a “relaunched Cal-ITP Benefits website (that) uses Login.gov.”
A Cal-ITP spokeswoman later told Mobility Payments that the original service was only a “proof of concept,” and characterized the scalability problem mainly as a language issue, noting that a more robust ID verification system from the state Department of Motor Vehicles that Cal-ITP considered was not available in Spanish, like Login.gov is. About 40% of Monterey-Salinas Transit’s riders speak Spanish as their first language, she noted.
The state DMV, however, in an earlier statement to Mobility Payments, didn’t mention the language problem.
“Based on early testing, while the system worked as intended–securely, quickly and accurately verifying riders’ eligibility–the DMV and Cal-ITP decided it could not effectively scale, and the program went on hiatus after Cal-ITP informed DMV it would begin working with the California Department of Technology on a more scalable solution.”
Another source involved in the project, who asked not to be named, said that no cardholder data was ever compromised using the earlier verification system. In addition, there was a very small number of seniors that had earlier registered on the system.
“Frankly, it’s still clunky,” he said of the new system, but adding that the “initial implementation was very much a basic go to market proof of concept. There is much more planned in this area.” He also speculated that Login.gov will not be the final solution to the problem of quickly verifying eligibility of transit customer for concessionary discounts. “There will be alternative commercial verification schemes coming on stream soon that aren’t government-based and so don’t have the same level of bureaucracy attached.” End update.
Login.gov is a single sign-in service used by participating agencies to allow the members of the public and government employees to securely apply for federal jobs, enroll in airport trusted traveler programs and request small business disaster loans, among other mainly federal services. The U.S. General Services Administration, which runs Login.gov, has been seeking to expand use of the platform to state and local governments.
Lengthy Registration Process
But using the system requires what some might consider an onerous registration process if agencies mandate users to verify their identity–which is what the state of California is doing.
Users must first create a Login.gov account by submitting a valid email address, which they verify by clicking a link they receive in their inbox. They must also support two-factor authentication, which requires them to receive SMS codes on their phone. According to Login.gov, other options for the second factor of authentication is either a scan their face or fingerprint, use a secure key in the form of a USB token or entering a secure government employee ID card on their desktop.
Users must then confirm their identity by uploading a state-issued ID card, as well as typing in their U.S. social security number and entering their phone number from a mobile contract with their name on it to receive a security code. Failing the latter, they can get the code in a letter via the postal service.
After they verify their identity, users must then encrypt their account by re-entering their Login.gov password and receiving a personal cryptographic key. They will then be asked to enter this key on the next page of the registration site.
This system compares to a much simpler registration process that Cal-ITP offered before. On a state-run portal, users had merely been asked to enter their family name and a credit or debit card number, along with their driver’s license or state ID number. The system then ran a one-time check of California’s large Department of Motor Vehicles database to make sure the customer was 65 or above and, therefore, entitled to receive a senior discount. If approved, the next time users tapped their contactless EMV bank cards to pay fares, the discount was applied in the back office.
Update: After users verify their identity and, for seniors, establish that they are 65 or older, the new Cal-ITP Benefits web application will take users from Login.gov to a site managed by Australia-based Littlepay, the transit processor and payments service provider for Monterey-Salinas Transit’s open-loop payments service.
There they will be able to enter the details of their credit or debit card and Littlepay, as before, will link the users’ eligibility for a senior discount to their payment card on its database. When users tap the card to ride, the vendor will apply the discount. End update.
Littlepay did not immediately respond to a request for comment from Mobility Payments about the security or scalability of the eligibility verification program.
Sedoryk acknowledges that the Login.gov platform “is not particularly user friendly for seniors or individuals with cognitive disabilities, who may have difficulty navigating the platform.” But he added that “it’s more important to move the ball down the field and implement a solution that everyone could live with rather than get the ‘perfect’ solution.”
‘Even More Cumbersome’
The new verification system appears to completely eliminate use of the California Department of Motor Vehicles, or DMV, database, though users could still upload their DMV-issued driver’s license or other ID card as part of the identity-verification process.
Sedoryk noted that state officials had proposed an “intermediate solution” that would continue to use the DMV database. But apparently the security upgrades that would have been necessary to use the database would make the process for riders “even more cumbersome.” And it would not have offered bilingual options that Login.gov does, he said.
Meanwhile, he said Login.gov offers the potential to expand the program to link open-loop cards to concessionary fares in ways transit agencies could not with the former system. Instead of only enabling customers with driver’s licenses or other ID cards issued by the California DMV potentially to receive discounts by tapping credit or debit cards, Monterey-Salinas Transit is offering the system to residents throughout the U.S. The out-of-state users would still have to be registered on Login.gov.
Update: A source involved in the project agreed that Login.gov would enable the verification system to scale better than using the state’s DMV database.
“Switching to the ‘pre-approved’ Login.gov services gets rid of all the arguably gray areas and opens the door to wider scale and different eligibility checkpoints,” he said, adding that while the DMV issues ID cards to people who don’t drive, its main function is to issue driver’s licenses. “People without a driving license are kinda useful to include in any public transport scheme.” End update.
In addition, Sedoryk told Mobility Payments that his agency plans to extend the offer to link discounts to open-loop cards to military veterans, disabled persons and local college and university students by the end of the year. While possible before, this might have been more difficult using the California DMV database.
Still, making it harder for seniors and other customers entitled to discounts to sign up and verify their identity does not bode well for the program.
As it is, only around two dozen seniors signed up during the two months the original verification program was in place. That is low even for a small agency like Monterey-Salinas Transit, for which no more than 5% of fare payments by all customers are made with open-loop payments.
In addition, riders apparently still cannot link their senior discounts with open-loop card credentials loaded into NFC wallets, like those connected with Apple Pay. The credentials have tokenized account numbers, so are not the same primary account numbers as the cards the tokens were created from. This presents another barrier to the program scaling.
Sedoryk said he will press on in supporting the new discount-eligibility verification system, especially since his agency would like to greatly reduce use of other fare media, including cash.
“Offering a fare discount for seniors is a requirement for public transit operators who receive federal funding,” he said. “So I imagine this is going to be critical to any transit operator like MST (Monterey-Salinas Transit) who wants to offer a single open loop payment solution.”
© Mobility Payments and Forthwrite Media. Mobility Payments content is for individual use and cannot be copied or distributed without the express permission of the publisher.