Calypso uses up-to-date contactless technology to ensure a complete transaction in less than 200 milliseconds.
All ticketing transactions are run through a secure session that guarantees the integrity of the data written onto the card, even if the card is withdrawn too quickly. The Ratification anti-tearing function leaves the card in a safe state if the communication link is broken between the terminal and the card.
To avoid possible fraud or forgery, the secure session ensures that the card, the terminal, and the data are genuine, thanks to mutual authentication. Calypso’s high level of security is reached using microprocessor cards, Security Modules on terminals, and proven fast symmetric cryptographic algorithms using hardware accelerators (DESX, TDES, AES). The card, the terminal and all data exchanged between them are authenticated. These operations are carried out with a high-speed algorithm resulting in the shortest possible transaction time.
There are three main secret keys which perform a specific function: personalization, loading and debit. The secret keys inside the cards are uniquely diversified by the card serial number and the corresponding SAM master key: If a card’s secret keys is cracked, only the security of the attacked card is jeopardized, and will be invalidated by the system.
Calypso guarantees the uniqueness of the Calypso application serial number, currently for cards as well as for future applets.