“Joining SPAC Alliance is an opportunity for us to share experience and know-how in systems security.”
Yann CHERMAT
COO
Can you tell us about your activity?
CNA is an international association of contactless ticketing stakeholders (public authorities, transport operators, card and terminal manufacturers, system designers, service providers, consultants) whose main objective is the collaborative specification, maintenance and promotion of the Calypso open standard for ticketing systems. It brings together a community of 120 members and more than 40 million journeys using the Calypso standard are made every day in 30 countries around the world.
What are your challenges in your area of expertise?
CNA has made security of media and systems its priority and trademark in its standardisation of contactless ticketing. The challenge is to provide users with added-value services that are not only accessible and flexible, but also reliable. For us, security is an important condition for preserving revenue (combating fraud, protecting information), which is a major issue for our users.
Why join SPAC Alliance and its ecosystem?
FIn addition to transport and mobility, which remain our core areas of activity, we believe that our expertise in the security of contactless media and systems can be applied in other fields, such as access control. Joining the SPAC Alliance is an opportunity for us to share experience and know-how in systems security. What’s more, the issues of sovereignty and systems governance are also central to the values of our user community.
What benefits can the SSCP communication standard bring to the security market? And for you specifically?
Like any open standard, like Calypso, the SSCP protocol enables systems to be built using components (readers, control units) from different industrial sources : it therefore encourages the scalability of systems and the existence of competitive markets. It also provides essential security guarantees, such as component authentication. For CNA, it represents a technical opportunity to equip any processing unit with a standard extension enabling the use of Calypso media.
What is the importance of certifications in the security market?
The requirement for certified solutions by system owners and operators guarantees the quality and reliability of systems over the long term. Certification is a tool for cleaning up markets and, in a way, the “armed wing” of open standardisation, which we believe is a genuine strategic choice in terms of information systems governance.
