ISL has provided a list of useful ITSO terminology and related definitions for the benefit of member TCAs, these are listed below. If you require any further explanation to any of these definitions, please contact the ISL Helpdesk for further assistance.
| Term | Abbreviation | Definition |
| Asset Management System |
AMS |
A sub-system of a HOPS that records and manages the disposition status and configuration of ISAMs and HSAMs and some aspects of POST configuration. This ITSO Certified computer system is part of the HOPS, and manages the ITSO Assets within a system. It is also the interface to the ISMS. |
|
Certification and Testing
|
C&T
|
Certifies that components (CMDs, POSTs and HOPS) conform to the ITSO Specification. Through the ITSO accredited service provider and Test House, Integri, any media, POST or back office must be certified for compliance with the ITSO specification before it can be called compliant. Integri makes available its test tools and ITSO provides the scripts to suppliers for pre-certification testing in their own workshops.
ITSO provide a service to the suppliers of ITSO compliant hardware and software which is subject to separate contractual arrangements.
Testing compromises of two parts, testing against Test Tools to confirm functionality and Warehouse testing to confirm true interoperability.
|
|
Customer Media
|
CM |
A Smart Card or other device, compliant with the requirements of the ITSO technical Specifications, capable of containing an ITSO Shell and Products.
|
|
Customer Media Definition
|
CMD
|
A definition contained in ITSO TS 1000-10, defining a type of Customer Media. · Mifare® standard 1K CMD1
· Generic micro-processor CMD2
· Mifare® standard 4K CMD3
· Mifare® ultra light CMD4
· Innovision Jewel-0301/70 CMD5
· London Oyster CMD6 (not yet tested)
· Mifare® DESFire CMD7
· Calypso CMD8
|
|
Data Encryption Standard
|
DES
|
One of a number of possible standard methods of encrypting data to reduce the possibility of fraud or breaches of confidentiality.
|
|
Electronic purse
|
E-purse
|
An electronic store of value that may be used for the purchase of goods and services.
|
|
English National Concessionary Travel Scheme
|
ENCTS
|
The national concessionary scheme in operation within England.
|
|
Electronic ticket machine.
|
ETM
|
A purpose-designed POST that is used for the sale and/or validation and/or cancellation of tickets, usually used on a Bus.
|
|
Host Operator or Processing System
|
HOPS
|
That element of the back office system defined within the ITSO Specification, covering Message Handling, Shell & Product accounting, and Asset Management functions. The HOPS shall always be equipped with an HSAM.
|
|
Hot list
|
A list of CMs, products or items of equipment where a transaction requires special attention.
|
|
|
Integrated Product Entity
|
IPE
|
This denotes the product placed on the card, in this instance it would refer to an ENCTS product. IPE 16 refers to the concession product, whilst IPE 14 is used to denote a companion card.
|
|
Interoperability
|
The requirement for Interoperability is that an ITSO customer media (or smart card) is capable of being used anytime, anyplace, anywhere. Media is accepted for use between modes of travel e.g. bus or ferry within one locality (known as intermodal interoperability).
Media is able to be used interoperably, i.e. between localities or district geographical locations e.g. Manchester and London.
Products can be used between different operators in either the same or different locations e.g. Virgin Rail and First Bus Group
ITSO has no involvement in where products are retailed or accepted, this is in the control of the product owner.
|
|
|
ITSO Shell Serial Number
|
ISSN
|
18 digit reference number specified for each ITSO shell (for example, the unique card number for a concessionary pass).
|
|
ITSO
|
Non profit distributing organisation run by its members for the benefit of members and users of smartcards, supported by the Department for Transport (DfT) It has created a common specification to enable the use of interoperable smart cards in transport and other areas.
ITSO is mandated for all GB transportation schemes receiving government support. It provides the potential for a national environment within a single security domain.
|
|
|
ITSO Compliant
|
Software or hardware certified by ITSO as being compliant with the ITSO Specification required for ITSO interoperability. Hardware and/or software that has been duly certified as being compliant with the relevant parts of the specification.
|
|
|
ITSO Security Application Module
|
ISAM
|
ITSO Security Application Module, as defined in ITSO 1000-8. Secure processor card, size of a mobile phone SIM, present in every POST & HOPS. Stores security keys & provides cryptographic processing, checking permissions, authentication, validation & data storage.
|
|
ITSO Security Management Service
|
ISMS
|
The security management service. ITSO has two sub contactors, Ecebs for the software and Verizon who host the Hardware, HSM, applications, database and VPN.
This service provides the keys necessary for the creation, modification and use of ITSO Shells and Products
Service provides secure messages to load keys and other security-related parameters to ISAMs or HSAMs.
Sending in response to appropriately authorised requests made by or on behalf of the Licensee, of electronic messages to Asset Management Systems of the Licensee in order to provide, change or remove ITSO Keys.
|
|
ITSO Services Ltd
|
ISL
|
Company separate to ITSO and set up to provide services to “non-ITSO-smart” English TCAs who need to produce ITSO compliant concessionary travel passes. ITSO Services is:
· The ITSO member on behalf of TCAs who sign up to them
· the ITSO licensed operator on behalf of non smart TCAs
· Provider of a comprehensive range of support and guidance
· Sources, personalises and distributes ISAMs for each TCA’s selected card service bureau.
· Provides security through direct management of distributed assets e.g. ISAMs
· Manages stored data for each TCA
· Developer (with DfT) and implementer of a stop/hot listing strategy
· Provider of Concessionary Transaction Collection & Depository (HOPS)
|
| ITSO Shell Reference Number | ISRN |
A number that uniquely identifies the ITSO Shell.
|
| ITSO Shell Serial Number |
ISSN
|
This is a seven BCD digit number, in the range 0 – 9,999,999, that Licensed Members shall use to ensure their ITSO Shells are uniquely identified. This is a part of the ISRN. |
|
Key
|
An alpha numeric string of characters which is used to control access to an application or product, or used as the basis of encryption | |
|
Licensed Member
|
A party to the ITSO operating license. Only licensed members are allowed to operate within the ITSO environment.
|
|
|
Membership Agreement
|
A signed contract between said member and ITSO. Members sign an agreement that allows them to apply for one or more operating licence, promote ITSO objectives in the course of its normal business activities, observe ITSO’s privacy policy as stated on ITSO website, to receive and exercise vote on any resolution by fellow members of the company and cast its vote on any changes to the ITSO Specification deemed significant. As a condition of this agreement the Member pays membership fees to ITSO.
|
|
|
Non-smart TCA
|
The vast majority of English TCAs who are not ITSO members and / or do not have the functionality to administer their own complete concessionary scheme. Currently supported by ITSO Services Ltd.
|
|
|
Operator ID
|
OID
|
This may refer to certain types of identification used for operators, for example ISL has two registered OIDs under which it operators, known as Shell OIDs 0100 and 0110. Subsequently Product OIDs (as well as CPICCs) are employed to denote concessionary schemes and TCAs registered under the ISL Shells.
|
|
Point of Service Terminal
|
POST
|
A terminal such as ETMs, ticket office machines and ticket vending machines, where the CM is read/written to as appropriate to add products or value, to check the validity of products or to modify/remove products and or value. A POST must be certified by ITSO and must contain an ISAM.
|
|
Private Application
|
An application that resides within the ITSO Shell but which is not subject to the data formats security or operational rules defined by ITSO for its IPEs.
|
|
|
Product
|
Any type of IPE issued by an entity that is responsible for how it should be used.
|
|
|
Product OID
|
A four digit identification number used to separate schemes operating within ENCTS. Whilst ‘smart’ schemes have unique OIDs, all ISL TCAs are grouped under either ‘0100’ or ‘0110’
|
|
|
Product Sub Type
|
PTYP |
IPE Sub-type. Refers to specific products that can be offered within the primary TYP.
|
|
Secure Sockets Layer
|
SSL
|
A security certificate required to securely access the ISL HOPS.
|
|
Smart TCA
|
Full ITSO members who administer their own schemes in ENTCS
|
|
|
Stored Travel Rights
|
STR
|
A store of denominated units which may be exchanged for travel Tickets or other goods or services.
|
|
Stop listing
|
Stop List is simply a list of smartcards which, for whatever reason, are no longer valid and which should therefore be stopped from working. Stop listing means that a card is added to the stop list (which is kept as a database).
|
|
|
Supplier
|
Company who supply ITSO compliant Hardware and Software under signed agreement.
|
|
|
Travel Concession Authority
|
TCA
|
Local authorities who are responsible/jointly responsible for the administration of concessionary fare schemes. Some are Licensed Members in their own right, remaining TCAs in England are supported by ISL.
|