Sicherheits- und Risikoanalyse SBB SwissPass Mobile

SBB develops a concept to virtualize the SwissPass card. The SwissPass should be integrated into the ticketing applications of the different transport units in a user-friendly and secure manner.

Factsheet

  • Lead department Engineering and Information Technology
  • Institute Institute for Data Applications and Security (IDAS)
  • Research unit IDAS / Identity and Access Management (IAM)
  • BFH centre BFH Centre for the Digital Society
  • Funding organisation Others
  • Duration 01.01.2017 - 31.12.2017
  • Project management Annett Laube-Rosenpflanzer
  • Head of project Annett Laube-Rosenpflanzer
  • Keywords IT Security

Situation

The BFH supports SBB during the development of the virtualization concept of the SwissPass and performs security and risk analysis.

Course of action

SBB develops a concept to virtualize the SwissPass card. The SwissPass should be integrated into the ticketing applications of the different transport units in a user-friendly and secure manner. The BFH supports SBB during the development of the virtualization concept of the SwissPass and performs security and risk analysis.

Result

Together with experts from SBB, various options for virtualizing the SwissPass were developed. Potential risks could be minimized through appropriate measures. Subsequently, the functionality for depositing the SwissPass was integrated into many public transport smartphone applications.