EN ISO 24014-1:2021

SLOVENSKI STANDARD
01-maj-2021
Nadomešča:
SIST EN ISO 24014-1:2016
Javni prevoz - Interoperabilni sistem vodenja (pre)voznin - 1. del: Arhitektura (ISO
24014-1:2021)
Public transport - Interoperable fare management system - Part 1: Architecture (ISO
24014-1:2021)
Öffentlicher Verkehr - Interoperables Fahrgeldmanagement System - Teil 1: Architektur
(ISO 24014-1:2021)
Transport public -- Système de gestion tarifaire interopérable -- Partie 1: Architecture
(ISO 24014-1:2021)
Ta slovenski standard je istoveten z: EN ISO 24014-1:2021
ICS:
03.220.01 Transport na splošno Transport in general
35.240.60 Uporabniške rešitve IT v IT applications in transport
prometu
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EN ISO 24014-1
EUROPEAN STANDARD
NORME EUROPÉENNE
January 2021
EUROPÄISCHE NORM
ICS 03.220.01; 35.240.60 Supersedes EN ISO 24014-1:2015
English Version
Public transport - Interoperable fare management system -
Part 1: Architecture (ISO 24014-1:2021)
Transport public - Système de gestion tarifaire Öffentlicher Verkehr - Interoperables
interopérable - Partie 1: Architecture (ISO 24014- Fahrgeldmanagement System - Teil 1: Architektur (ISO
1:2021) 24014-1:2021)
This European Standard was approved by CEN on 19 November 2020.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this
European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references
concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN
member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management
Centre has the same status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2021 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN ISO 24014-1:2021 E
worldwide for CEN national Members.

Contents Page
European foreword . 3

European foreword
This document (EN ISO 24014-1:2021) has been prepared by Technical Committee ISO/TC 204
"Intelligent transport systems" in collaboration with Technical Committee CEN/TC 278 “Intelligent
transport systems” the secretariat of which is held by NEN.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by July 2021, and conflicting national standards shall be
withdrawn at the latest by July 2021.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
This document supersedes EN ISO 24014-1:2015.
This document has been prepared under a mandate given to CEN by the European Commission and the
European Free Trade Association.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the
United Kingdom.
Endorsement notice
The text of ISO 24014-1:2021 has been approved by CEN as EN ISO 24014-1:2021 without any
modification.
INTERNATIONAL ISO
STANDARD 24014-1
Third edition
2021-01
Public transport — Interoperable fare
management system —
Part 1:
Architecture
Transport public — Système de gestion tarifaire interopérable —
Partie 1: Architecture
Reference number
ISO 24014-1:2021(E)
©
ISO 2021
ISO 24014-1:2021(E)
© ISO 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved

ISO 24014-1:2021(E)
Contents Page
Foreword .vi
Introduction .vii
1 Scope . 1
2 Normative references . 2
3 Terms and definitions . 2
4 Abbreviated terms . 6
5 Requirements . 6
6 System environment for IFMS . 7
6.1 General . 7
6.2 Mobility platforms . 7
7 Conceptual framework for IFMS . 7
7.1 General . 7
7.2 Description of IFM roles and external roles. 8
7.3 Basic framework of the generic IFM functional model .12
8 Use case description for the IFM functional model .13
8.1 Description of IFM-roles and external roles .13
8.2 Define set of rules .14
8.2.1 General.14
8.2.2 Define set of rules for Customer accounts .14
8.2.3 Define set of rules for media .14
8.2.4 Define set of rules for ID services . .15
8.2.5 Define set of rules for payment services .15
8.3 Certification .15
8.3.1 General.15
8.3.2 Certification of organizations .16
8.3.3 Certification of components .16
8.3.4 Certification of media .16
8.3.5 Certification of ID services .16
8.3.6 Certification of payment services .17
8.3.7 Certification of application specifications and templates .17
8.3.8 Certification of product specifications and templates .17
8.4 Interaction with external objects .18
8.4.1 General.18
8.4.2 Interaction with external media .18
8.4.3 Interaction with external applications.19
8.4.4 Interaction with external ID services .20
8.4.5 Interaction with external payment services .21
8.5 Registration .22
8.5.1 General.22
8.5.2 Registration of organizations .22
8.5.3 Registration of components .22
8.5.4 Registration of ID services .22
8.5.5 Registration of customer accounts .23
8.5.6 Registration of payment services .24
8.5.7 Registration of media .24
8.5.8 Registration of customer media .24
8.5.9 Registration of application templates . .25
8.5.10 Registration of applications .25
8.5.11 Registration of product templates .25
8.5.12 Registration of products .25
8.6 Managing ID services .26
ISO 24014-1:2021(E)
8.6.1 General.26
8.6.2 Enrolment and update of Customer ID data via an application form .26
8.6.3 Enrolment and update of Customer ID data via an external ID service .27
8.6.4 Update of Customer ID data via an online account .27
8.6.5 Re-use of incumbent Customer ID data .28
8.6.6 Management and maintenance of Customer ID data .28
8.6.7 Providing the ID service to IFMS internal and external organizations .29
8.7 Management of customer accounts .29
8.7.1 General.29
8.7.2 Secure login to customer online accounts .30
8.7.3 Connect/disconnect customer media to/from the customer online account .30
8.7.4 Transfer of products between connected customer media .31
8.7.5 Connect system generated account with a customer account.32
8.7.6 Termination of customer accounts .32
8.8 Management of customer media .33
8.8.1 General.33
8.8.2 Provisioning of media .33
8.8.3 Termination of customer media .34
8.9 Management of applications .35
8.9.1 General.35
8.9.2 Dissemination of application templates .35
8.9.3 Acquisition of applications .36
8.9.4 Termination of application templates .36
8.9.5 Termination of applications .37
8.10 Management of products .38
8.10.1 Dissemination of product templates .38
8.10.2 Termination of product templates .39
8.10.3 Management of action lists .40
8.10.4 Acquisition of products .40
8.10.5 Modification of product parameters .40
8.10.6 Termination of products.41
8.10.7 Use and inspection of products .41
8.10.8 Collection of data .42
8.10.9 Forwarding data .43
8.10.10 Generation and distribution of clearing reports .43
8.11 Security management .44
8.11.1 General.44
8.11.2 Monitoring of IFM processes and IFM data life cycle .44
8.11.3 Management of IFM security keys .45
8.11.4 Management of security lists .45
8.12 Customer Service management (optional) .48
9 System interface identification .48
10 Identification .48
10.1 General .48
10.2 Numbering scheme .48
10.3 Prerequisites .49
10.3.1 There is one Registrar within the IFMS. .49
10.3.2 All objects, e.g. templates and components, have an owner who is one of
the actors in the IFMS. .49
10.3.3 The identification of the application and product shall be as short and
compact as possible due to the minimization of the transaction time
between the customer medium and the MAD. .49
11 Security in IFMSs .49
11.1 General .49
11.2 Protection of the interests of the public .49
11.3 Assets to be protected .50
11.4 General IFM security requirements .50
iv © ISO 2021 – All rights reserved

ISO 24014-1:2021(E)
Annex A (informative) Mobility Platform – German example .52
Annex B (informative) Pay-As-You-Go (PAYG) roles and relationships in an IFMS.57
Annex C (informative) Mobility ID service example .63
Annex D (informative) Examples of IFMS implementations .73
Annex E (informative) Media centric management and back-office centric management .79
Bibliography .81
ISO 24014-1:2021(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/
iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 204, Intelligent transport systems, in
collaboration with the European Committee for Standardization (CEN) Technical Committee CEN/TC
278, Intelligent transport systems, in accordance with the Agreement on technical cooperation between
ISO and CEN (Vienna Agreement).
This third edition cancels and replaces the second edition (ISO 24014-1:2015), which has been
technically revised.
The main changes compared to the previous edition are as follows:
— in order to prepare compatibility of Interoperable Fare Management (IFM) systems with mobility
platforms encompassing the entire mobility service chain, functions and roles known from IFM are
expanded; and
— new roles are introduced to operate mobility platforms.
A list of all parts in the ISO 24014 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.
vi © ISO 2021 – All rights reserved

ISO 24014-1:2021(E)
Introduction
Fare management (FM) encompasses all the processes designed to manage the distribution and use of
fare products in a public transport environment.
Fare management is called interoperable (IFM) when it enables the customer to use a portable electronic
medium (e.g. a contact/contactless smart card or a Near Field Communications mobile device) with
compatible equipment (e.g. at stops, with retail systems, at platform entry points or on board vehicles).
IFM concepts can also be applied to fare management systems not using electronic media.
Potential benefits for the customer include reductions in queuing, special and combined fares, one
medium for multiple applications, loyalty programmes and seamless journeys.
There are two main changes in this edition of this document compared to the previous edition. Firstly,
in order to prepare compatibility of IFM systems with mobility platforms encompassing the entire
mobility service chain, functions and roles known from IFM are expanded. Secondly, new roles are
introduced to operate mobility platforms. These new roles should act with the roles defined in the IFM
and enter into interface relations.
With the introduction of so-called mobility platforms, which can integrate various IFM systems and
additional modes of transportation and deliver the travel information across these integrated domains,
the customer can benefit from seamless and well-guided multi- or inter-modal travel.
Interoperability of fare management systems also provides benefits to operators and the other parties
involved. However, it requires an overall system architecture that defines the system functionalities,
the actors involved and their roles, the relationships and the interfaces between them.
Interoperability also requires the definition of a security scheme to protect privacy, integrity, and
confidentiality between the actors to ensure fair and secure data flow within the IFM system (IFMS).
The overall architecture is the subject of this document, which recognizes the need for legal and
commercial agreements between members of an IFMS, but does not specify their form. The technical
specifications of the component parts and, particularly, the standards for customer media (e.g. smart
cards) are not included.
Note that there is not one single IFMS. Individual operators, consortia of operators, public authorities,
and private companies can manage and/or participate in IFMSs. An IFMS can span country boundaries
and can be combined with other IFMSs. Implementations of IFMSs require security and registration
functionalities. This document allows for the distribution of these functions to enable the coordination/
convergence of existing IFMSs to work together.
This document intends to provide the following benefits:
a) It defines a common definition of terms and roles that shall constitute the basis for the other parts
of ISO 24014 and technical specifications and technical reports from ISO/TC 204 which address
mobility platforms, fare management and interoperability between IFM and other systems.
b) It provides a framework for an interoperable fare management implementation with minimum
complexity.
c) It provides guidance on how IFM Managers can benefit from external devices and services and how
interoperability and appropriate security level can be established in cooperation with systems
from other markets.
d) It aims to shorten the time and lower the cost of IFMS procurement as both suppliers and purchasers
understand what is being purchased. Procurement against an open standard reduces cost as it
avoids the need for expensive bespoke system development and provides for second sourcing.
e) It aims to simplify interoperability between IFMSs to the benefit of all stakeholders.
In Annex A, this document provides a framework for mobility platforms that integrate fare management
and travel information for inter- and multimodal travel. This document also contains other informative
ISO 24014-1:2021(E)
annexes, which elaborate on some specific subjects of the document and offer some national examples
with regard to IFMS implementations (see Annex B, Annex C, Annex D and Annex E).
viii © ISO 2021 – All rights reserved

INTERNATIONAL STANDARD ISO 24014-1:2021(E)
Public transport — Interoperable fare management
system —
Part 1:
Architecture
1 Scope
This document gives guidelines for the development of multi-operator/multi-service interoperable
public surface (including subways) transport fare management systems (IFMSs) on a national and
international level.
This document is applicable to bodies in public transport and related services which agree that their
systems need to interoperate.
This document defines a conceptual framework which is independent of organizational and physical
implementation. Any reference within this document to organizational or physical implementation is
purely informative.
This document defines a reference functional architecture for IFMSs and establishes the requirements
that are relevant for ensuring interoperability between several actors in the context of the use of
electronic tickets.
The IFMS includes all the functions involved in the fare management process, such as:
— management of media,
— management of applications,
— management of products,
— security management, and
— certification, registration, and identification.
This document defines the following main elements:
— identification of the different sets of functions in relation to the overall IFMS and services and media
from non-transport systems which interact with fare management systems;
— a generic model of an IFMS describing the logical and functional architecture and the interfaces
within the system, with other IFMSs and with services and media from non-transport systems;
— use cases describing the interactions and data flows between the different sets of functions;
— security requirements.
In its annexes, this document provides a framework for mobility platforms that integrate fare
management and travel information for inter- and multimodal travel (see Annex A). It also elaborates
on specific subjects covered in document and offers some national examples with regard to IFMS
implementations (see Annex B, Annex C, Annex D and Annex E).
This document does not define:
— the technical aspects of the interface between the medium and the medium access device;
ISO 24014-1:2021(E)
— the data exchanges between the medium and the medium access device;
NOTE The data exchanges between the medium and the medium access device are proposed by other
standardization committees.
— the financial aspects of fare management systems (e.g. customer payments, method of payment,
settlement, apportionment, reconciliation).
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
account-based ticketing
ABT
architectural approach that stores products (3.30) in the IFM (3.19) system’s back-office (i.e. the
customer’s personal account or a temporary account) and not in the customer medium (3.12)
Note 1 to entry: The customer medium carries authentication credentials and an application (3.7) that contains
references to the account-based products in the back-office.
3.2
action list
list of items related to IFM (3.19) applications (3.7) or products (3.30) downloaded to medium access
devices (3.24) (MADs) processed by the MAD if and when a specific IFM application or product
referenced in the list is encountered by that MAD
3.3
actor
person, organization (3.25), or another (sub)system playing a coherent set of functions when interacting
with the IFM system (3.20) within a particular use case (3.36)
3.4
application rules
specification of rules in the application (3.7) contract for the use of the application with the Customer as
defined by the application owner
3.5
application specification
specification of functions, data elements, and security scheme according to the application rules (3.4)
3.6
application template
executable technical pattern of the application specification (3.5)
2 © ISO 2021 – All rights reserved

ISO 24014-1:2021(E)
3.7
application
implemented and initialized application template (3.6)
Note 1 to entry: The application may host one or more products (3.30) and may support functions which identify
and protect the access to these products. For ABT- and ID-based architectures, the application may reside partly
in the customer medium (3.12) (identification and access control function) and partly in the IFM (3.19) back-office
(products).
Note 2 to entry: The application is identified by a unique identifier.
Note 3 to entry: The application may house products (3.30) and other optional customer information (customer
details, customer preferences).
Note 4 to entry: The application can be fully installed on customer media or distributed on the customer media
and the IFM back-offices.
3.8
commercial rules
rules defining the settlement and commission within the IFMS (3.20)
3.9
component
any piece of hardware and/or software that performs one or more functions in the IFMS (3.20)
3.10
component provider
anyone who wants to bring a component (3.9) to the IFMS (3.20)
3.11
customer account
data space hosted by the IFMS (3.20) (typically the product retailer) that contains all information which
is relevant for the business relationship between the Customer and the IFMS
Note 1 to entry: Accounts are maintained and managed by the responsible stakeholder in the IFMS. Accounts
which are accessible online may also be established and managed by the Customer.
3.12
customer medium
medium (3.22) initialized with an application (3.7) through an application contract
3.13
derived identity
derived ID
electronic identifier generated from another ID (3.15) (primary ID)
Note 1 to entry: Typically, the derived ID is generated by an identity provider in such a way that the authenticity
of the derived ID can be proven but there is no way to conclude from the derived ID back to the primary ID.
The concept of derived ID is typically used when primary ID with high security demand (like driver licence or
governmental eID) shall not be exposed to an environment that doesn't support high assurance levels.
3.14
external
object which does not follow the rules of the IFMS (3.20) and for which special activities are necessary
to implement interoperability and security with the IFMS
ISO 24014-1:2021(E)
3.15
identity
ID
information that describes a specific person or object in a unique and unambiguous way
Note 1 to entry: For instance, a person can be described by the attributes name, birth date, sex, address, etc.
Unambiguous identification of a person typically needs, in addition, a unique identifier which is issued by the
Identity Provider. An object, e.g. a ticketing machine, can be described by owner, type, and software version. A
unique serial number could serve as identifier.
3.16
IFM functional model
model to define functions of IFM roles (3.18) and how they interact
3.17
IFM policy
commercial, technical, security, and privacy objectives of IFM (3.19)
3.18
IFM role
abstract object performing a set of functions in an IFM functional model (3.16)
3.19
interoperable fare management
IFM
all the functions involved in the fare management process such as management of application (3.7),
products (3.30), security and certification, registration, and identification to enable Customers to travel
with participating Service Operators using a single portable electronic medium (3.22)
3.20
interoperable fare management system
IFMS
all technical, commercial, security, and legal elements which enable interoperable fare management (3.19)
3.21
level of assurance
LoA
level of resilience of IFMS (3.20) components (3.9) and processes against a defined attack potential
Note 1 to entry: to entry; Level of assurance is typically defined by the Security Manager for all components of
the IFMS and specified in the set of rules (3.33) for security certification.
3.22
medium
physical carrier of applications (3.7)
3.23
message
set of data elements transferred between two IFM roles (3.18)
3.24
medium access device
MAD
device with the necessary facilities (hardware and software) to communicate with a customer
medium (3.12)
3.25
organization
legal entity covering the functions and implied responsibilities of one or more of the following
operational IFM roles (3.18): Application Owner, Application Retailer, Product Owner, Product Retailer,
Service Operator, Collection and Forwarding, etc.
4 © ISO 2021 – All rights reserved

ISO 24014-1:2021(E)
3.26
pricing rule
rules defining the price and payment/billing relationships to the Customer
3.27
product rule
usage, pricing, and commercial rules (3.8) defined by the Product Owner
3.28
product specification
complete specification of functions, data elements, and security scheme according to the product
rules (3.27)
3.29
product template
technical pattern of the product specification (3.28)
Note 1 to entry: The product template is identified by a unique identifier.
3.30
product
instance of a product template (3.29) stored in an application (3.7)
Note 1 to entry: A product defines a commercial offer to the Customer. By purchasing a product, the Customer is
entitled to obtain specific services which are defined by the Product Owner.
Note 2 to entry: It is identified by a unique identifier and enables the Customer to benefit from a service provided
by a Service Operator.
3.31
role
abstract object performing a set of functions
3.32
security policy
objectives of the IFMS (3.20) to secure the public interests and the assets within the IFMS
3.33
set of rules
regulations for achieving IFM policies (3.17) expressed as technical, commercial, security, and legal
requirements and standards relevant only to the IFMS
3.34
trigger
event that causes the execution of a use case (3.36)
3.35
usage rule
rule defining the usage time, the usage area, the personal status and the type of service
3.36
use case
description of a process by defining a sequence of actions performed by one or more actors (3.3) and by
the system itself
ISO 24014-1:2021(E)
4 Abbreviated terms
KYC know your customer
NFC near field communication
PAYG pay-as-you-go
PT public transport
5 Requirements
The purpose of the ISO 24014 series is to achieve interoperability throughout fare management systems
while making sure that participating companies in PT remain as commercially free as possible to design
their own implementation in pursuing their own business strategies.
In addition, interoperability between individual IFMS, with external systems and services and also the
integration of IFMS by so-called mobility platforms shall be specified.
Specific requirements of the IFMS model are as follows:
— A Customer shall be able to travel with all participating Service Operators (seamless journey) using
a single medium.
— There shall be a capability to extract data appropriate to the revenue-sharing and statistical
requir
...