Design sprint for a responsible intelligent mobility system
Congestion is a growing concern for major metropolitan areas. In response to this challenge, Amsterdam has rolled out an array of ‘intelligent mobility’ solutions. Yet, these come with their own set of drawbacks related to privacy and scalability. In collaboration with The Incredible Machine, we embarked on a design sprint to revolutionize urban mobility. The outcome: XPRS – a solution that not only tackles the challenges of urban mobility but does so with a focus on responsible design.
Challenges involved in the current approach to manage mobility
To tackle the growing urban mobility challenge, many cities, including Amsterdam, have adopted ‘intelligent mobility’ solutions. These encompass a range of measures such as Exemptions & Permits, Traffic & Navigation, Congestion Pricing, Low Emission Zones, Intelligent Access, Parking for E-mobility, and Multimodality. However, these solutions come with their own set of challenges:
- Little privacy: These systems often require indexing personal and vehicle information, raising concerns about data privacy.
- Hard to scale: Implementing each of these solutions necessitates complex system architecture and data integration.
- Hard to secure: The interconnected subsystems create a vast attack surface that is difficult to secure.
- Lack of user experience: Users often struggle to navigate these systems due to the absence of a unified user interface.
What if intelligent access was as private as using an anonymous subway ticket?
The goals of the design sprint were to provide fresh perspectives on urban mobility, explore potential solutions, and identify opportunities for collaboration.
In envisioning the future of mobility in Amsterdam, The Incredible Machine presented a vision for 2025. Their proposal outlines the following key principles::
- Multimodal: A system where residents, businesses, and visitors can seamlessly navigate the city using various forms of transport that are interconnected and aligned.
- Personalized: Mobility is tailored to individual needs, making it easy for users to find the most suitable travel itinerary for their specific needs.
- Privacy by default: Systems governing personalized mobility will not use or store Personal Identifiable Information (PII), ensuring absolute privacy even in a highly digitized environment.
- Incentivized: Responsible mobility is encouraged through measures like free public transport hours, congestion pricing and income-dependent rates to ensure accessibility for all.
- Open, Transparent & Scalable: An intelligent mobility system will prioritize data availability, interoperability, and accessibility for both public and private mobility providers.
The design sprint solution: The XPRS System
The XPRS (Access with Privacy System) is at the heart of our approach to urban mobility. Designed to provide verifiable credentials and attributes for intelligent mobility while preserving privacy. It incorporates the following components:
- Mobility wallet: This digital wallet allows users to manage permits, exemptions, and tickets efficiently.
- XPRS tickets: Similar to traditional paper metro tickets, XPRS tickets are anonymous, verifiable credentials issued by trusted organizations. They can be authenticated through cryptographic signatures, ensuring their legitimacy.
- Mobility checkpoints: These checkpoints verify eligibility for entry or fees based on revealed credentials without disclosing personal information.
Privacy by Design: A secure and private urban mobility solution
The XPRS system ensures that mobility providers and urban infrastructure do not need to know the identity of the individual requesting access. This privacy-centric approach empowers even private companies to issue XPRS tickets without storing sensitive information like vehicle registration numbers (VRNs) or PII.
The technology behind XPRS: How would this work?
- Obtain: Citizens can request XPRS tickets from official organizations, such as the city or public transport providers. These organizations assess eligibility and issue tickets with cryptographic signatures.
- Manage: Users can store and manage XPRS tickets in their cloud-based wallet, which can be accessed through various means, including apps, NFC cards, or identification devices.
- Reveal: When prompted, the XPRS wallet releases a copy of the ticket without identifiable information. Only the verified credential can be retrieved, preventing tracking.
- Verify: Mobility access points verify the legitimacy of XPRS tickets by checking the cryptographic signature of the ticket's Digital Identity (DID).
Benefits vs. Challenges
- Digital Identities & Verified Credentials: No need for extensive databases of who has what privileges, and link or mirror databases for every use case. Just list the relevant tickets you require to see from people.
- Enhanced privacy: since users don’t have to share unique IDs, VRNs, or other PII to prove their eligibility to access.
- Simple and scalable system architecture: Cities can reuse basic attributes or publish new primitives without having to deal with other organizations.
- Impersonation is possible: Just like you can hand over a paper subway ticket, you could potentially figure out an address that refers to a valid ticket that is not yours, but you can still use.
- Standardization: Achieving uniform standards for technologies like DIDs and VCs is a complex endeavor.
- Vehicle to roadside communication: Ensuring efficient and private communication between vehicles and mobility checkpoints presents its own set of challenges.
In conclusion, the design sprint with The Incredible Machine has unveiled an innovative approach to urban mobility.mBy prioritizing privacy, accessibility, and efficiency, XPRS paves the way for a more responsible and ethical approach to technology in our cities.