Analysis of a Decentralised Digital Token Architecture for Public Transport
Digitisation is often viewed as beneficial to a user. Where originally people would physically have to identify to a service, pay for a ticket in cash, or go into a library to access a book, people can now achieve all of this through a click of a button. While these actions may seem functionally identical to their analogue counterparts, they come with one important difference. Namely, in the digital case, a user's actions are automatically recorded. The recording of user's interactions presents
... a problem because this information can be used outside the control of the person whom it concerns. This issue is only exacerbated by the centralisation of these aforementioned services' authentication mechanisms permitting the collection of even more data. This work aims to motivate the need and establish the feasibility for the application of a privacy-enhancing digital token management service to public transit. A proof-of-concept implementation of the Decentralised Digital Identity Architecture proposed by Goodell and Aste is developed. This implementation was optimised for the public transport use case. Finally, its performance is tested in a local environment to better understand the technical challenges and assess such a system's technical feasibility in a production setting. It was observed that for loads between 1 and 5 requests per second the proof-of-concept performs within acceptable limits with a maximum median response time of 438 milliseconds. Above 5 requests per second response times drastically increase due to hardware bottlenecks. It was concluded that the demonstrated throughput and latency shows that the system can feasibly compete with solutions currently in use. Yet, further work is needed to demonstrate these performance characteristics in an environment similar to that experienced in production.