> If you want actual security, you have to go for a challenge-response scheme
Another option is to just store used UIDs in a database. In fact, you could do a system with only UIDs. For a single use ticket, validate the UID signature and mark it as spent the first time it is used, then every use after that will be denied.
A card can be cloned, and it will work, once, it means one could steal a ticket by walking by and using appropriate equipment (not just a Flipper Zero as it is too short ranged) and use it before the legitimate owner does. I don't think it is something to worry about for a single use subway ticket.
To improve security for multi-use tickets, one could use rolling codes: every time a ticket is scanned and its UID validated, some code is read from the NFC memory and it has to match a sequence, the next code is then written back to memory and has to be provided next time, invalidating any clone. Tickets can still be stolen, but you can't beat the system unless you crack the server-side encryption.
More valuable tickets like commuter passes can use a different system with a challenge-response scheme.
This scheme implies a low-latency, high-availability connection to a backend database. That's not easy to achieve in many transit system environments, hence the relative popularity of systems with some level of distribution.
Practical systems often are online these days, but only use that connection for eventual consistency style reconciliation.
> A card can be cloned, and it will work, once, it means one could steal a ticket by walking by and using appropriate equipment (not just a Flipper Zero as it is too short ranged) and use it before the legitimate owner does.
Even MIFARE Ultralight supports a basic password authentication scheme, where only legitimate readers know (or can derive) that password, so there a bit better protected against cloning than pure passive storage cards.
Another option is to just store used UIDs in a database. In fact, you could do a system with only UIDs. For a single use ticket, validate the UID signature and mark it as spent the first time it is used, then every use after that will be denied.
A card can be cloned, and it will work, once, it means one could steal a ticket by walking by and using appropriate equipment (not just a Flipper Zero as it is too short ranged) and use it before the legitimate owner does. I don't think it is something to worry about for a single use subway ticket.
To improve security for multi-use tickets, one could use rolling codes: every time a ticket is scanned and its UID validated, some code is read from the NFC memory and it has to match a sequence, the next code is then written back to memory and has to be provided next time, invalidating any clone. Tickets can still be stolen, but you can't beat the system unless you crack the server-side encryption.
More valuable tickets like commuter passes can use a different system with a challenge-response scheme.