Public transport operators face a growing tension between protecting revenue and preserving an accessible, frictionless passenger experience. Fare evasion, payment abuse, and fraud remain persistent challenges, yet the measures traditionally used to address them often risk excluding legitimate passengers or degrading the quality of travel.
Many operators feel the only way to strengthen revenue protection is to tighten controls at the payment method level: blocking certain cards, restricting channels, increasing inspection, or pushing passengers towards registration-heavy or mobile-only systems. While these approaches can reduce risks, they also introduce new forms of revenue leakage by increasing friction, discouraging ridership, and fragmenting journeys.
There is an alternative approach. One that is already possible today, and that allows passengers to remain anonymous while giving operators far greater control: the payment footprint.
Every time a passenger pays for public transport, whether tapping at a gate, buying a ticket in an app or at a ticketing vending machine with a bank card, payment data is generated as part of that transaction. When captured, retained, and reconstructed across channels, this data forms what is known as the payment footprint.
The payment footprint consists of two distinct sets of data points.
The first is payment method data. This is what most operators already use in tap-to-ride and account-based systems. It includes data from physical bank cards (PAN), digital card tokens (DPAN), and device-specific identifiers (such as the ICC). In ticket systems, this payment method effectively represents the traditional right to travel (a.k.a. the ticket).
The second, and more powerful layer, is the payment source. In many cases, this can be the underlying unique financial data, identified through data points such as the Funding Primary Account Number (FPAN), the scheme-defined Payment Account Reference (PAR), or Apple Pay/Google Pay identifier. In other cases, it can be another permitted identifier or reference that is accessible and suitable for linking transactions to a traveller.
A passenger may switch between a physical card, a mobile wallet, or an in-app payment, but the payment source often remains the same. When the payment method and source are used together, operators no longer see isolated transactions. Rather, they can reconstruct the complete overview of the traveller's cross-channel payment history: the payment footprint.
Working with the payment footprint allows operators to create anonymous passenger profiles without breaching the passenger's privacy. Linking transactions, journeys, and payment behaviour at the passenger level, without needing to know who that passenger is.
For years, public transport systems have treated the payment method as a substitute for the conventional ticket. A passenger’s bank card is treated as the right to travel.
This approach has a fundamental limitation. It does not individualise behaviour at the passenger level. It only reflects the payment method used at a specific moment in time.
In practice, passengers frequently switch between cards, devices, and channels. Each switch creates a new identity in the system, even when the passenger is the same. This fragmentation creates blind spots that affect both passenger experience and revenue collection.
At the payment method level, it is difficult to distinguish between legitimate behaviour and abuse. Patterns that indicate fare evasion, friendly fraud, or strategic non-payment remain hidden across multiple cards or wallets. The result is either undetected revenue loss or blunt countermeasures that affect everyone.
Using the payment footprint shifts revenue protection from reactive controls to preventative insight.
By analysing payment behaviour at the payment source level, systems can detect anomalies, such as frequent addition of digital cards, simultaneous journeys, repeated failed recoveries, or unusual refund patterns within the same anonymous profile.
Because all transactions remain linked within that profile, accountability is preserved across taps, offline authorisations, retries, and settlements. Operators can intervene earlier, before losses accumulate, by adjusting rules, updating allow and deny lists, routing recovery through alternative channels, or applying proportionate restrictions at the appropriate level.
This approach targets behaviour, not technology. It avoids penalising legitimate passengers simply for using a particular wallet or digital card, and reduces the need for blanket restrictions that often shift, rather than solve, the problem.
Revenue protection is not only about stopping misuse. It is also about retaining and increasing ridership.
Passengers increasingly expect to be recognised as the same passenger across channels and payment methods, even if they choose to remain anonymous. When systems fail to do this, friction increases. Journeys are fragmented, entitlements are lost, and trust erodes.
The payment footprint enables consistent recognition without mandatory registration. This makes it possible for anonymous passengers to access services typically reserved for registered users, such as aggregated receipt overview, best-price guarantees, or prepaid travel rights, even when they switch devices or payment methods.
It increases operational efficiency by supporting practical self-service functions, including transaction lookups and refund requests across channels. When passengers can resolve issues easily and feel treated fairly, disputes decrease and voluntary compliance increases.
Blocking payment methods or restricting access is often framed as a necessary trade-off between convenience and control. The payment footprint shows that this trade-off is largely artificial.
By working with richer payment data, operators can be both permissive and precise. Legitimate passengers continue to travel freely, while patterns that indicate abuse can be addressed in a targeted, proportionate way.
This creates a more sustainable model for revenue protection, one that aligns operational efficiency, passenger experience, and financial performance.
The opportunity for operators today is not to collect more data, but to use existing payment data more effectively.
By moving beyond payment methods alone and working with the full payment footprint, operators can:
This approach requires an omnichannel payment platform, built on financial expertise, capable of collecting payment data across all channels and making both payment methods and payment sources available to operators.
XPP’s VayaPay Smart Payment Platform is designed to support exactly this model. Sitting between mobility providers and the financial ecosystem, and fully PCI DSS certified, VayaPay provides a single, interoperable payment layer that gives operators the flexibility, control, and independence to evolve their payment strategies over time.
The payment data is already there. The strategic choice lies in whether it is treated as a basic transaction or as an operational asset that strengthens revenue protection by working with passenger behaviour, not against it.
.png)
