Security Risk Management in Shared Mobility Integration

Urbanization pushes toward the need for integrated shared mobility solutions such as bike-sharing, car-sharing, and other public transport schemes to provide seamless inter-modal journeys to users. Achieving shared mobility integration can be done by tickets and payments, leveraging access to user data and payment information across mobility systems to allow access to and payment for transport services, and making multi-modal transport more accessible. Providing such mobility services requires access to and use of sensitive user data and sensitive safety-related functions vulnerable to cyberattacks. However, research examining the security and privacy concerns in shared mobility integration is limited. Thus, we evaluate shared mobility integration components, stakeholders, and processes based on literature, to provide an abstract integration model when integrating shared mobility schemes. We also highlight mentions of security related issues and the potential security risks as a result of implementing shared mobility integration. We then applied lessons from our analysis to a real-world bike-sharing integration case study, analyzing potential security risks, proposing appropriate suggestions to manage discovered security risks. Our findings and discussions benefit transport operators, authorities, and mobility stakeholders by encouraging security-by-design and security risk management practices when implementing shared mobility integration schemes.