Cyberattacks are no longer limited to government institutions or large corporations. Today, urban mobility has become an increasingly attractive target.

Why? Because mobility relies on a complex, interconnected ecosystem where every actor — from passengers to drivers, including onboard equipment and management systems — can serve as a potential entry point for an attack.

While financial institutions have long implemented robust security barriers, transport networks and ticketing systems are still too often perceived as secondary targets. Yet the risks are very real: theft of personal data, fraud, network disruption, sabotage of passenger information… All of these threats could paralyze a transport network and affect thousands of users.

1) A Vulnerable Mobility Chain

a) The User: An Exposed Target

The moment a passenger uses a transport app, they share sensitive data: daily routes, travel schedules, consumption habits. In the wrong hands, this information can reveal key insights into an individual’s private life.

A striking example: by analyzing GPS traces on Strava, researchers were able to track the movements of the President’s bodyguards. A simple lapse in vigilance can endanger national security.

b) Onboard Equipment: Underestimated Entry Points

Every bus, tram, or metro is now a connected vehicle, equipped with validation systems, GPS, and cameras. If these devices aren’t properly secured, they become ideal targets for hackers.

A cybercriminal could, for example:

• Attempt to take control of a validator to alter or steal transport tickets
• Access the passenger information system and spread false messages, disrupting the entire network
• Infiltrate fleet management systems to disturb bus and metro operations

The consequences? Massive network disruption, potential paralysis of a major city, financial losses, and growing mistrust among users.

c) Transport Operators: A Key Link in Cybersecurity

Drivers, inspectors, and back-office staff all have access to crucial network and passenger data. A single human error can open the door to sophisticated attacks.

Social engineering, for instance, manipulates employees into revealing sensitive information (credentials, remote access, etc.). In the mobility sector, this could allow an attacker to disable a validation system, alter a pricing algorithm, or disrupt transport operations.

2) Emerging Threats to Mobility

a) The Rising Risk of Large-Scale Attacks

With the digitalization of transport, attacks targeting mobility networks are bound to increase. Why?

• A highly interconnected sector: ticketing, smart cities, passenger information… Everything is linked. A single vulnerability can have a widespread impact.
• A strategic target for cybercriminals: disrupting a transport network can throw an entire city into chaos, triggering a domino effect on the local economy.

b) Social Engineering: An Underestimated Attack Vector

Hackers don’t rely solely on technology — they also exploit human behavior:

• Identity theft: posing as a technician to gain access
• Passive surveillance: watching a user type their password on a train
• Infected USB keys: “accidentally” left at depots, capable of infecting entire network
• Phishing emails: targeting key personnel to access their computers

c) Passenger Information: A Prime Target

Incorrect display, false alerts, schedule modifications… If a hacker gains control of the passenger information system, they can cause panic:

• Block a city by broadcasting fake messages
• Alter routes to disrupt the network
• Erode public trust in transport services

3) The Technological Response: Securing Every Link in the Chain

To secure the entire mobility system, a comprehensive approach is essential — one that protects data, equipment, and every stakeholder in the network.

a) The Benefits of Account-Based Ticketing

At Matawan, we made a strategic choice to prioritize Account-Based Ticketing (ABT). Unlike traditional Card-Based Ticketing (CBT) systems, where data is stored on a physical medium, ABT keeps user data safe in a centralized, protected account.

Why is this more secure?

• Data is secured: access is controlled, transactions are protected, and data is encrypted at multiple levels (at rest and in transit), without being stored on vulnerable physical media.
• Rapid response: in the event of theft or fraud, an account can be immediately deactivated, with no impact on other users.

b) Securing Equipment and Access Points

Protecting connected devices is critical to ensuring the security of transport networks. Mobile apps used by passengers must be shielded to prevent credential theft or fraudulent account use. As gateways to mobility services, these apps must be designed with strong security protocols and regularly updated to counter new threats.

Validators and onboard systems are also prime targets for cyberattacks. These systems must be protected from unauthorized access or manipulation. A breach could compromise ticket validation and expose sensitive user and operator data.

Lastly, access to management systems must be strictly controlled. Strong authentication is essential for all staff interacting with these platforms. Tools such as multi-factor authentication and encrypted connections help ensure that only authorized individuals can access strategic information and network control tools. Reinforcing these safeguards allows operators to prevent intrusions and maintain service continuity.

c) Regular Audits and Testing to Anticipate Attacks

Cybersecurity is a constant battle. Regularly testing a system’s defenses helps identify vulnerabilities before they can be exploited.

At Matawan, we conduct:

• Internal audits (white box): our teams proactively seek vulnerabilities before attackers can
• External penetration tests (black box and grey box): security experts attempt to breach the system without prior knowledge (black box), then again with partial access (grey box), to test the strength of our defenses
• Constant monitoring of all data flows within our system to detect malicious activity or early signs of cyberattacks

In conclusion, transport networks must now treat cybersecurity as a strategic pillar — just as vital as operations or maintenance.

At Matawan, we believe the future lies in:

• Account-Based Ticketing solutions to protect travel credentials
• End-to-end protection of digital infrastructure
• Constant vigilance in the face of evolving threats
• Raising awareness among mobility stakeholders about cybersecurity risks

Tomorrow’s mobility will be more connected, more efficient… and more vulnerable to cyberattacks. It’s up to us to anticipate, innovate, and guarantee the highest level of security for both users and operators.