The digital wallet service suspension front line

That was quick. When I made the above table for mobile wallet chokepoint, there was no indication we’d get EMV confirmation so quickly. Many were quick to applaud sanctions against Russia to stop the war with Ukraine, and while stopping war is always the right thing to do, hurting citizens is never the right thing to do. Turning off basic digital wallet services should give people pause. What is easily done in one place can be easily done anywhere.

It’s also not clear cut how it is being done. Is Apple turning off select Russian bank services in Wallet or turning off select payment applets in the Apple Pay secure element, or turning off Wallet for Russian Apple ID users? Most likely the first but there’s no way to be sure and there is no way that Apple or Google will ever tell us.

Long lines at Moscow Metro transit gates are not so clear cut either. Open loop isn’t standard on all transit gates, most them being Troika transit card only, and according to a Twitter follower, physical Troika card only, not Google Pay/Samsung Pay Troika which only rolled out recently. If so this suggests the (so far only one) picture of long lines could be due to Troika system issues instead of Apple Pay/Google Pay/Samsung Pay, hacking, or something else.

VISA and mastercard soon followed and cut their services in Russia. Many people in Japan noted how easily all this happened and expressed their distrust, saying they would think twice about using digital wallet services from Apple and Google. Many also noted the importance of Japan having it’s own FeliCa technology and FeliCa based e-Money payment network

The value of non-EMV native payment networks controlled and operated by native companies should be clear to everyone by this point. Always, always have a backup plan. One thing is certain, warfare that attacks basic public service infrastructure like transit and digital wallets, far and away from any front line, is the new ugly reality.

Timeout: a very long transit card transit

It’s been a year since JR Central’s TOICA network was expanded to more stations making Suica-TOICA-ICOCA cross region commuter passes available for the very first time. Regular transit cards are still stuck with tapping out of one fare region and tapping in at fare region border stations in Atami (Suica~TOICA) and Maibara (TOICA~ICOCA). But even for regular transit cards, crossing IC fare regions is much easier thanks to special IC fare region specific exit gates installed with the TOICA expansion.

Transit YouTuber Wataru Watanuki took the fare region border crossing challenge with a 10 hour trip by regular trains from Tokyo to Osaka using his Suica card. A 556.4 kilometer trip. Try that with a transit card in any other country.

He could have used his Apple Pay Suica but used plastic Suica because it’s easier to get detailed Suica receipt printouts at mobile-unfriendly JR West station kiosks. In his video there are two IC fare region border crossings, one at Atami station from Suica to TOICA and one at Maibara station from TOICA to ICOCA. It’s a leisurely fun train travel video similar to videos that investigate transit IC fare loopholes.

Things would have gone smoothly for Wataru san but he was tripped up by a little known stingy TOICA tap-timeout rule, rumored to be within 3 hours from tap in before the card is invalidated for the trip and has to be reset by a station agent. There is no way to travel from Atami to Maibara by regular train in 3 hours, the shortest travel time is 5 hours 44 minutes, 3 hours barely gets one to Hamamatsu. JR Central supposedly does this to prevent ICOCA card abuse (Really? I suspect they just make it inconvenient so people ditch local trains and ride the Tokaido Shinkansen instead). JR East Suica appears to have much more lax timeout rules. JR West ICOCA limits IC transit on their regular lines to 200 km, though there are some interesting ICOCA loopholes.

Long distance travel with Suica and other IC transit cards isn’t a problem, any regular person would just take the Shinkansen using smartEX or Eki-Net Shinkansen eTickets. Timeout doesn’t apply because the IC card SF balance ‘taps out’ when going through the Shinkansen entrance gate. But the video does point out a long standing weakness of Japanese transit IC fare systems: it’s a hassle for people living in fare region border areas and prevents them from using transit IC cards for local area cross border transit.

One example is the JR Central Minobu line. It does not have transit IC service yet because the line starts at JR East Suica region Kofu station. Suica users from Tokyo can only go as far as Kofu before switching to paper tickets for the Minobu line transfer.

The best thing would be JR East and JR Central cooperating so that IC fare tables work both ways and integrate for cheaper through IC fares instead of 2 separate trips. Most Minobu line stations are unmanned, the trains already equipped with paper ticket fare boxes at the front door exit. Adding a IC card reader is the next logical step and work exactly like buses and some JR West ICOCA equipped train lines do: tap in at the entrance, tap out at the exit. Small improvements would like this would go a long way to solve cross border IC card hassles and make transit easier for local residents. Transit cards only become useful when they integrate with everything from transit to purchases, that in turn, encourages mobile for transit use.

The mobile wallet chokepoint

I ran across an untidy but interesting Twitter thread that mentioned Apple Pay Suica in the larger context of evolving NFC smartphone services.

Suica (Metro card / digital money in Japan) now lets you transfer the card to Apple Pay. Some thoughts about the future of FOBs, cards, and wallets…You use NFC to transfer your Suica by tapping the card with your iPhone, the same way you’d tap to use Apple Pay.

Devices support some kinds of NFC but not others. Until now, you couldn’t tap to use credit cards — it was blocked by the device.

But this is changing! Apple will support card payments now, in an app that IT will make & provide to vendors. This lets Apple compete in new hardware markets: first phones, now point-of-sale, payments, inventory mgmt, etc.

Physical cards are on the way out. But not everyone is on-board. FOBs, subway cards, ID cards, drivers licenses, and building security cards have been slow adopters of mobile. I’d love to copy my building FOB to my phone 😁 There’s nothing stopping me other than that I can’t.

Apple is moving into those markets….Airports, Driver licenses (in 30 / 50 US states). How far this tech goes & the speed of adoption depends on iOS, Android, and the people at ID / security / FOB / card companies adopting the change. They may need help! And there may be startup potential in that space… if anybody is interested!

Twitter thread

The intention was discussing the implications of Apple’s recent Tap to Pay on iPhone announcement, but it stumbled over a rarely discussed but vital point about the extremely slow migration of various physical card services to mobile devices. Why can’t we just load these in Wallet…all the technology is in place right?

The mobile chokepoint is not technology but the backend systems to seamlessly deliver, verify and securely manage individual ‘card’ services (payment cards, transit cards, ID cards, keys, etc.) in digital wallets. Those systems are not up to the job. You can be sure that Apple wants to get iOS 15 ID in Wallet driver licenses out quickly as possible but corralling all those state run systems into a coherent user friendly whole that holds up to the high expectations and massive base of iPhone users eagerly waiting to use it, is a very big challenge. It’s a similar challenge behind every kind of digital wallet service.

This backend weakness is easy to see with transit cards, there are relatively few on mobile with most of the cards exclusive or limited to certain digital wallets like Apple Pay and Samsung Pay. There are special challenges too as a mobile transit card service hosts all the functions of ye olde station kiosk card machine (card issue, adding money, pass renewal, etc.) and more, on the cloud, pushing it out to apps and connecting to digital wallet platforms like Apple Pay.

Despite the challenges, the rewards for going mobile are clear. If there is one lesson Apple Pay proved in Japan with Suica it is that building a mobile foundation early on is key to future success. Mobile laggards like Hong Kong Octopus have paid a heavy price. Unfortunately for regions where transit is operated as a public service instead of a sustainable business, spending money building transit card mobile service systems is often considered an extravagance.

This is why open loop is popular as means to get out of the plastic smartcard issue business and get mobile transit service for free using EMV contactless VISA-mastercard-AMEX payment networks. Like many things in life, free is never free.

Banks have had an easier path to mobile thanks to the strength of EMV payment networks, but only on the payment transaction end. Mobile card issue is another matter up to individual banks. Look at the Apple Pay participating bank list for the United States. The long list didn’t happen overnight. It has taken years for mobile backend systems to be put in place to make this happen.

It’s all about the backend
A sadly overlooked aspect of the Japanese market is the crazy collection of contactless payment options: Suica, iD, QUICPay, WAON, nanaco, Edy, PayPay, LinePay, dBarai, VISA-mastercard-AMEX Touch payments and more. The reason for this is Japan’s early lead in creating the first mobile payment platform, Osaifu Keitai, in 2004.

Not everybody used Osaifu Keitai early on, but it grew the mobile payments foundation so the market was ready for new mobile payment platforms when Apple Pay launched in 2016. More importantly, the early lead also meant that bank card issuers, payment networks and transit companies had backend systems firmly in place servicing a large installed base of various digital wallet capable handsets (Symbian) and smartphones (Android) that quickly extended to Apple Pay and Google Pay.

The backend flexibility is easy to see on the Mobile Suica page that shows all the different Mobile Suica flavors: Android (Osaifu Keitai), Apple Pay, Google Pay, Rakuten Pay. Mobile Suica is also on Garmin Pay, Fitbit Pay and is coming to Wear OS.

Mobile issue and verification
Adding a ‘card’ to a mobile wallet is sometimes called ‘onboarding’, but this is really a banking term: “digital onboarding is an online process to bring in new customers,” as in setting up a payment account and getting an instant issue debit or prepaid card to use in Wallet with an app, or using the app for QR Code payments (like PayPay or Toyota Wallet).

Success or failure for any mobile wallet card service depends on reliability, simplicity and the speed for adding cards and using them. From VISA:

When it comes to digital onboarding, the average amount of time after which customers abandon their application is 14 minutes and 20 seconds. Any longer than this, and 55 percent of customers leave the process.

How to boost your customer’s onboarding experience

There is also context. Futzing for 14 minutes might apply for people setting up a bank app, but a transit app user trying to get through a ticket gate at rush hour is a completely different matter. Judging from the large number of negative Suica App user reviews and complaints on twitter, Japanese transit users probably give it 2 minutes before giving up and calling it all crap. Speed is the key.

How long does it take?
The speed of adding a card to Wallet depends on a number of factors, what kind of wallet service are we dealing with (car key, hotel key, home key, office key, payment, transit, ID), does the user need an account first, can a physical card be transferred, what kind of user verification is required.

User verification with digital credentials is still in its infancy which is why driver’s licenses and state IDs in Apple Wallet is fascinating and important. How does one authenticate their own ID card? Apple explains the process but doesn’t say how long verification takes or reveal backend details:

Similar to how customers add new credit cards and transit passes to Wallet today, they can simply tap the + button at the top of the screen in Wallet on their iPhone to begin adding their license or ID… The customer will then be asked to use their iPhone to scan their physical driver’s license or state ID card and take a selfie, which will be securely provided to the issuing state for verification. As an additional security step, users will also be prompted to complete a series of facial and head movements during the setup process. Once verified by the issuing state, the customer’s ID or driver’s license will be added to Wallet.

The verification process is similar to the recent addition of Mobile Suica student commuter pass purchases where students take a picture of their student ID and upload it. Online verification takes ‘up to 2 business days’ because Mobile Suica has to manually verify the ID information with the school. Hopefully the Face ID setup-like ‘additional security step’ is the magic iPhone ingredient for instant verification by the state issuer. However notice that Apple doesn’t spell out where the face and head movements are stored. Hopefully it will stay in the Secure Enclave and never be stored on a server. We shall see when ID in Wallet launches with the iOS 15.4 update.

As you can see from the table below, the journey from backend system to Wallet varies widely by the type of service. The easier additions are the ones done in Wallet app: card scans for payment cards and ID or simply tapping to add transit cards.

Physical card scans are the primary way to add payment cards but this is changing, apps will replace plastic card scans over time. In Japan there are a growing number of ‘instant issue’ credit/debit digital cards from top tier banks that can only be added to Wallet with an app and account. Digital onboarding is the direction banks are going, where everybody has to go to an app first to add a card to Wallet. This leaves transit cards as the only card that can be added without an app or account.

Who owns the thing in Wallet?
Physical keys, fobs and plastic cards may seem inconvenient at times but they are personal property we carry on our person. One downside of digital wallets is that convenience carries a risk that the thing in Wallet isn’t necessarily ours. What is added with a simple tap can also be taken away by a technical glitch, or in a worst case scenario, without our consent. As backend systems improve and integrate, more services will migrate to our digital wallets. Without doubt much of this will be convenient but read the fine print and always keep your eyes open to the tradeoffs and risks. In other words don’t let your digital wallet be a potential chokepoint of your life.

The digital wallet endgame should never be like this

The Suica 2 in 1 mobile dilemma: promoting targeted region services on a wide mobile platform

Suica 2 in 1 Region Affiliate Transit Cards have a problem: it would be great to have these cards available on mobile wallet platforms (Osaifu Keitai, Apple Pay, etc.) however, the whole point of region cards is to promote region affiliate transit companies and service benefits for the people who live there. There are region affiliate transit points and services for everybody, discounts and point rebates for elderly and disabled users, commute plans and so on, subsidized by prefectural and local city governments.

Hence despite the Suica logo on them, region affiliate cards are not available from JR East. They are only available from region affiliate bus offices. But it’s a pain getting them, commute plan renewal requires another trip to the bus office and cash recharge is the only option. Suica 2 in 1 would be infinitely more useful and user friendly on mobile. Region affiliate users are certainly happy to have a card that covers all of their transit needs but it doesn’t bring them into the Mobile Suica era.

But mobile is a two edged sword. On one hand you want the convenience of Mobile Suica, on the other hand region cards need to promote subsidized services for a particular location, keeping them local on a wide mobile platform and restricting access for special services with certain eligibility requirements (local disabled and elderly residents) is a challenge. How does one promote targeted regional services on widely available mobile platforms like Mobile Suica on Apple Pay?

The Suica App mobile fix
Hmmm, this sounds like a similar problem with student commuter passes. JR East and customers want to do away with the drudgery of going to the local JR East station ticket window to confirm student ID validity, nevertheless, student ID validity must be confirmed before a student commuter pass can be purchased. Mobile Suica has supported student commuter passes but students have to go to a local JR East office to validate and activate it.

Mobile Suica will address this problem on February 13 with a system update and new version of Suica App (v3.1.0) that adds support for in-app purchasing and renewing student commute plans. Another Mobile Suica update on March 12 will add Tokyo region day pass purchase support. Think of these as selective local services on a widely available mobile platform. Let’s see how this approach can be applied to Suica 2 in 1 Region Affiliate cards.

1) Region affiliate mobile issue
When I made my Apple Wallet transit card wish list mockup, I thought it might be nice to have all the new Suica 2 in 1 cards available directly in Wallet app along with Mobile ICOCA (coming in 2023).

In reality, it’s not a good idea to make region affiliate transit cards available to every Wallet app user. Transit cards are easier to add in iOS 15 Wallet app than ever before, but not delete and get a refund. Too many choices confuse users who may be new to Apple Pay. What if a user wanted to add a regular Suica but added totra Suica or nolbé Suica by mistake?

Apple Pay WAON deals with this problem in a smart way: regular WAON can be added directly in Wallet app, regional WAON cards are added to Wallet with WAON app. The beauty of issuing specialty WAON cards in the app is they have region specific goodies attached: a portion of the region WAON card transaction goes to a local government development fund.

This approach is a perfect fit for region affiliate Suica cards on mobile with local perks, bonus local transit points and so on when issuing cards on mobile.

2) Suica 2 in 1 commuter pass purchases and limited eligibility card issue
There are a few more hurdles to clear before Suica 2 in 1 can join the mobile era: region affiliate commute plan purchase and renewal, limited eligibility card issue (for elder and disabled users).

Let’s say you are a totra commuter who rides a region affiliate bus and a JR East train. In this case you need 2 separate commute plans on your Suica 2 in 1 totra card, one for the region affiliate bus, one for JR East. The commuters plans must be purchased separately: the region affliliate commuter pass is bought at the bus office, the JR East section is then purchased added at a JR East station ticket office. It’s a complex hassle. JR East stations are all cashless but only a few region affiliate bus offices take credit cards…and so it goes. How nice it would be to do this with an app and pay with Apple Pay.

Mobile Suica already hosts this kind of complex commute plan configuration but not in Suica App. Mobile PASMO and PASMO App are hosted on the JR East system, basically rebranded Mobile Suica, and easily configure complex bus + train commute plans from multiple transit operators for mobile purchase.

This leaves limited eligibility card issue. The February 13 Mobile Suica update adds student commuter pass pre-registration and ID verification uploading via the Mobile Suica member website. The student reservers a pass entering school information, commute route and uploads a picture of their school ID. Approved student commuter pass reservations are then purchased in Suica App. This ID verification method can be used for issuing elder and disabled Suica 2 in 1 cards. It’s still a manual authentication process that digital My Number cards will, hopefully, transform into a simple automatic one with instant verification of necessary personal information.

One of the really interesting things about Suica 2 in 1 is that the next generation format is the very first Suica card that supports disability fares. Up until now disability fare users have been limited to paper passes inspected at manned transit gates.

JR East plans to drastically reduce the number of manned transit gate areas. Before this happens, mobile support for all Suica cards of every kind, especially the new Suica 2 in 1 features, must be in place. The pieces of the solution are there, it only a matter of JR East integrating them into a Mobile Suica system and Suica App update.

One Suica App to rule them all
If we are promoting region affiliate Suica cards does it make sense to do it all in Suica App or have individually branded local apps for totra, nolbé, cherica, et al? One main goal of Suica 2 in 1 is cost reduction and infrastructure sharing. Despite all the different names and card artwork these are Suica cards with all the Suica benefits and JR East managing the Suica infrastructure for region affiliates.

I’d argue it doesn’t make sense nor does it fit with cost reduction goals to do a bunch of re-skinned local Suica Apps when JR East is making a bunch of replicas. Better to focus efforts on making Suica App a streamlined easy to use app with all the necessary tools for managing mobile region affiliate cards. And because physical cards remain an important part of the Suica platform strategy, Suica App must also add a physical card iPhone recharge feature similar to what Octopus App and Navigo App offer.

All in all I expect that 2023, which will see the launch of the highly anticipated JR West Mobile ICOCA service, will be a big year for Mobile Suica and Suica App too.

Hidden Assumptions

Jonathan Seybold said it best in his Computer History Museum interview video, many arguments can be easily demolished by pulling out the hidden assumptions. In our attention span challenged social media era it’s all too easy to believe things at face value. Few people invest time and brain energy to analyze and question arguments to find and examine hidden assumptions.

A reader of this blog might come away thinking I am not a fan of open loop transit fare payments and despise EMV contactless and QR Code payment technology. That would be a mistake. I don’t hate them, everything has its place. I simply don’t agree with ubiquitous assumptions that EMV or QR or open loop are cure alls for every transit fare payment situation that they are praised to be…usually because ‘everybody uses’ bank issued contactless payment cards or smartphone payment QR apps. It’s a one size fits all mentality that blinds people from seeing hidden assumptions. It’s very important to see how all the pieces, seen and unseen, fit together. After all, transit companies and their users have to live with transit infrastructure choices for decades.

In a recent twitter thread Reece Martin thought it would be nice if Canada had a nationwide transit card. This is something Japan has had since 2013 when the Transit IC interoperability scheme was put in place that made the major transit IC cards compatible with each other, but they did this without changing the hardware. The various card architectures were left untouched and linked with system updates, a use-the-same-card backend solution. China on the other hand created a national transit card with the China T-Union • PBOC 2.0 standard that replaced all older transit cards with locally branded T-Union cards, a get-a-new-card hardware solution.

A nationwide Canadian transit card is a great idea but as Samual Muransky answered in the same thread, why bother with ‘obsolete’ dedicated transit cards when everybody uses EMV contactless bank cards and EMV is the new standard. Let’s examine some hidden assumptions at play here.

Assumption #1: Everybody has contactless credit/debit cards
The open assumption here that everybody has bank issued credit or debit payment cards is not the case and varies by country, demographics, age, etc. Most people in some countries do, but even so there will always be people who don’t. Transit cards always have the advantage of being available at station kiosks to anyone with cash.

Assumption #2: because of assumption #1 open loop (credit/debit cards) is better than closed loop (dedicated ticketing) for paying transit fare
The hidden assumption is that open loop covers everything but it does not. Specific transit services such as individual commuter passes, discounted fares for disabled/elderly/children are practically impossible to attach and use with bank payment cards. The best that transit systems and payment networks can do with open loop is fare capping or special discounts when applied universally. The age-old pay ‘x’ times and get one free concept. Open loop works best for occasional transit users.

The limitations of open loop on large complex transit systems like Transport for London is easy to see. Despite a long campaign to eliminate the venerable Oyster transit card and migrate users to EMV open loop, TfL threw in the towel and upgraded the Oyster system recently. To date TfL has not offered a digital version of the closed loop Oyster card. In short, dedicated transit cards will always be with us.

Assumption #3: EMV contactless is the NFC standard
The NFC Forum recognized long ago that credit card companies and transit companies have different needs and objectives. To that end the NCF Forum has 2 basic NFC standards, one for contactless payments (NFC A/B but only A is really used) and one for transit (NFC A-B-F). All NFC devices must support NFC A-B-F for NFC Forum certification.

Assumption #4: EMV contactless for transit is safe and secure
There are many hidden assumptions packed into the words ‘safe and secure’: not everybody agrees on what safe is and what level of security is secure. Things also change depending on the situation and the design. I have covered transit gate reader design in many other posts but recap some basics here.

Steve Jobs famously said that designing a product is a package of choices. I have often said that EMV contactless is supermarket checkout payment technology but that’s not a put down, it’s the truth of what EMVCo were aiming for when they grafted NFC-A to their EMV chip for contactless cards.

Because of wide deployment with no direct control, the original EMV contactless spec had a latency window to work reliably even with crappy network installations, and the slow speed has sometimes been cited as a security risk. NFC-A (MIFARE and EMV) transaction speeds are rated for a theoretical 250ms but are usually 500ms on open loop transit gates. Suica is always 200ms, often faster. The speed gap is due to gate reader design, the network lag of centralized processing vs local stored value processing, and the different RF communication distances for NFC-A and NFC-F. JR East presentation slides explain the transaction speed differences.

  • Japanese station gates are designed to be capable of 60 passengers per minute. To do this the conditions are:
    • Processing time of fare transaction has to be within 200ms
    • RF communication distance is 85mm for physical cards and smartphones
  • European station gates are designed to be capable of 30 passengers per minute:
    • The processing time takes 500ms
    • RF communication distance is 20mm for physical cards, 40mm for smartphones
016l
Presentation slide from the NFC Forum Japan meeting, July 2016
018l
Presentation slide from the NFC Forum Japan meeting, July 2016

The Suica transaction starts from the 85mm mark while MIFARE and EMV contactless cards start at the 20mm mark. Because of the greater RF communication distance Suica transactions start much earlier as the card travels toward the reader tap area. It you look closely at the 2nd slide you can see that smartphones have a slightly earlier EMV/MIFARE RF transaction starting at the 40mm mark (the 1.1A/m boundary) due to the larger smartphone antenna, physical EMV cards with smaller antennas are limited to 20mm. This is why smartphones seem faster than physical cards on NFC-A gates. Suica physical cards have a larger antenna and the same RF transaction distance as smartphones.

NFC-A transaction speed is slower because it has to be on top of the reader before it can start. This is also the limitation with optical based QR and bar codes, the transaction only starts when the smartphone screen is close enough to the reader for an error free scan. Transit gates using these technologies are not designed for smooth walk through flow.

The speed difference is clearly seen on the Nankai VISA Touch open loop gates: the transaction starts when the card is physically on top of the reader:

Here is Suica style transit gate for comparison:

One of the smart things Nankai is doing in the test phase (limited to a few key stations) is keeping EMV/QR gates separate from standard FeliCa gates. This is practical. Regular users go through the faster regular gates, the occasional open loop or QR users go through slower EMV/QR gates. Keeping different readers separate and clearly marked helps keep walk flow smooth and crowding down at busier stations. The Nankai program has been put on pause for another year due to the collapse of inbound travelers in the COVID pandemic. It’s a trial run as Osaka area transit gear up for an anticipated inbound travel boom in connection with Expo 2025, that may, or may not pan out.

The Nankai VISA Touch gates are designed for physical cards, Apple Pay works but without Express Transit. That’s a plus as Apple Pay EMV Express Transit on TfL and other open loop systems (OMNY) has come under scrutiny for a potential security risk with VISA cards that allows ‘scammers’ (in lab settings) to make non-transit charges to Apple Pay VISA cards via Express Mode, something that is not supposed to be possible.

Timur Yunusov, a senior security expert at Positive Technologies…said a lack of offline data authentication allows this exploit, even though there are EMVCo specifications covering these transactions.

“The only problem is that now big companies like MasterCard, Visa and AMEX don’t need to follow these standards when we talk about NFC payments – these companies diverged in the early 2010s, and everyone is now doing what they want here,” he said.

Security researcher: Flaw in Apple Pay, Samsung Pay and Google Pay makes fraud easy for thieves, Techepublic

In other words, Apple removing Apple Pay bio-authentication to promote EMV Express Mode for open loop transit puts Apple Pay at the mercy of lax card network payment operation practices who don’t follow their own rules. Not that it’s a real problem in the field but accidents do happen, such as this incident on Vancouver BC TransLink that a reader forwarded:

Just a moment ago, I nearly got dinged on my CC while sitting on a high seat near a door which is where one of the validators are located. The validator picked it up from the backside rather than the front side where the tap area is located. Also, somehow, my iPhone authorized the transaction when I only want to return to the home screen instead.

If the open-loop was implemented in a way where the card must be pre authorized before the card can be tapped at a validator, it wouldn’t get me in a situation where I need to deal with customer service to dispute some charges. Good thing this time, transaction was declined so nothing related to this charge showed up in my account.

Smartphone users be careful around the backside of Vancouver BC TransLink pole readers

And then there is data privacy, a far larger and long term problem is how open loop transit user data is stored and used. Apple always says they don’t know what Apple Pay users are doing as the data stays private. Fair enough, but the same doesn’t apply to the bank card companies. Open loop payment platforms in Japan, like stera transit, love to promote the customer data reporting services they provide to transit companies.

Plastic transit IC cards are basically private, they have a card number but nothing else. Credit/debit cards have your entire profile coming along with your open loop use and stera report a subset of this in their reports. And where is this data stored? In Japan, in Korea, somewhere else, wherever stera has a data sub-contractor? Payment transaction companies have been burned, repeatedly, when caught storing Japanese card transaction data outside of Japan…but they keep doing it again when everybody’s back is turned. This problem isn’t going away because of flimsy laws, lax industry practices and last but not least: personal data is a valuable commodity.

There is also the aspect of the price of cost effectiveness. When data processing stays in the country of origin, that means local employment and tax revenue feeds the national economy. When data processing goes outside the country, those are lost. This kind of discussion never takes place when it comes to transaction data processing, which it should, especially when publicly funded transit operators are involved.

Open loop is only part of a larger picture
Canadian transit would certainly benefit from a Japanese transit IC system approach with compatibility on the backend, or even the China T-Union approach of a national card spec that is locally branded but works everywhere.

To come back to the beginning, my point isn’t about slamming EMV or QR open loop transit, just the assumptions that they solve everything. They have their place in intelligently designed fare systems but only constitute part of the larger transit fare system picture. And as I have pointed out many times, card companies have little interest in improving the EMV standard for transit needs. They want to capture transit fare business without investing. The focus will always be the supermarket checkout lane that EMV was designed for.

There will always be a risk involved when ignoring the hidden assumptions of EMV open loop as a one size fits all solution. Dedicated transit cards will always be necessary. Every transit system is unique and deserves the best solution for the transit company and the riders they serve.


Related post: USA Transit Fare System Evolution