The truth is in the tap

The Nankai Visa Touch test launch launched endless Twitter discussions about slow EMV contactless tap speeds and performance issues compared with Suica and other Transit IC cards. EMV contactless transit in Japan is novel so this is expected. But suddenly people are also referencing Junya Suzuki’s 2016 pre-Apple Pay Suica launch era ‘Is Suica Over-spec?’ piece. This has long been a favorite theme in Japanese tech media: Suica is more than we need, EMV contactless is ‘good enough’ so let’s do everything with one card, life is more convenient that way. Be careful what you wish for.

The 2016 launch of Apple Pay Suica was a great success of course, that changed the Japanese payments market and opened the door for the proliferation of QR payment services you see everywhere now. The one card must do it all concept is old hat but Tokyo Olympics sponsors Visa Japan and SMBC are trying very hard to convince Japan that Visa Touch cards are the transit future.

My position was and remains that one size never fits all. It doesn’t have to be a EMV or nothing choice portrayed in tech media, nor should it. Different technologies complement each other for a better user experience. Apple Pay Suica/Mobile Suica combines the convenience of EMV cards on the recharge backend with the speed and reliability of FeliCa based Suica cards on the NFC front-end, for a best of breed closed loop transit user experience. One interesting thing I pointed out in my retweet of Suzuki san’s Nakai open loop launch piece was that QR Nankai Digital Ticket gate performance in the his video is faster than Visa Touch because it’s closed loop.

The comment touched off an odd but interesting set of tweets from Suzuki san and his followers about gate design, reader performance and walk flow that boils down to this: if the reader transaction speed is slow, increase the distance between the reader and gate flap to keep people walking instead of stopping.

His follow up piece deconstructs ‘FeliCa is faster’ as half misunderstanding transit gate antenna design and RF communication distance because EMVCo reader certification dictates a smaller RF distance, the result of using the EMV contactless supermarket checkout spec on transit gates it was never intended for. All I can say is the truth is in the tap. In theory all NFC flavors and protocols offer the same performance but in real transit use they don’t. Better to get next generation Ultra Wideband Touchless gates in service and dispense with the ‘redesign transit gates for slow EMV contactless/QR transit’ debate nonsense. Design things for the future not the past.

The current Transit IC local stored fare model does have weak points as suggested in FeliCa Dude’s tweet: discount ticketing, rebates and refunds. If you purchase a Mobile Suica commuter pass, you can easily get a refund back to the bank payment card used to purchase the commuter pass. This is because Suica extras like commuter passes and Green Seat upgrades are supplemental attached services that don’t use the SF purse.

Rebates and refunds via the SF (stored fare) purse are a bottleneck. Suica App has a mechanism for dealing with some of this called ‘Suica Pocket’ for JRE POINT exchanges and refunds back to the SF purse. Mobile Suica card refunds are another matter and can only be refunded to a Japanese bank account. Octopus Cards Ltd. (OCL) has a special Octopus App for Tourists that refunds a card balance back to original credit card used for the initial digital card issue. OCL also charges tourist users an arm and a leg for Octopus Wallet recharge and refunding. It would be nice if JR East could do the same…without the outrageous OCL surcharges.

For inbound discount ticketing JR East has adopted a similar approach they use for Eki-Net Shinkansen eTickets: discount plans attached to plastic Suica cards. This is the whole purpose of the Welcome Suica + reference paper proving validity for inbound discount plan purchases at station kiosks. It would be great if JR East figures out a way to do the same thing on Mobile Suica.

Domestic discount ticketing and passes are still the glorious, mostly paper ticket mess that is Eki-Net and similar services. Eki-Net itself is still in a slow motion transition towards a Transit IC/Mobile Suica orbit with some things transitioning to QR paper ticketing that replaces expensive mag-strip paper. Eki-Net App is still limited to Shinkansen eTickets and ticketless express train seat purchases. The Eki-Net web site is where you access all the bells and whistles although the experience feels like navigating the Transit IC interoperability chart. Discounts are starting to change somewhat with Suica 2 in 1, totra is the first Suica for disabled users but exclusive to the totra fare region. Hopefully Extended Overlap will see wider use not only for Suica but across all Transit IC cards for more special, and interoperable, discount services.

A great reality check

I was pleasantly surprised to find some hits coming from a website called limitless possibility, followed the link and discovered a great podcast by Luc-Olivier Dumais-Blais and Yanik Magnan on Japanese transit IC cards, Suica 2 in 1, the new features of FeliCa Standard SD2, Ultra Wideband Touchless and more…things I’ve been writing about for a while that never get any traffic.

Yanik does a much better job of summarizing the transit technology landscape than my messy collection of posts. I wholeheartedly agree that UWB Touchless is the perfect opportunity for Japanese Transit IC members to put aside political differences and merge, or at least ‘harmonize’ their data formats for a real all in one Super Suica. We shall see. There are things coming down the pike such as multi-secure element domain/multi-protocol Mobile FeliCa that might have transit implications. And I thank Yanik for his constructive criticism of my ‘Super Suica’ coverage. It’s very helpful and rare that anybody takes the time these days.

Extra bonus: their discussion of the Japan QR Code payment mess and a sendup of PayPay ‘gamification’ campaigns using the Canadian Tim Hortons roll up the rim thing is hilarious and spot on.

The Open Loop transit privacy question

In 2013 JR East faced a crisis over selling Suica ridership pattern data analysis to Hitachi. The Suica data was stripped of personal information and was used to analyze popular transit routes and create general user profiles based on age group, gender and so on. Media outcry resulted in JR East drafting an opt out data policy followed by Japanese Government laws and regulations covering personal data privacy.

That was then, this is now. Line, the popular messaging service plus Line Pay payment platform, came under attack this week for storing user and transaction record data outside of Japan, in South Korea and China. This is not a surprise since Line started in South Korea and storing data on cloud servers there was always an open secret. Why the brouhaha now? The recent complicated Z Holdings acquisition maneuvers of Line are a factor. With PayPay and Line Pay QR payment empires now in the same house some kind of streamlining is bound to happen. The data scandal could be a convenient excuse to start it.

The constant drip of privacy concerns regarding social networks and QR payment systems like Line Pay, and where user transaction data is stored, makes the old JR East crisis look small and silly. Everything is more connected now in unexpected ways than even just 8 years ago.

It doesn’t matter how secure transaction protocols are when user transaction record data is stored on leaky servers or sold to outsiders for profit. I wrote about this earlier, the so called popularity of QR Code payment services in Japan is really about big data. In that vein we have a timely blog post on Open Loop ltransit rider privacy from Transit Center.

For a professional advocacy organization dedicated ‘to improve public transit,’ the Transit Center privacy publication is surprisingly amateurish. It raises valid concerns but reads like open loop advertising from credit card companies (Transit Center soft sponsors?), where open loop is the golden cure-all future, and the only future at that, of every transit ill with closed loop invariably portrayed as a dead era of tokens, punchcards and mag strip swipe cards. They also make MTA seem like the only transit system in America that matters because idiosyncratic MTA problems apply everywhere. Right? Wrong. Let’s take a look at their privacy blog post…<<with comments>>.

Transit agencies around the country are adopting a new generation of fare payment systems. Agencies including New York’s MTA, Boston’s MBTA, and Houston METRO are in the process of switching to what’s known as “open-loop” systems that enable riders to tap into the system using digital wallets on their phones or with their credit cards…

<<more banks handling transit fare concessions sounds like a good idea for privacy, wait until the TC folks figure out that ‘closed loop’ bank card accounts for digital wallet OMNY is the next step in the game>>

These technologies come with clear benefits for riders, but they also carry the risk of exposing more personal data…

<<here it comes>>

The switch to these new fare payment technologies can accelerate access to riders’ trip data by other government agencies. In New York, for instance, individuals’ MTA trip data can be retrieved much faster with the new OMNY system than with the older MetroCard system…

<<retrieve trip data quickly on a fare system where users don’t tap out…what? privacy concerns are not just government agencies btw with multiple 3rd party companies handling and processing transit fare data…which brings us to>>

The increased involvement of third parties in fare payment underscores the need for better data collection and management policies within transit agencies.

<<better as in more big data details?>>

How to Implement the Next Generation of Fare Payment Without Shredding Riders’ Privacy

Anybody experienced in dealing with bank and card company customer service could see this coming. Bank and transit operating cultures are different and they don’t mix well with outside companies running the transit gate fare concession. If you think transit privacy is a concern now, wait until face recognition transit gates become the next transit future thing.

Let’s make this simple. Open Loop (EMV and QR) and bank card EMV Closed Loop means that banks and outside payment platforms run their services at the fare gates They have transit user data, as does the transit company, so does the fare system management subcontractor like Cubic. The more places data is stored the more it’s gonna leak. This is exactly what is playing out in Japan right now because Line Pay Japan user transaction data is stored in South Korea which does not, putting it mildly, have a good secure data reputation.

That doesn’t mean that closed loop is automatically more secure, but keeping data in-house with its own closed loop transaction card in the country of origin, as JR East does for Mobile Suica, does mean that outside company access is tightly controlled. At the very least there is only one company in the country of origin to take the blame when something leaks, and only one place to plug it.

Japan Cashless 2021: the Wireless Android NFC Reader Suck Index

You too can have the whole transaction world in your hands with the Android based Square Terminal for just ¥46,980

Now that contactless is everywhere, wireless contactless readers have become very fashionable and popular. Nobody wants wires or checkout lines. All of these systems are built around an Android based reading device connected to the internet payment service via Bluetooth, WiFi or 4G with a main terminal, an iPad or a laptop running payment network software. Convenient though they may be, compared with hard wired NFC reader performance they all suck with different levels of suckiness:

  1. stera: this lovely little ‘NFC antenna under the screen’ piece of shit from SMBC, GMO and Visa Japan is so slow that checkout staff put their hand over the stera screen/reader to keep customers waiting until the device is ready to go. This is followed by the instruction ‘don’t move your device until the reader beeps.’ It’s a 2~4 second wait until it beeps. This is 2014 era ‘you’re holding it wrong’ garbage nonsense. I teased one store manager about the hard wired JREM FeliCa readers that were swapped out with stera, “Those were too fast,” he said. Too fast?!
  2. PAYGATE: Another payment provider associated with GMO, slightly faster than stera but still slow, PAYGATE does’t like Apple Pay Suica•PASMO Express Transit very much. Have of the time it ignores it altogether forcing customers into the 2016 era ‘manually bring up Apple Pay Suica’ authenticate and pay maneuver. Another ‘you’re holding/doing it wrong,’ when the fault is on the checkout system side. Passé and totally unnecessary.
  3. AirPay: It’s weird that the cheap AirPay hardware performs better than PAYGATE or stera, it’s even weirder that AirPay performs better than Rakuten Pay which uses the very same reader but is stera shitshow slow.
  4. Square Terminal has gotten lots of media attention in Japan. Too early to experience it in the field yet but I’m not hopeful. Square Terminal is Android based after all and the NCF antenna under the screen design is the worst performing reader design out there. As one Brazilian reader wrote: “I just don’t like the ones running Android because at least here the software is less reliable and I managed to crash a few one by just taping my phone.”

Yep, that observation matches my experience. Payment network providers need better Android readers, the current crop is too slow getting the payment transaction ready to tap. In this era of endless subcontractor layers in the development process, creating a fast reliable Android based NFC wireless reader might be a tall order, if not impossible. The all over the place wireless NFC reader experience certainly doesn’t boast well for open loop advocates.

UPDATE
I ran across another crappy reader experience (above) and retweeted it. A reader had some questions about it, answered here by an anonymous expert. It basically comes down to poorly executed reader polling or not following Sony polling recommendations for FeliCa cards. This is what is happening in the above retweet. It is also what is going on with PAYGATE Station readers, half of the time the proper code hasn’t loaded correctly although this issue seems to be fixed in new PAYGATE Station checkout installations. Which brings us to the point I was trying to make: these performance issues can be fixed with reader firmware updates or transaction system software updates, but never are.

Wildcard polling involves the reader making a request for system code 0xFFFF and expecting the card/device to list all the system codes that it supports. Wildcard polling won’t work on an Apple Pay device in Express Transit mode – instead, the system code must be explicitly polled for (0x0003 for CJRC, 0x8008 for Octopus). You can cause Suica/Octopus to be automatically selected by sending SENSF_REQ (Polling command, 06) for those services explicitly.

I have verified that doing so with Apple Pay will cause the emulated card to be switched out as appropriate – the IDm value will also change, since Apple Pay emulates each card separately, instead of with a common IDm as with Osaifu Keitai. If you read the Sony documentation, you will see that developers are cautioned to also poll for the specific service codes they want to access if there’s no response to a wildcard poll.

Perhaps your reader doesn’t do this, but it’s fairly big omission…it should be doing explicit polling. Simply polling for service code 0x0003 should wake up Suica if selected as an Express Transit candidate, even if you don’t send any other commands. I’ve verified this with an RC-S380 reader and NFCPay.

Sorry PRESTO but your open loop video is fake Express Transit (Updated)

UPDATE
March 16: The PRESTO UP Tickets and Fares page now lists EMVExpress Transit support, but no mention of any similar benefits using Google Pay. The Apple Pay Transit support page does not list Express Transit for Canada yet, but the last update was February 3. The PRESTO page also mentions an interesting iPhone issue: “Some iPhone models (8 and earlier), may experience an error message when tapped on a PRESTO device. If you tap with an older Apple device and see a message saying that multiple cards were detected, simply tap your device again and the PRESTO device should accept your tap.” Sounds like a pilot program for teething open loop use issues. No mention of a digital PRESTO card of course. I suspect that when it comes (much later), it will be a closed loop debit card like Apple Pay Ventra.

Apple did a similar Express Transit deal for NYC OMNY, which was basically a very long pilot program and gradual rollout. PRESTO UP is also a pilot program but has an advantage over OMNY in that the PRESTO contactless transit card has been in service since 2009. People are used to it, only the smartphone wallet aspect is new. Meanwhile OMNY is still nursing off the ancient mag-strip swiping MTA Metrocard without a replacement. It will be interesting to hear customer feedback regarding the PRESTO EMV Express Transit experience…for real.


The Metrolinx PRESTO UP service started an open loop contactless payment pilot program this past week. It’s the first step for open loop support across the entire PRESTO fare system. The coverage on MacRumors and elsewhere, and the PRESTOcard youtube video itself makes it look like PRESTO already supports Apple Pay Express Transit when it apparently does not. Apple is very picky when it comes to certifying which open loop transit systems support EMV Apple Pay Express Transit. There aren’t any in Canada. The U.S. has three: NYC OMNY, Chicago Ventra and Portland HOP.

Unfortunately the PRESTO video uses post-production tricks to fake Apple Pay Express Transit. There are three instances: the 1:14 PRESTO reader, the 1:30 onboard verification check, and the 2:16 PRESTO reader. Each of these require a Face ID without mask or passcode Apple Pay authorization. As a reader pointed out the post-production folks neglected to fix the Apple Pay passcode request screen to match the reader ‘Accepted’ screen. Metrolinx promoting PRESTO open loop rollout so people will use it is one thing, but deception isn’t doing users, or PRESTO, any favor.