Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15
3107 posts

Uber Geek

Trusted
Subscriber

  # 678528 29-Aug-2012 00:13
Send private message

nzgeek: Just because they get that data, it doesn't mean they use it for nefarious purposes. Any company that handles financial data (e.g. banks, payment processors) have to meet Payment Card Industry compliance standards, otherwise they risk facing huge fines or having their accounts all but shut off. These standards cover the storage, security and dissemination of payment data. Basically, if they try mining your data, they're in deep excrement.

KSCC shouldn't be any less safe than a local bank. And if you knew how much of your purchase information was available to your bank...


This is not true.  PCI DSS is only applicable to facilities connected to the 5 Credit Card Issuer networks (Visa, MasterCard, Discover, American Express, or JCB).  KSCC as the issuer of their own brand of payment card unconnected to the global credit card processing networks is not bound to the PCI Security Standards Council.

And I'm well aware of how much purchase information my bank has - it's fairly obvious they'd have it as a result of processing the transaction.

Awesome
4859 posts

Uber Geek

Trusted
Subscriber

  # 678530 29-Aug-2012 00:30
Send private message

Kyanar: Oooh, that does sound neat.  Would be awesome if we eventually saw it on other carriers, though I guess we won't see it on Telecom anytime soon since they've gotten in bed with the Thales solution (although they have Westpac on board too, so it's likely that it will be usable as a credit card as well).


You will likely never see this with the Thales solution. It's been specifically set up to be a transport payment card and nothing more. Anything more than a plastic card that lets you pay for public transport AT have categorically said they do not want (as is my understanding).

The problem there is that Snapper is under no obligation to tell us how the data is protected, or what they do with it, and what KSCC does with it.  And although you say lots of data is processed overseas, I don't think it's as common as you think.  And in terms of government, it almost never happens (usually because they aren't allowed).  And very rarely is it something as sensitive as the physical movements of an entire city or country's public transport system (plus a large amount of retail transaction information).  This is stuff I'd want to see stay within New Zealand's borders so that it remains subject to our privacy controls.


Are Thales? Do you categorically know how that data is being processed? Also, that's up to the Transport authorities to worry about. They will be making sure that there are data protection mechanisms in place with vendors regardless of if it is Snapper or Thales.

'I don't think it's as common as you think' - Trust me - It's worse than you think. I've been working in IT in Australia and NZ for a number of years now, mostly with financial services orgs - This sort of stuff happens all day every day.

Well, "working" by various stretches of the term.  I don't know about Wellington, but in Auckland you're more likely to hear "please try again" when swiping a Snapper than for the card to tag.  Random fare overcharging due to system errors is still rampant, and penalty fares are frequently a certainty even if you do tag off.  Visual cards are still the fastest possible method of boarding.  Using a plastic monthly discovery pass, I can board and sit down in the time it takes two Snapper/HOP users to board.  I just walk past the driver and display the card, the driver taps a button on their console, done.


Every system has it's issues. Myki here in Melbourne is similar with the tag on/off issues and the AT Hop card will be no different. It's very similar technology. Just you wait. There will be PLENTY of issues with the AT Hop card in Auckland - You just haven't seem them yet because the Thales solution hasn't been installed on a single bus, train or ferry yet. Mark my words - there will be months or years of issues and teething problems. I'm not aware of any NFC solution implemented anywhere in the world that hasn't had teething problems. I also never had the issues you seem to have with Snapper Hop in Auckland. Was equally as fast as flashing my Northern Pass at the driver.




Twitter: ajobbins


 
 
 
 


597 posts

Ultimate Geek


  # 678531 29-Aug-2012 00:32
Send private message

Kyanar:
nzgeek: Just because they get that data, it doesn't mean they use it for nefarious purposes. Any company that handles financial data (e.g. banks, payment processors) have to meet Payment Card Industry compliance standards, otherwise they risk facing huge fines or having their accounts all but shut off. These standards cover the storage, security and dissemination of payment data. Basically, if they try mining your data, they're in deep excrement.

This is not true.  PCI DSS is only applicable to facilities connected to the 5 Credit Card Issuer networks (Visa, MasterCard, Discover, American Express, or JCB).  KSCC as the issuer of their own brand of payment card unconnected to the global credit card processing networks is not bound to the PCI Security Standards Council.

My apologies, you are correct, assuming that KSCC don't process MasterCard, Visa or JCB payments in their home country. If they do, their systems will be covered by PCI DSS.

Even if they're strictly bound by it, it's still good industry practice. And when you consider how close China's hackers are, you'd hope that protecting financial systems (even from their own staff) would be a top priority.

1495 posts

Uber Geek

Trusted

  # 678594 29-Aug-2012 09:17
Send private message

There's a 'HOP Integration Specialist' job now being advertised: http://careers.aucklandtransport.govt.nz/jobdetails?ajid=xUQ58

28363 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 678602 29-Aug-2012 09:25
Send private message

It appears Parkeon (who were supplying terminals to all the non NZ Bus buses) have also been dumped from the project. Can anybody confirm this?


856 posts

Ultimate Geek


  # 678610 29-Aug-2012 09:57
Send private message

sbiddle: It appears Parkeon (who were supplying terminals to all the non NZ Bus buses) have also been dumped from the project. Can anybody confirm this?



I mentioned that in an earlier post (2-3 pages ago) and seems to be confirmed in various transport forums (by people that seem to be pretty reliable with information like this), and by the media (although indirectly) as it's been stated publicly a few times now, that the 10million dollar Thales contract is for every bus in Auckland, that said, as I also said then, Parkeon's Go Live date was (as I recall) already scheduled for around April 2013 anyway.

8213 posts

Uber Geek

Subscriber

  # 678694 29-Aug-2012 12:45
Send private message

freitasm:
Kyanar: Yes, the Snapper system is centralised - in South Korea.  It's slightly concerning that all this information is hosted way offshore, by a company not accountable to Auckland, or New Zealand for that matter, owned by a foreign local government.  If AT or NZTA set up a system, the operation of that system is accountable to us, and we have ways of making sure it is used only for the purposes for which it was implemented (Official Information Act, our local MP, etc). but while Snapper runs it, we have zero idea what KSCC is doing with that data, what Snapper is doing with that data, because as private companies they don't answer to us - and one of them is even outside our legal jurisdiction.  And non-LG Snapper phones?  Forget it.  KSCC is 30% owned by LG.


With this alone you have lost all the credibility you had left on this topic, at least in my eyes. The first non-LG Snapper phone was the Samsung Galaxy SIII. And Monday Huawei announced the Ascend Y201 which is also a Touch2Pay handset - I have received one today and used with Snapper already.

And Snapper is 100% owned by Infratil. Not by KSCC.

It's becoming clear this is a case of "not made in Auckland" again, as I said before.


It's sounds more of a case  of "What's good for Wellington is good for the world" 




Regards,

Old3eyes


 
 
 
 




1923 posts

Uber Geek


  # 678695 29-Aug-2012 12:45
Send private message

Kyanar:
nzgeek: Just because they get that data, it doesn't mean they use it for nefarious purposes. Any company that handles financial data (e.g. banks, payment processors) have to meet Payment Card Industry compliance standards, otherwise they risk facing huge fines or having their accounts all but shut off. These standards cover the storage, security and dissemination of payment data. Basically, if they try mining your data, they're in deep excrement.

KSCC shouldn't be any less safe than a local bank. And if you knew how much of your purchase information was available to your bank...


This is not true.  PCI DSS is only applicable to facilities connected to the 5 Credit Card Issuer networks (Visa, MasterCard, Discover, American Express, or JCB).  KSCC as the issuer of their own brand of payment card unconnected to the global credit card processing networks is not bound to the PCI Security Standards Council.

And I'm well aware of how much purchase information my bank has - it's fairly obvious they'd have it as a result of processing the transaction.

Whilst I can understand that you have concerns, I really can't understand why.

Firstly it's  a pre-pay based system, so the provider only knows you by a number and a variable (but small) account balance.  Credit and Eftpos cards would surely present a higher risk as they access larger amounts, can be used (mostly) globally, and you could expose yourself (ultimately) to identity theft or fraud.

Secondly, right now your Telco (whether you're prepay or on-account) has much more information available to them, including (but not limited too) your real-time whereabouts.  Oh and they've probably got the same (or more) personal data on you as well. And how many of them are actually locally owned.

Regrettably we all signed away our personal space when we got credit-cards and cellphones. It's only now that it's becoming a little more obvious

Awesome
4859 posts

Uber Geek

Trusted
Subscriber

  # 678719 29-Aug-2012 13:37
Send private message

Yes, I would be more worried about what the Vodafone group holds about it's users offshore than what Snapper might.

The data that they do have is of little use to anybody outside of the direct industry - who are all supposed to be part of the program anyway.




Twitter: ajobbins


5493 posts

Uber Geek

Trusted
Subscriber

  # 678724 29-Aug-2012 13:40
Send private message

Kyanar:
ajobbins:
knoydart: My understanding was NZTA was running the back system so regions round the country could all use the same back office system. In a country where people travel between at least the major centres very often, having the ability to roam so to speak is a no brainer.


My understanding is that the deal that ARTA signed with Thales specifically designs against this model by segregating clearing houses between regions. The Snapper system on the other hand is centralised and would allow for this (Assuming they can make the commercials work).


Yes, the Snapper system is centralised - in South Korea.  It's slightly concerning that all this information is hosted way offshore, by a company not accountable to Auckland, or New Zealand for that matter, owned by a foreign local government.  If AT or NZTA set up a system, the operation of that system is accountable to us, and we have ways of making sure it is used only for the purposes for which it was implemented (Official Information Act, our local MP, etc). but while Snapper runs it, we have zero idea what KSCC is doing with that data, what Snapper is doing with that data, because as private companies they don't answer to us - and one of them is even outside our legal jurisdiction.  And non-LG Snapper phones?  Forget it.  KSCC is 30% owned by LG.


The EU has a law that databases of EU citizens can't be held outside the EU. This has caused us issues in our software testing in Auckland where we had habitually used databases supplied by customers in the EU. Now, to comply with the law, we must do testing by RDP / remote session into systems physically located in Europe. 

NZ is far too slack in such matters.....in SO MANY such matters.  




____________________________________________________
If you order a Tesla, use my referral code to get free stuff. 

 

My Tesla referral code: https://ts.la/steve52356


895 posts

Ultimate Geek


  # 678770 29-Aug-2012 14:47
Send private message

 
It's sounds more of a case  of "What's good for Wellington is good for the world" 


I don't believe its even good for wellington, after using systems over seas and coming back to that it felt like a very antaquated system and still does with no online topup options with out having their accessories or a compatiable phone to do so.

I see they have a pass option on the snapper app so does this mean you can load monthly passes onto it now?

I would support Snapper if they had all the featuers that card systems I have expirenced overseas have but after 5 years they still have not caught up.
I just believe as they have not got local compition they have no need to put the featuers in as they have no one locally to look up to.

Dion

Awesome
4859 posts

Uber Geek

Trusted
Subscriber

  # 678803 29-Aug-2012 15:37
Send private message

Online top up presents interesting challenges for these types of cards due to the fact the value is stored on the card itself, and transactions are actually performed 'offline', not checked against a remote server in real time like say EFTPOS. Essentially the access points need to be aware there is a top up to load onto the card before it 'tags' you on.

Here in Melbourne you can make an online top up but it takes approx 24 hours to become available, because it have to be sent out to all of the Myki access points - many of which do not have a real time data connection. Not very handy if you need to top up in a hurry.

This will become a lesser problem in the future as the technology for mobile data becomes cheaper and better, but until then, doing online top up is slow, unreliable and comes at a huge cost.

Auckland and Wellington are heavy on buses for public transport. It's buses that are the hardest, as the readers tend to be on the buses themselves which makes them mobile. Trains are more common in many places and it's easier to have readers (Often on station floors or on barriers) online as they don't move.

Myki has been in Melbourne now for 5 years and in my opinion (Having used both extensively), Wellington has a much more robust and reliable solution in place than Melbourne.

In both places (as well as in Auckland) BY FAR the biggest problem with them was that people don't know how to hold their card to tag on and off. Wellingtonians have got the best grasp on this. Aucklanders and Melbournians have no clue, despite extensive campaigns to show people to hold the card still against the reader under the tag on is validated - people still insist on waiving their card around the reader like they are Harry Potter casting a spell. I've seen people do this and then have an actual tantrum in a train station when the card wouldn't tag on.




Twitter: ajobbins


1711 posts

Uber Geek

Trusted

  # 678815 29-Aug-2012 15:57
Send private message

ajobbins: Online top up presents interesting challenges for these types of cards due to the fact the value is stored on the card itself, and transactions are actually performed 'offline', not checked against a remote server in real time like say EFTPOS. Essentially the access points need to be aware there is a top up to load onto the card before it 'tags' you on.

Here in Melbourne you can make an online top up but it takes approx 24 hours to become available, because it have to be sent out to all of the Myki access points - many of which do not have a real time data connection. Not very handy if you need to top up in a hurry.

This will become a lesser problem in the future as the technology for mobile data becomes cheaper and better, but until then, doing online top up is slow, unreliable and comes at a huge cost.

Auckland and Wellington are heavy on buses for public transport. It's buses that are the hardest, as the readers tend to be on the buses themselves which makes them mobile. Trains are more common in many places and it's easier to have readers (Often on station floors or on barriers) online as they don't move.

Myki has been in Melbourne now for 5 years and in my opinion (Having used both extensively), Wellington has a much more robust and reliable solution in place than Melbourne.

In both places (as well as in Auckland) BY FAR the biggest problem with them was that people don't know how to hold their card to tag on and off. Wellingtonians have got the best grasp on this. Aucklanders and Melbournians have no clue, despite extensive campaigns to show people to hold the card still against the reader under the tag on is validated - people still insist on waiving their card around the reader like they are Harry Potter casting a spell. I've seen people do this and then have an actual tantrum in a train station when the card wouldn't tag on.


I had to laugh at this comment - very funny. NZBussius ascendo

28363 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 678852 29-Aug-2012 17:10
Send private message

Online topups are a challenge. There apparently isn't any live ticketing system anywhere in the world that offers online topup where the balance will be instantly available across all transport mediums.

Because of the backhaul requirements systems such as Oyster can only update an online payment when you enter a tube or DLR station. They can't be topped up from buses, so if you're doing an online topup you need to ensure your first journey is on the tube or DLR. If you're travelling on a bus you're out of luck.

It's also worth noting that the topup process can also add signifcantly to the transaction processing time. On a bus a few hundred ms extra would be very noticeable and would run the real risk of increasing the boarding times significantly.


3107 posts

Uber Geek

Trusted
Subscriber

  # 678894 29-Aug-2012 18:35
Send private message

sbiddle:
It's also worth noting that the topup process can also add signifcantly to the transaction processing time. On a bus a few hundred ms extra would be very noticeable and would run the real risk of increasing the boarding times significantly.


I can't see how you could increase the boarding times significantly... Snapper already takes an entire second to validate which in computer terms is an eon or two.  The readers connected to the Paymark network are actually faster - and they have to talk to Korea.  Every Link bus already has Wifi and backhaul, so they are theoretically already capable of doing online topup and validation.  Even gradually rolling that out as a solution would be better than the current system where you either have to go to a dairy and pay a topup fee, or buy a $40 dongle from Snapper if you're on NZ Bus, or online topup with every other electronic enabled fleet.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Chorus to launch Hyperfibre service
Posted 18-Nov-2019 15:00


Microsoft launches first Experience Center worldwide for Asia Pacific in Singapore
Posted 13-Nov-2019 13:08


Disney+ comes to LG Smart TVs
Posted 13-Nov-2019 12:55


Spark launches new wireless broadband "Unplan Metro"
Posted 11-Nov-2019 08:19


Malwarebytes overhauls flagship product with new UI, faster engine and lighter footprint
Posted 6-Nov-2019 11:48


CarbonClick launches into Digital Marketplaces
Posted 6-Nov-2019 11:42


Kordia offers Microsoft Azure Peering Service
Posted 6-Nov-2019 11:41


Spark 5G live on Auckland Harbour for Emirates Team New Zealand
Posted 4-Nov-2019 17:30


BNZ and Vodafone partner to boost NZ Tech for SME
Posted 31-Oct-2019 17:14


Nokia 7.2 available in New Zealand
Posted 31-Oct-2019 16:24


2talk launches Microsoft Teams Direct Routing product
Posted 29-Oct-2019 10:35


New Breast Cancer Foundation app puts power in Kiwi women's hands
Posted 25-Oct-2019 16:13


OPPO Reno2 Series lands, alongside hybrid noise-cancelling Wireless Headphones
Posted 24-Oct-2019 15:32


Waikato Data Scientists awarded $13 million from the Government
Posted 24-Oct-2019 15:27


D-Link launches Wave 2 Unified Access Points
Posted 24-Oct-2019 15:07



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.