Auckland Transport: Hop & Snapper. Whats the real issue

Forums › Transport (cars, bikes and boats) › Auckland Transport: Hop & Snapper. Whats the real issue

1 | ... | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15

30853 posts

Uber Geek

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#679376 30-Aug-2012 17:04

Thales use DESFire.

nzgeek

618 posts

Ultimate Geek

#679383 30-Aug-2012 17:22

sbiddle: Thales use DESFire.

Note quite so bad then. The DESFire card that was cracked last year has been discontinued, and the newer DESFire EV1 is replacing it. That card appears to be a lot more secure.

After doing some more reading, it doesn't sound like the DESFire hack was that bad anyway. It required several months and quite a bit of know-how for researchers to crack the card, as well as about $US3000 worth of equipment. And that was only to break 3-DES, which is cryptographically weak by today's standards. The EV1 uses AES-128, which should be far more secure.

Kyanar

4089 posts

Uber Geek

ID Verified

Trusted

#679437 30-Aug-2012 19:50

However it seems from some reading on Mifare.net that KSCC (and therefore Snapper) use MiFare Classic, which is well and truly broken

sbiddle

30853 posts

Uber Geek

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#679449 30-Aug-2012 20:27

Kyanar: However it seems from some reading on Mifare.net that KSCC (and therefore Snapper) use MiFare Classic, which is well and truly broken

Snapper doesn't use Mifare classic.

Snapper is also 168bit 3DES. Mifare classic (that was cracked) was a 48 bit key.

ajobbins

5052 posts

Uber Geek

Trusted

#679478 30-Aug-2012 21:40

Wow Kyanar you seem to think there is some KSCC conspiracy going on.

You seem genuinely afraid of them

Twitter: ajobbins

sbiddle

30853 posts

Uber Geek

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#679540 31-Aug-2012 06:24

Here's a story from Computerworld about this

http://computerworld.co.nz/news.nsf/news/5AC80626A3AF0146CC2574A2000C841D

Kyanar

4089 posts

Uber Geek

ID Verified

Trusted

#679636 31-Aug-2012 11:08

sbiddle: Snapper doesn't use Mifare classic.

Snapper is also 168bit 3DES. Mifare classic (that was cracked) was a 48 bit key.

That is good. I tried finding some technical info on the system, but all I could find was the Mifare site's promotional story about Mifare classic being launched in public transport projects in Seoul around the same time as T-money launched. Although I'd bet the Ritchies RFID card I have is one of the broken schemes (+1 point for Snapper there).

ajobbins: Wow Kyanar you seem to think there is some KSCC conspiracy going on.

You seem genuinely afraid of them

Wow ajobbins you read too much into things.

Equinox IT

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.

lchiu7

6474 posts

Uber Geek

Trusted

#679644 31-Aug-2012 11:33

Not understanding the commercial side of the multiple card model that has now apparently failed in Auckland, who have benefitted from the float on the outstanding fares stored on the tickets?

In Wellington clearly Snapper has that benefit (I wonder how much that would be?) while in Auckland it's not clear to me who would have benefitted and who will benefit now that Snapper has been ejected?

Staying in Wellington. Check out my AirBnB in the Wellington CBD. https://www.airbnb.co.nz/h/wellycbd PM me and mention GZ to get a 15% discount and no AirBnB charges.

nzgeek

618 posts

Ultimate Geek

#679686 31-Aug-2012 12:32

lchiu7: Not understanding the commercial side of the multiple card model that has now apparently failed in Auckland, who have benefitted from the float on the outstanding fares stored on the tickets?

In Wellington clearly Snapper has that benefit (I wonder how much that would be?) while in Auckland it's not clear to me who would have benefitted and who will benefit now that Snapper has been ejected?

The party that gets the benefit will be whoever holds the account that your prepaid funds sit in. At the moment it'll be Snapper, but once the system has been cut over it'll be either Thales or Auckland Transport themselves.

The flow of money in the Auckland Transport system takes a bit to get your head around. I think I've got it sorted out, but I'm not 100% certain.

I believe that AT get to set the price of the fares, what the routes are, and how often the buses come. They pay a certain amount to the bus companies, to help subsidise the routes/times that run at a loss (due to few passengers). Any money collected by the bus companies is probably theirs to keep as revenue, although they may need to pay a small percentage back to AT.

When it comes to prepaid systems like Hop, the money will be held by the card operator. The fare information will be uploaded to them by the tag on/off system, which will determine how much money needs to be sent to which company. The actual funds transfer will then be done as a batch once a night/week/month.

It would all be a lot easier if everything was run by one party. However, thanks to all of this privatisation malarchy, we've got a number of different companies trying to take their piece of the pie (and more, if they can get away with it).

Kyanar

4089 posts

Uber Geek

ID Verified

Trusted

#679753 31-Aug-2012 14:54

nzgeek: The party that gets the benefit will be whoever holds the account that your prepaid funds sit in. At the moment it'll be Snapper, but once the system has been cut over it'll be either Thales or Auckland Transport themselves.

The flow of money in the Auckland Transport system takes a bit to get your head around. I think I've got it sorted out, but I'm not 100% certain.

I believe that AT get to set the price of the fares, what the routes are, and how often the buses come. They pay a certain amount to the bus companies, to help subsidise the routes/times that run at a loss (due to few passengers). Any money collected by the bus companies is probably theirs to keep as revenue, although they may need to pay a small percentage back to AT.

The best info about the flow of money used to be the Auckland Transport annual reports. They used to break down into how much was paid in total to bus operators, train operators, etc, and how much was collected but sadly it seems they now just report it as "payments to suppliers" and "public transport income" which is almost useless.

My understanding from reading articles by people more knowledgeable than I in this matter is that ARTA set the maximum fare amount per transport method, and operators chose how much to charge within that provided range. Subsidised routes the operator was paid to run the route and was required to abide by service quality standards and had very little control over the route planning, while commercial routes the operator kept the cash minus a commission and had almost total control over route planning and no service quality standards to adhere to.

I don't know if this is entirely correct (I may have misunderstood some of it) and I don't know if it's even still the way it works with AT. But based on my outside observations it's very likely mostly correct.

lchiu7

6474 posts

Uber Geek

Trusted

#679754 31-Aug-2012 15:01

My query wasn't about how fares are set, but which of the operators keep to keep the float in their accounts and therefore interest. If there are say 150K cards out there with an average float of say $30, then that's $4.5M in float. The interest on that is likely to keep somebody interested.

And does the bus fare contain a component to run the infrastructure for the cards or is the operator supposed to use the revenue stream from the float to fund that?

Staying in Wellington. Check out my AirBnB in the Wellington CBD. https://www.airbnb.co.nz/h/wellycbd PM me and mention GZ to get a 15% discount and no AirBnB charges.

ajobbins

5052 posts

Uber Geek

Trusted

#679762 31-Aug-2012 15:47

lchiu7: My query wasn't about how fares are set, but which of the operators keep to keep the float in their accounts and therefore interest. If there are say 150K cards out there with an average float of say $30, then that's $4.5M in float. The interest on that is likely to keep somebody interested.

And does the bus fare contain a component to run the infrastructure for the cards or is the operator supposed to use the revenue stream from the float to fund that?

That's a good question and really comes down to the commercials of the agreement between the payment operator, the transport authority and the bus companies.

There will be costs of running the system that are paid for by AT. They may or many not pass on some cost to the bus operators, I am not sure.

Twitter: ajobbins

mjb

996 posts

Ultimate Geek

Trusted

#679807 31-Aug-2012 17:18

Linuxluver: We're seeing this right now in road versus rail. The government is giving the private truck operators a $45 million defacto subsidy so they can run longer trucks on more roads....at the same time it is letting rail rot - which is purpose-built for carrying larger volumes of cargo....

I don't for a second claim to be an expert on this, but I was quite surprised to be told recently that rail is significantly less efficient and green than road for freight movements.

I have no evidence to back that up sorry.. just an alternative point of view.

Kyanar: Wow ajobbins you read too much into things.

Must be something in the water then, because I was thinking something similar.

contentsofsignaturemaysettleduringshipping

Kyanar

4089 posts

Uber Geek

ID Verified

Trusted

#679820 31-Aug-2012 17:29

lchiu7: My query wasn't about how fares are set, but which of the operators keep to keep the float in their accounts and therefore interest. If there are say 150K cards out there with an average float of say $30, then that's $4.5M in float. The interest on that is likely to keep somebody interested.

And does the bus fare contain a component to run the infrastructure for the cards or is the operator supposed to use the revenue stream from the float to fund that?

I recall a Herald article from a while ago which mentioned that this was part of Auckland Transport's issue with Snapper running the system - that's a lot of money and AT wants it. Last I heard was that Snapper and AT had agreed that Snapper would collect the interest on float held for retail purchases and AT would collect the interest on float held for public transport in Auckland. Logistically I have no idea how that would work, but there you go.

The Thales system is the property of NZTA (once their national project is done) so I imagine NZTA will collect the interest on that, or hold it in trust for the local authorities.

old3eyes

9119 posts

Uber Geek

Subscriber

#680084 1-Sep-2012 13:50

mjb:
Linuxluver: We're seeing this right now in road versus rail. The government is giving the private truck operators a $45 million defacto subsidy so they can run longer trucks on more roads....at the same time it is letting rail rot - which is purpose-built for carrying larger volumes of cargo....

I don't for a second claim to be an expert on this, but I was quite surprised to be told recently that rail is significantly less efficient and green than road for freight movements.

I have no evidence to back that up sorry.. just an alternative point of view.

.

I remember seeing that in the NZ Herald a couple of months ago. I think it came from the Road Transport Forum..

Regards,

Old3eyes

1 | ... | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15