London Underground has been telling NFC World that existing NFC implementations just aren't fast enough, so it will be sticking with plastic cards for a while. An Oyster card tapped against the reader takes between 200 and 300ms to authorise, before the gates snap open as a prelude to grabbing your bag as you pass though, but …
Go the Blue Peter way...
and slice and dice your Oyster, stick the chip (preferably in one piece) in the back of your phone yourself, and Voila!
reminds me of a guy who spliced the chip into the end of a magician's wand so he could wave it at the turnstiles and pretend he was magic.
I would still rather whip out a little, worthless card than my phone on the London Underground to be honest....
Paris, because she knows all about whipping out wands.
RE: rickykemp, possible relation to Ross Kemp?
Very good idea, and very entertaining reading =]
Negatory Good Buddy!
I was also thinking however, that a lot of people's smartphones (or even tablets) are big enough to slide an oyster into the back without butchery.
I would LOVE to watch someone fumble with their Jobsian FondleSlab at the ticket gates trying to get through!
Troll because... why not?!
"Jobsian FondleSlab" term stolen and shared with the dept
Didn't LT issue some notice rebuking all the city's trader lads? The city lads had cut up their Oyster cards, glued the chips onto the backs of their watches so they could swipe their wrists over the turnstyles, the LT/Oyster mob went into a fit and said it was pure vandalism and if caught these people would be fined for card destruction!
Yes, they did go into a strop over someone's cut-down Oystercard. It was an excellent example of little Hitler / Jobsworth mentality coupled to a total lack of understanding of the technology.
What they should do is print "cut here" lines on Oystercards, along with a warning that if you do cut your chip out, you can no longer get your £3 Oyster-deposit refund. Which would be a small extra income stream for TfL. They could also license the manufacture of watches, watch-straps, phone-jackets and anything else with embedded Oyster chips.
500ms is a long time
I like the fact that I don't need to break stride while walking through the gates on the tube - I barely notice them, ticket in, by the time my hand has got to the top of the machine the ticket is out to be grabbed on the way past.
In Sydney their systems take sufficiently long that I had to stop, and that's a pain - the person behind me had to stop, wait for me to go, then step forward and stop...
350ms seems like a better target to me!
Melbourne's in the process of rolling out the Myki cards which are - I think - the same tech as Oyster. The old system (mag stripe cards fed into the turnstile) and the new are both in operation at the moment.
I've already noticed that it's at least an extra half second for people with the new cards to get through the turnstile - partly slow read times, and partly because with the mag stripe card you feed it into the front of the turnstile and walk an extra pace before retrieving it.
Anway, when the new system becomes compulsory we're all doomed.
Almost works in Leeds
They installed ticket barriers in Leeds station, and they *almost* work properly. The ticket reader is very fast, but the actual barriers are a bit glitchy. Sometimes they wait a second or two before opening, and in rare cases if you're following someone through, it accepts your ticket, then slams the barriers shut on you as you pass through!
As the gamer in me would say, laaaaaaaaaag!
Related: NFC on microsd for non-NFC phones, hardware upgrades to speedier devices therefore possible
Concluding from your article, NFC would still need to mature, go through a few more iterations for some time sensitive applications such as these.
Good advice might be, NOT to get the early NFC capable phones but instead use a microsd based solution, which could be replaced with faster versions as they arrive.
Here's a question I wrote that got some good answers on the subject:
Could be handy if I decide to pursue a life of crime...
Snatch victim's mobile, head for the tube, swipe myself through (thanks, victim!) and leave them fuming at the barrier as I make good my escape.
The perfect crime...
You forgot the part about waiting 10 minutes for an overcrowded tube that terminates at some ridiculous station at least 4 stations away from yours because of a signal failure...
Apart from that, I'm well up for the tube station assault course!
That is my biggest concern
Visa / Mastercard have both said that the cutsomer will not be out of pocket at all if your credit card is stolen and all NFC transactions after the theft will be refunded, but just the fact that a thief can steal and immediately get monetary value means that petty theft becomes profitable again.
Embedding this stuff in your phone just means you can't ring the service provider to report the device stolen as quickly which increases the time the thief has to buy as much stuff as he can under the £15 transaction limit and the amount he could spend is far more than most people would carry as cash these days because it's back by your credit limit.
It just seems a bad idea to me.
Complex multi-purpose via simple & dedicated
There's a more than slightly less than serious note to this article. The reason why the speed matters should be clear to anybody who travels through a very busy underground station during the rush hour. In order to get the throughput you need to minimise the number of times passengers have to break step when passing through the gates. Just a short delay and the gates will close again. You can see what happens when somebody hesitates and interrupts the flow. A certain amount can be tolerated, but if it happens a lot you'll get queuing and a jamming up of the system. Quite apart from the costs involved, there simply isn't the room to put many more gates in the many of the busiest stations to allow for significant slow downs. Adding the best part of a second to average responses is not going to help.
Also, as anybody who works in the area of performance measurement is concerned, the average is only part of the story. For real time systems like this, you need reliable, repeatable transaction times. An average of about a second can easily hide signficant outliers several times that. Given that NFC will require a customer handset to respond very fast when the device has got many other loads to deal with, then it's easy to see that responses might be somewhat erratic in real life.
Credit cards at gates.
TfL wouldn't need to process a contactless Creidrt/Debit card transaction while the card is presented. In fact to provide the current Oyster capabilities like capped travel they wouldn't want to. They just need to record the usage of the card through the day and work out what to charge at the end of the day and submit it then. All they need is some sort of unique token they can associate with some method of obtaining payment. Contactless Credit/Debit cards seem an obvious one. This also takes the complicated logic to work out what to charge out of the devices that accept the card taps, and puts it all in one place at the back end.
Presumably they would do some sort of authorisation check at their leisure after the first entry and have a hot-card mechanism if this failed. With a bad card you could get a free trip, but that is the same as using these cards offline at any retailer. I believe the issuers bear the risk on these transactions so long as they are within the issuers rules.
Not so sure
Ideally, they would like to do an "authorisation only" transaction for the daily cap when you present your card for the first time at the entry gate, and then release it and take the actual daily charge due at the end of the day. That way there is zero risk of loss due to no funds available.
Of course they might decide that the costs savings from doing it your way are worth the risk of losing some money, but I think they will try initially not to do that.
Not even an easy free trip
Grab card ID on the way in, open the gate, do all further interaction with the card company while the passenger is travelling. On the way out a bad card will be on the hot-list, and the barrier won't open and the CCTV-image-grabber will activate. (No, I don't know whether the last exists but it ought to). Even if someone with a bad card then vaults the barrier, it won't let him in again.
So all that's needed is sufficiently secure establishment of the card or phone's identity within 300ms. If that's not possible, then the technology ought to be revised until it is!
All they have to do is...
move the sensor about 2 paces further away from the barrier. Crossing that extra distance would give the system enough time to process before you bump into the barrier.
@ rickykemp: I like the idea of remounting the Oyster chip! - maybe in a ring so you can swipe your hand to Force the gate open...
not exactly simple
"move the sensor about 2 paces further away from the barrier."
so, replace or modify just about every physical barrier in the entire underground system, then? Because as I recall the current ones, they're simply not big enough to do this - you couldn't move the sensor further from the barrier without bigger units. hardly a cheap or simple change...
"move sensor about 2 paces further from the barrier"?
Have you thought this through? You've increased the gap to almost 2 metres which is about double what it needs to be. Unless you are going to allow the second person in line to present for authorisation before he first has cleared the system, you are going to add approaching a second to every barrier clearance. If you do allow this overlapping of presentation and clearing you are in for enless confusion when the guy in front gets refused yet there's an authorisation for the one behind. This is quite apart from needing to replace/amend all the barriers and the approaches.
Basically it's unworkable...
move the sensor about 2 paces further away from the barrier.
Great, so the person in front of the person in front of you gets refused for some reason, but then you stick your card on the reader and as it authorises it allows *them* to walk through the barrier and *you* get blocked until, hopefully, someone behind the person behind you puts their card on the reader and that lets you through...
Elephant in the room, one, TfL standard issue.
Apart from the myriad other problems of NFC, conveniently ignored by industry and hack alike, there's this: Having to fiddle with the old mobe to get to the right app is already more than I'm prepared to bother with. Not having to fiddle means it's active all the time, and to me the thing is a phone first and a means of paying for anything at all a distant fourscore-and-a-halfth, at best. Personally, I'll take a dedicated card, thanks.
And now for a means of managing all that crap the way /I/ want it, not the way TfL or my phone operator or whoever else decides for me how I might like it. And yes, that means no third, fourt, fifth, Nth parties to "own" me as a customer. Even the mere chance of having to phone up some uncaring offshored helldesk to a company I'd never heard of before to sort some digital hiccup or whatnot is more than the supposed convenience is worth. Not even when they pretend to grovel before me.
NFC authotisation at the entrance? Why?
The entire system is set-up from the wrong premise. It is designed as if the people who would try to steal and who have not paid for their ticket are a majority.
If the gates are open by default the cost of running it will be way less. Mechanical wear is less by an order of magnitude, throughput through an individual gate is higher by a significant margin, you name it.
As far as the NFC 500ms problem it is a resuilt of trying to replicate Oyster via NFC. It is the wrong idea - oyster has no other connectivity so it does things via NFC which a phone can do by other means. There is no need to do authorisation in NFC 99% of the time.
All NFC needs to do is transmit a pre-authorised and signed token. It takes anything between 20-30s and minutes to get past the entrance lobby in most subway stations. That is more than enough for an app which uses Bluetooth or even WiFi to authorise, receive a one-shot token and store it for NFC transmission. This shortens the NFC phase to sub-300ms not 500ms or even less because you no longer need a lot of the crypto (it has already been done). In fact, you do not even need Bluetooth, any connectivity will do provided that the app can store the one-shot token in advance and not try any authorisation at the actual entrance. You can also do multiple people and/or groups travelling this way and so on.
Why so slow?
I can send a ping to a server in Australia, which is on the other side of the planet, via 30 or so hops through intermediate routers, and get a response in a few hundred milliseconds. It shouldn't be beyond the wit of man (cheers for that Boris!) to get two dedicated bits of hardware a few inches from each other to spit out a "Yeah let this guy through" or not in under that time.
But you don't care (really) who says they are whom in your ping scenario; for TfL, they want to be *mostly* sure that the person they've scanned in is really J Bloggs.
I'm sure there is room for error (since all scans are recorded and CCTV'd), but they don't want to be taken for a ride.
What do they care about J Bloggs?
All they need to care about, all they ought to care about, is that they get their fare for each person entering. Not who they say those people are. Of course you'd like to be able to disable and replace stolen cards and so on. But that still is no excuse for wanting to keep as much personally sensitive data (including CCTV footage and scans of who's been where, when) as they think you might get away with, or "might prove useful sometime".
I'd rather they'd just take some coins instead of fumbling around with high technology assaulting my privacy. If it has to be electronic, then some sort of anonymous electronic payment system, please. This, is not it.
They don't care who everyone is (although thats a nice set of extra data they are collecting). They care that the funds to pay for the journey are going to be transferred to TfL.
Agree that there is no technical reason for the response to be so slow. And this really matters: I find the current TfL Oyster cards are just about fast enough, but the readers at some national rail stations, like those of East Midlands Trains at Leicester, are much slower, and really make you stop and wait, until the gate opens. The gates bear a sticker saying "Don't push" presumably because so many passengers are surprised when the gates don't open as they expect. Such stupid design (but that's consistent with the general behavour of our privatised railway companies).
On my 4th Oyster card since launch.
Since Oyster was launched all those years ago, I have had 4 cards. One got a hot spin cycle and 2 were stolen. Yes people, theft does happen on the Underground. It was once snatched out of my hand at the gates in Warren Street Station and once pickpocketed from my coat pocket as the thief could see exactly where I had put it.
So now, I always hold my Oyster card in the palm of my hand rather than in my fingers so it can't be whipped away from me, and I always place it into a pocket with nothing else in it and preferably the tighter pockets on my trousers so I can feel strange fingers snatching at it.
I'm not sure I relish the thought of it being my Visa Paywave card or expensive NFC equipped handset being nicked.
"Transport For London would much prefer to collect the money itself"
Somebody not reading the Register then ???
"London's Oyster Card system is now owned by Transport for London, which stumped up £1m for the brand as well as considerably more for the associated infrastructure."
"If the gates are open by default the cost of running it will be way less. "
Nice idea but it would be quite easy , especially at stations with few staff or even unmanned ones on the DLR for someone to just run through the barrier with that setup.
Its easy enough as it is to fool the gates - just hold a newspaper out in front of you just behind the person in front to block the IR sensor so the gate thinks its still 1 person going through. They will then magically remain open with no smartcard required.
Does anyone recal the City boys who had cut the chip of their Oyster cards to insert it in their watches? Good idea you might say except the LU did not like it (oh surprise) and cancelled the chip; so the shity boys had to buy a new one...
Steve Jobs because he is evil just like TFL.
One of the many things I like about Vancouver is the skytrain's honour system - no barriers just a zone where you must have a valid ticket or they punish you. Whilst I would never suggest it would work in London, I like the idea that it will be one day possible not to need a barrier at all... just a regular patrol of staff to ensure that those who haven't a valid ticket/pass travel underneath the carriage....
Our German friends do that with the trams. But you need a rules-complaint population.
In some cities if you buy a one-use paper ticket you are supposed to stamp it as you get on to stop you using it twice. I've seen people in Hannover get onto a tram with a broken stamper, and then get off to wait for the next one so they can remain compliant.
That's the way DART does it.
Dallas area Rapid Transit (Texas) does it that way. And if you work for TI you can get a permanent pass right on your badge.
Mines the one with the fake TI badge.
If it ain't broke don't fix it?
I see very little wrong with the existing Oystercard. (Although they should definitely do a legal mini-card for folks who want to attach it to their phone, watch, whatever).
Why not just put a credit-card accepting Oystercard vending machine in every station? Do standard (or NFC card, phone, whatever ) credit-card processing in however many seconds that takes, and (optionally?) establish auto-top-up association between the credit card and the issued Oystercard.
Stolen card problems? No worse than any other vendor. The usual security mechanisms and consumer protection laws would protect the person whose card was stolen. The issued Oystercard will die and go on the hotlist soon after the real card owner reports his credit whatnot stolen.
I'd call spending any significant amount of money on accepting credit cards at the barriers as a complete waste of money that should be better-spent fixing the track and signals! (the items which really *are* broken and *do* need fixing. )
By the way for non-Londoners: in the rush hour I reckon you get one person through the barriers every two or three seconds. An extra 300ms delay is therefore a 10 to 15% reduction in thruput. Milliseconds do matter!
Re: auto topup
Auto topup already exists
Then there's the obvious....
All these systems exist because people want to implement complex fare structures rapidly, with the result that a good chunk of those fares goes towards paying for the system to collect them and for fare enforcement. Its good eats for the equipment suppliers and the hordes of administrative parasites but bad news for the rest of us.
If you simplify the ticket system -- single entry cost with time limit, for example -- then things get really simple at the (non-existent) barriers.
Fixing a problem that didn't exist in the first place.
You stick a ticket in the front of the machine. The barrier opens. You walk through the barrier, and your ticket is regurgitated at the other end by the time you've got there.
What the hell was so wrong with this system? Not enough pork involved? Not hackable enough? What?
Too many layers of software, that's your problem. This API, that API, that middle layer..
One second is a shed load of time in terms of processing cycles (and instruction cycles).
Software these days is far too inefficient. Go back and take a look in the good old days with what could be done with a 2MHz 8 bit 6502 processor running at it's peak 1 MIP, with most instructions being slower than that.
Why is everyone obsessed with integrating things into the phone?
Sure, camera is a good one as you can then send the pictures on. But there is no reason to have payment methods integrated into a phone.
If you lose a card you get it cancelled, if you lose your phone then surely you have to cancel two things then?
Phones also get stolen, if they are used as a payment method as well then surely you will be more afraid to hold it up to your head in case it attracts attention?
There are still plenty...
...of people, me included, who don't use mobile phones.
SWP based secure element
I would like to comment a detail of the article about the SWP technology. This last one is blamed as the one contributing to make the transaction too long.
The SWP technology is entirely defined in the TS 102.613 ETSI standard and is designed to address a split system: the NFC controller dealing with the RF NFC protocol and the secure element in charge of the secure applications. The propagation time through the NFC controller (compliant with the standard) is predictable and cannot exceed a maximal time. Any engineer can compute it and precise what the time spent within the NFC controller and the time spent in the secure element.
More than 80% of the transaction time is related to computations within the secure element. For instance, the impact of the SWP technology on the transaction time is about 3%!!
Why the secure element is slow?
The processing time is directly related to the Mifare Desfire protocol itself (number of cryptographic operations, writing in non volatile memory,..) but not only!
The processing time depends mainly of the way the secure element is powered. In most of the cases, the secure element is under powered (18 mW max) and the secure element maker is obliged to set low frequency CPU and so gets a low power of computation.
Beside that, there is a big difference between a secure element hosting multiple programmable applications able to be downloaded other the Air (OTA) and a contactless card hosting a single application running on a dedicated operating system (Mifare Desfire OS). Here we cannot have the cake and eat it: a flexible multi-application platform as JavaCard able to be programmed and the performance of an optimized platform dedicated to a single native application!!
I hope the few explanations above may help the readers of this article to not make wrong assumptions about the root cause of the issues related the these new NFC-capable mobile phones.
Best regards, A.
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Feature Be your own Big Brother: Monitoring your manor, the easy way
- Boffins say they've got Lithium batteries the wrong way around
- In a spin: Samsung accuses LG exec of washing machine SABOTAGE
- Phones 4u slips into administration after EE cuts ties with Brit mobe retailer