yeah just because itâs about oyster RFIDs is no indication that itâs automatically worth making a post about it.
This sounds like something that the RFID folks would have maybe thought about before deploying these systems. Prioritize card reads according to the desired use? Hmm.
TFL are so proud of their new phrase. Every time I hear them remind me to âavoid card clashâ, I mentally replace âcard clashâ with âbeing charged extra because weâre not prepared to give you the benefit of the doubtâ.
At least they have noticed the problem, here people are wondering why their rfid travelcards donât work inside their wallets anymore after they get new debit cards with contactless paying. Solution: get a new wallet with rf blocking for bank cards and an outer pocket for the travelcard.
How about fixing the software? If it can tell it has the wrong card, it should be able to pick out the right one. This assumes a moderate amount of foresight in the card designer, but as long as weâve had these things we ought to be able figure out how to distinguish individual cards.
My CCs have started putting those RFID chips in, and now local stores donât want me to swipe cards any more. I have to plug my card into their reader and wait until it finishes mumbling to itself before I can remove it. What is the reasoning behind this?
Well, Iâm not sure what THEIR reasoning is but hereâs my reasoning:
Always, always, always, ALWAYS use the chip and pinpad to validate any purchase. If youâre ever ripped off wirelessly, you can point to your history of never using the contactless purchase option.
Really, like your time is sooo valuable that you canât wait the four seconds it takes?
I donât think youâre talking about RFIDs, I think youâre talking about the EMV chip thatâs embedded in the card? If thatâs the case, then the main advantage is that it allows payment to be taken without you having to give your card to anyone else, or for them to take the card out of your sight, while they swipe the magnetic strip, which would give them the opportunity to clone the card. Itâs also one half of the system called âChip and PINâ in the UK; obviously signatures were a major security problem since they were written on the card they gave access to, and PINs are supposedly secrets shared between you and your bank.
The RFID system referenced in the original post doesnât require you to insert your card into anything - you âpresentâ your card and the reader completes the transaction. So-called âcard clashâ seems to occur when youâre asked to present a card and you present more than one.
Ah, my mistake, not the same thing (Wikipediaâs explanation is comprehensive, but tl;dr). Is this the same thing as the (chip? code?) that used to have you simply pass your CC over a scanner without swiping or inserting, or are we talking past one another? All the cards refer to their proprietary systems by a proprietary name which tells me nothing about the system.
BTW, being uncertain of the benefit of the new system makes me wonder why it is apparently less efficient than the old one.
RFID cards are the ones where you wave them over a reader. Chip and PIN cards are the ones that you insert halfway into a reader, type in your PIN, and hit OK. Whatâs confusing is both are referred to as having a chip in them and some cards have both. My credit cards actually have RFID, Chip & PIN, as well as a magnetic stripe to maintain compatibility with the US.
It might be that only the wrong card responds. Passive RFID tags rely on the readerâs signal to charge a capacitor that powers the response. So whichever tag charges up first will be the one detected.
I suppose you could design the reader to keep looking for other tags after the first one responds, but it might just keep picking up responses from the first one.
I think people get mixed up about the different evils involved. The evil of Oyster cards is that they identify you personally, and the pricing structure strongly discourages anonymous single-trip and one-day tickets. But that could have been done with mag strip tickets too.
The fact that theyâre contactless is not malicious, itâs just to make stations move faster (and possibly because the procurement bureaucrats were wowed by the futuristic technology). These cards do use radio to communicate, but they draw their power from the radio signal emitted by the receiver, which physically limits them to very close range. Even in controlled situations I donât think they could be read from more than a meter away.
This âcard clashâ thing is just plain old incompetence. They initially said you could use the card without taking it out of your wallet, and now theyâre having to backpedal, because itâs just not true if you have more than one card. I had this problem years ago when I got a contactless university ID card. Even if both cards are powered up, Iâm not sure the protocol even allows for more than one card to work simultaneously.
(Itâs made worse by Londonâs multiple fare zones, which requires the same ticket to be checked at both ends. That was a mistake they should have corrected back in the 80s).
You said it. If the reader fails to find a correct card, keep looking. Itâs not terribly complex. It sounds as though they simply didnât think about other organizations using the same kind of cards. To me, picking the right card out of the bunch would be the basic problem to be solved before they could be deployed widely.
I imagine (aside from the âeh, didnât think of it/assumed we could just make it your problemâ logic) that there are some notrivial issues:
Some readers (I certainly havenât played with them all, probably depends on IC and power budget) only register one card if more than one is simultaneously presented. Exactly which one itâs going to be seems to be up to the dark, unknowable, gods of real-world RF behavior; but you only get one and no indication that there are others.
If the one you do get is valid for the purpose(and as best I read it, that can be either a TFL-issued card or a bank-issued payment card, at least on some of their systems) there isnât much to go on. You could cut the power, ping again, repeat, and trade time for certainty; but users arenât going to wait for that while boarding(or necessarily know whether the right answer has already been hit, or whether they are about to be saved from the wrong answer).
Assuming that they do have units that read multiple cards simultaneously, youâd think that the answer would be easier: Do they have some sort of pre-paid weekly/monthly pass? Use that first. Credit on a card issued by us? Second. 3rd party payment card, 3rd.
I imagine that they either donât have readers good for that, or they donât want to learn how creative some snarky member of the public gets about structuring the presentation of multiple RFID cards to create favorable misinterpretations. (Something that has already been explored⌠Who ever would have imagined that a hedge fund guy would bring amoral value-rationality to financial matters?)
Later in 2014, when contactless payment cards are accepted for travel
on Tube, tram, DLR, London Overground and most National Rail services
in London, one of the following could also happen:
Your fare could be charged to a card you didnât intend to pay with
You could be charged two maximum fares if the card reader reads one card
when you touch in at the start of your journey and a different card at
the end when you touch out
Remember to separate your Oyster card from other contactless cards when touching in and out.
If I were paranoid I would say that the whole card clash thing is intentional, so that people get annoyed with not knowing which of their credit cards will be used for a payment, and decide to readily accept the single state sponsored universal RFID to replace all personal RFIDs.
Wow - that was a fabulous post! Looking forward to hearing more from you - the depth, the breadth, the ⌠you know, I just so admire it! Wow!
You might not be totally wrong - theyâre in the process of allowing contactless payment cards to be used the same way as an Oyster card, obviating the need for the Oyster.
Fortunately contactless payment is pretty much confined to London, so itâs not much of an issue for the rest of the country.
Your scheme sounds like it would make it difficult for multiple banks and payment processing companies to keep their hands in your pockets at all times, occasionally skimming off a few fees here and thereâŚ
I like a good orwellian dystopia as much as the next guy; but you have to consider shareholder value here⌠Even a colossally fucked government RFID unification scheme might get G4S, Gemalto, and one each of the major banks and CC processors a piece of the action, along with an assortment of âsystems integratorsâ to chew on legacy databases until the heat death of the universe. Leaving your wallet a radio-frequency war zone, though, means a cut for basically everyone youâve ever signed a contract of adhesion with!
