Contact-free public transport (Part 2)

photo of a bus

This is the second of three blogs about technologies to support contact-free use of public transport.

Public transport operators have been making great efforts to make public transport safe during the pandemic. TfL recently launched a new app that makes it easier for passengers to plan their travel and avoid routes where they might come close to large numbers of people. There are claims that the rate of uptake of contactless by passengers has increased significantly since the pandemic and the demand for contact-free transactions on public transport. Visa recently offered a graph relating to global public transport contactless transactions. However, it is not clear what the actual contactless usage is since they are hidden behind month-on-month percentage increases which look enormous when the previous months had fallen off the proverbial cliff.

King Harald Bluetooth to the rescue?

For an ultimately contact-free experience, Be-In Be-Out (BIBO), where the passenger presence on a mode of transport is detected without their having to tap in and out, seems highly desirable. Until, that is, you start to look for technologies that can deliver it. We have conducted surveys of BIBO in the past for clients and there was a trial on buses when we were working at Transport for the North. Yet still in 2020 BIBO is not a success story outside of the lab.

Various technologies have been trialled for delivering BIBO, some with beacons mounted at strategic points on buses and trains as well as at stops and stations. The passengers must carry some kind of transponder that can be detected by the beacons as they pass through the transport network. The latest hope for BIBO is Bluetooth Low Energy (BLE) named by Ericsson after a Danish king with a dead ‘blue’ tooth. BLE is inside every modern smartphone and can be left activated without significant battery drain.

However, BLE has been around 2011/12 in smart phones and still no BIBO success. There are all sorts of known issues with implementing BIBO. Say, on a bus:

  • How does the driver know you are using BIBO? So, you end up having to activate an app and show the driver that you are using it. By which time, it would have been faster to pay by more conventional means such as tapping a contactless bank card.
  • The beacons are not particularly accurate in range and struggle to differentiate between a passenger on the bus and one standing near the bus.

This same technology was proposed for COVID-19 ‘track and trace’ apps. For similar reasons to BIBO lack of success, it seemed obvious that they would not be able to operate accurately enough to be useful. Furthermore, if launched, they would potentially cause more trouble than they are worth by triggering false alarms and telling innocents to go into periods of self-isolation for fear of transmitting a virus they don’t have to others. Although, companies are still working on it and some claim to have a solution by combining BLE with inaudible ultra-high frequency sounds and others are trialling the use of GPS for tracking.

This is the second of three blogs about technologies to support contact-free use of public transport. There are many technological options and even more considerations, but we thrive on the challenge of finding smart, innovative solutions to clients’ requirements. If you would like to discuss what this means for you, give us a call.

Contact-free public transport (Part 1)

buildings city clock downtown

This is the first of three blogs about technologies to support contact-free use of public transport.

I heard on the radio that, despite ministers encouraging people in England back to work in their offices, most are staying at home. Commuter trains are about one-third full and buses are about 40% full. During the COVID-19 pandemic, demand for public transport fell off a cliff as governments told their people to stay at home.  A major part of encouraging travellers to use public transport is the provision of systems that allow social distancing of passengers from staff, ideally eliminating the need to exchange physical tickets, cash and paper receipts.

The use-case I am interested in is one that allows passengers to travel without paying upfront and be charged afterward based on the journey that they took. Somehow, which journeys the passenger has taken need to be tracked in order that either they can be allowed to travel because they have already paid, or more likely these days with the demise of season tickets, and assuming carnets do not suddenly take off (which seems to be the case), charged after the travel in a modern Pay As You Go (PAYG) manner. What technologies are going to help?

Contactless bank cards

Our work with Transport for London on the use of contactless bank cards for convenient public transport payments is well known. Even before the pandemic, the contactless uptake facts and figures published by TfL in January 2020 at Transport Ticketing Global were better than anyone expected when we started the work back in 2008:

  • Customers surveyed:
    • 44% had used contactless payments for public transport.
    • 28% were using contactless payments for all or most of their public transport payments.
    • 2/3 of customers convert to contactless payments after first use. It is clearly popular and this could mean that the pandemic accelerates the shift to contactless.
  • TfL journey payments market overall:
    • 2/3 of journeys are PAYG:
      • 57% of PAYG is contactless payments and rising. Launch was 2014, and by 2015 20% of PAYG was contactless payments. The contactless proportion of PAYG continues to rise.
      • 21% of the PAYG contactless payments is mobile payments.
    • 50% fewer season tickets are sold since the acceptance of contactless payments (NB this was before COVID-19 pandemic resulted in more people working from home).

TfL recently released graphs of their actual PAYG journeys using Oyster and contactless bank cards across the recent months (see below). The apparent period of zero bus journeys was when TfL temporarily stopped taking payments so that the journeys were not recorded. The split between Oyster and contactless bank cards is not available. In the future, it will be interesting to see whether the pandemic speeds up the switch to PAYG and also whether Oyster users migrate to bank cards.

This is the first of three blogs about technologies to support contact-free use of public transport. There are many technological options and even more considerations, but we thrive on the challenge of finding smart, innovative solutions to clients’ requirements. If you would like to discuss what this means for you, give us a call.

Payment card issuance errors leave you vulnerable to fraud

Major payment cards

As Consult Hyperion, and as many other analysts, predicted, Covid-19 has driven the adoption and use of contact-free technology at the point of service. A recent survey funded by the National Retail Foundation, found that no-touch payments have increased for 69 percent of US retailers surveyed, since January 2020. In May, Mastercard reported that 78% of all their transactions across Europe were contactless.

Fraudsters are always looking for ways to take advantage of potential weaknesses or even inexperience in new payment devices. A recent news story promoted a man in the middle attack in which two phones are used to transfer and manipulate the transaction message between a stolen contactless card and the point of sale terminal.

Contact-free and App Clips in Apple’s iOS 14

pexels-photo-887751.jpeg

The Use of Contact-free is Accelerating

At Consult Hyperion, we have already seen the pandemic accelerate the adoption of contact-free payments in the face to face environment as customers have become wary of catching COVID by touching shared devices, such as self-service terminals and PIN pads.  The use of personal devices for payments is hardly new but the attraction of an in-app/in-store version of mobile payments, whereby the consumer uses an app on their own device to interact with the retailer or service provider and pay for services, has just increased dramatically. Solutions for parking (RingGo) and for restaurants (like the Wahaca app, powered by Judopay) were already demonstrating the benefits of such an approach for customers and businesses before COVID struck.

Leveraging the payment networks for immunity passports

COVID-19

As if lockdown were not bad enough, many of us are now faced with spending the next year with children unable to spend their Gap Year travelling the more exotic parts of the world. The traditional jobs within the entertainment and leisure sectors that could keep them busy, and paid for their travel, are no longer available. The opportunity to spend time with elderly relatives depends on the results of their last COVID-19 test.

I recognize that we are a lucky family to have such ‘problems’. However, they are representative of the issues we all face as we work hard to bring our families, companies and organizations out of lockdown. When can we open up our facilities to our employees, customers and visitors? What protection should we offer those employees that must or choose to work away from home? What is the impact of the CEO travelling abroad to meet new employees or customers, sign that large deal or deliver the keynote at that trade fair in Las Vegas?

Give the public what they want

Well, this is interesting. On the very day of Consult Hyperion’s 20th (yes, 20th) annual Tomorrow’s Transactions Forum to discuss the future of secure electronic transactions and much besides what should fall through the internet tubes but the fifth annual “ING International Survey Mobile Banking 2017 – Cashless Society“, which surveyed nearly 15,000 people across 15 countries, and found that one in five (21%) people in Europe now rarely carries physical notes and coins, and a third (34%) would go completely cashless if given the choice.

Gin and contactless, one of my very favourite combinations

Gin and contactless is my second favourite cocktail (after the Moscow Mule).

Like those 34%, I’d like to be given the choice, but there are still places that won’t accept cards (such as the Real Ale bar in Wembley Stadium) which is why I went to the gin bar instead (as shown above). But these are becoming fewer and farther between, and not only in London.

“Dr Michael Collins, assistant professor of Social Policy at the University College of Dublin, tried to live without cash during one month to see if Ireland could become cashless in a near future and follow the example of its Scandinavian neighbour. His investigation demonstrated that almost all transactions can be done without banknotes and coins, except for some small value transactions, such as a coffee in a train.”

Cash is not replaceable

Ha! Even on Southwest Trains you can pay using contactless cards or Apple Pay and, when the new Chinese owners take over later this year, I imagine that Alipay and WeChat will be on the menu too. When do we get to wave goodbye to cash in Woking then? Well, sadly no time soon because while the trains have contactless, the ticket machines don’t (and I shouldn’t have to go to ticket machines anyway, but that’s a different point). But in ten years? 20 years?

“Gala Casino used linear regression on cash usage data from 2004 to 2014, which saw a drop from 71% to 53%, and Payments UK predictions for 2024, to arrive at its guesstimate that 2043 will be the year in which the number of cash transactions reaches zero per cent.”

Britain to go cashless in 2043?

I would imagine the graph turns out to be show cash asymptotic to zero rather than zero, but while I’m not sure that the number of “cash” transactions will ever reach zero, because some people will always want to use some form of immediate and anonymous payment system, I am sure (as I told the BBC’s “Wake up to Money” chap when he called to invite me on this morning) that William Gibson’s words in “Count Zero” are prescient: “He had his cash money, but you couldn’t pay for food with that. It wasn’t actually illegal to have the stuff, it was just that nobody ever did anything legitimate with it”. By 2043? Sure. But rather than just let it happen, we really need to set a national policy about it.

“Reducing cash doesn’t mean big savings, but removing cash does, and without an actual national policy on this, the benefits will go to the middle classes at the expense of the poor. “

via There you go bringing class into it again | Consult Hyperion

Therefore another vision for 2043 might be that cash becomes a class issue, where the middle classes never see cash from one week’s end to the next (except for the purpose of aiding and abetting tax evasion by paying the builder in £50s) but the underclass, trapped in cash, are excluded from the world of bank accounts and cards. This will be a good topic for discussion at this afternoon’s excellent expert panel on inclusion chaired by our CEO Neil McEvoy with Katie Evans (Money and Mental Health), Susie Lonie (who has years of experience in emerging markets), Elizabeth Duke from Carta Worldwide (who build pre-paid schemes for the unbanked) and our very own Paul Makin (the man who did the original feasibility study for M-PESA). Great stuff.

NFC isn’t the real reason for Apple Pay

As I am sure many of you will remember, the thing I was most wrong about – ever – on the Tomorrow’s Transactions blog was that I was convinced that Apple would not bother with an NFC interface for the iPhone. Luckily, my blog is not a blockchain, so I could go back and delete this post if I wanted to. But I am gentleman and man of integrity and I cannot do sufficient violence to my conscience to rewrite history in this fundamentally misleading way. Hence my error stands as testimony to my integrity. My reasoning at the time of this broadcast error was that since “app and pay” would eventually come to dominate “tap and pay”, I thought that Apple would focus on the big picture and ignore the age-old card/POS interface. I assumed that they would use Bluetooth, wifi and mobile to link the customer and merchant and eventually dispense with the card in the middle, whether using stripes, chips or NFC. At that time, we had already built an HCE-over-BLE app for a project that we were involved in, so I knew that we could easily obtain better-than-chip-and-PIN security without having to tap anything, and I thought Apple would just ignore it: what did they care, I reasoned, if you can’t use your iPhone to ride the bus* in London?

Well, I was wrong. Apple implemented their own sort-of-NFC (they did not implement the full NFC standard) and they locked down the interface so that third-parties could not gain access. They implemented just enough to get the banks to spend gazillions on the tokenisation infrastructure that was needed to bring that better-than-chip-and-PIN security to online and mobile commerce. Well, it worked. They have created a secure and convenient payment platform. As I wrote before…

Select Apple Pay, thumbprint, done. Why isn’t all in-app purchasing like this. Come to that, why isn’t all purchasing like this. Actually, it soon will be…

From Don’t judge mobile payments by the way they work now | Consult Hyperion

This indeed where Apple is heading, and I’m not the only one who thinks that perhaps people who were focused on the NFC interface at retail POS (and complaining that not enough retailers take it and therefore Apple Pay is a bit of a flop) were missing the bigger picture.

He says Apple Pay is appealing, but he wouldn’t switch banks just to access that one feature. “Not over that. There’s too much work involved just for tap-and-go,”

From Early days, but Apple Pay struggles outside U.S. | Reuters

You can see the point. If you already have a contactless card that works everywhere, it’s not that exciting to be able to tap your phone instead of the card. So people don’t. They already had a perfectly good solution to the card payments problem: a contactless card (or, in my case, a contactless sticker). But the fact that it’s not exciting to tap the phone just does not matter. It’s not the play. There are reasons why I love Apple Pay (especially because I have on more than one occasion forgotten my wallet when going to the office) but when I dropped my iPhone in the toilet and was on an old phone for a couple of days, it didn’t really matter that much because of my contactless Curve card in my back pocket.

The thing is: paying with a plastic credit card isn’t really that difficult. With Apple Pay, the bigger point is that it’s also a way of paying for stuff online.

From Who Cares About the New iPhone Camera? The Real Change Is Apple Pay | WIRED

Brian Rommele, who I always take very seriously about this kind of thing, says that it is already clear that Apple Pay in the browser will be a very big deal indeed. I already find it frustrating when I go to pay in-app and I have to enter a CVV against a card-on-file just as if it were 1996 all over again (I’m talking about you RingGo) instead of just thumbing it so I can see that the in-app and online experience will be transformed.

In my early testing I can confirm that the checkout abandonment rate for websites that use Apple Pay Safari will be reduced significantly.

From The Apple Pay Safari Vs. PayPal Battle For Web Transactions Is An Invalid Argument. — Medium

Who won’t use this? For Apple Pay, Android Pay, Samsung Pay and every other pay, #appandpay is way more important than #tapandpay and way, way more disruptive. Note also that it is a very short step from Apple Pay to Apple ID, where revocable identification tokens are loaded into the tamper-resistant hardware alongside the revocable EMV payment tokens…

* I use my iPhone to ride on London underground, buses and Dockland Light Railway all time. All the time. 

 

 

A funny thing happened on the way to the Forum

The Tomorrow’s Transactions Forum, that is. I arrived in good time (it’s always best to add on a few minutes to give yourself time to buy a ticket) for the 7.39 Flying Glacier to Waterloo via Misery and Degradation. 

 

Of course, Woking station has changed a lot since this picture was taken. There’s a Flying Coffee Bean on Platform 2 now.

Hurrah! When I got into the ticket hall I discovered that they have installed machines to allow you to pick up a ticket that you have purchased online. Great. I have the excellent The Trainline app on my iPhone and it is integrated beautifully with Apple Pay. So you look up the tickets you want, hit “Pay with Apple Pay”, thumb it and away you go. When you get to the station you just thumb it again and tap your iPhone on the machine, it shows you the list of tickets you have purchased, you choose the ones you want and hey presto your tickets pop out.

Brilliant.

Except it isn’t. The machines don’t work this way. You have to take a payment card with you and insert it into a slot and then type in a confirmation number that you were sent by e-mail. It’s actually quicker just to go to one of the other machines and buy your ticket in the usual way.

Joined Up Thinking (Not)

The new machine on the block.

I don’t get it. Surely the Apple Pay token used to buy the ticket can be matched to the Apple Pay token presented at the machine? You should only need to put the card in if you’re forgotten your phone or it is out of battery (and even then they should do it by implementing PARs properly).

Surely South West Trains, when they were planning these machines a few years ago, had at least heard about mobile phones even if they hadn’t actually seen any. And surely they had noticed that something was going with contactless technology? Perhaps one of the South West Train’s Executive Board had overhead their servants talking about “tapping” cards to ride the bus in London and never asked what they meant? Or did they just take it be a some new lingo below stairs, a slang term for writing out a cheque?

They must just have thought that contactless was something happening to other people.

This left me wondering if other train-like options are adopting contactless. I thought I’d give it a try at Heathrow, so I downloaded the Heathrow Express and tried a couple of times to buy a ticket to see if I could use Apple Pay, but the app asked me to scan in my credit card (presumably for some hello-1996 card-not-present transaction) then crashed, so I never to got to see it in action.

So much for joined-up thinking. The whole world is moving to contactless and mobile and the most up-to-date technology on the newest machines installed (I see they got rid of the machine for connecting by video link to customer service) is the decade-old chip and PIN reader. Come on.

Queue at Woking

OK, so sometimes there’s a bit of queue.

Why can’t we buy our tickets on our phones while riding the bus on the way and then just tap and collect when we get to the station?

The only improvement in the ticket purchasing experience at Woking station since it opened on 21st May 1838 — you still stand in line, they still take cash, they still give paper tickets — is that you no longer have to fill out a “reason to travel” form, and I wouldn’t put it past Theresa May to have these re-introduced in time for the next election.

Barclaycard contactless mobile is up and running

I can’t remember if I told you about this cool project that Consult Hyperion has been helping out with over the last year or so. One of our very favourite clients, Barclaycard, decided to exploit the Host Card Emulation (HCE) technology in Android mobile phones and make a payment app so that customers could pay with their phones at any of the 300,000+ contactless terminals in the UK.

Barclaycard is set to become the first financial services provider in the UK to introduce contactless payments from any NFC enabled Android phone via its app

[From Mobile App Transforms Android Phones | News | Home.Barclaycard]

Well, they started rolling it out to customers, and it’s great. It’s the Barclaycard Contactless Mobile app, and it has some interesting features that you should know about.

  • While the contactless limit in the UK is £30, with the Barclaycard app you can perform transactions up to £100 by entering you card PIN on the phone.

  • The app works with Transport for London (TfL) so you can use it to ride the bus and get on the tube.

  • Customers can choose to have “PIN to Pay” on, in which case you have to enter your PIN before all retail payments, even below £30 (except at TfL gates – even with “PIN to Pay” you can just tap and ride).

It’s been designed to be very simple to use, just a single card enabled at any time (no card clash!) and just requires the screen backlight to be on to work for payment. Here’s what it looks like.

Barclaycard HCE

You can choose between your cards and select the one that you want to be active.

Barclaycard HCE

And here’s our very own Matt Barker using the app to buy an actual coffee. When you try the app, you’ll be surprised by how fast and convenient it is.

Barclaycard HCE

And just to prove it – here’s the receipt.

Barclaycard HCE

One of the features I rather like is that they have a real-time replacement service.

Barclaycard customers will be able to use the host card emulation (HCE) function being added to the bank’s app to have lost or stolen plastic cards instantly re-issued to their mobile devices

[From Barclaycard to use HCE to instantly replace lost and stolen cards • NFC World+]

So well done to all the team up at Barclaycard. It’s a great app, and it works really well, and I’m genuinely not just saying that because we helped out. I said from the beginning that HCE would make for some interesting developments. Remember this, from a couple of years ago?

Visa’s support for cloud-based payments follows the introduction of a new feature in the Android mobile operating system called Host Card Emulation (HCE); HCE allows any NFC application on an Android device to emulate a smart card, letting users wave-to-pay with their smartphones, while permitting financial institutions to host payment accounts in a secure, virtual cloud.

[From Visa to Enable Secure, Cloud-Based Mobile Payments | Business Wire]

Now, as we said about it at the time, HCE was an earthquake. It shifted the tectonic plates (the banks, the schemes, the mobile operators, the retailers in my clumsy metaphor) and created new fault lines between them. It’s not as if we were the only people that noticed. Again, from a couple of years ago.

According to Visa head of Digital Solutions for Developed Markets Sam Shrauger, the new cloud-based implementation of its payWave service will free up the NFC payments from a few specialty digital wallets, allowing any developer to embed point-of-sale payment options into their apps.

[From Visa, Mastercard just made it much easier to buy stuff with an Android phone — Tech News and Analysis]

Sam was spot on. Anyone can use HCE to add payments to apps for retailers. But as we’ve seen since that “KitKat” announcement, organisations can also use HCE to add loyalty, ticketing, travel, coupons, access control and all sorts of other fun stuff to their apps! So if you want to take your Android app and figure out how to add secure, reliable tap-and-go magic, give us a call!

Should customers be charged more to use chip and PIN? Yes!

Now that more than one in ten retail card transactions is in the UK is contactless, I think we’re beginning to approach a tipping point around the technology. This is important, because I think it’s a tipping beyond contactless cards and towards mobile and then in-app. I make it my business to collect and collate the weak signals for change around POS, so with that in mind, here’s a recent story from the UK newspapers. A customer was outraged to be surcharged for making a low-value payment with chip and PIN in a fast food outlet.

Bill was faced with this charge at Subway in Brislington, Bristol, where customers were being asked to pay 10p more for using a debit card that wasn’t contactless.

[From No contactless card? That’ll be 10p extra – the Subway charging people MORE to use Chip and PIN – Mirror Online]

I don’t have a problem with this at all and I don’t understand why the readers comments were negative. For one thing, I love Subway sandwiches and for another thing it makes complete sense from any informed perspective for both retailers and customers (almost all of whom have contactless cards anyway and those who don’t can always use Apple Pay, Samsung Pay, Android Pay, a sticker, a watch, a wristband or whatever else). Contactless debit card payments cost the retailers less (and since most low value card payments are debit, that means most low value card payments cost the retailer less) and putting your chip card into a reader and then punching in a PIN wastes time your time and everybody else’s too. I wouldn’t be at all surprised to see more retailers surcharging people who do not pay contactlessly or, any day now, who do not pay in-app.

Overall, 83% of consumers use less cash than they did a year ago with 19% saying they are annoyed if they cannot pay using contactless cards or devices.

[From Bar news | Contactless payments at bars and pubs nearly double]

I wrote about this couple of years ago when I pointed out how illogical it was for retailers to have signs that said they would accept card payments only for transactions above a certain level when it would have been more logical to have signs that said that below a certain level they would accept only contactless card payments. 

It baffles me that some retailers ban you from paying with cards for transactions below £10 when it would be more logical for them to say that transactions below £10 must be contactless

[From Retailers could take more advantage of contactless | Consult Hyperion]

Now, since the acquirers have to price contactless debit payments below their price for contact payments (otherwise they are not a viable cash replacement product) retailers are therefore incentivised to steer to contactless. If you are buying a £5 sandwich, the contactless interchange is only 2p and there’s a limit to how much the acquirers can add on top in a competitive market, hence Subway’s entirely logical structure. Incidentally, this is nothing new. Subway in the UK have always been at the forefront of payment technology. Here’s Forum Friend Julian Niblet writing about them back in 2013:

At least Subway (I really do eat better than this) have a sign which allows you to pay by contactless for any value but has a minimum spend for credit and debit. Somebody there has at least done some maths and realised that they ought to use the nice new kit they have installed.

[From A fresher way to pay? | Consult Hyperion]

Personally (as some of my Twitter correspondents observed) I think Subway should charge 10p more for cash as well, since when customers pay by cash they rarely have the correct change. This means that the person serving has to open up the register and count out the change. But the main issue is how the retailers choose to configure the POS and set the floor limits. Here’s what someone who says they were a Subway employee had to say about the matter.

Standing at the till with a que of 30-40 people you would long for them to pay in cash as subway do not have their card machines connected to the tills. Therefore you have to input the cost, wait for the customer to insert their card,( only after you imputed the price or the machine would crash) and then wait painful minutes on occasion for the machine to contact the bank and have a reply sent. When it comes to contactless it does it immediately.

[From No contactless card? That’ll be 10p extra – the Subway charging people MORE to use Chip and PIN – Mirror Online]

Now you can see why the retailer has the surcharge in place. And, as an aside, cash also also means that at the end of the day the manager has to cash up, reconcile the register and then deposit the cash, wasting even more time and money. Good on you, Subway.


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.