Subscribe Now

* You will receive the latest news and updates on the Canadian IT marketplace.

Trending News

Blog Post

PRESTO? Not really
SECURITY SHELF

PRESTO? Not really 

Implementing a card-based transit payment system is no small feat. High volumes, small transaction values, mobile fare payment devices, and the need for speedy transactions combine to produce complex requirements.

Transit agencies in Toronto, Hamilton and Ottawa have adopted the PRESTO card system from Metrolinx, an agency of the Government of Ontario. The system is, to be polite, quirky at best. Most card-related transaction take 24 hours. Customers activating a card online are advised to wait for 24 hours before tapping it on a fare payment device. If the customer wishes to have arrange for automatic fund top-up, they must wait 24 hours after signing up and then tap the card. Customers who wish to simply add money to their PRESTO card using a credit card are also subject to the 24 hour delay. Transactions are cancelled if the card is not tapped within 30 days.

Frequent users may not notice these annoyances. On the other hand, the “24 hour delay to accomplish anything” PRESTO system is aggravating for occasional transit users. Assuming the system was reliable, and users clearly understand that PRESTO really means 24 hours, the system might be tolerable. But as I recently learned from personal experience, there are obvious system integrity issues.

When a family member lost a PRESTO card linked to a monthly pass, I logged in, cancelled the card, and requested a replacement. “Your replacement card is on its way,” read the web page when I completed the process. Seven to ten days seemed like a long wait, but with a downtown location the only option outside business hours, it was not convenient to obtain a replacement in person.

But the card didn’t arrive. A call to PRESTO resulted in being told it hadn’t been ordered. So I went through the online process a second time, with the same result. Somehow “on its way” has a different meaning to Metrolinx.

I finally gave up and drove to a closer shopping center at lunch to purchase a card in person. Then I logged into the PRESTO site and attempted to move the monthly pass to the new card. According to the site the transaction was accepted, but a few days later the new card would still not work. In an attempt to resolve the ongoing saga, Metrolinx mailed me yet another card which did eventually work.

A spokesperson for Metrolinx did connect me with customer service, but did not provide information about what the company is doing to fix these obvious flaws. In November, there was a clue when Metrolinx took the system down for an entire weekend. “A fix is currently being rolled out to address the issue of some PRESTO cards being incorrectly cancelled,” read the PRESTO web site, “but it will take time to update the whole system. While many customers’ cards are now working, some customers may continue to experience issues.”

This taxpayer-funded frustration teaches three important lessons to system architects. First, data and process integrity is paramount. “On the way,” means exactly that. If a customer can reach such a screen, but customer service representatives can’t find the transaction, the system has unacceptable security and functional deficiencies. Similarly, if customers and the company receive contradictory information about the same transaction, the system is clearly broken.

Second, users expect reliability. Many of PRESTO’s issues appear to result from the fact that payment stations in buses do not have real-time connectivity. As a result, passes and payment transactions must be uploaded to every bus in the entire transit system, and digitally held for pick-up by the customer. Clearly that system is error-prone; my experience suggests that data is not being uploaded to all buses. Systems of this complexity require a high level of reliability, combined with error detection to facilitate proactive issue resolution.

Finally, mechanisms to rapidly address exceptions are required. It should not take days or weeks to fix a problem. If a card or application is not working, it should be simple to send the user a verified working replacement.

PRESTO is a payment system, and as such there is simply no excuse for poor integrity controls.

Have a security question you’d like answered in a future column? Eric would love to hear from you.

Related posts