Open payment for New York: fraud prevention?

Over at Second Avenue Sagas, there’s a new post claiming that the MTA’s effort to replace the MetroCard with an open payment system will result in lower costs for the agency, and in particular a reduction in fraud. I don’t believe that this is the case, and in fact I would argue that the opposite is true. New forms of automatic fare collection simply engender new kinds of fraud. The elimination of tokens on the New York City subway eliminated token fraud, but the introduction of the MetroCard introduced new frauds involving the MetroCard. The same thing will happen with open payment—open payment systems have many benefits, but fraud prevention is not one of them. In fact, open payment opens a transit agency up to new kinds of frauds which cannot be perpetrated with the present system.

In order to process a credit or debit transaction in the very short timeframes demanded by transit applications (on the order of 250 milliseconds), it’s necessary to forgo some of the checks which would ordinarily be performed. In fact, in some proposed system architectures, the transaction would not even begin to be processed until after the rider passes through the turnstile. By the time a card is found to be stolen, over-limit, etc., the passenger has already boarded their bus or train and may be long gone.

Many of these frauds will only work once with a given card—after a card fails to be authorized, it will be listed in a so-called “negative file”, meaning that future attempts to enter the system using that card will fail. Still, it is disingenuous to claim that open payment provides a measure by which fraud can be reduced, when it actually enables new frauds to be perpetrated. Moreover, if someone were to successfully compromise the EMV protocol, it would be possible to perpetrate serious and undetectable frauds involving contactless bankcards, not only on the subway, but in fact wherever they are accepted. Were that to occur, the only saving grace would be the generally low limits set on contactless transactions (around $25).

Regardless of the security of EMV cards, many of the frauds which have been perpetrated in the New York City subway have been fairly simple in nature, and easy to deter with nothing more than good policework—when the token suckers were put out of business by the introduction of the MetroCard, they started selling swipes. The root of the problem isn’t a technological one, it’s a social one. Claiming that we need to completely upend the New York City subway’s automatic fare collection system because the NYPD can’t keep fraudsters out of subway stations just doesn’t make sense.

The Second Avenue Sagas post also repeats the canard about saving money with open payment, a fact which has yet to be proven on a major mass transit system. When the Utah Transit Authority rolled out their open payment system, they had no legacy electronic fare collection system in place, and they were equipping a system much smaller than those found in Chicago, Washington, New York, London, and other cities now contemplating open payment. Any argument about the profitability of open payment based on the UTA’s experience (and in fact their system has failed to live up to expectations of profitability) fails to account for the fact that cities like Washington, New York, and London are in an entirely different situation, having a substantial installed base of AFC equipment and a substantial investment in AFC infrastructure. It is pure speculation to claim that the costs of credit and debit card processing will be less than the costs for processing existing stored-value farecards. What’s more, transit agencies will be at the mercy of merchant banks; if a bank decides to raise its fees for bankcard processing, then suddenly every swipe costs a little bit more. Alternatively, banks could take the fee increases straight to riders who use prepaid reloadable cards, increasing card issuance fees, reload fees, and minimum reload amounts. Either way, riders are stuck with a system which is more complex and costs more than existing stored-value farecards.

Finally, because it has to be said, eliminating the MetroCard is sheer folly. I haven’t seen statistics on the unbanked and underbanked population in New York City, but if the situation in New York City is comparable to that in other major metropolitan areas, then there will be a sizable number of subway and bus riders who will need some kind of prepaid card, whether it’s called a MetroCard or branded by a bank. Moving from the MetroCard to a new prepaid card merely shifts the costs. It’s also important to consider that a certain percentage of riders still pay for their rides one-at-a-time, using cash on the bus, or the single-ride ticket on the subway. Riders who have yet to adopt the MetroCard will almost certainly refuse to accept whatever more complicated and more expensive successor replaces it.

3 thoughts on “Open payment for New York: fraud prevention?”

  1. Riders who have yet to adopt the MetroCard will almost certainly refuse to accept whatever more complicated and more expensive successor replaces it.

    That’s an odd point to make. 100 percent of subway riders use MetroCards right now because there’s no other available alternative. Even people who pay in cash purchase MetroCards.

    As for your infrastructure claims, right now, the MTA is at the mercy of one company to repair everything, and that company is more than willing to hold the MTA over a barrel for that exclusivity. Moving to a bank card-based system with provisioning for those who don’t possess credit or bank cards will significantly reduce the costs the MTA pays to collect fares right now.

    Stopping scams isn’t the purpose behind moving away from MetroCards; saving money is. But stopping swipe scams at station entrances that create unsafe environments for riders will be a side effect. Your claims about open-payment system fraud aren’t at all comparable to threatened groups of people holding riders hostage by selling swipes at understaffed stations.

    1. This may be a minor point, but in the MTA’s lexicon, the single-ride ticket is not considered a MetroCard. To the extent that there are riders who prefer to use the single-ride ticket for its simplicity (although the linked NYT article puts their numbers at 3% of riders), an even more complex open payment system is unlikely to be appealing. And as far as the MTA being “held over a barrel” by Cubic, well, they’re in the same situation as DC, London, Chicago, and other cities whose AFC systems by Cubic are working just fine. They may not be cheap to maintain, and they may not have the cachet of being based on open standards, but they work. Open payment is unproven, untested in a major mass transit system, and not guaranteed to provide the supposed cost savings.

      Finally, criminals at station entrances are the NYPD’s problem, as I said in my post. Tweak the AFC system and you’ll just engender new kinds of fraud, or, worse, the criminals will move on to more brazen acts—witness the epidemic of mobile device theft we have here on the Metro in DC.

  2. One rationale often put forward for open payments is that collecting fares is not a core activity of transit. That is ludicrous. Large transit agencies such as New York and Washington have large and efficient processing capacity. Particularly true for rail and less true for buses although Smartcards have made inroads to the volume of bus currency. Prepaid media, transit benefits are far less costly. Credit/debit processing while necessary for transit and the riders is quite costly and carries no efficiency of scale. Credit/debit fraud at transit ATM’s is significant. IT systems and support of those systems is also expensive. Card associations are a product of the banks and provide limited protections to the merchant.

Comments are closed.