“Obviously this is a great fit for abusers,” an expert on domestic violence and cybersecurity said.
  •  ArtificialLink   ( @ArtificialLink@yall.theatl.social ) English
    99 months ago

    I mean sure they could probably display less information when you punch in that card number. But the biggest sticking point for this is I don’t see how they could create a secure system without forcing you to create an account? Which personally I think would be ridiculous.

    •  TostiHawaii   ( @TostiHawaii@feddit.nl ) 
      119 months ago

      In the Netherlands, they solved this by adding a randomly generated transaction reference to the payment. This will appear on your bank / credit card statement. To view details for the transaction (time and location of entry/exit), you have to enter the paid amount and reference.

      However, this will only give you info for a single transaction. If you want to see an overview of all your transactions, you need to create an account in their app. After linking your card to your account, again using the reference and amount for a transaction, you can view your travel history.

    •  bytor9   ( @bytor9@lemmy.ml ) 
      59 months ago

      Every city had a fine system using cash/coins or cards you could fund at a kiosk by cash coin or card. Those cards were anonymous.

      Now everyone has to be fancy and link credit cards and phones to accounts for every activity of daily life.

      •  ArtificialLink   ( @ArtificialLink@yall.theatl.social ) English
        19 months ago

        The card system would probably be best where just buy a card and load it up at a kiosk. There would still be potential security vulnerabilities if you were allow someone to "anonymously "view that transaction. Or allow someone to view the card trips. Which would just be logged with its number.

        And I’m just more so talking about the current system they have in place. I’m not sure what else they could do utilizing their current system except for forcing some kind of account

        •  bytor9   ( @bytor9@lemmy.ml ) 
          69 months ago

          It would be trivially easy to add privacy any number of ways if they didn’t insist on tracking the users and logging that info.

          They could even track it and just not make it available by web. Or require 2FA. Not exactly a nation-state level attack being described here.

          People have just become accustomed to not caring about privacy and so that’s what we get.

          •  bamboo   ( @bamboo@lemmy.blahaj.zone ) English
            19 months ago

            I had ExpressPay before OMNY and that also had a list of every transaction in the website where you had to refill your card. Ever since they came out with the MetroCard, I assume there was a shadow profile per card and that was linked to the credit card number on file if that was the method the card was purchased by.

            Personally, I value the transactions list, since it makes it easier to verify I was billed properly and got the free transfer or the 13th ride free. I’ve not had to dispute anything yet but I imagine it’ll be easier to bring up any issues with customer service over the phone after the fact, than the station agent.

            There’s always the dedicated OMNY cards you can buy from stores, although I’m not sure if it’s possible to refill with cash directly somehow. For the most privacy focused, it’s good this option exists, and at least maintains most of the privacy as the MetroCards used to.