Linked by Thom Holwerda on Mon 22nd May 2017 11:42 UTC
In the News

Like many other countries, The Netherlands uses a chip card for paying and using public transport, and while there's been a number of issues regarding its security, privacy, and stability, it won't be going anywhere any time soon. Just today, the various companies announced a new initiative where Android users can use their smartphones instead of their chip cards to pay for and use public transport.

The new initiative, jointly developed by the various companies operating our public transport system and our carriers, is Android-only, because Apple "does not allow it to work, on a technical level", and even then, it's only available on two of our three major carriers for now.

This got me thinking about something we rarely talk about: the increasing reliance on external platforms for vital societal infrastructure. While this is a test for now, it's easy to see how the eventual phasing out of the chip cards - already labelled as "outdated" by the companies involved - will mean we have to rely on platforms beyond society's control for vital societal infrastructure. Chip cards for public transport or banks or whatever are a major expense, and there's a clear economic incentive to eliminate them and rely on e.g. smartphones instead.

As we increasingly outsource access to vital societal infrastructure to foreign, external corporations, we have to start asking ourselves what this actually means. Things like public transport, payments, taxes, and so on, are absolutely critical to the functioning of our society, and to me, it seems like a terrible idea to restrict access to them to platforms beyond our own control.

Can you imagine what happens if an update to an application required to access public transport gets denied by Apple? What if the tool for paying your taxes gets banned from the Play Store days before the tax deadline? What if a crucial payment application is removed from the App Store? Imagine the immense, irreparable damage this could do to a society in mere hours.

If these systems - for whatever reason - break down today, we can hold our politicians accountable, because they bear the responsibility for these systems. During the introduction of our current public transport chip card and its early growing pains, our parliament demanded swift action from the responsible minister (secretary in American parlance). Since the private companies responsible for the chip card system took part in a tender process with strict demands, guidelines, rules, and possible consequences for failure to deliver, said companies could and can be held accountable by the government. This covers the entire technological stack, from the cards themselves up to the control systems that run everything.

If we move to a world where applications for iOS and Android are the only way to access crucial government-provided services, this system of accountability breaks down, because while the application itself would be part of the tender process, meaning its creator would be accountable, the platforms it runs on would not - i.e., only a part of the stack is covered. In other words, if Google or Apple decides to reject an update or remove an application - they are not accountable for the consequences in the same way a party to a government tender would be. The system of accountability breaks down.

Of course, even today this system of accountability isn't perfect, but it is a vital path for recourse in case private companies fail to deliver. I'm sure not every one of you even agrees the above is a problem at all - especially Americans have a more positive view of corporate services compared to government services (not entirely unreasonable if you look at the state of US government services today). In countries like The Netherlands, though, despite our constant whining about every one of these services, they actually rank among the very best in the world.

I am genuinely worried about the increasing reliance on - especially - technology companies without them actually being part of the system of accountability. The fact that we might, one day, be required to rely on black boxes like iOS devices, Microsoft computers, or Google Play Services-enabled Android phones to access vital government services is a threat to our society and the functioning of our democracy. With access to things like public transport, money, and all that come with those, locked to closed-source platforms, we, the people, will have zero control over the pillars of our own societies.

What can we do to address this? I believe we need to take aggressive steps - at the EU-level - to demand full public access to the source code that underpins the platforms that are vital to the functioning of our society. We, the people, have the right to know how these systems work, what they do, and how secure they really are. As computers and phones become the only way to access and use crucial government services, they must be fully 100% open source.

We as The Netherlands are irrelevant and would never be able to make such demands stick, but the EU is one of the most powerful economic blocks in the world. If you want access to the wealthy 450 million customers in the European Union (figure excludes the UK), your software must be open source so that we can ensure the security and stability of our infrastructure. If you do not comply, you will be denied access to this huge economic block. Most of you will probably balk at this suggestion, but I truly believe it is the only way to guarantee the security and stability of vital government services we rely on every single day.

We should not rely on closed-source, foreign code for our government services. It's time the European Union starts thinking about how to address this threat.

Thread beginning with comment 644613
To view parent comment, click here.
To read all comments associated with this story, please click here.
Alfman
Member since:
2011-01-28

acobar,

Even though I agree with your assertion, there is a reason they are at their positions and it is for accountability, if something goes wrong on transfer of funds in a transaction they are the ones you will be calling (usually). It is like a mafia sell of protection, but one most of us have, somehow, consented on paying. Society is still a wild west when money is at stake, accountability is a must.



Well, as a consumer, you deal with your bank. Even store credit/debit cards are backed a bank. Try calling the phone number on the back of your cards, you'll find it reaches the bank and not Visa/Mastercard. They are strictly middlemen and if we had widely deployed open source transaction processing networks, then visa/mastercard would be entirely unnecessary.

I understand they initially filled an important purpose, but these days they'd be easily replaceable if it weren't for their widespread market control.


Edit: I'm not particularly promoting bitcoins, but they are noteworthy for bringing about P2P technology to the point where all middle men, and even the banks can be eliminated.

Edited 2017-05-22 20:04 UTC

Reply Parent Score: 2

acobar Member since:
2005-11-15

You don't travel abroad a lot do you? If you did you would have the displeasure to discover that your bank may not has a presence on many countries but your credit card company does. They fill a niche, they are a middleman, but until we have a better system we have no option but deal with them. Your bank likes them because it allows your bank to cover a wider area without a lot of investment. Business owners count on them to lower the risks and try to compensate their own costs inserting any loss on products price. To them, after all, it is you that are going to pay the expenses.

As you, I would pretty much like to have lower taxes on transactions but, unless there is a large intervention on the way the system works today, I don't see it going through a huge change. The incentives are not there for banks, even though it may be there for other business, specially big ones, and, for what I have seen, they all want their cut without changing the costs that much (actually, I suspect that Apple cuts would be worse).

Again, if such open source system is to be created, who is going to bear the cost of fraudulent operations? You know, they are not going to disappear.

For almost the same reason, lower risks, we buy insurance policies for burglary and whatnot. On an ideal world we should drop them but we don't live at such world yet (perhaps, we never will).

Reply Parent Score: 2

Alfman Member since:
2011-01-28

acobar,

You don't travel abroad a lot do you? If you did you would have the displeasure to discover that your bank may not has a presence on many countries but your credit card company does.


Many banks don't even have a national presence either, even in the US. But this is beside the point, I don't have a "credit card company", I have a bank. As consumers, you and I don't deal directly with Visa/Mastercard. We have credit cards issued and managed by banks, and it's our banks that we deal with EVEN for foreign transactions and even if our banks don't have a foreign presence.

In other words, the fact that our banks participate in Visa/Mastercard networks means that cards issued by our banks can be used to make purchases from merchants who also participate in the Visa/Mastercard networks, regardless of where they are in the world.

They fill a niche, they are a middleman, but until we have a better system we have no option but deal with them. Your bank likes them because it allows your bank to cover a wider area without a lot of investment.


The role played by visa/mastercard as middlemen can technically be eliminated with open federated protocols. It's not about the lack of better options, but about how noncompetitive the market is for alternatives to visa/mastercard. I personally dislike the crippling forces of visa & mastercard, yet I still have one because the reality is if my card doesn't have one of those logos on it, it's not going to be accepted by the stories I buy from. Conversely, as a merchant, if you don't accept visa & mastercard, your going to loose the majority of customers if you can't accept visa / mastercard.


These aren't technical problems, these are competitiveness/market oligopoly problems.


Business owners count on them to lower the risks and try to compensate their own costs inserting any loss on products price. To them, after all, it is you that are going to pay the expenses.



This is where having a competitive market would help. Unfortunately once the market is controlled by a few incumbents, new competition tends to be non-viable. Even counting on a government fix is unlikely since the lobbying power of credit card companies is too great.

Reply Parent Score: 2