The future of ticketing: ITSO?

crablab

Member
Joined
8 Feb 2020
Messages
265
Location
UK
I've commented in a number of threads about ITSO, but I thought it was worth creating a new one to discuss specifically the upsides/downsides of ITSO and how it will be used for ticketing in the future.

As has been mentioned elsewhere, there is currently a big industry push towards changing the way tickets are issued and introducing clearer pricing and flexible fares (eg. carnets, part time seasons etc.)

I view ITSO as an important standard for a few reasons:
- It's interoperable - you can use ITSO compliant devices on any operator (which extend far beyond the rail network)
- It supports mobile first ticketing - with ITSO Transit Hub, you can buy a ticket on your phone and add it straight to Google Pay
- It facilities more flexible ticketing options that customers now expect

It's been pointed out that until ITSO is supported on iOS devices, uptake will be limited, which I agree with.

Beyond that, what do people think?
 
Sponsor Post - registered members do not see these adverts; click here to register, or click here to log in
R

RailUK Forums

Bletchleyite

Veteran Member
Joined
20 Oct 2014
Messages
58,231
Location
"Marston Vale mafia"
It's outmoded before you even start with it. True e-ticketing, with the ticket in a database as per an air ticket and the passenger just carrying some sort of reference to it, be that a barcode, a "dumb" smartcard, a transaction number, their ID or whatever, is the future, and we should be looking towards that.

For short distance non-season ticketing in cities, contactless payment cards are the way.

Smartcards, or any other system where the passenger holds the record on an item of some kind be that a phone or a card, are 2000s technology, not 2020s technology.
 

crablab

Member
Joined
8 Feb 2020
Messages
265
Location
UK
Smartcards, or any other system where the passenger holds the record on an item of some kind be that a phone or a card, are 2000s technology, not 2020s technology.
contactless payment cards are the way.
How do you think EMV cards work? ;) They are significantly more complex than just a record in a database and carry out cryptographic operations on the card! When you add your card to your favourite wallet app, your phone is then emulating the chip.

True e-ticketing, with the ticket in a database as per an air ticket and the passenger just carrying some sort of reference to it, be that a barcode, a "dumb" smartcard, a transaction number, their ID or whatever, is the future, and we should be looking towards that.
I think fundamentally we may disagree here.

This requires every gateline to have a stable internet connection 100% of the time, and massive scaling of centralised infrastructure up to cope with a peak time rush of commuters, and down again in quieter hours. You suddenly need a lot of very expensive IT infrastructure to make this work at all, let alone well.

As I've mentioned before, there is a reason that it takes time for your Oyster history to update, there is a reason that TfL batch charges you for journeys at the end of the day rather than when you tap in on the bus.

By making everything simply a reference to something in a database, you lose the ability to validate the information at the edge and thus a lot of redundancy. Even e-tickets, as I understand, are signed blobs of data, as opposed to just a reference - they can be validated offline.

There is a shift in IoT towards edge computing where although there are records in a database, devices do much of the processing outside of the cloud and report back with aggregate, instead of precise, data.

I would suggest what you propose is a 2010s utopian vision, which the world is moving on from :)
 

Bletchleyite

Veteran Member
Joined
20 Oct 2014
Messages
58,231
Location
"Marston Vale mafia"
How do you think EMV cards work? ;) They are significantly more complex than just a record in a database and carry out cryptographic operations on the card! When you add your card to your favourite wallet app, your phone is then emulating the chip.
That's because of a need for extra security to prevent people just copying them. All they in principle do, though, is to transfer the card number and expiry date and a few other bits of data. The processing is done on the back end.

It isn't like Mondex (remember that?) where the balance was stored on the card. Or Oyster, where it still is (as well as in the back end).

I think fundamentally we may disagree here.
I think we do, yes.

This requires every gateline to have a stable internet connection 100% of the time, and massive scaling of centralised infrastructure up to cope with a peak time rush of commuters, and down again in quieter hours. You suddenly need a lot of very expensive IT infrastructure to make this work at all, let alone well.
That's just about doable now. In 5 years it'll be easy. In 10, it's a given.

Northern's rentathugs, for example, are already doing ticket checking using their phones which do an immediate online check.

As I've mentioned before, there is a reason that it takes time for your Oyster history to update, there is a reason that TfL batch charges you for journeys at the end of the day rather than when you tap in on the bus.
The former is because Oyster is 15 years out of date - it's mid-2000s tech, not 2020 tech. The latter is so capping can be applied; putting the transactions on then refunding at the end of the day would be messy and poor customer service, and would leave you out of pocket until the cap kicked in.

By making everything simply a reference to something in a database, you lose the ability to validate the information at the edge and thus a lot of redundancy.
But you gain massive flexibility. Most notably, a lost ticket can be reissued easily - just print off another reference to it.

Even e-tickets, as I understand, are signed blobs of data, as opposed to just a reference - they can be validated offline.
The present e-tickets are, yes, which is why I refer to "true e-ticketing" as the kind airlines do (and Megabus etc) - all you need is your 6-character PNR[1] in any form you like, plus potentially ID. Indeed, before airlines realised they could save money by doing away with check-in desks, you literally just had to walk up to the desk with your passport, and they'd type your name in and see what flight you were booked on.

There is a shift in IoT towards edge computing where although there are records in a database, devices do much of the processing outside of the cloud and report back with aggregate, instead of precise, data.
Client vs. server processing bounces back and forth all the time, roughly every 10-20 years or so. I wouldn't read anything into that.

I would suggest what you propose is a 2010s utopian vision, which the world is moving on from :)
No, it's something that will be made easier as we move to a situation where near-unlimited bandwidth, always-on Internet connections are available on every centimetre of the UK's land surface - and certainly anywhere there's a gated railway station. It really will not be long.

Now it might be that that PNR is transmitted via NFC from the phone, but that doesn't break the principle.

[1] PNR stands for "Passenger Name Record", largely for historical reasons, in actual fact it's the primary key of the booking record in the airline's booking system.
 

Rhydgaled

Established Member
Joined
25 Nov 2010
Messages
3,473
It's outmoded before you even start with it. True e-ticketing, with the ticket in a database as per an air ticket and the passenger just carrying some sort of reference to it, be that a barcode, a "dumb" smartcard, a transaction number, their ID or whatever, is the future, and we should be looking towards that.
Are we assuming that we will get 100% 3G (at least) mobile network coverage including in tunnels and the highlands of Wales and Scotland? If not, and your ticket is held not on your person but somewhere out on the internet, what happens when the guard/RPI comes round to check your ticket while your train is in a tunnel? Or you try to board a bus in the middle of nowhere surrounded by mountains? My Wales Concessionary Travel Pass has an ITSO logo on the back, I presume it would work if I tried to board a bus in a mobile blackspot in rural Wales. If you want multi-modal ticketing, you need to look beyond railway station gatelines.
 
Joined
20 May 2009
Messages
307
Location
Bromley
It's outmoded before you even start with it. True e-ticketing, with the ticket in a database as per an air ticket and the passenger just carrying some sort of reference to it, be that a barcode, a "dumb" smartcard, a transaction number, their ID or whatever, is the future, and we should be looking towards that.
On a small or closed system, I'd be inclined to agree. However, at scale, this becomes more problematic. That reliance on an always-available back-office system is just not realistic. If that system goes down, or your connection to that system goes down, you no longer have any way of issuing or validating tickets.

I've had so many service providers commit to 100% uptime but even today, I never get better than 98%. Cell masts can develop faults, cables can be damaged or stolen, developers and engineers can introduce human error and cause systemwide outages. Heck, a close friend of mine knocked-out Germany's internet for the better half of a day because he accidentally knocked out a kettle lead whilst he was handling some computer equipment!

Faults and failures happen, which is why a distributed or de-centralised system is more robust. Sure, you'll have a centralised back-of-house system for administration and auditing purposes, but the system needs to be able to have its own degree of redundancy built in. That means being able to read the metadata of someone's travel entitlement even if a network connection is temporarily unavailable.

The ITSO standard is nowhere near as old as the Oyster system, but I'm sure it is starting to age and despite a level of future-proofing, they'll probably want to succeed it with some kind of "version 2" specification.
 

crablab

Member
Joined
8 Feb 2020
Messages
265
Location
UK
That's because of a need for extra security to prevent people just copying them. All they in principle do, though, is to transfer the card number and expiry date and a few other bits of data. The processing is done on the back end.
I entirely disagree :) Cards are extremely complex and can authorise transactions offline, without ever talking to the backend! This is probably a seperate discussion, but I have an intimate knowledge of EMV and Mastercard, so would be very happy to explain more :)

The latter is so capping can be applied; putting the transactions on then refunding at the end of the day would be messy and poor customer service, and would leave you out of pocket until the cap kicked in.
You can do that with authorisation advices, which would update the amount owed in realtime at the bank end (which could then be shown in your bank's app!). It wouldn't be poor, if implemented correctly, but it's also very difficult to do at scale.

But you gain massive flexibility. Most notably, a lost ticket can be reissued easily - just print off another reference to it.
Do you though? Always needing a constant connection to a datacentre does not strike me as "massive flexibility".

I appreciate the lost ticket issue - I think that requires more thought in either system, regardless.

Indeed, before airlines realised they could save money by doing away with check-in desks, you literally just had to walk up to the desk with your passport, and they'd type your name in and see what flight you were booked on.
And what happens when Amadeus goes down? (as it does regularly) Do I need to link to the various BA outages? ;)

Client vs. server processing bounces back and forth all the time, roughly every 10-20 years or so. I wouldn't read anything into that.
Agreed. I am interested in the future of edge computing, however.

My Wales Concessionary Travel Pass has an ITSO logo on the back, I presume it would work if I tried to board a bus in a mobile blackspot in rural Wales. If you want multi-modal ticketing, you need to look beyond railway station gatelines.
Yup! And the best bit is, you could take it to London and use it to buy a Travelcard from SWR, GTR etc.

Faults and failures happen, which is why a distributed or de-centralised system is more robust. Sure, you'll have a centralised back-of-house system for administration and auditing purposes, but the system needs to be able to have its own degree of redundancy built in. That means being able to read the metadata of someone's travel entitlement even if a network connection is temporarily unavailable.
Entirely agree :)

they'll probably want to succeed it with some kind of "version 2" specification.
There have already been several updates to it, including ITSO Transit Hub which supports mobile device emulation of the ITSO card.
 

Bletchleyite

Veteran Member
Joined
20 Oct 2014
Messages
58,231
Location
"Marston Vale mafia"
I entirely disagree :) Cards are extremely complex and can authorise transactions offline, without ever talking to the backend!
And so can typing in the card number and expiry date, at least in principle (though pretty much no retailer/merchant would agree to that being done without an authorisation). You can even get one of those old fashioned impression machines out if you really want.

It is nothing like ITSO, not even slightly. All the actual work (i.e. the moving of money from one person to the other) is done in the backend.
 

crablab

Member
Joined
8 Feb 2020
Messages
265
Location
UK
All the actual work (i.e. the moving of money from one person to the other) is done in the backend.
Entirely agree, but there are lots of reasons for this.

CDA capable cards can authorise offline, equally they could authorise online - it depends on what connection the terminal has. Regardless, this is then submitted in batch at clearing and presentments are processed completely asynchronously. This adds a lot of redundancy and slack into the system.

In your world of everything online, there is no provision for latency or any fallback for any kind of offline processing. Everything has to be online and that central database always has to be available.
 

Geeves

Established Member
Joined
6 Jan 2009
Messages
1,146
Location
Rochdale
Northern are currently trialing smart card validation machines at stations on the Harrogate line. I would think (like the Metrolink in Manchester and Underground) you will eventually just be able to use a contactless bank card for short trips at least. Seems to be way they are looking at going for shorter trips and "smarter" smart cards that work on a day on day off basis rather than just running down day by day. Looks like Northern are heading towards an ITSO and contactless bank card future.

As has been said there has been alot of downtime recently with E tickets and everything being online, sometimes the issue is national. Not great!
 

squizzler

Established Member
Joined
4 Jan 2017
Messages
1,385
Location
Jersey, Channel Islands
ITSO compatibility should be mandated by law for mobile phones sold in the UK.

However in the short term might a solution be for ticket issuers to make do with Google Pay and Apple Wallet rather than their own bespoke app for storing tickets on users' mobile phones? These latter systems are handy for storing tickets tied to specific trains and seat reservation as opposed to just tap-in, tap-out as per Oyster and presumably ITSO.
 
Last edited:

Bletchleyite

Veteran Member
Joined
20 Oct 2014
Messages
58,231
Location
"Marston Vale mafia"
In your world of everything online, there is no provision for latency or any fallback for any kind of offline processing. Everything has to be online and that central database always has to be available.
That database could of course be federated in some way - so this would be mitigated. No need to federate it as far as individual devices, and there are many, many good reasons not to do so.
 

3141

Established Member
Joined
1 Apr 2012
Messages
1,524
Location
Overton, Hampshire
There's something faintly amusing, if one has a warped sense of humour, to read these IT zealots laying into one another, but tickets are bought by real people, and not all of them will want to be forced into somebody else's promised land. When I travel by train it doesn't cause me any difficulty or pain to buy a normal ticket. I don't want to have to put assorted programs on my phone in order to travel. I don't even want to be compelled to remember to take a phone with me when I go out, or to make sure it's fully charged or I might be stuck on the wrong side of a barrier. I don't believe that all these fancy systems will always work reliably, since daily experience throws up systems that have gone wrong in some way or other, and when they don't work the immediate reaction of the operator is to blame the customer for having pressed the wrong button or tried to cheat.

No doubt there'll be some who'd just love some kind of IT dominated future, but remember that it isn't everyone.
 

K.o.R

Member
Joined
6 Dec 2017
Messages
529
For me, I don't care what the underlying technology is. I just want to be able to go through a gateline anywhere in the country without needing to faff around taking a ticket out of its wallet. One card, all my tickets, all modes of transport if you're feeling really motivated.
 

infobleep

Established Member
Joined
27 Feb 2011
Messages
9,841
There's something faintly amusing, if one has a warped sense of humour, to read these IT zealots laying into one another, but tickets are bought by real people, and not all of them will want to be forced into somebody else's promised land. When I travel by train it doesn't cause me any difficulty or pain to buy a normal ticket. I don't want to have to put assorted programs on my phone in order to travel. I don't even want to be compelled to remember to take a phone with me when I go out, or to make sure it's fully charged or I might be stuck on the wrong side of a barrier. I don't believe that all these fancy systems will always work reliably, since daily experience throws up systems that have gone wrong in some way or other, and when they don't work the immediate reaction of the operator is to blame the customer for having pressed the wrong button or tried to cheat.

No doubt there'll be some who'd just love some kind of IT dominated future, but remember that it isn't everyone.
If a ticket doesn't print for some reason from a TVM, some staff might seek to blame the customer

I once was sorting out a wallet to reduce the amount in it. I accidentally took out my train ticket and the next morning travelled without one because the ticket barrier was open and I didn't check. I got a penalty fare.

I admit I did once leave my phone behind so that is possible.

So non mobile ticketing also had downsides just like mobile ticketing.
 

HSTEd

Veteran Member
Joined
14 Jul 2011
Messages
11,726
For me, I don't care what the underlying technology is. I just want to be able to go through a gateline anywhere in the country without needing to faff around taking a ticket out of its wallet. One card, all my tickets, all modes of transport if you're feeling really motivated.
The problem with this is then you have to provide a foolproof algorithm for chosing which ticket to "use" in any given situation.

I can think of several edge cases wherethis could be somewhat problematic.
 

Bletchleyite

Veteran Member
Joined
20 Oct 2014
Messages
58,231
Location
"Marston Vale mafia"
I'd love to know how anyone is going to fit an electronic, internet connected ticket reader to Sugar Loaf!
Electronic = solar powered - or whatever powers the lights!
Internet connected = well, not at the moment, but within 10 years there will be blanket mobile Internet coverage of the UK, I'm certain of it.

In practice, it would be the guard's mobile device, though.
 

urbophile

Member
Joined
8 Nov 2019
Messages
184
Location
Liverpool
I'm not a technophobe but many people are. There are also many (admittedly a tiny proportion of the train travelling demographic) without access to credit cards for various reasons. There will always be a need for paper tickets or another non-tech equivalent. Any long term solution needs to recognise this.
 

jon0844

Veteran Member
Joined
1 Feb 2009
Messages
24,493
Location
UK
ITSO is but one of many weapons in the smart armory as we fight the war against magstripe. All have their place but for us at least ITSO only plays a small supporting role.
You can develop all of these smart solutions, but still retain an old fashioned printed ticket at the same time. I would say that the magstrip should go and any future tickets can have an Aztec code on them, with all gates modified to have the appropriate readers (and staff able to read on their own devices). Then you can issue a ticket on paper, card, a PDF or whatever you feel like as a fallback system for those unable to use the newer technology.

A gate can easily detect the same code used twice locally, and data can be synced at regular intervals (but not realtime) to notify other gates that a ticket has been used.

Current paper tickets are definitely due an update.
 

Haywain

Established Member
Joined
3 Feb 2013
Messages
4,797
I would say that the magstrip should go and any future tickets can have an Aztec code on them, with all gates modified to have the appropriate readers
That ticket with a barcode on it is a smart ticket, it doesn’t matter that it is printed out on paper.
 

Wallsendmag

Established Member
Joined
11 Dec 2014
Messages
2,309
Location
Wallsend or somewhere on the ECML
You can develop all of these smart solutions, but still retain an old fashioned printed ticket at the same time. I would say that the magstrip should go and any future tickets can have an Aztec code on them, with all gates modified to have the appropriate readers (and staff able to read on their own devices). Then you can issue a ticket on paper, card, a PDF or whatever you feel like as a fallback system for those unable to use the newer technology.

A gate can easily detect the same code used twice locally, and data can be synced at regular intervals (but not realtime) to notify other gates that a ticket has been used.

Current paper tickets are definitely due an update.
Like this you mean ?
 

Attachments

island

Veteran Member
Joined
30 Dec 2010
Messages
11,163
Location
0036
[1] PNR stands for "Passenger Name Record", largely for historical reasons, in actual fact it's the primary key of the booking record in the airline's booking system.
If we are being quite technical, the PNR is the record itself. The primary key (of six characters in aviation and eight on the railway) is correctly called the record locator.
 

Top