What's the 2-minute timer on mobile Deutsche Bahn tickets?PDF tickets on phone on Deutsche BahnDeutsche Bahn: Reliable wifi on train?Why is a single return ticket more expensive than separate tickets for the two sectors?Paying for Deutsche Bahn tickets with cashCan I travel Italian regional train tickets in the opposite direction of travel?Train from Brussels to DusseldorfAre Deutsche Bahn ticket details available when bought on the day of the trip?Free travel with S-Bahn with Deutsche Bahn Intercity TicketDeutsche Bahn (DB) Lounge BerlinDeutsche Bahn not responding?
Was Mohammed the most popular first name for boys born in Berlin in 2018?
Is there an application which does HTTP PUT?
How long can fsck take on a 30 TB volume?
Why is the episode called "The Last of the Starks"?
What will Doctor Strange protect now?
Cyclic queue using an array in C#
What's an appropriate age to involve kids in life changing decisions?
Gift for mentor after his thesis defense?
Why did Ham the Chimp push levers?
What computer port is this?
What are my options legally if NYC company is not paying salary?
Is there a reason why Turkey took the Balkan territories of the Ottoman Empire, instead of Greece or another of the Balkan states?
When was it publicly revealed that a KH-11 spy satellite took pictures of the first Shuttle flight?
Should one save up to purchase a house/condo or maximize their 401(k) first?
Why doesn't Dany protect her dragons better?
Capturing the entire webpage with WebExecute's CaptureImage
And now you see it II (the B side)
Align a table column at a specific symbol
Is the tensor product (of vector spaces) commutative?
What's the difference between "ricochet" and "bounce"?
GLM: Modelling proportional data - account for variation in total sample size
When I add a cylinder, it doesn't even show up on my screen at all
My parents are Afghan
How would an instant or sorcery with an effect that targets work with Feather?
What's the 2-minute timer on mobile Deutsche Bahn tickets?
PDF tickets on phone on Deutsche BahnDeutsche Bahn: Reliable wifi on train?Why is a single return ticket more expensive than separate tickets for the two sectors?Paying for Deutsche Bahn tickets with cashCan I travel Italian regional train tickets in the opposite direction of travel?Train from Brussels to DusseldorfAre Deutsche Bahn ticket details available when bought on the day of the trip?Free travel with S-Bahn with Deutsche Bahn Intercity TicketDeutsche Bahn (DB) Lounge BerlinDeutsche Bahn not responding?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
A few days ago I purchased a single ticket from Cologne (Köln) to Aachen via the DB Navigator app. The ticket was valid for 6 hours after the purchase, however a timer started from 00:00 and stopped at 02:00 as seen on the image below.
What is the purpose of this timer?
P.S. I returned to Cologne with a different ticket, the same timer appeared again.
trains tickets germany deutsche-bahn
asked May 4 at 19:12
ahmedusahmedus
3,70172556
|
show 1 more comment
A few days ago I purchased a single ticket from Cologne (Köln) to Aachen via the DB Navigator app. The ticket was valid for 6 hours after the purchase, however a timer started from 00:00 and stopped at 02:00 as seen on the image below.
What is the purpose of this timer?
P.S. I returned to Cologne with a different ticket, the same timer appeared again.
trains tickets germany deutsche-bahn
asked May 4 at 19:12
ahmedusahmedus
3,70172556
2
Makes me wonder if you have 2 minutes to stop the sale, after commiting?
– Willeke♦
May 4 at 20:05
@Willeke There was a button "Edit Order", it looked active both before and after the timer expired. I haven't tried, but your guess might be a case.
– ahmedus
May 4 at 20:16
@Willeke: AFAIK unfortunately, no.
– cbeleites
May 4 at 22:30
1
This timer is not specific to Deutsche Bahn app, you can see it in (almost) every app of local transport companies too.
– Neusser
May 4 at 22:48
3
Or cheap, sufficient enough solution when looking at what the attack vector is. If you use local transit, and you look at the people who would cheat and not buying tickets, honestly the majority of them will most likely not know how to hack a mobile app.
– dunni
2 days ago
|
show 1 more comment
A few days ago I purchased a single ticket from Cologne (Köln) to Aachen via the DB Navigator app. The ticket was valid for 6 hours after the purchase, however a timer started from 00:00 and stopped at 02:00 as seen on the image below.
What is the purpose of this timer?
P.S. I returned to Cologne with a different ticket, the same timer appeared again.
trains tickets germany deutsche-bahn
asked May 4 at 19:12
ahmedusahmedus
3,70172556
A few days ago I purchased a single ticket from Cologne (Köln) to Aachen via the DB Navigator app. The ticket was valid for 6 hours after the purchase, however a timer started from 00:00 and stopped at 02:00 as seen on the image below.
What is the purpose of this timer?
P.S. I returned to Cologne with a different ticket, the same timer appeared again.
trains tickets germany deutsche-bahn
trains tickets germany deutsche-bahn
asked May 4 at 19:12
ahmedusahmedus
3,70172556
asked May 4 at 19:12
ahmedusahmedus
3,70172556
asked May 4 at 19:12
ahmedusahmedus
3,70172556
asked May 4 at 19:12
ahmedusahmedus
3,70172556
asked May 4 at 19:12
ahmedusahmedus
3,70172556
3,70172556
2
Makes me wonder if you have 2 minutes to stop the sale, after commiting?
– Willeke♦
May 4 at 20:05
@Willeke There was a button "Edit Order", it looked active both before and after the timer expired. I haven't tried, but your guess might be a case.
– ahmedus
May 4 at 20:16
@Willeke: AFAIK unfortunately, no.
– cbeleites
May 4 at 22:30
1
This timer is not specific to Deutsche Bahn app, you can see it in (almost) every app of local transport companies too.
– Neusser
May 4 at 22:48
3
Or cheap, sufficient enough solution when looking at what the attack vector is. If you use local transit, and you look at the people who would cheat and not buying tickets, honestly the majority of them will most likely not know how to hack a mobile app.
– dunni
2 days ago
|
show 1 more comment
2
Makes me wonder if you have 2 minutes to stop the sale, after commiting?
– Willeke♦
May 4 at 20:05
@Willeke There was a button "Edit Order", it looked active both before and after the timer expired. I haven't tried, but your guess might be a case.
– ahmedus
May 4 at 20:16
@Willeke: AFAIK unfortunately, no.
– cbeleites
May 4 at 22:30
1
This timer is not specific to Deutsche Bahn app, you can see it in (almost) every app of local transport companies too.
– Neusser
May 4 at 22:48
3
Or cheap, sufficient enough solution when looking at what the attack vector is. If you use local transit, and you look at the people who would cheat and not buying tickets, honestly the majority of them will most likely not know how to hack a mobile app.
– dunni
2 days ago
2
2
Makes me wonder if you have 2 minutes to stop the sale, after commiting?
– Willeke♦
May 4 at 20:05
Makes me wonder if you have 2 minutes to stop the sale, after commiting?
– Willeke♦
May 4 at 20:05
@Willeke There was a button "Edit Order", it looked active both before and after the timer expired. I haven't tried, but your guess might be a case.
– ahmedus
May 4 at 20:16
@Willeke There was a button "Edit Order", it looked active both before and after the timer expired. I haven't tried, but your guess might be a case.
– ahmedus
May 4 at 20:16
@Willeke: AFAIK unfortunately, no.
– cbeleites
May 4 at 22:30
@Willeke: AFAIK unfortunately, no.
– cbeleites
May 4 at 22:30
1
1
This timer is not specific to Deutsche Bahn app, you can see it in (almost) every app of local transport companies too.
– Neusser
May 4 at 22:48
This timer is not specific to Deutsche Bahn app, you can see it in (almost) every app of local transport companies too.
– Neusser
May 4 at 22:48
3
3
Or cheap, sufficient enough solution when looking at what the attack vector is. If you use local transit, and you look at the people who would cheat and not buying tickets, honestly the majority of them will most likely not know how to hack a mobile app.
– dunni
2 days ago
Or cheap, sufficient enough solution when looking at what the attack vector is. If you use local transit, and you look at the people who would cheat and not buying tickets, honestly the majority of them will most likely not know how to hack a mobile app.
– dunni
2 days ago
|
show 1 more comment
4 Answers
4
active
oldest
votes
According to this link (only in German), it is to check if you have bought the ticket just right now or a sufficient amount of time before. The rules usually are, that you have to buy a ticket before you get on the train. Now, with mobile tickets, some "clever" people thought, they just need to buy a ticket when they see the conductor, and to ride free when they don't see one. In local transit (especially trams, and more and more regional trains) you don't have a regular conductor in every train anymore, but just ticket checking teams, which go around the city. Obviously they can only cover a small part of the available transit vehicles.
This is most likely the reason why the operators introduced this timer, so that it's visible for the conductor if you have bought the ticket just right now or more than 2 minutes ago.
answered May 4 at 20:32
dunnidunni
4,35111522
2
Don't you need to scan the QR code like any other paper tickets? That timer seems a pretty bad solution against fraud... It same as buying the ticket and waiting for the operator to punch it.
– Alexis_FR_JP
May 5 at 2:08
19
@Alexis_FR_JP a hacked version of the DB app forcing the timer to always show 02:00 is probably available somewhere already. Its a security theater.
– JonathanReez♦
May 5 at 2:12
6
@JonathanReez This is not at all security theatre; see my answer below for why.
– Curt J. Sampson
2 days ago
5
So do even more "clever" people try to see the ticket checker coming, quickly buy the ticket, and then stall for a little bit until the two minute timer runs out? If you spend a little bit of time arguing with the ticket checker, then a bit of time fumbling for your phone, you could probably waste two minutes.
– Zach Lipton
2 days ago
7
@xji: Also, if the timer show 45 seconds, and you only entered the tram 30 seconds ago, that is fine. You don't have to stand outside for two minutes before you are allowed to enter. You just need to have the ticket bought before you enter.
– Jörg W Mittag
2 days ago
|
show 12 more comments
@dunni's answer describes the attack that this security measure attempts to mitgate. A comment on his answer claims that this is "security theatre"; I describe in this answer (because this explanation is too long to fit into a comment) why it is not.
Most security measures cannot completely prevent attacks. An effective security measure is one that increases the cost to the attacker significantly while not also increasing costs to the defender beyond reasonable economic return.
This is why spot checks for tickets work though they sometimes allow people to travel for free: though an attacker can simply not buy a ticket and stand a chance of gaining free travel, if the penalty when this is discovered is high enough most potential attackers will choose to buy a ticket rather than run the risk of paying the fine or suffering other punishment
In this case, there are two requirements for an attacker:
1. Write or obtain a version of the app in appears to be the official one and which displays the same result as if the user had purchased the ticket well before the conductor arrived to check it.
2. Side-load this app, since Deutsche Bahn can fairly easily ensure that one appearing in the official store is easily taken down.
Writing such an app is significantly difficult; it involves not only having the skill to duplicate the app itself, but also overcoming any security measures protecting the original app (such as being able to extract any necessary keys from it necessary to instruct the DB servers to purchase a ticket).
Of course, once even one person writes such an app, it could be shared with others incapable of doing so. But finding such an app once it's written is also not completely trivial; DB also may have the ability, even if it's not on the official store, to get it taken down through legal means. If they can't do that, they can also easily change how their app works (different security keys, different network protocols, different display) to require the app's author to update it.
Even should the app be easily available, the user still needs to be sophisticated enough to side-load the app (since it won't be available from the official app store) and must also be willing to run the personal security risk that the app author is malicious and actually wrote the app to attack the users who download it, rather than DB.
All of the above combine to make a fairly high cost to the attacker, whereas for DB to add the timer to their existing app is very little work. Spending a few days of developer and tester time to add this feature to the application thus probably pays itself off very easily even if it prevents only 50% of the potential attackers from executing the attack (though it probably prevents a far higher percentage).
The reason something like American TSA security checks qualify as security theatre is because they impose very large costs on the defenders for very little gain against attackers. These checks exist because the costs are mainly borne by people who can do little about it (airlines and their passengers) whereas the benefits (looking like you're doing something about a problem) accrue only to some government and elected officials who suffer little of the overall cost.
answered 2 days ago
Curt J. SampsonCurt J. Sampson
53116
New contributor
Curt J. Sampson is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
11
Or perhaps there is already a timestamp and the timer is just for the convenience of the user?
– JonathanReez♦
2 days ago
15
Isn’t all you need a screenshot of the ticket from the legitimate application, and to draw a new timer box over it? I don’t see why the application would need to talk to the DB servers at all, from what’s presented here.
– Michael Homer
2 days ago
14
If the timer reached 2 minutes, it starts blinking. Forgot to mention this in my answer. So a screenshot will not work.
– dunni
2 days ago
9
Finally, the Barcode reveals if a ticket is just a minute old, and no further information is necessary. Having no valid paper ticket already leads to long discussions. Now, imagine the discussion when the passenger has a technically valid ticket, and the conductor insists it was bought just a minute ago. The timer ends this immediately. I also guess that most passengers would not use any fraud app - but would try to buy a ticket when they spot the conductor.
– sweber
2 days ago
8
It's admittedly tricky to re-write the whole app. It's not tricky to put a graphical element on the screen showing "2:00".
– theonlygusti
2 days ago
|
show 14 more comments
There is already a good answer: It provides an additional quick visual indicator in case the passenger bought the ticket only after entering the vehicle and spotting the conductor.
But let's add some more context.
Ticket controls do not usually pay for themselves with fines. Ticket controls are paid for by getting more people to buy tickets. The goal of ticket controls is not to catch passengers who cheat, it's to encourage passengers to buy valid tickets.
There are plenty of ways to circumvent the timer, starting with "My phone just crashed, the reboot will be done in a minute", and ending with software that creates a forged ticket. But I speculate that the app creators speculated that the timer reminds potential cheaters that purchase time is relevant. That would encourage those people to buy valid tickets.
To address comments to the other answers, which raised the legitimate concern of forged tickets defeating the timer: Purchase time stays relevant even if one of multiple mechanisms that show purchase time is defeated. And being caught with a forged ticket can be way more inconvenient than being caught without a ticket.
answered 2 days ago
PeterPeter
1,143512
1
This more directly and clearly explains one of the key points I was trying to make in my answer. Excellent answer!
– Curt J. Sampson
2 days ago
2
"It keeps honest people honest" is most likely the best reason behind all these security features. Any software security developed by humans can be defeated by other humans, given enough time & incentive. Increasing the difficulty of defeating the system keeps more people honest.
– FreeMan
yesterday
Just like the old saying - locks don't stop thieves, they stop honest people
– llama
yesterday
3
@llama With the very important caveat that, absent locks and any credible threat of being caught, an unfortunate number of honest people would act in a dishonest way.
– J...
14 hours ago
add a comment |
This is all about a ticketing system called Proof of Payment.
Historically, conductors walked every train and checked every passenger, selling them a ticket if needed. However, this was expensive to staff, so they looked at ways to automate this.
They came up with a modified "honor system" where people would buy tickets, and carry proof of this. Then, random checks would occur, with expensive fines for violators.
- In the first cut of this, tickets were sold at machines at stations. The station would put a timestamp on the ticket, and it was only valid for a limited time (so you couldn't use the same ticket over and over and over).
- You couldn't buy tickets on the train, or else people would simply linger at the ticket machine and buy a ticket if they saw a fare inspector.
- Then they offered advance sales (e.g. 10-ride ticket books), but you had to "validate" (put a time-stamp on it) at time of use at the station.
- When smartphones came along, that brought back the problem of people buying tickets only when they see the inspector coming. It's even worse; on the smart device you could go through all the steps to buy a ticket, and pause at the final "Complete sale" button; and click that as the inspector enters the car.
So the timer is an attempt to crack that problem. It shows the inspector that the purchaser bought the ticket seconds ago; but more importantly, it shows the purchaser that the the inspector knows that.
The inspector can already get that information off the barcode; so it's more of a deterrent to the purchaser.
answered 2 hours ago
HarperHarper
14k32665
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "273"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2ftravel.stackexchange.com%2fquestions%2f137927%2fwhats-the-2-minute-timer-on-mobile-deutsche-bahn-tickets%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
According to this link (only in German), it is to check if you have bought the ticket just right now or a sufficient amount of time before. The rules usually are, that you have to buy a ticket before you get on the train. Now, with mobile tickets, some "clever" people thought, they just need to buy a ticket when they see the conductor, and to ride free when they don't see one. In local transit (especially trams, and more and more regional trains) you don't have a regular conductor in every train anymore, but just ticket checking teams, which go around the city. Obviously they can only cover a small part of the available transit vehicles.
This is most likely the reason why the operators introduced this timer, so that it's visible for the conductor if you have bought the ticket just right now or more than 2 minutes ago.
answered May 4 at 20:32
dunnidunni
4,35111522
2
Don't you need to scan the QR code like any other paper tickets? That timer seems a pretty bad solution against fraud... It same as buying the ticket and waiting for the operator to punch it.
– Alexis_FR_JP
May 5 at 2:08
19
@Alexis_FR_JP a hacked version of the DB app forcing the timer to always show 02:00 is probably available somewhere already. Its a security theater.
– JonathanReez♦
May 5 at 2:12
6
@JonathanReez This is not at all security theatre; see my answer below for why.
– Curt J. Sampson
2 days ago
5
So do even more "clever" people try to see the ticket checker coming, quickly buy the ticket, and then stall for a little bit until the two minute timer runs out? If you spend a little bit of time arguing with the ticket checker, then a bit of time fumbling for your phone, you could probably waste two minutes.
– Zach Lipton
2 days ago
7
@xji: Also, if the timer show 45 seconds, and you only entered the tram 30 seconds ago, that is fine. You don't have to stand outside for two minutes before you are allowed to enter. You just need to have the ticket bought before you enter.
– Jörg W Mittag
2 days ago
|
show 12 more comments
According to this link (only in German), it is to check if you have bought the ticket just right now or a sufficient amount of time before. The rules usually are, that you have to buy a ticket before you get on the train. Now, with mobile tickets, some "clever" people thought, they just need to buy a ticket when they see the conductor, and to ride free when they don't see one. In local transit (especially trams, and more and more regional trains) you don't have a regular conductor in every train anymore, but just ticket checking teams, which go around the city. Obviously they can only cover a small part of the available transit vehicles.
This is most likely the reason why the operators introduced this timer, so that it's visible for the conductor if you have bought the ticket just right now or more than 2 minutes ago.
answered May 4 at 20:32
dunnidunni
4,35111522
2
Don't you need to scan the QR code like any other paper tickets? That timer seems a pretty bad solution against fraud... It same as buying the ticket and waiting for the operator to punch it.
– Alexis_FR_JP
May 5 at 2:08
19
@Alexis_FR_JP a hacked version of the DB app forcing the timer to always show 02:00 is probably available somewhere already. Its a security theater.
– JonathanReez♦
May 5 at 2:12
6
@JonathanReez This is not at all security theatre; see my answer below for why.
– Curt J. Sampson
2 days ago
5
So do even more "clever" people try to see the ticket checker coming, quickly buy the ticket, and then stall for a little bit until the two minute timer runs out? If you spend a little bit of time arguing with the ticket checker, then a bit of time fumbling for your phone, you could probably waste two minutes.
– Zach Lipton
2 days ago
7
@xji: Also, if the timer show 45 seconds, and you only entered the tram 30 seconds ago, that is fine. You don't have to stand outside for two minutes before you are allowed to enter. You just need to have the ticket bought before you enter.
– Jörg W Mittag
2 days ago
|
show 12 more comments
According to this link (only in German), it is to check if you have bought the ticket just right now or a sufficient amount of time before. The rules usually are, that you have to buy a ticket before you get on the train. Now, with mobile tickets, some "clever" people thought, they just need to buy a ticket when they see the conductor, and to ride free when they don't see one. In local transit (especially trams, and more and more regional trains) you don't have a regular conductor in every train anymore, but just ticket checking teams, which go around the city. Obviously they can only cover a small part of the available transit vehicles.
This is most likely the reason why the operators introduced this timer, so that it's visible for the conductor if you have bought the ticket just right now or more than 2 minutes ago.
answered May 4 at 20:32
dunnidunni
4,35111522
According to this link (only in German), it is to check if you have bought the ticket just right now or a sufficient amount of time before. The rules usually are, that you have to buy a ticket before you get on the train. Now, with mobile tickets, some "clever" people thought, they just need to buy a ticket when they see the conductor, and to ride free when they don't see one. In local transit (especially trams, and more and more regional trains) you don't have a regular conductor in every train anymore, but just ticket checking teams, which go around the city. Obviously they can only cover a small part of the available transit vehicles.
This is most likely the reason why the operators introduced this timer, so that it's visible for the conductor if you have bought the ticket just right now or more than 2 minutes ago.
answered May 4 at 20:32
dunnidunni
4,35111522
answered May 4 at 20:32
dunnidunni
4,35111522
answered May 4 at 20:32
dunnidunni
4,35111522
answered May 4 at 20:32
dunnidunni
4,35111522
4,35111522
2
Don't you need to scan the QR code like any other paper tickets? That timer seems a pretty bad solution against fraud... It same as buying the ticket and waiting for the operator to punch it.
– Alexis_FR_JP
May 5 at 2:08
19
@Alexis_FR_JP a hacked version of the DB app forcing the timer to always show 02:00 is probably available somewhere already. Its a security theater.
– JonathanReez♦
May 5 at 2:12
6
@JonathanReez This is not at all security theatre; see my answer below for why.
– Curt J. Sampson
2 days ago
5
So do even more "clever" people try to see the ticket checker coming, quickly buy the ticket, and then stall for a little bit until the two minute timer runs out? If you spend a little bit of time arguing with the ticket checker, then a bit of time fumbling for your phone, you could probably waste two minutes.
– Zach Lipton
2 days ago
7
@xji: Also, if the timer show 45 seconds, and you only entered the tram 30 seconds ago, that is fine. You don't have to stand outside for two minutes before you are allowed to enter. You just need to have the ticket bought before you enter.
– Jörg W Mittag
2 days ago
|
show 12 more comments
2
Don't you need to scan the QR code like any other paper tickets? That timer seems a pretty bad solution against fraud... It same as buying the ticket and waiting for the operator to punch it.
– Alexis_FR_JP
May 5 at 2:08
19
@Alexis_FR_JP a hacked version of the DB app forcing the timer to always show 02:00 is probably available somewhere already. Its a security theater.
– JonathanReez♦
May 5 at 2:12
6
@JonathanReez This is not at all security theatre; see my answer below for why.
– Curt J. Sampson
2 days ago
5
So do even more "clever" people try to see the ticket checker coming, quickly buy the ticket, and then stall for a little bit until the two minute timer runs out? If you spend a little bit of time arguing with the ticket checker, then a bit of time fumbling for your phone, you could probably waste two minutes.
– Zach Lipton
2 days ago
7
@xji: Also, if the timer show 45 seconds, and you only entered the tram 30 seconds ago, that is fine. You don't have to stand outside for two minutes before you are allowed to enter. You just need to have the ticket bought before you enter.
– Jörg W Mittag
2 days ago
2
2
Don't you need to scan the QR code like any other paper tickets? That timer seems a pretty bad solution against fraud... It same as buying the ticket and waiting for the operator to punch it.
– Alexis_FR_JP
May 5 at 2:08
Don't you need to scan the QR code like any other paper tickets? That timer seems a pretty bad solution against fraud... It same as buying the ticket and waiting for the operator to punch it.
– Alexis_FR_JP
May 5 at 2:08
19
19
@Alexis_FR_JP a hacked version of the DB app forcing the timer to always show 02:00 is probably available somewhere already. Its a security theater.
– JonathanReez♦
May 5 at 2:12
@Alexis_FR_JP a hacked version of the DB app forcing the timer to always show 02:00 is probably available somewhere already. Its a security theater.
– JonathanReez♦
May 5 at 2:12
6
6
@JonathanReez This is not at all security theatre; see my answer below for why.
– Curt J. Sampson
2 days ago
@JonathanReez This is not at all security theatre; see my answer below for why.
– Curt J. Sampson
2 days ago
5
5
So do even more "clever" people try to see the ticket checker coming, quickly buy the ticket, and then stall for a little bit until the two minute timer runs out? If you spend a little bit of time arguing with the ticket checker, then a bit of time fumbling for your phone, you could probably waste two minutes.
– Zach Lipton
2 days ago
So do even more "clever" people try to see the ticket checker coming, quickly buy the ticket, and then stall for a little bit until the two minute timer runs out? If you spend a little bit of time arguing with the ticket checker, then a bit of time fumbling for your phone, you could probably waste two minutes.
– Zach Lipton
2 days ago
7
7
@xji: Also, if the timer show 45 seconds, and you only entered the tram 30 seconds ago, that is fine. You don't have to stand outside for two minutes before you are allowed to enter. You just need to have the ticket bought before you enter.
– Jörg W Mittag
2 days ago
@xji: Also, if the timer show 45 seconds, and you only entered the tram 30 seconds ago, that is fine. You don't have to stand outside for two minutes before you are allowed to enter. You just need to have the ticket bought before you enter.
– Jörg W Mittag
2 days ago
|
show 12 more comments
@dunni's answer describes the attack that this security measure attempts to mitgate. A comment on his answer claims that this is "security theatre"; I describe in this answer (because this explanation is too long to fit into a comment) why it is not.
Most security measures cannot completely prevent attacks. An effective security measure is one that increases the cost to the attacker significantly while not also increasing costs to the defender beyond reasonable economic return.
This is why spot checks for tickets work though they sometimes allow people to travel for free: though an attacker can simply not buy a ticket and stand a chance of gaining free travel, if the penalty when this is discovered is high enough most potential attackers will choose to buy a ticket rather than run the risk of paying the fine or suffering other punishment
In this case, there are two requirements for an attacker:
1. Write or obtain a version of the app in appears to be the official one and which displays the same result as if the user had purchased the ticket well before the conductor arrived to check it.
2. Side-load this app, since Deutsche Bahn can fairly easily ensure that one appearing in the official store is easily taken down.
Writing such an app is significantly difficult; it involves not only having the skill to duplicate the app itself, but also overcoming any security measures protecting the original app (such as being able to extract any necessary keys from it necessary to instruct the DB servers to purchase a ticket).
Of course, once even one person writes such an app, it could be shared with others incapable of doing so. But finding such an app once it's written is also not completely trivial; DB also may have the ability, even if it's not on the official store, to get it taken down through legal means. If they can't do that, they can also easily change how their app works (different security keys, different network protocols, different display) to require the app's author to update it.
Even should the app be easily available, the user still needs to be sophisticated enough to side-load the app (since it won't be available from the official app store) and must also be willing to run the personal security risk that the app author is malicious and actually wrote the app to attack the users who download it, rather than DB.
All of the above combine to make a fairly high cost to the attacker, whereas for DB to add the timer to their existing app is very little work. Spending a few days of developer and tester time to add this feature to the application thus probably pays itself off very easily even if it prevents only 50% of the potential attackers from executing the attack (though it probably prevents a far higher percentage).
The reason something like American TSA security checks qualify as security theatre is because they impose very large costs on the defenders for very little gain against attackers. These checks exist because the costs are mainly borne by people who can do little about it (airlines and their passengers) whereas the benefits (looking like you're doing something about a problem) accrue only to some government and elected officials who suffer little of the overall cost.
answered 2 days ago
Curt J. SampsonCurt J. Sampson
53116
New contributor
Curt J. Sampson is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
11
Or perhaps there is already a timestamp and the timer is just for the convenience of the user?
– JonathanReez♦
2 days ago
15
Isn’t all you need a screenshot of the ticket from the legitimate application, and to draw a new timer box over it? I don’t see why the application would need to talk to the DB servers at all, from what’s presented here.
– Michael Homer
2 days ago
14
If the timer reached 2 minutes, it starts blinking. Forgot to mention this in my answer. So a screenshot will not work.
– dunni
2 days ago
9
Finally, the Barcode reveals if a ticket is just a minute old, and no further information is necessary. Having no valid paper ticket already leads to long discussions. Now, imagine the discussion when the passenger has a technically valid ticket, and the conductor insists it was bought just a minute ago. The timer ends this immediately. I also guess that most passengers would not use any fraud app - but would try to buy a ticket when they spot the conductor.
– sweber
2 days ago
8
It's admittedly tricky to re-write the whole app. It's not tricky to put a graphical element on the screen showing "2:00".
– theonlygusti
2 days ago
|
show 14 more comments
@dunni's answer describes the attack that this security measure attempts to mitgate. A comment on his answer claims that this is "security theatre"; I describe in this answer (because this explanation is too long to fit into a comment) why it is not.
Most security measures cannot completely prevent attacks. An effective security measure is one that increases the cost to the attacker significantly while not also increasing costs to the defender beyond reasonable economic return.
This is why spot checks for tickets work though they sometimes allow people to travel for free: though an attacker can simply not buy a ticket and stand a chance of gaining free travel, if the penalty when this is discovered is high enough most potential attackers will choose to buy a ticket rather than run the risk of paying the fine or suffering other punishment
In this case, there are two requirements for an attacker:
1. Write or obtain a version of the app in appears to be the official one and which displays the same result as if the user had purchased the ticket well before the conductor arrived to check it.
2. Side-load this app, since Deutsche Bahn can fairly easily ensure that one appearing in the official store is easily taken down.
Writing such an app is significantly difficult; it involves not only having the skill to duplicate the app itself, but also overcoming any security measures protecting the original app (such as being able to extract any necessary keys from it necessary to instruct the DB servers to purchase a ticket).
Of course, once even one person writes such an app, it could be shared with others incapable of doing so. But finding such an app once it's written is also not completely trivial; DB also may have the ability, even if it's not on the official store, to get it taken down through legal means. If they can't do that, they can also easily change how their app works (different security keys, different network protocols, different display) to require the app's author to update it.
Even should the app be easily available, the user still needs to be sophisticated enough to side-load the app (since it won't be available from the official app store) and must also be willing to run the personal security risk that the app author is malicious and actually wrote the app to attack the users who download it, rather than DB.
All of the above combine to make a fairly high cost to the attacker, whereas for DB to add the timer to their existing app is very little work. Spending a few days of developer and tester time to add this feature to the application thus probably pays itself off very easily even if it prevents only 50% of the potential attackers from executing the attack (though it probably prevents a far higher percentage).
The reason something like American TSA security checks qualify as security theatre is because they impose very large costs on the defenders for very little gain against attackers. These checks exist because the costs are mainly borne by people who can do little about it (airlines and their passengers) whereas the benefits (looking like you're doing something about a problem) accrue only to some government and elected officials who suffer little of the overall cost.
answered 2 days ago
Curt J. SampsonCurt J. Sampson
53116
New contributor
Curt J. Sampson is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
11
Or perhaps there is already a timestamp and the timer is just for the convenience of the user?
– JonathanReez♦
2 days ago
15
Isn’t all you need a screenshot of the ticket from the legitimate application, and to draw a new timer box over it? I don’t see why the application would need to talk to the DB servers at all, from what’s presented here.
– Michael Homer
2 days ago
14
If the timer reached 2 minutes, it starts blinking. Forgot to mention this in my answer. So a screenshot will not work.
– dunni
2 days ago
9
Finally, the Barcode reveals if a ticket is just a minute old, and no further information is necessary. Having no valid paper ticket already leads to long discussions. Now, imagine the discussion when the passenger has a technically valid ticket, and the conductor insists it was bought just a minute ago. The timer ends this immediately. I also guess that most passengers would not use any fraud app - but would try to buy a ticket when they spot the conductor.
– sweber
2 days ago
8
It's admittedly tricky to re-write the whole app. It's not tricky to put a graphical element on the screen showing "2:00".
– theonlygusti
2 days ago
|
show 14 more comments
@dunni's answer describes the attack that this security measure attempts to mitgate. A comment on his answer claims that this is "security theatre"; I describe in this answer (because this explanation is too long to fit into a comment) why it is not.
Most security measures cannot completely prevent attacks. An effective security measure is one that increases the cost to the attacker significantly while not also increasing costs to the defender beyond reasonable economic return.
This is why spot checks for tickets work though they sometimes allow people to travel for free: though an attacker can simply not buy a ticket and stand a chance of gaining free travel, if the penalty when this is discovered is high enough most potential attackers will choose to buy a ticket rather than run the risk of paying the fine or suffering other punishment
In this case, there are two requirements for an attacker:
1. Write or obtain a version of the app in appears to be the official one and which displays the same result as if the user had purchased the ticket well before the conductor arrived to check it.
2. Side-load this app, since Deutsche Bahn can fairly easily ensure that one appearing in the official store is easily taken down.
Writing such an app is significantly difficult; it involves not only having the skill to duplicate the app itself, but also overcoming any security measures protecting the original app (such as being able to extract any necessary keys from it necessary to instruct the DB servers to purchase a ticket).
Of course, once even one person writes such an app, it could be shared with others incapable of doing so. But finding such an app once it's written is also not completely trivial; DB also may have the ability, even if it's not on the official store, to get it taken down through legal means. If they can't do that, they can also easily change how their app works (different security keys, different network protocols, different display) to require the app's author to update it.
Even should the app be easily available, the user still needs to be sophisticated enough to side-load the app (since it won't be available from the official app store) and must also be willing to run the personal security risk that the app author is malicious and actually wrote the app to attack the users who download it, rather than DB.
All of the above combine to make a fairly high cost to the attacker, whereas for DB to add the timer to their existing app is very little work. Spending a few days of developer and tester time to add this feature to the application thus probably pays itself off very easily even if it prevents only 50% of the potential attackers from executing the attack (though it probably prevents a far higher percentage).
The reason something like American TSA security checks qualify as security theatre is because they impose very large costs on the defenders for very little gain against attackers. These checks exist because the costs are mainly borne by people who can do little about it (airlines and their passengers) whereas the benefits (looking like you're doing something about a problem) accrue only to some government and elected officials who suffer little of the overall cost.
answered 2 days ago
Curt J. SampsonCurt J. Sampson
53116
New contributor
Curt J. Sampson is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
@dunni's answer describes the attack that this security measure attempts to mitgate. A comment on his answer claims that this is "security theatre"; I describe in this answer (because this explanation is too long to fit into a comment) why it is not.
Most security measures cannot completely prevent attacks. An effective security measure is one that increases the cost to the attacker significantly while not also increasing costs to the defender beyond reasonable economic return.
This is why spot checks for tickets work though they sometimes allow people to travel for free: though an attacker can simply not buy a ticket and stand a chance of gaining free travel, if the penalty when this is discovered is high enough most potential attackers will choose to buy a ticket rather than run the risk of paying the fine or suffering other punishment
In this case, there are two requirements for an attacker:
1. Write or obtain a version of the app in appears to be the official one and which displays the same result as if the user had purchased the ticket well before the conductor arrived to check it.
2. Side-load this app, since Deutsche Bahn can fairly easily ensure that one appearing in the official store is easily taken down.
Writing such an app is significantly difficult; it involves not only having the skill to duplicate the app itself, but also overcoming any security measures protecting the original app (such as being able to extract any necessary keys from it necessary to instruct the DB servers to purchase a ticket).
Of course, once even one person writes such an app, it could be shared with others incapable of doing so. But finding such an app once it's written is also not completely trivial; DB also may have the ability, even if it's not on the official store, to get it taken down through legal means. If they can't do that, they can also easily change how their app works (different security keys, different network protocols, different display) to require the app's author to update it.
Even should the app be easily available, the user still needs to be sophisticated enough to side-load the app (since it won't be available from the official app store) and must also be willing to run the personal security risk that the app author is malicious and actually wrote the app to attack the users who download it, rather than DB.
All of the above combine to make a fairly high cost to the attacker, whereas for DB to add the timer to their existing app is very little work. Spending a few days of developer and tester time to add this feature to the application thus probably pays itself off very easily even if it prevents only 50% of the potential attackers from executing the attack (though it probably prevents a far higher percentage).
The reason something like American TSA security checks qualify as security theatre is because they impose very large costs on the defenders for very little gain against attackers. These checks exist because the costs are mainly borne by people who can do little about it (airlines and their passengers) whereas the benefits (looking like you're doing something about a problem) accrue only to some government and elected officials who suffer little of the overall cost.
answered 2 days ago
Curt J. SampsonCurt J. Sampson
53116
New contributor
Curt J. Sampson is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
answered 2 days ago
Curt J. SampsonCurt J. Sampson
53116
New contributor
Curt J. Sampson is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
Curt J. SampsonCurt J. Sampson
53116
answered 2 days ago
Curt J. SampsonCurt J. Sampson
53116
53116
New contributor
Curt J. Sampson is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Curt J. Sampson is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
11
Or perhaps there is already a timestamp and the timer is just for the convenience of the user?
– JonathanReez♦
2 days ago
15
Isn’t all you need a screenshot of the ticket from the legitimate application, and to draw a new timer box over it? I don’t see why the application would need to talk to the DB servers at all, from what’s presented here.
– Michael Homer
2 days ago
14
If the timer reached 2 minutes, it starts blinking. Forgot to mention this in my answer. So a screenshot will not work.
– dunni
2 days ago
9
Finally, the Barcode reveals if a ticket is just a minute old, and no further information is necessary. Having no valid paper ticket already leads to long discussions. Now, imagine the discussion when the passenger has a technically valid ticket, and the conductor insists it was bought just a minute ago. The timer ends this immediately. I also guess that most passengers would not use any fraud app - but would try to buy a ticket when they spot the conductor.
– sweber
2 days ago
8
It's admittedly tricky to re-write the whole app. It's not tricky to put a graphical element on the screen showing "2:00".
– theonlygusti
2 days ago
|
show 14 more comments
11
Or perhaps there is already a timestamp and the timer is just for the convenience of the user?
– JonathanReez♦
2 days ago
15
Isn’t all you need a screenshot of the ticket from the legitimate application, and to draw a new timer box over it? I don’t see why the application would need to talk to the DB servers at all, from what’s presented here.
– Michael Homer
2 days ago
14
If the timer reached 2 minutes, it starts blinking. Forgot to mention this in my answer. So a screenshot will not work.
– dunni
2 days ago
9
Finally, the Barcode reveals if a ticket is just a minute old, and no further information is necessary. Having no valid paper ticket already leads to long discussions. Now, imagine the discussion when the passenger has a technically valid ticket, and the conductor insists it was bought just a minute ago. The timer ends this immediately. I also guess that most passengers would not use any fraud app - but would try to buy a ticket when they spot the conductor.
– sweber
2 days ago
8
It's admittedly tricky to re-write the whole app. It's not tricky to put a graphical element on the screen showing "2:00".
– theonlygusti
2 days ago
11
11
Or perhaps there is already a timestamp and the timer is just for the convenience of the user?
– JonathanReez♦
2 days ago
Or perhaps there is already a timestamp and the timer is just for the convenience of the user?
– JonathanReez♦
2 days ago
15
15
Isn’t all you need a screenshot of the ticket from the legitimate application, and to draw a new timer box over it? I don’t see why the application would need to talk to the DB servers at all, from what’s presented here.
– Michael Homer
2 days ago
Isn’t all you need a screenshot of the ticket from the legitimate application, and to draw a new timer box over it? I don’t see why the application would need to talk to the DB servers at all, from what’s presented here.
– Michael Homer
2 days ago
14
14
If the timer reached 2 minutes, it starts blinking. Forgot to mention this in my answer. So a screenshot will not work.
– dunni
2 days ago
If the timer reached 2 minutes, it starts blinking. Forgot to mention this in my answer. So a screenshot will not work.
– dunni
2 days ago
9
9
Finally, the Barcode reveals if a ticket is just a minute old, and no further information is necessary. Having no valid paper ticket already leads to long discussions. Now, imagine the discussion when the passenger has a technically valid ticket, and the conductor insists it was bought just a minute ago. The timer ends this immediately. I also guess that most passengers would not use any fraud app - but would try to buy a ticket when they spot the conductor.
– sweber
2 days ago
Finally, the Barcode reveals if a ticket is just a minute old, and no further information is necessary. Having no valid paper ticket already leads to long discussions. Now, imagine the discussion when the passenger has a technically valid ticket, and the conductor insists it was bought just a minute ago. The timer ends this immediately. I also guess that most passengers would not use any fraud app - but would try to buy a ticket when they spot the conductor.
– sweber
2 days ago
8
8
It's admittedly tricky to re-write the whole app. It's not tricky to put a graphical element on the screen showing "2:00".
– theonlygusti
2 days ago
It's admittedly tricky to re-write the whole app. It's not tricky to put a graphical element on the screen showing "2:00".
– theonlygusti
2 days ago
|
show 14 more comments
There is already a good answer: It provides an additional quick visual indicator in case the passenger bought the ticket only after entering the vehicle and spotting the conductor.
But let's add some more context.
Ticket controls do not usually pay for themselves with fines. Ticket controls are paid for by getting more people to buy tickets. The goal of ticket controls is not to catch passengers who cheat, it's to encourage passengers to buy valid tickets.
There are plenty of ways to circumvent the timer, starting with "My phone just crashed, the reboot will be done in a minute", and ending with software that creates a forged ticket. But I speculate that the app creators speculated that the timer reminds potential cheaters that purchase time is relevant. That would encourage those people to buy valid tickets.
To address comments to the other answers, which raised the legitimate concern of forged tickets defeating the timer: Purchase time stays relevant even if one of multiple mechanisms that show purchase time is defeated. And being caught with a forged ticket can be way more inconvenient than being caught without a ticket.
answered 2 days ago
PeterPeter
1,143512
1
This more directly and clearly explains one of the key points I was trying to make in my answer. Excellent answer!
– Curt J. Sampson
2 days ago
2
"It keeps honest people honest" is most likely the best reason behind all these security features. Any software security developed by humans can be defeated by other humans, given enough time & incentive. Increasing the difficulty of defeating the system keeps more people honest.
– FreeMan
yesterday
Just like the old saying - locks don't stop thieves, they stop honest people
– llama
yesterday
3
@llama With the very important caveat that, absent locks and any credible threat of being caught, an unfortunate number of honest people would act in a dishonest way.
– J...
14 hours ago
add a comment |
There is already a good answer: It provides an additional quick visual indicator in case the passenger bought the ticket only after entering the vehicle and spotting the conductor.
But let's add some more context.
Ticket controls do not usually pay for themselves with fines. Ticket controls are paid for by getting more people to buy tickets. The goal of ticket controls is not to catch passengers who cheat, it's to encourage passengers to buy valid tickets.
There are plenty of ways to circumvent the timer, starting with "My phone just crashed, the reboot will be done in a minute", and ending with software that creates a forged ticket. But I speculate that the app creators speculated that the timer reminds potential cheaters that purchase time is relevant. That would encourage those people to buy valid tickets.
To address comments to the other answers, which raised the legitimate concern of forged tickets defeating the timer: Purchase time stays relevant even if one of multiple mechanisms that show purchase time is defeated. And being caught with a forged ticket can be way more inconvenient than being caught without a ticket.
answered 2 days ago
PeterPeter
1,143512
1
This more directly and clearly explains one of the key points I was trying to make in my answer. Excellent answer!
– Curt J. Sampson
2 days ago
2
"It keeps honest people honest" is most likely the best reason behind all these security features. Any software security developed by humans can be defeated by other humans, given enough time & incentive. Increasing the difficulty of defeating the system keeps more people honest.
– FreeMan
yesterday
Just like the old saying - locks don't stop thieves, they stop honest people
– llama
yesterday
3
@llama With the very important caveat that, absent locks and any credible threat of being caught, an unfortunate number of honest people would act in a dishonest way.
– J...
14 hours ago
add a comment |
There is already a good answer: It provides an additional quick visual indicator in case the passenger bought the ticket only after entering the vehicle and spotting the conductor.
But let's add some more context.
Ticket controls do not usually pay for themselves with fines. Ticket controls are paid for by getting more people to buy tickets. The goal of ticket controls is not to catch passengers who cheat, it's to encourage passengers to buy valid tickets.
There are plenty of ways to circumvent the timer, starting with "My phone just crashed, the reboot will be done in a minute", and ending with software that creates a forged ticket. But I speculate that the app creators speculated that the timer reminds potential cheaters that purchase time is relevant. That would encourage those people to buy valid tickets.
To address comments to the other answers, which raised the legitimate concern of forged tickets defeating the timer: Purchase time stays relevant even if one of multiple mechanisms that show purchase time is defeated. And being caught with a forged ticket can be way more inconvenient than being caught without a ticket.
answered 2 days ago
PeterPeter
1,143512
There is already a good answer: It provides an additional quick visual indicator in case the passenger bought the ticket only after entering the vehicle and spotting the conductor.
But let's add some more context.
Ticket controls do not usually pay for themselves with fines. Ticket controls are paid for by getting more people to buy tickets. The goal of ticket controls is not to catch passengers who cheat, it's to encourage passengers to buy valid tickets.
There are plenty of ways to circumvent the timer, starting with "My phone just crashed, the reboot will be done in a minute", and ending with software that creates a forged ticket. But I speculate that the app creators speculated that the timer reminds potential cheaters that purchase time is relevant. That would encourage those people to buy valid tickets.
To address comments to the other answers, which raised the legitimate concern of forged tickets defeating the timer: Purchase time stays relevant even if one of multiple mechanisms that show purchase time is defeated. And being caught with a forged ticket can be way more inconvenient than being caught without a ticket.
answered 2 days ago
PeterPeter
1,143512
edited 2 days ago
answered 2 days ago
PeterPeter
1,143512
answered 2 days ago
PeterPeter
1,143512
answered 2 days ago
PeterPeter
1,143512
1,143512
1
This more directly and clearly explains one of the key points I was trying to make in my answer. Excellent answer!
– Curt J. Sampson
2 days ago
2
"It keeps honest people honest" is most likely the best reason behind all these security features. Any software security developed by humans can be defeated by other humans, given enough time & incentive. Increasing the difficulty of defeating the system keeps more people honest.
– FreeMan
yesterday
Just like the old saying - locks don't stop thieves, they stop honest people
– llama
yesterday
3
@llama With the very important caveat that, absent locks and any credible threat of being caught, an unfortunate number of honest people would act in a dishonest way.
– J...
14 hours ago
add a comment |
1
This more directly and clearly explains one of the key points I was trying to make in my answer. Excellent answer!
– Curt J. Sampson
2 days ago
2
"It keeps honest people honest" is most likely the best reason behind all these security features. Any software security developed by humans can be defeated by other humans, given enough time & incentive. Increasing the difficulty of defeating the system keeps more people honest.
– FreeMan
yesterday
Just like the old saying - locks don't stop thieves, they stop honest people
– llama
yesterday
3
@llama With the very important caveat that, absent locks and any credible threat of being caught, an unfortunate number of honest people would act in a dishonest way.
– J...
14 hours ago
1
1
This more directly and clearly explains one of the key points I was trying to make in my answer. Excellent answer!
– Curt J. Sampson
2 days ago
This more directly and clearly explains one of the key points I was trying to make in my answer. Excellent answer!
– Curt J. Sampson
2 days ago
2
2
"It keeps honest people honest" is most likely the best reason behind all these security features. Any software security developed by humans can be defeated by other humans, given enough time & incentive. Increasing the difficulty of defeating the system keeps more people honest.
– FreeMan
yesterday
"It keeps honest people honest" is most likely the best reason behind all these security features. Any software security developed by humans can be defeated by other humans, given enough time & incentive. Increasing the difficulty of defeating the system keeps more people honest.
– FreeMan
yesterday
Just like the old saying - locks don't stop thieves, they stop honest people
– llama
yesterday
Just like the old saying - locks don't stop thieves, they stop honest people
– llama
yesterday
3
3
@llama With the very important caveat that, absent locks and any credible threat of being caught, an unfortunate number of honest people would act in a dishonest way.
– J...
14 hours ago
@llama With the very important caveat that, absent locks and any credible threat of being caught, an unfortunate number of honest people would act in a dishonest way.
– J...
14 hours ago
add a comment |
This is all about a ticketing system called Proof of Payment.
Historically, conductors walked every train and checked every passenger, selling them a ticket if needed. However, this was expensive to staff, so they looked at ways to automate this.
They came up with a modified "honor system" where people would buy tickets, and carry proof of this. Then, random checks would occur, with expensive fines for violators.
- In the first cut of this, tickets were sold at machines at stations. The station would put a timestamp on the ticket, and it was only valid for a limited time (so you couldn't use the same ticket over and over and over).
- You couldn't buy tickets on the train, or else people would simply linger at the ticket machine and buy a ticket if they saw a fare inspector.
- Then they offered advance sales (e.g. 10-ride ticket books), but you had to "validate" (put a time-stamp on it) at time of use at the station.
- When smartphones came along, that brought back the problem of people buying tickets only when they see the inspector coming. It's even worse; on the smart device you could go through all the steps to buy a ticket, and pause at the final "Complete sale" button; and click that as the inspector enters the car.
So the timer is an attempt to crack that problem. It shows the inspector that the purchaser bought the ticket seconds ago; but more importantly, it shows the purchaser that the the inspector knows that.
The inspector can already get that information off the barcode; so it's more of a deterrent to the purchaser.
answered 2 hours ago
HarperHarper
14k32665
add a comment |
This is all about a ticketing system called Proof of Payment.
Historically, conductors walked every train and checked every passenger, selling them a ticket if needed. However, this was expensive to staff, so they looked at ways to automate this.
They came up with a modified "honor system" where people would buy tickets, and carry proof of this. Then, random checks would occur, with expensive fines for violators.
- In the first cut of this, tickets were sold at machines at stations. The station would put a timestamp on the ticket, and it was only valid for a limited time (so you couldn't use the same ticket over and over and over).
- You couldn't buy tickets on the train, or else people would simply linger at the ticket machine and buy a ticket if they saw a fare inspector.
- Then they offered advance sales (e.g. 10-ride ticket books), but you had to "validate" (put a time-stamp on it) at time of use at the station.
- When smartphones came along, that brought back the problem of people buying tickets only when they see the inspector coming. It's even worse; on the smart device you could go through all the steps to buy a ticket, and pause at the final "Complete sale" button; and click that as the inspector enters the car.
So the timer is an attempt to crack that problem. It shows the inspector that the purchaser bought the ticket seconds ago; but more importantly, it shows the purchaser that the the inspector knows that.
The inspector can already get that information off the barcode; so it's more of a deterrent to the purchaser.
answered 2 hours ago
HarperHarper
14k32665
add a comment |
This is all about a ticketing system called Proof of Payment.
Historically, conductors walked every train and checked every passenger, selling them a ticket if needed. However, this was expensive to staff, so they looked at ways to automate this.
They came up with a modified "honor system" where people would buy tickets, and carry proof of this. Then, random checks would occur, with expensive fines for violators.
- In the first cut of this, tickets were sold at machines at stations. The station would put a timestamp on the ticket, and it was only valid for a limited time (so you couldn't use the same ticket over and over and over).
- You couldn't buy tickets on the train, or else people would simply linger at the ticket machine and buy a ticket if they saw a fare inspector.
- Then they offered advance sales (e.g. 10-ride ticket books), but you had to "validate" (put a time-stamp on it) at time of use at the station.
- When smartphones came along, that brought back the problem of people buying tickets only when they see the inspector coming. It's even worse; on the smart device you could go through all the steps to buy a ticket, and pause at the final "Complete sale" button; and click that as the inspector enters the car.
So the timer is an attempt to crack that problem. It shows the inspector that the purchaser bought the ticket seconds ago; but more importantly, it shows the purchaser that the the inspector knows that.
The inspector can already get that information off the barcode; so it's more of a deterrent to the purchaser.
answered 2 hours ago
HarperHarper
14k32665
This is all about a ticketing system called Proof of Payment.
Historically, conductors walked every train and checked every passenger, selling them a ticket if needed. However, this was expensive to staff, so they looked at ways to automate this.
They came up with a modified "honor system" where people would buy tickets, and carry proof of this. Then, random checks would occur, with expensive fines for violators.
- In the first cut of this, tickets were sold at machines at stations. The station would put a timestamp on the ticket, and it was only valid for a limited time (so you couldn't use the same ticket over and over and over).
- You couldn't buy tickets on the train, or else people would simply linger at the ticket machine and buy a ticket if they saw a fare inspector.
- Then they offered advance sales (e.g. 10-ride ticket books), but you had to "validate" (put a time-stamp on it) at time of use at the station.
- When smartphones came along, that brought back the problem of people buying tickets only when they see the inspector coming. It's even worse; on the smart device you could go through all the steps to buy a ticket, and pause at the final "Complete sale" button; and click that as the inspector enters the car.
So the timer is an attempt to crack that problem. It shows the inspector that the purchaser bought the ticket seconds ago; but more importantly, it shows the purchaser that the the inspector knows that.
The inspector can already get that information off the barcode; so it's more of a deterrent to the purchaser.
answered 2 hours ago
HarperHarper
14k32665
answered 2 hours ago
HarperHarper
14k32665
answered 2 hours ago
HarperHarper
14k32665
answered 2 hours ago
HarperHarper
14k32665
14k32665
add a comment |
add a comment |
Thanks for contributing an answer to Travel Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2ftravel.stackexchange.com%2fquestions%2f137927%2fwhats-the-2-minute-timer-on-mobile-deutsche-bahn-tickets%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
2
Makes me wonder if you have 2 minutes to stop the sale, after commiting?
– Willeke♦
May 4 at 20:05
@Willeke There was a button "Edit Order", it looked active both before and after the timer expired. I haven't tried, but your guess might be a case.
– ahmedus
May 4 at 20:16
@Willeke: AFAIK unfortunately, no.
– cbeleites
May 4 at 22:30
1
This timer is not specific to Deutsche Bahn app, you can see it in (almost) every app of local transport companies too.
– Neusser
May 4 at 22:48
3
Or cheap, sufficient enough solution when looking at what the attack vector is. If you use local transit, and you look at the people who would cheat and not buying tickets, honestly the majority of them will most likely not know how to hack a mobile app.
– dunni
2 days ago