McGill student solves Opus puzzle
A McGill student has figured out how to recharge an Opus card using a phone, and made an app to do it. The ARTM had just agreed to pay millions to a French firm to do the same thing. Alex Lai has withdrawn his app at their request.
I understand why a young hacker might be challenged to figure out how Opus works, but why is the ARTM spending money to figure out its own technology?
Meezly 09:52 on 2023-08-22 Permalink
A government organization, like the ARTM, giving out a contract worth millions to a large French firm to create an app that could be created by one person, hmm… quel choquant! :-O
mare 10:13 on 2023-08-22 Permalink
These kind of apps need to be extremely hacker safe and should work correctly 100% of the time (or throw an error). Even if it gives free rides 0.001% of the time, and that’s still a lot of money lost. And likely will be abused so it becomes more than 0.001% The developing is expensive, but the testing even more. Millions more? I’ve no idea.
(I know the Dutch transport card, used for all modes of public transport in the entire country, was hacked. https://www.cs.vu.nl/~ast/ov-chip-card/ )
Kevin 10:13 on 2023-08-22 Permalink
@Meezly
Rule 1 for understanding Quebec: if it wasn’t developed here or in France, nobody has ever thought about it and it doesn’t exist.
Joey 10:31 on 2023-08-22 Permalink
There’s developing and deploying the tech (which probably pre-dates the Opus card), which the McGill student figured out pretty quickly, and there’s the ongoing management of the sales servers, which will generate significant, long-lasting revenue for the selected firm. This is so not my area of expertise, but it seems that the ARTM or STM would be better off figuring that end out on its own so as not to be in the hock to some external firm forever.
Blork 12:08 on 2023-08-22 Permalink
Bear in mind that ARTM is not a tech company, it’s a transportation company. I don’t know how extensive their IT and development departments are, but I’m guessing they’re not specialized on app development.
As others have suggested, there’s more to it than hacking out an app. There needs to be quality assurance, testing, hacker-proofing, and then on-going maintenance and updates of both the app and the servers and payment systems that lie behind it (although the payment system is likely third-party).
All that to say, it’s usually more efficient to outsource it to experts than to try to manage it yourself when this kind of app development is not your specialty.
There’s an alternate history here, where they develop it themselves, and it turns out to be buggy and not very user friendly, and gets hacked, and two years from now we’re all shaking our heads and thinking “what a bunch of idiots; why didn’t they outsourced it?”
thomas 13:03 on 2023-08-22 Permalink
Three years ago, ARTM launched a trial program called “Recharge OPUS.” This was an app for iPhones, made available through Apple’s TestFlight, and it was designed by a local firm. I tried out this app and found it quite unstable. On two occasions, after several attempts to recharge my Opus card using the app, the metro entrance reader failed to read my card correctly, and would wipe the card clean. Given that the program was discontinued shortly afterward, I suspect others might have had similar reliability issues.
Meezly 13:20 on 2023-08-22 Permalink
Some very good points made. Still, it makes me wonder… one, whether the cost is over-inflated (I finally looked at the article and 1.13M isn’t a terribly huge amount BUT this contract stipulates that royalties must be paid on each of the approximately seven million annual transactions). It’s very possible to create a stable and secure phone app with a small team within a reasonable amount of time, say two developers and a QA.
And two, whether there’s an “oh my uncle in France is CEO of this tech firm” situation, as I’m sure there are tech companies within Quebec and Canada that won’t demand royalties on each transaction made on the app!
Nicholas 17:03 on 2023-08-22 Permalink
The company with the contract is a spin-off of the company that designed the specifications behind the technology that OPUS uses, founded by the guy who invented chip cards (like not just for transit, but everything: bank cards, employee cards, etc.). They’re definitely not a two-bit operation.
Ephraim 19:25 on 2023-08-22 Permalink
Why can I pay with my phone all over Europe, but can’t here.