post related to my last question about Deutschland-Job-Ticket and avoiding google, a company the transportation authority seems to have a deal with.
Some of you have suggested I download a pkpass file. Great!, let me download something so I can save it to my phone!
Nope, the google icon I pasted in my first post (see here as well) simply redirects me to a google service to CREATE A F&#(#&% ACCOUNT WITH THEM!!
motherf*$)#(#...
I just learned what a pkpass file because some of you seem to know this technology, but ain't it an apple technology?
Second question is, how widespread is the use of pkpass in Germany for travel documents and for android devices? I don't know if most of the people answering this question are people not residing in Germany.
And yet another question, if I send an email asking the transportation authority what kind of technology they use for travel documents, if they provide any alternative to google or any way to download the ticket in either pkpass format or any other format that doesn't require me to give my personal data to a data grabber, if they provide plastic travel cards to people that won't allow their data to be used by google, what are the chances they won't ignore me or outright laugh at me?
When I cross the Atlantic I pdf or screenshot the plane ticket. Never had a problem. Why can't this be like that?
The explanation is easy: Public transport has lots of tight regulations. The use of pkpass files is not in these rules, therefore nobody uses it directly.
The use of screenshots or PDFs is not secure. Fraud would be way too easy if they allowed it. Airplane tickets are an exception: because there are so many passport checks at airports, forged tickets are rare.
If I remember correctly, pkpass is a Apple standard. So maybe you can import the file into a wallet app. Then it may become usable for you. But that's just a wild guess.
I am legitimately curious how that would result in fraud? The ticket still has to be scanned which can not be forged (i hope at least?)
They can be copied, or are copies. If you have a copy, the idea to manipulate it's content is not far, for example the name.
People are actually selling such simple copies.
Yes, the data in the barcode contains encryption and signatures, so it is not easy to manipulate that, and when it is scanned, there are many checks running.
This is untrue.
The idea to manipulate the name is not feasable. And if it were it would not be used to fake Deutschlandtickets, but rather anything else that needs cryptography and brings extremely more money.
People are either selling tickets that are not scannable, scan on the wrong name, or in one case, got access to the private key of a regional provider and had the possibility to legally sign tickets. These tickets were then undistinguishable from legal ones, because they were legal ones (for the purposes of the system). But these tickets would also have been valid if they were not screenshots.
Yes. The fraudsters can change the visible name, not the one stored in the barcode. I have seen some that looked like really childish "paintbrush" copy & paste.
The point is: these things are not made to stand a check of the barcode. They are just made for selling them to stupid people.
And that scheme has worked in the very beginning of the Deutschlandticket. It does not work anymore now, because nobody accepts a screenshot or PDF anymore.
Give me 20 minutes in an HTML editor or android studio and I can make you an "app" that looks real, but isn't. You don't even need to be a "real" programmer for that. It looking real proves literally nothing
This makes no sense. How does the train ticket identify the rightful owner without checking their id? Instead of a screenshot, couldn't a person just download someone elses ticket in the app? How are these two different?
You are asking how the ticket inspectors are doing their job. Well, I guess some are doing it more thoroughly, others... less.
Rules just say it should be digital. Everything else is the local transport provider wanting to get you to use their app, and / or people not understanding how digital stuff works.
Sadly, the local transport provider will absolutely fine you for that bs, and it being in their terms and conditions, you probably would have to pay.
LOL.
Here you can read the standards in public transport. Several thousand pages in total, I guess. They are binding, if you want to create electronic tickets that are valid.
https://www.eticket-deutschland.de/eticket/vdv-ka-und-eticore/