post related to my last question about Deutschland-Job-Ticket and avoiding google, a company the transportation authority seems to have a deal with.
Some of you have suggested I download a pkpass file. Great!, let me download something so I can save it to my phone!
Nope, the google icon I pasted in my first post (see here as well) simply redirects me to a google service to CREATE A F&#(#&% ACCOUNT WITH THEM!!
motherf*$)#(#…
I just learned what a pkpass file because some of you seem to know this technology, but ain’t it an apple technology?
Second question is, how widespread is the use of pkpass in Germany for travel documents and for android devices? I don’t know if most of the people answering this question are people not residing in Germany.
And yet another question, if I send an email asking the transportation authority what kind of technology they use for travel documents, if they provide any alternative to google or any way to download the ticket in either pkpass format or any other format that doesn’t require me to give my personal data to a data grabber, if they provide plastic travel cards to people that won’t allow their data to be used by google, what are the chances they won’t ignore me or outright laugh at me?
When I cross the Atlantic I pdf or screenshot the plane ticket. Never had a problem. Why can’t this be like that?
I am legitimately curious how that would result in fraud? The ticket still has to be scanned which can not be forged (i hope at least?)
They can be copied, or are copies. If you have a copy, the idea to manipulate it’s content is not far, for example the name.
People are actually selling such simple copies.
Yes, the data in the barcode contains encryption and signatures, so it is not easy to manipulate that, and when it is scanned, there are many checks running.
Give me 20 minutes in an HTML editor or android studio and I can make you an “app” that looks real, but isn’t. You don’t even need to be a “real” programmer for that. It looking real proves literally nothing
This is untrue.
The idea to manipulate the name is not feasable. And if it were it would not be used to fake Deutschlandtickets, but rather anything else that needs cryptography and brings extremely more money.
People are either selling tickets that are not scannable, scan on the wrong name, or in one case, got access to the private key of a regional provider and had the possibility to legally sign tickets. These tickets were then undistinguishable from legal ones, because they were legal ones (for the purposes of the system). But these tickets would also have been valid if they were not screenshots.
Yes. The fraudsters can change the visible name, not the one stored in the barcode. I have seen some that looked like really childish “paintbrush” copy & paste.
The point is: these things are not made to stand a check of the barcode. They are just made for selling them to stupid people.
And that scheme has worked in the very beginning of the Deutschlandticket. It does not work anymore now, because nobody accepts a screenshot or PDF anymore.