New York's subway pass system has taken action to prevent the potential tracking of passengers' journeys by deactivating a feature linked to the use of bank card information.
Taking Action to Prevent Potential Tracking
Engadget reported that Eugene Resnick, the spokesperson for the Metropolitan Transportation Authority, revealed that the agency made the decision to "disable the feature" as part of its continuous dedication to safeguarding customer privacy.
In a bid to provide customers with easy access to their tap-and-go trip histories, catering to both paid and free journeys, the feature was initially introduced, as explained by Resnick during an interview.
However, aligning with the MTA's unwavering dedication to safeguarding customer privacy, they have opted to deactivate this feature temporarily.
Their intent is to explore alternative methods of serving customers effectively. Consequently, the page that once facilitated seamless tracking now redirects users to the OMNY homepage.
The potential exploit in OMNY's security has ignited significant worries regarding the possibility of stalkers and malicious individuals exploiting this functionality to monitor potential targets.
The Surveillance Technology Oversight Project (STOP) strongly criticized the Metropolitan Transportation Authority (MTA) for its lack of foresight in this matter, as reported by The Verge.
Their prior caution about law enforcement potentially leveraging OMNY for comprehensive rider surveillance has now been underscored by the 'Check Trip History' feature.
This reveals the unsettling vulnerability of OMNY data to not only law enforcement but also to stalkers, abusers, and individuals with even a cursory glance at credit card details, as stated by Will Owen, Director of Communications at STOP.
Apart from attracting scrutiny for its OMNY system, the New York City subway network is encountering resistance from STOP and various privacy proponents due to its deployment of AI-based surveillance technology aimed at apprehending individuals who evade paying fares.
Raising Privacy Concerns
A notable security vulnerability has been uncovered within the contactless payment system of the New York City subway. TechTimes' report reveals that this weakness enables individuals who possess a person's credit card details to monitor their recent subway usage and destinations over the previous week.
This concern stems from a functionality embedded within the OMNY website, a tap-to-pay solution developed by the Metropolitan Transportation Authority (MTA), allowing users to access their recent travel records exclusively through credit card data.
Joseph Cox of 404 Media brought attention to this matter by demonstrating how he responsibly monitored an individual's travels with their permission. Cox underscored the potential implications of this surveillance, noting that prolonged tracking could unveil insights into the person's daily commute patterns and place of residence.
Related Article : NYC Subway's Contactless Payment System Raises Privacy Concerns