Having recently used my Myki card for the first time, I thought it best to see how the system had tried to screw me.  At the time I used it, it seemed simple enough, even if it didn’t allow me out of the first gates I tried at Flinders St station and the exit scan took… longer than I would have thought reasonable.  And now, I went to the website to inspect the transactions.  After some fumbling and following unnecessary links, I got to the query page, into which you enter a date range (why it just can’t pull up the most recent transactions by default is beyond me).

Pick an generous date range, to ensure you get all your transactions, and up pops this error:

Please correct the following and try again:

Date to should be less than or equal to current date. Please try again.

It couldn’t just assume that if the user has entered a date range for the future, it will be fine to report all the transactions that haven’t happened yet?  Nor could the system possibly pre-populate the inputs for you to fix things, nor pre-populate before you enter a crazy date like December this year.  Oh no.  That wouldn’t be hostile enough.

Bending to the will of the brain-addled programmers, I complied and got:

Please correct the following and try again:

Up to six months of transaction data will be available.Statement Data only available after 5/11/2009

The first is an assertion, not a problem.  If Statement Data is only available after 5/11/2009, well, just give me that!  Why the controls even offer dates prior to this (two years prior to this) is confusing to say the least.  And why wasn’t this problem flagged along with the last problem?  Why force me to fix “problems” one at a time?

It’s like those crazy Blogger.com comment submission forms, with embedded CAPTCHAs – get the CAPTCHA right and anything else wrong, and you’ve got to keep solving CAPTCHAs until you get the other fields right too.  I’ve already proven I’m a human, you stupid website!

Honestly, you’d think that the people who designed the site weren’t forced to use it until their eyes bleed.  The cards associated with the account – three, one for myself and one for each of my offspring, are all listed as card numbers – even though each card was posted to a named individual.  So I was a little bewildered when no transactions turned up for my card, until I realised I had to try each of the 20 digit strings in turn until one that had transactions listed said transactions.  This thing has such a simple interface, and yet it is so poorly implemented that I’m stunned; it’s almost as if a bet had been made, along the lines of “I bet they can’t stuff this up” – and yet so much fail has been inserted into this one little web page.

And another thing: session expiry.  Why expire Myki sessions?  If people care about their travel data being exposed to others wandering past the PC, they’ll log out.  That’s the extent of the security risk.  It’s not like Myki has money you can move anywhere. *

In 2001: A Space Odyssey, Dave’s last works are “My God, it’s full of stars”.  Dave, this one’s full of fail.

*Yes, I know about the load that maintaining session data puts on your webservers.  I just don’t care.  Get better webservers.  Expire inactive sessions after a week if you’re that worried.  Or do some kind of hourly keep-alive ping thing with the JavaScript that you love so much.  Just don’t bother me with your whiny little “it’s too hard” complaints.