China’s government-run online train ticket sales site 12306 has been causing problems since pretty much the moment it was launched. It broke during its first Spring Festival rush back in 2011, and since then has been the source of a litany of complaints: not processing refunds, cheating customers, promising an app that didn’t materialize for years and then sucked when it finally showed up, breaking again, listing nonsensical departure/arrival times, being associated with corruption, facilitating ticket scalping, shutting down third-party services that fix its bugs, and more.
That’s an incredibly litany of crimes for a service that has only been around for three years, but its latest may be the worst yet: last week news broke that personal data from 140,000 users was leaked via a security flaw on the 12306 site. The leaked data includes personal ID numbers, email addresses, and phone numbers. It also contains unencrypted, plaintext passwords.
In a statement on its website after the leak, 12306 denies that the information comes from its database, saying that it doesn’t store plaintext passwords. Instead, the site suggests the ticket buyers’ data may have been leaked from one of the third-party plugins and programs Chinese people use to purchase tickets so that they don’t have to interact with the 12306 site directly. (Subsequent reports suggest hackers used leaked data from other sites to access 12306’s database).
But it almost doesn’t matter whether the leaked data actually came from 12306 or a third-party plugin. The fact is that if 12306 was a reliable, fully functional, and convenient platform for purchasing train tickets, nobody would use third-party apps to begin with. But because the site is so buggy and user-unfriendly, nearly half of China’s internet users buy their tickets via third-party services. (These services don’t sell tickets directly, they just facilitate purchases from 12306 by presenting a cleaner and more convenient user experience). Even if the leak came from a third-party plugin, it’s 12306’s fault that its crappy site has forced so many users onto those plugins in the first place.
As an ecommerce platform, there’s simply no denying that 12306 is awful. But it would be so easy to fix! China has numerous internet companies with experience in building robust online shopping platforms that can withstand massive traffic. I have no doubt that a company like Alibaba or JD would be capable of building a more secure, more stable, and more convenient platform for train ticket sales, probably within a short time frame.
This is not the first time I’ve made this plea. And there were rumors that the site was looking for an ecommerce partner to help almost immediately after the site launched, though no partnership ever materialized. But it’s better late than never, and whether or not it directly leaked the buyers’ personal information last week, China’s government must recognize that it is culpable here. Despite having cost nearly US$100 million, three years on 12306 still offers a user experience so terrible that nearly half its customers turn to third-party plugins and programs to complete their 12306 transactions.
By any reasonable standard, 12306’s design is an abject failure, and the site would have gone out of business long ago if it did not have a monopoly on sales of one of the most popular products in China. China’s government is unlikely to turn its ticket sales over to a private company any time soon, but it should at least hire Alibaba or JD to redesign its online platform from the ground up to create something that actually meets users’ needs, rather than driving them towards dubious third-party solutions as the current site does.
This post China should give Alibaba or JD control of online train ticket sales appeared first on Tech in Asia.
China should give Alibaba or JD control of online train ticket sales
No comments:
Post a Comment