Hong Kong's Octopus Card: Utility Outweighs Privacy Concerns

Written by Richard MacManus / September 2, 2009 11:00 PM / 21 Comments

This week we're looking at Smart Cards, which have proliferated across the world mainly as a form of electronic payment for public transportation. Earlier this week we profiled Japan's cutting edge Suica Card and London's Oyster Card. Today we look at a widely used smart card that has been in service since 1997: the Octopus Card in Hong Kong.

Similar to Oyster and Suica, the Octopus card is powered by RFID. Octopus is used as a form of electronic payment in a wide variety of public transport, shops, restaurants, car parks and more. Indeed the Octopus has become an all-purpose identification system in Hong Kong - it's even used as an access control mechanism at certain offices, apartment buildings and schools. So do Hong Kong citizens have concerns about their privacy? It appears not...

The Octopus card can be used at more than 1,000 merchants in Hong Kong, including 7-Eleven, Starbucks and McDonald's. Hong Kong resident Kiran Denniz told us via Twitter that he uses the Octopus card for buying "fast food, public transport, vending machines, supermarkets - even paying late fees at library or buying ice cream from the mobile mr. Softees!"

There are more than 19 million Octopus cards in circulation, over twice Hong Kong's population of 7 million. Over 95% of Hong Kong citizens between the ages of 10 to 65 use Octopus and there are over 10 million transactions each day. Also note that Octopus needn't necessarily be on a card - a variety of devices can house an anonymous Octopus RFID chip, including watches and mobile phone covers.

It's Interesting to note that the the Hong Kong government (and thus China) is the biggest shareholder in the company that operates the Octopus card, Octopus Cards Limited.


We've learned by now in our coverage of RFID that privacy is the number one concern of many people. Accordingly, Octopus Cards Limited has a webpage outlining its Personal Data Policy in detail.

The type of personal data collected includes name, contact details, identification type and number, age and date of birth, Card number and - most critically - "your Card usage data."

Point 7, how the data is or potentially "may be used," is where privacy advocates will focus their attention:

a. processing an application for one of our services;
b. the normal management, operation and maintenance of the Octopus payment system, including audit;
c. designing new or improving existing services provided by us, our subsidiaries and our affiliates (that is, any other entity which directly or indirectly controls us, is controlled by us, or is under common control with us) for customers' use;
d. marketing of goods and/or services by us, our subsidiaries, our affiliates or any of our selected business partners. We, our subsidiaries, our affiliates or any of our selected business partners may need to carry out matching procedure (as defined in the Ordinance) to enable us to better understand your characteristics and to provide other services better tailored to your needs (such as offering special birthday promotions to you), to assist us in selecting goods and services that are likely to be of interest to you and to establish whether you already have a relationship with our selected business partners;
e. communication by us to you;
f. investigation of complaints, suspected suspicious transactions and research for service improvement;
g. prevention or detection of crime;
h. disclosure as required by law;
i. as a source of information and data for transport and other services in general; and
j. other related purposes.

As you can see, that's a very wide-ranging remit - and point 7.j. is basically a catch-all for any scenario not specifically mentioned. Also bear in mind that Octopus cards can be linked to the user's credit card, which adds another organization collecting all of that data.

On the flip side, Oyster may be used anonymously - so there isn't a requirement to link it to your identity, at least for its payment uses.

A local Hong Kong blogger remarked earlier this year that "Hong Kong residents do not seem overly concerned with Octopus related privacy issues". Most apparently feel that the benefits of Octopus outweigh the potential privacy issues. One wonders if the same attitude to smart cards will happen any time soon in the U.S. and U.K., where fear of RFID is rife.

Images: Fragrant Harbour; herenthere08; Studio H (Chris)

0 TrackBacks

TrackBack URL for this entry:


Subscribe to comments for this post OR Subscribe to comments for all ReadWriteWeb posts

  1. Octopus can be used anonymously, too, while there are also personalized versions with personal information.

    Posted by: joe | September 2, 2009 11:41 PM

  2. a person can have multiple cards. so a person can use one for only linked-to-ID activity, and another (or more) for non-IDed activity. many people have at least 2 cards.

     Posted by: Kiran Denniz Author Profile Page | September 3, 2009 12:09 AM

  3. I've got few of these cards in my possession, all anonymous, purchased at MTR (subway) station. I chose not to attach any credit card #s to them.

    Beware though, if you attach credit cards to them or sign up to accumulate Octopus cash at specified stores/outlets (which I have) or give them any form of personal info, be prepared to get spammed on your mobile, either by SMS or a cold call for sales and surveys. But I think locals are accustomed to ignoring those calls.

    Posted by: Angus Lau | September 3, 2009 12:19 AM

  4. I keep my Octopus anonymous and don't have credit cards attached to them.

    Don't think you mentioned this but users have to pre-pay - i.e. the Octopus "contains" cash value already stored into the anonymous account, and with every transaction, the value is deducted from the balance in the Octopus card.

    It should also be noted that there have been several instances where public transport mis-charged users. And because the system doesn't store user names or address, it was close to impossible for the public transport to pro-actively contact users to refund or compensation.

     Posted by: Chris Author Profile Page | September 3, 2009 12:36 AM

  5. Are these cards similar to debit cards? Will your account get debited by the required amount every time the card is used? Also, is there a cap on how much you can charge the card for?

    Posted by: Jessica Griffin | September 3, 2009 1:35 AM

  6. I use my Octopus card everyday when I take MTR train and purchase something in 711 and ......
    Frankly speaking, I think it is very convenient to use such a card instead of take too much coins.

    Posted by: MatTiano | September 3, 2009 1:37 AM

  7. Er...from a privacy point of view, I'm not quite sure how there's any real danger? When I got my Octopus card more than seven years ago, it was a cash transaction? They didn't take any personal data at not following the privacy concern line of reasoning?

    Posted by: Ben Condit | September 3, 2009 1:48 AM

  8. I just love Octopus card. Every time I visit Hong Kong, I use it extensively.

     Posted by: Vladimir Author Profile Page | September 3, 2009 2:03 AM

  9. I think except the linkage to the credit card information there are not really some big problems...Maybe I am too numb about privacy but I can't really think of any big harm when someone can know what I paid with the card. Anyway now in Hong Kong it's hard to live without it.

     Posted by: Alan Author Profile Page | September 3, 2009 3:04 AM

  10. Thanks for all the comments, many noting that cards can be purchased anonymously. I did note that in my post, but perhaps didn't give it enough emphasis.

    But even if they're anonymous, I assume they have a unique identifier in the RFID chip? That would track your usage habits, and that data alone is worth something to companies and organizations.

    Interested to hear more thoughts on the privacy issue though...

     Posted by: Richard MacManus Author Profile Page Posted on FriendFeed   | September 3, 2009 3:26 AM

  11. I think there are a lot of assumptions in this piece, firstly about how extensible the experience in HK is to the rest of the world. It's interesting that both examples of extensive rollouts are in far-eastern cultures, where privacy is much less of an issue than in Anglo-saxon dominated cultures such as the UK, US and indeed NZ. There are also fairly significant differences between the implementation in Japan and in HK.

    To be meaningful we'd need to understand how many of the Oyster transactions are overtly associated with an individual, or even small group of individuals, and what the spending patterns are like with each type. Is behaviour different in the HK Chinese, mainland Chinese and ex-pat community, and how does this reflect societal attitudes in each segment.

    To reflect back on the series, the Oyster card in the UK has much more limited implementation, and whilst there is one credit card marketed as having an Oyster capability it's not clear what the takeup on that has been. I think that the 'convenience' argument is overplayed, professionals are used to running with different financial accounts for personal and business use, and the prospect of adding a further transaction facility to that isn't really a differentiator.

    All interesting stuff, but again working from the position that pervasiveness is good and privacy conerns are inherently bad undermines a reasonable discussion of the topic. A little more balance would be beneficial.

     Posted by: Alistair Rae Author Profile Page | September 3, 2009 4:00 AM

  12. Rich,

    I feel you are a little (maybe a lot) mis-informed about the Octopus card. Let me see if I can clarify a few things:

    * Octopus cards can be acquired at HK airport or at subway stations. When you acquire the card you are not asked for any id. Essentially, there is no name associated with the card.

    * Octopus cards can be topped up at a whole lot of places

    * Octopus cards can be used for NOT JUST transportation, but also for buying food, buying clothes, buying goodies, etc. Practically every decent store in HK has an Octopus card reader. This basically means that whenever I am in HK I can walk around (almost) cashless because a lot of value has already been loaded onto my anonymous Octopus card.

    * Does the Octopus use NFC or RFID? I don't know! Frankly, I don't care because of the ease with which the card works.

    If you are ever traveling in HK, don't waste your time looking for an ATM. Load all your cash onto your "anonymous" octopus card and live (walk, talk, eat, travel) like a care/worry free man. You will enjoy the experience.

    (Settling in HK) ... the dude from Irvine.

    Posted by: Dude from Irvine | September 3, 2009 5:45 AM

  13. There are lot of cards entering the market, but they are not upto the mark. They still are using the old technology, or the technology which is not competent enough with the existing usage of people

    Business analysis should be done and proper use of technology should be done. The prime target of the technology is consumer's reach.

    To get more information, you can read my blog at or you can follow me on twitter at

    Posted by: Hardik Upadhyay | September 3, 2009 6:15 AM

  14. It has nothing to with your B-day or age. Except very few company or resident use it as an ID card.

    Second, I am sure most site tracks our internet habits too (ie, Google). To me, this is not privacy, it's more like a study. :)

     Posted by: Ken Author Profile Page | September 3, 2009 7:17 AM

  15. I went to HK 4 years ago and was blown away by how convenient the octopus card was. From the article it sounds like its gotten even more useful since I went. But yea its on a refill system so privacy isn't a big problem

    7-Eleven is EVERYWHERE there in almost a creepy kind of way so I think the fusion between the MTR and 7-Eleven is part of the reason it took off. The fact that the region is so small and its impossible to go outside of the range where the card is accepted probably doesn't hurt either.

    I'm surprised this hasn't been attempted in NYC or London, the systems they have are archaic by comparison

    Posted by: Ron | September 3, 2009 11:35 AM

  16. Americans are much more concerned about privacy - I'm not sure if it is due to our "independent spirit" meaning a distrust of "big brother" or our lax security protocols - or possibly a combination of both.

     Posted by: Cheryl Walters Author Profile Page | September 3, 2009 1:08 PM

  17. @Cheryl

    There is quite a lot on behavioural and leadership psychology around these kind of aspects. Anglo-Saxon cultures tend to have a much greater tolerance for ambiguity, lower power distance, greater desire for independence and personal freedom than some far eastern cultures. Cultural dissonance is a big source of difficulty in both leadership and the conduct of business, hence my previous point about cultural comparisons not being valid. There is much more trust of authority in China, partly related to the political/ economic environment, but much of it long standing and a reflection of how the country developed.

     Posted by: Alistair Rae Author Profile Page | September 3, 2009 1:49 PM

  18. @Ron

    There are two reasons why Oyster (and other European schemes) have not evolved into an open small value payments platform.

    1. Security - the current security on the Oyster card is not up to the standard required by banks for an electronic transaction. The history of these schemes is that they have been generally designed for platform and used by public transport companies. If the card is compromised in any way then the risk carried by the transport company is marginal (i.e. the marginal cost of carrying a passenger for free). If a card is compromised for a bottle of coke at a 7-11, then the scheme carries the cost for the entire bottle of coke. Therefore the security needs to be stronger.

    We looked at both Octopus and Oyster scheme when we were looking at the technology for Snapper - the Snapper scheme we use in NZ (which is the same as the T-Money scheme in Korea) generates a unique key for every transaction. It has been certified by the ANZ bank (NZ's bank) as fit for EFTPOS transactions.

    2. Regulatory - There is an EU ordinance that states that the float account of financial instrument must remain under 6m euro. Over that limit it is subject to banking licensing and regulation. My understanding is that is a core reason why Oyster is not extended to open platform uses - they would need to submit to a significant compliance regime. In NZ we have to remain under a nominal amount to stay within Anti Money Laundering legislation (we have set the card limit below that - at $300 NZD)


    You are right - there is of course a card identifier which is used for every transaction. This is true even in an anonymous case. While you can't link it to an individual, you can determine aggregate patterns of use. This type of thing could be aggregated should a company have permission to use the data, much like the google example given by Ken.

    What we have found is pretty simple - if you provide enough value to customers they will register their cards. Registering a Snapper card gives a customer two key features

    1. The ability to see a complete transaction history
    2. The ability to hot list a card should you lose it

    Even then, that can be done online with a non-personal email address.

    While we've only been going for a year here in NZ, we are finding take-up is sky rocketing. Just in Wellington alone we have close to 100k cards on issue and we're approaching 200 retailers using the system for payments.

    Looking forward to RWW running the ruler over Snapper here in NZ!


    Miki Szikszai

    Posted by: Miki Szikszai | September 3, 2009 1:55 PM

  19. Interesting topic.
    Living in Beijing we have the Yikatong card here, it's good for public transport but I haven't seen it accepted anywhere else yet.
    Taxis are supposed to accept them and advertise that they do, but in practice I've never been able to use one in a taxi - even when committing the ultimate sin of paying with a RMB100 note.

    Perhaps I'm going off topic here, but I've always thought that store loyalty cards are the biggest threat to privacy. Groups of companies can learn a huge amount about individuals by analysing their consumer habits. Imagine insurance companies knowing exactly how much you smoked, drank, or even how much fat you eat.

    Citizens in the UK protested hugely over a government-administered ID card, but how many of those people have a nectar card. Nectar indeed have been prosecuted in Canada for breaking data privacy laws.

     Posted by: Mark Henderson Author Profile Page | September 3, 2009 6:36 PM

  20. @Cheryl

    (Some) Americans are paranoid because we have been "taught" and "brain washed" to be paranoid. Our companies (phone companies and banks being the biggest culprits) have spied on us and gathered all of our info and shared it for money with everyone else.

    Our incompetent govts have never been able to find the perpetrators of heinous crimes against human society ... and in stead of hunting down the criminals, our govts have managed to terrorize us: ordinary govt-fearting, tax-paying citizens of this country. They terrorized us with color-coded warnings. They terrorized us with "the enemy is out there." They terrorized us with DHS and stupid airport security (at least all over now-bankrupt non-democratic west-coast state).

    True Americans were never fearful, because otherwise we would have never explored the "wild" west or made more sweeping sociological changes than the rest of the world.

    It is unfortunate that so many Americans believed their govt and accepted the govt-run fear-mongering propaganda making this the worst country to be in, in mere 8 years.

    Unfortunately the new govt is too slow to restore true American-style freedom.

    Posted by: American Democrat | September 3, 2009 9:44 PM

  21. People in HK is not sensitive to privacy issue through the electronic medium.

    And when Octopus card first release, it is not personal. It was advertised as a coin bag, only more convenient. It is lighter than real piles of coins, and it counts for you. It is great relieve no need to take care of pennies, which are almost obsoleted except for transport fare.
    When it later released the personalized version and linked with credit card, people has already trusted it. I don't remember any controversy about privacy issue when it released personal card.

    Posted by: Lai | September 4, 2009 1:21 AM

Leave a comment

Optional: Sign in with Connect Facebook   Sign in with Twitter Twitter   Sign in with OpenID OpenID  |  other services