Revolut, as of October 2019

A few months ago I wrote a not-so-short comparison of a few FinTech services with offerings from high street banks in the UK — and I would note again, that the comparison does not hold up in Ireland, so it’s definitely biased, but I would uphold it for good reason. I think it might be time to do a bit more dusting over it.

The first service I should get back to talk about is Revolut, which I first praised and more recently complained about. As I said in a number of previous posts, my reasons to keep using Revolut for day-to-day transactions have pretty much disappeared: my Santander credit card gives me 0.5% cashback on all transactions, and no foreign transaction fee, why would I use Revolut? Virtual cards, and rotating-number cards are interesting and have their use, but honestly, I can’t be bothered unless it’s for very shady operations where I don’t trust giving my credit card, but those are pretty much corner cases.

Revolut has been running multiple advertising campaign throughout the London Tube, the most recent one promising three Tube trips free if you pay with Revolut. I could probably do that, next week, maybe, if I paid enough attention — I don’t use monthly tickets, so I can change card any Monday as long as I use it until the same until Sunday to cover the 7-day cap. But I had bad history with using Revolut on the TfL network before, although admittedly that was when I was landing from Dublin, and the location-based security tripped.

Update 2019-10-07: turns out I cannot actually use their TfL offer because it relies on Google Pay (which with Revolut I found already too unreliable to use for commuting) and only works if you have a Visa-issued card. My card is MasterCard-issued still.

If you check the news, the FT reported just this week how Revolut expects to reach “viability” despite continuing to lose money. This is likely because, as I pointed in my complain-post, Revolut makes perfect sense as long as you’re not paying anything for it. The only reason to sign up for any Premium or Metal tier in London (where most of their advertising budget appears to be spent, from what I read from news) is if you don’t understand the services available from the high street, or if you want to subsidize the free tier for everyone else. Funnily enough, FT Alphaville reported on the same day of the staff cashing it in.

I had to use Revolut only once in the past few months, and that was a couple of days ago. My sister asked me if I could send her some money for her to use the card, as her debit cards expired and she was trying to buy something — remember Italy does not have “faster payments” so inter-bank transfers are not instantaneous. It should be a simple operation: top-up £50, send £50 to my sister, she can convert to € and spend it.

Topping up worked like a charm. But sending the money didn’t: in addition to confirming my fingerprint, the app said it would send me an email, and to check the email from the same device to confirm the operation. The email can be re-sent only after one minute, but (as often) it recommends you to check your Junk or Spam folder too. The email never arrived. I don’t mean within a minute. I mean that this is two days later, the email has still not arrived yet.

No the mail server was not having a hiccup. Yes I did try resending it five minutes later. Yes I did check the Spam folder. No it’s not graylisting. My email address is served by G Suite, which means it’s more reliable than a normal Gmail address. Revolut can’t seem to be able to send email to Gmail. And it’s not just me. The same problem with email not arriving happened a number of months ago to my girlfriend, while sending money to my Revolut account! Anyway the answer is that I now have £50 that I can’t seem to be able to send to my sister, she ended up asking our mum for the transfer instead, and I have even less trust in the service.

I complained on Twitter about this, but without tagging in the Revolut account. When this happened to my girlfriend, and I ranted at them about it, they kept insisting to “check [my] spam folder”, which of course we did. If I asked now, I’m expecting to hear that “PSD2 made them do it”.

It’s sad, but I can’t really expect much better from a service that, despite a lot of nice ideas at the start, appear to have found a business model only to augment banks in places where high street has no offering (Ireland), or for people who can’t seem to know better (the whole Bitcoin/cryptocurrency part, that appears to be the sole attraction for Premium/Metal for quite a few people).

Glucometer Review: beurer GL50 evo

I was looking for a new puzzle to solve after I finally finished with the GlucoRx Nexus (aka TaiDoc TD-4277), so I decided to check out what Boots, being one of the biggest pharmacy in the country, would show on their website under “glucometer”. The answer was the Beurer GL-50, which surprised me because I didn’t know Beurer did glucometers at all. It also was extremely overpriced at £55. But thankfully I found it for £20 at Argos/eBay, so I decided to give it a try.

The reason why I was happy to get one was that the the device itself looked interesting, and reminded me of the Accu-Chek Mobile, with its all-in-one design. While the website calls it a 3-in-1, there are only two components to the device: the meter itself and the lancing device. The “third” device is the USB connector that appears when you disconnect the other two. I have to say that this is a very interesting approach, as it makes it much easier to connect to a computer — if it wasn’t that the size of the meter makes it very hard to connect it.

On my laptop, I can only use it on the USB plug on the right, because on the left, it would cover the USB-C plug I use to charge it. It’s also fairly tall, which makes it hard to use on chargers such as my trusted Anker 5-port USB-C (of which I have five, spread across rooms.) At the end, I had to remove two cables from one of them to be able to charge the meter, which is required for it to be usable at all, when it arrives.

To be honest, I’m not sure if the battery being discharged was normal or due to the fact that the device appears to have been left on shelves for a while: the five sample strips to test the device expire in less than two months. I guess it’s not the kind of device that flies off the shelves.

FreeStyle Libre, gl50 evo, GlucoRx Nexus

So how does the device fare compared to other meters? Size wise, it’s much nicer to handle than the GlucoRx, although it looks bigger than the FreeStyle Libre reader. Part of the reason is that the device, in its default configuration, includes the lancing device, unlike both of the meters I’m comparing it with above. If you don’t plan to use the included lancing device, for instance because you have a favourite lancing device like me (I’m partial to the OneTouch Delica), you can remove the lancing device and hide the USB plug with the alternative provider cap. The meter then takes a much smaller profile than the Libre too. I actually like the compact size better than the spread out one of the FreeStyle Precision Neo.

FreeStyle Libre, gl50 evo (without lancing device), GlucoRx Nexus

Interface-wise, the gl50 is confusingly different from anything I have seen before. It comes with a flush on/off switch on the side, which would be frustrating for most people with short nails, or for people with impeded motion control. Practically, I think this and the “Nexus” are at opposite ends of the scale — the TD-4277 has big, blocky display that can be read without glasses and a single, big button, which makes it a perfect meter for the elderly. The gl50 is frustrating even for me in my thirties.

The flush switch is not the only problem. After you turn it on, the control you have is a wheel, which can be clicked. So you navigate menus in up-down-click. Not very obvious but feasible. But since the wheel can easily be pressed in your purse, that’s why you got the flush switch, I guess. The UI is pretty much barebone but it includes the settings for enabling Bluetooth (with a matching Android app, which I have not checked out for this review yet), and NFC (not sure what for). Worthy of note is that the UI defaults to German, without asking you, and you need to manage to get to the settings in that language to switch to English, Italian, French, or Spanish.

Once you plug it into a computer with Windows, the device appears as a standard CD-Rom UMS device that includes an auto-started “portable” version of the download software, which is a very nice addition, again reminiscent of the Accu-Chek Mobile. It also comes with an installer for the onboard software. As a preview of the technical information post on this meter, it looks like that, similar to the OneTouch Verio, the readings are downloaded through UMS/SCSI packets.

I called out Windows above because I have not checked how this even presents on macOS, and on Linux… it doesn’t. It looks like I may have to take some time to debug the kernel, because what I get on Linux is infinite dmesg spam. I fear the UMS implementation on the meter is missing something, and Linux sends a command that the meter does not recognize.

The software itself is pretty much bland, and there’s nothing really much to say. It does not appear to have a way to even set or get the time for the device, which in my case is still stuck in 2015, because I couldn’t bother yet to roll the wheel all the way to today.

Overall, I wouldn’t recommend this meter over any of the other meters I have or used. If beurer keeps staying in the market of glucometers (assuming they are making it themselves, rather than rebranding someone else’s, like GlucoRx and Menarini appear to do), then it might be an interesting start of further competition in Europe, which I would actually appreciate.

Glucometer notes: GlucoRx Nexus

This is a bit of a strange post, because it would be a glucometer review, except that I bought this glucometer a year and a half ago, teased a review, but don’t actually remember if I ever wrote any notes for it. While I may be able to get a new feel for the device to write a review, I don’t even know if the meter is still being distributed, and a few of the things I’m going to write here suggest me that it might not be the case, but who knows.

I found the Nexus as an over-the-counter boxed meter at my local pharmacy, in London. To me it appears like the device was explicitly designed to be used by the elderly, not just because of the large screen and numbers, but also because it comes with a fairly big lever to drop out the test strip, something I had previously only seen in the Sannuo meter.

This is also the first meter I see with an always-on display — although it seems that the backlight turns on only when the device is woken up, and otherwise is pretty much unreadable. I guess they can afford this type of display given that the meter is powered by 2 AAA batteries, rather than CR2032 like others.

As you may have guessed by now from the top link about the teased review, this is the device that uses a Silicon Labs CP2110 HID-to-UART adapter, for which I ended up writing a pyserial driver, earlier this year. The software to download the data seems to be available from the GlucoRx website for Windows and Mac — confusingly, the website you actually download the file from is not GlucoRx’s but Taidoc’s. TaiDoc Technology Corporation being named on the label under the device, together with MedNet GmbH. A quick look around suggests TaiDoc is a Taiwanese company, and now I’m wondering if I’m missing a cultural significance around the test strips, or blood, and the push-out lever.

I want to spend a couple notes about the Windows software, which is the main reason why I don’t know if the device is still being distributed. The download I was provided today was for version 5.04.20181206 – which presumes the software was still being developed as of December last year – but it does not seem to be quite tested to work on Windows 10.

The first problem is that that the Windows Defender malware detection tool actually considers the installer itself as malware. I’m not sure why, and honestly I don’t care: I’m only using this on a 90-days expiring Windows 10 virtual machine that barely has access to the network. The other problem, is that when you try to run the setup script (yes, it’s a script, it even opens a command prompt), it tries to install the redistributable for .NET 3.5 and Crystal Reports, fail and error out. If you try to run the setup for the software itself explicitly, you’re told you need to install .NET 3.5, which is fair, but then it opens a link from Microsoft’s website that is now not found and giving you a 404. Oops.

Setting aside these two annoying, but not insurmountable problems, what remains is to figure out the protocol behind the scenes. I wrote a tool that reads a pcapng file and outputs the “chatter”, and you can find it in the usbmon-tools repository. It’s far from perfect and among other things it still does not dissect the actual CP2110 protocol — only the obvious packets that I know include data traffic to the device itself.

This is enough to figure out that the serial protocol is one of the “simplest” that I have seen. Not in the sense of being easy to reverse, but rather in term of complexity of the messages: it’s a ping-pong protocol with fixed-length 8-bytes messages, of which the last one is a simple checksum (sum-modulo-8-bit), a fixed start byte of 0x51, and a fixed end with a bit for host-to-device and device-to-host selection. Adding to the first nibble of the message to always have the same value (2), it brings down the amount of data to be passed for each message to 34-bit. Which is a pretty low amount of information even when looking at simple information as glucose readings.

At any rate, I think I already have a bit of the protocol figured out. I’ll probably finish it over the next few days and the weekend, and then I’ll post the protocol in the usual repository. Hopefully if there are other users of this device they can be well served by someone writing a tool to download the data that is not as painful to set up as the original software.

Fishy Facebook Ads: Earthly Citizens, Shutter & Contrast, and many more

(If you prefer this in form of a Twitter thread, see this one.)

Let’s start with the usual disclaimer that despite me working for a company that sells advertisement, this post is my own personal opinion, not my employer’s. I have written about Internet ads for years, well before I joined the company, and so it’s nothing new. To the usual disclaimer I’m going to add a few words to point out that there will be a few company names used in this post — I’ll be very clear when I think they are involved in something fishy, and when I think they are not involved at all.

This all starts with me deciding to get myself a new camera. While I’m very happy about the photos that my usual camera produce, I wanted something lighter that I could go around town more often with. But I also have been having issues with my shoulder, and I’ve been looking out for a good “handy” backpack to keep my stuff in. This is all relevant information.

Indeed, if you follow me on Twitter you may have seen me asking around for suggestions on backpacks. And this is also relevant: since I’m actually not minding ads for relevant content for myself, I have not hidden my looking for a new bag, I spoke about it on social media, and I have searched for backpacks and bags on my normal Google session. This is, again, all relevant information.

Because of my Google searches, I have been seeing a lot of ads related to photography. Including the one for the chain of photography stores that convinced me to go and grab my new camera from them. Very few of those ads are useful to me, but that one in particular have been.

Then the other day, on Instagram, I saw the ads for a backpack from a never-heard-before company advertising as Earthly Citizens. I’m not going to link directly to their website, although I’m choosing to explicitly name them here so that people who may be looking for them on Google and other search engines have a landing page helping them. The backpack that they advertised is this one (archived link) and it actually looks very nice in theory, on offer at £87.75 compared to a RRP of £159.61. To compare, my trusty Think Tank Airport Essentials is £147.04, and that’s one hell of a good bag.

The amount of red flags on that advertisement was high: unknown brand, no branding on the actual bag, unrealistic “flash sale” with no dates on it, and so on. So I didn’t really pay much attention. Then of course, since I have looked at the ad, I started seeing the same bag on Facebook — together with nearly 900 positive comments. I decided to do a minimum amount of digging into it, and found out that the website that the ad points to is a standard Shopify instance, which means that digging into it with IP addresses or WhoIs information is useless. And since there’s no address provided for the company even on privacy pages, there’s not much to go by. I walked away.

A day later, another set of ads start appearing on my Facebook stream, and they are for a backpack that is stunningly similar, or rather identical. But from a different page that has a more “photography” feel to it, called “Shutter & Contrast”. And that piqued my interest a little bit, because it sounded like another one of those cloned bags that I have seen aplenty on Instagram, and I would actually like to find the source at that point.

Just like Earthly Citizens, Shutter & Contrast don’t seem to be very well reviewed. Searching the web for the name and combination of reviews, backpack and scam don’t bring up anything useful. They also have a Shopify site, although their page for the same backpack (archived, again) is a bit more somber and “professional-looking”.

Funnily enough, it looks like they have blocked copy-paste and right-click, so that you can’t quickly reverse-image-search their photos. It didn’t surprise me, as I remembered a BuzzFeed article on fake fashion stores outright stealing real designers’ photos, so stopping the quickest reverse image search option would obviously be high in their intentions. Of course it’s actually easy to work this around, with any of the browsers’ developer tools.

Another interesting part from the Shutter & Contrast shop page is that they actually have an address in their Privacy Page: 11923 NE Sumner St, STE 813872, Portland, Oregon, 97220, USA. Again I’m repeating it here for sake of those looking any information on this company, because if you look up the address, you’ll probably find a Yelp page for a closed location called My Trail Gear, although it has a different “STE” number. The reviews, calling this a scam and pointing out that there is at least two more companies using the address, called “Bear and Tees” and “Shark and Tees”.

Checking the address on StreetView shows a smallish warehouse. My best guess is that there’s a service at that address that is similar to Ireland’s Parcel Motel and Parcel Wizard: companies that allow you to receive and send goods from that address, and then forward it somewhere else. The different “STE” numbers are used to route the parcels to the right customer. This means that despite the bad reviews on Yelp, Shutter & Contrast might be legit.

So I decided to take a closer look at the first one again. Earthly Citizen has a fairly active Facebook page, and if you read their About section, it says:

Our goal is to source all the best travel related documents from all around the world and bring them directly to your doorstep
Earthly Citizens Facebook Page

They don’t seem to be doing anything like that. Instead they seem to mostly re-post Instagram pictures by other people. At least it appears they are crediting the photographers — but it’s clear that they are using someone else’s pictures for their own marketing (so that they get people to follow their account). This should be worrisome enough, but it doesn’t stop there.

If you look at what they sell, they appear to be selling a lot of random stuff that you would find in those trinkets/gadgets shop in big malls, without brands, rhyme, or reason. So it does not look like they are the “source” of that bag to begin with. But is Shutter & Contrast then?

Earthly Citizens say that there are “too many fake websites that steal content”. They would know since they seem to be one.

A very quick reverse image search finds the same exact image appears on AliExpress (not archived because they seem to defeat it), the Chinese shopping website. There are multiple sellers for it there as well, and most of them have the same images — the same images that both Earthly Citizens and Shutter & Contrast used on their website.

It might very well be that these are the bag equivalent of Gongkai, as there are a few stores that sell them, and the fact that they come from Guangdong does not mean they are not good. I have a lovely tripod I bought at the Shanghai Xing Guang Photography Market, it’s a Chinese brand, it’s proper carbon fiber, and I paid for it half the price that you would pay in store in Europe, taxes included. If that is the case, the markups that Earthly Citizens and Shutter & Contrast are applying are thievery: they price it at $110 and $83 respectively, while AliExpress’s most expensive seller has it at $52.

But there is one thing that I forgot about during my Twitter rant, and that my girlfriend pointed out: what about the pictures of people in the advertising? Neither AliExpress nor Earthly Citizens appear to have a picture of the backpack with a person. There are people with cameras, but nobody with the actual backpack that you can reverse image search for. There is a video on Earthly Citizens’s Facebook page, which is the same used by the Instagram ad, and that suggests that the bag physically exist, but it’s heavily watermarked that makes it hard to find the source on. Shutter &Contrast has a video unlisted on YouTube, on a white background with no logos shown, and just re-captioned to fit their marketing of it. It appears uploaded in February 2019.

More useful, Shutter & Contrast appear to also have a still picture of someone wearing what looks like the backpack they are selling, and that’s the first time in this adventure I managed to find that. Reverse image search brings us to yet another Shopify instance under the name ConnectedTechPacks (archived), which can also be found as BestGearPack. Their website is a bit more well made, and it appears to only sell that single backpack. Are they the source? I doubt so, since both websites were registered in April this year, and we know that the backpack existed in February. But they also have a couple of different people with the same backpack, and another angle of the same guy.

Another reverse image search later finds yet another Shopify instance with the same backpack, a set of GIF animations that are also heavily watermarked, but are the same as Earthly Citizens’s version.

So where did all this investigation bring us? Not really anywhere. I can’t find any trustworthy brand selling the backpack, and while I may be willing to risk my £40 on the AliExpress version – rather than twice as much with any of the other Shopify instances that I found – I don’t hold my breath for it to look at all like they show it, or have the build quality that I would trust my cameras with.

It does show just how easy it is to fool people nowadays. It’s easy to set up a “storefront” without needing an actual space anymore. It’s easy to “gain trust” by having people follow your page with no original content, just by re-posting content that professionals provided.

What about the 900 positive comments that the ad received? Well it’s possible that they are actual real satisfied customers who didn’t realize they got charged probably twice as much as they should have for the same bag you can get from AliExpress. Or they may be “bought engagement”. Or just a bunch of bots that have harvested someone else’s name and pictures to create fake profile to sell the stuff.

You know all the panic around politics and elections and fake profiles? It’s not just the elections. Fake profiles sell scams. And that can hurt people just as much as political elections. I remember when it was just the artists complaining about pages re-posting their content… we should have paid attention then. Now the same pages and the same techniques are used for more nefarious purposes and we all pay the price, sooner or later.

A FreeStyle Libre Update

The last time I wrote anything interesting about Abbott’s flash glucose monitor (don’t call it a CGM) was when I compared it with the underwhelming Dexcom G6. I thought it would be a good time to provide an update, what with Abbott sending a number of email reminding you to update their FreeStyle LibreLink app in the past couple of weeks.

First of all, there’s the matter of supplies. Back in January, I decided to test Dexcom’s CGM because Abbott’s supply issues bit me in the backside, as I could not get new sensors to keep up with my usage — particularly as the more active life in London with my girlfriend meant losing a couple more sensors to mistakes, such as bumping into the doorframe. For a while, you could only buy three sensors every 25 days, and even then, sometimes the lead time to fulfill the order would be over a week; nowadays this appears to be much better, and the time limit for the orders was removed recently.

Since I was not particularly thrilled to switch to the Dexcom G6, I had to find a way around these limits, beside counting on the two extra sensors I “gained” by not using the Libre for a month. Luck was that a friend of my girlfriend found the Libre sensors on sale in a brick-and-mortar store in Sharjah, and managed to send me six of them. The store had no limits on how many sensors you could buy, despite the FreeStyle UK website only allowing orders of three at most, and only to already-established customers.

The UAE-bought sensors are effectively the same as the British ones, with the same manufacturing information printed on them, and even similar enough lot numbers. The most visible difference is that the two alcohol-soaked tissues, provided for cleaning the insertion point, are missing.

The other difference is not visible in the packaging, or indeed on the hardware itself: the sensors are region-locked. Or maybe we should say that the app is. As it is, my (UK) FreeStyle LibreLink install did not want to set up the UAE-bought sensors. The reader device had no such concern and both initialised and read them just fine. I was originally a bit concerned and spot-checked the values with fingersticks, but it looked like there was no issue with the sensors at all.

I’ve been wondering just how much the supply problem connects with the region locking. Or just how fine-grained the region locking is: my Irish sensors worked perfectly fine with the UK app, although by that point, the app was not available in Ireland at all. But possibly all of these problems are gone.

Now, to go back to Abbott’s email messages to update their LibreLink app. The reason for this update is not much about the UI of the app itself – although that did change a bit, in subtle and annoying ways – but rather a change in their algorithm for turning the sensors’ readings into a human-understandable blood glucose reading. The “curve”, as it’s sometimes referred to. It’s important to note that what the sensors communicate with either the app or the reader device are not “fully cooked” blood sugar readings, but rather a set of different sensors reading, and that the app and reader will then apply some formulas to provide an equivalent reading to a fingerstick.

Much more interesting to me, in the announcement of the new curve, is that they also suggest users to update the firmware of reader devices to make use of the new fine-tuned algorithm. This is interesting because it makes the FreeStyle Libre the first glucometer with an upgradeable firmware. I have not actually run the update myself, yet. It needs to be done just before changing the sensor, as the reader will forget about its last sensor at that point, and I’m a bit worried that it might not work with UAE-bought sensors anymore after that. So I’m instead waiting to finish the supply of those sensors, and maybe get another one later to test after the update.

I also want to try to get a usbmon trace of the whole procedure for the firmware update. I’m not sure when Abbott will ever publish another update for the reader, but at least starting collecting the protocol would be interesting. Once I do that, you can expect another blog post on the topic.

And as a final note, glucomterutils is being updated as I type this to support reading and setting patient names. While I would not suggest people to use that field for their own personal glucometer, I thought it would be nice to provide the building block for more doctor-focused apps to be built out of it. As a reminder, the code is released under the MIT license, because using it to build something else is a primary focus of it — we need better tooling for glucometers, and not just in the Free Software world, but in the world in general!

A story of ordinary discrimination

I don’t like writing about politics, despite me having strong opinions on some matters. The last time I spent time writing about this, it was about xenophobia in software, and this time it’s a very related story.

Before I start with the tale, I need to prefix that at a first read, it might sound like I’m making a mountain out of a molehill. This is probably true for me, as I’m playing on the lowest difficulty setting, being white, wealthy and from a country that is, in most parts of the world, well considered (what I have read more than a few racist commenter define “a good immigrant”). I want you to think twice, though, if this would be just as “silly” for someone with a higher difficulty setting.

So this tale starts with me signing up for a energy supplier programme. This is a Very British Thing to do, so let me explain a bit about this. Like at least a few countries in Europe, and all those I lived in, the UK has a “liberalised” energy market, which means the consumers (including the tenants) can choose which company to give their money to, for their electricity (or gas).

Because of human nature, capitalism, marketing, and whatever else happens, the normal behaviour of these suppliers is to offer you what is usually a very good deal with a lock-in contract of 12 months. After the contract expires, you’re on a monthly-basis on a terrible tariff — you can then either choose to lock in with them for another 12 months for a less-terrible tariff, or switch supplier to one that offers you a better deal yet. From a purely monetary point of view, switching is always a winning strategy. From the human point of view of not wanting to bother, it’s not uncommon to renew with the same supplier, or even not noticing the contract expired and being overcharged.

Since looking at different suppliers, figuring out the best option, and actually switching are time-consuming tasks, it can get to the point where the money saved is not worth the time spent. And that created an opportunity for middlemen to insert themselves into the picture, in the form of energy supplier switching programmes. These programmes take your information, find you a better deal, and even sign you up to switch, with various degrees of automation.

iChoosr in particular tries to find deals for groups, with the idea that you can get a better deal from a supplier by giving them a ballpark of how many people would sign up for it. This is the middleman that Unite the union chose to run their twice-yearly switching programme. I signed up for it last year, because I was able to — I was provided with a no-lock-in contract with EDF when I moved into the apartment, but was getting annoyed at them calling me every two weeks or so to ask me if I wanted to install a smart meter (my landlord didn’t want, I didn’t want to bother.)

Last year, the chosen supplier was So Energy, which turned out to have a very friendly website, too. I switched. Then this year when the time to renewal came I signed up for the programme again. The answer was different this year (unsurprisingly), and E-On Energy was chosen, which was even more interesting to me, as Santander also had a “retailer offer” to sign up for E-On.

And here is where things went badly. I got the offer and went to their website to fill in the form, but when I stated that I lived at this address for only one year and eight months, I was asked for my previous address, which had to be in the UK. No overseas address option was available in the form. And I couldn’t even mess up with the fields, because it wanted to look up the address by (UK) post code.

I already wrote about this in the previous post of course. So that’s not entirely surprising either, but it is a non-small annoyance. It turns out that you need three years of addresses in the UK to be able to pass the credit check that E-On requires. It’s a “tax on the immigrants” in the sense that you will have to choose a more expensive supplier if you can’t provide that data. I decided to renew with So Energy, if nothing else because they are not unfriendly to recent immigrants — and the difference being less than £100 a year made it not worth the hassle to chase E-On around.

I did, though, send a complaint to iChoosr about the fact that their service is not friendly to immigrants. And today that complaint got an answer:

Dear Mr Diego Elio Petteno,
Thank you for contacting us.
We are sorry for any inconvenience this may have caused. Please note that the system asks for your previous address for the credit check by the supplier. However, if your previous address is not in the UK we would advise you to please fill out that you have lived in the UK more than 3years. That way you may be able to complete your switchover process.
For your convenience Please find below the link to your personal offer (if the link does not work then copy the entire link and paste it into your browser’s address bar). This page provides you with your personal details, current energy figures and your offer:
[Continues with usual drivel with link and request for information — F]
“Dianah” from iChoosr support

As I complained on Twitter after reading this email, their answer is worse than the problem! (El tacon pexo del buxo in my dialect.) They suggested, in writing, for me to lie on a credit check form. Let’s not even comment at how they keep calling it a “personal offer”, given that it is not available to me.

Now it is very possible that, all other things being the same, the credit check would pass just fine. If nothing else, Santander giving me a credit card seems to have taken care of most of those problems. And to be honest, I could probably just have asked my girlfriend to sign up in my place, since she’s been living in the UK much longer than me. But beside me not wanting to give money to a discriminating supplier, there is the other “small” problem of lying in credit check forms.

Again, remember I’m playing at the lowest difficulty level. Lying on the credit check form will probably not do me any harm. But what about a worker with a lower salary who just arrived from a different country? What if the credit company noticed the inconsistency and marked their credit rating further down?

Anyway, after complaining on Twitter, because that’s something I do, iChoosr stated that this is not their standard operating procedure, and even offered to “manually switch” me, without the requirement of three years in the UK. Note that once again, this is for me, a white male working for a big company, coming from a country that is not associated with immigration as much as it should be.

This is unfortunately the norm. If you lived all your life in the UK, all of this is hidden away: of course you have more than three years worth of addresses! If you have enough money that you don’t really care about switching provider, then of course you don’t notice credit checks or anything of the sorts. But it does create a much less friendly environment for those of us who move into the country.

Luckily, there are other cases. The dentistry clinic that just opened across the street from us is staffed mostly by immigrants. They know how hard it is, they remember how annoying it was when they arrived. And they made sure that the financing company the signed up with is able to take overseas addresses. Given that there is no interest applied on the financing, I fear they might have just taken the hit of paying higher fees to guarantee that.

Of course the consideration there is not just for their own experience; assuming that would be naïve to say the least. The other side of that calculation is that their location in West London is as such that a lot of their customers are likely immigrants, that might or might not have lived for three years in the UK already, and might thus need a bit more relaxed credit check environment than, say, Richmond High Street.

This is why I’m upset with Unite, too. The fact that their provider does not care to select offers that accept immigrants out of the box throws a shade to them just as much as iChoosr: many of the people counting on these deals are likely on lower salaries than mine, and for them the price difference can be an actual difference. Even more so if they have recently moved to the country. I should send my complaint to them just as much at this point.

Take my experience of this molehill, think it through with the lenses of someone who might not be as privileged as you are, and then start pressuring the companies you work for, or that you pay money to, to actually care about the real people. Rather than just about their bottom line.

Dear Amazon, please kill the ComiXology app

Dear Amazon, Dear Comixology,

Today, May the 4th, is Free Comic Book Day. I thought this was the right time to issue a plea to you: it’s due time you get rid of the ComiXology app, and ask your customers to just use an unified Kindle app to read their comic books.

I love comic books, and I found ComiXology an awesome service, with awesome selection and good prices. I have been a customer for many years, starting from when I just had bought an iPad for a job. For a while, I have signed up for their ComiXology Unlimited service, that for a monthly fee gave you access to an astounding amount of comics — particularly a lot of non-mainstream comics, a great way to discover some interesting independent authors.

When Amazon bought ComiXology, I was at the same time pleased and afraid — pleased because that could have (and did) boost ComiXology’s reach, afraid because there was always a significant overlap with the Kindle app, ecosystem and market. And it turned out that my fears were just as real, as I found out last year.

I don’t want to repeat the specifics here, the short version is that the ComiXology app has been broken for over a year now for any Android user that relies on microSD storage rather than the internal storage, such as mine. After multiple denial from ComiXology support, the blog post helped me get this to the attention of at least one engineer on the team, who actually sent me a reply nearly 11 months ago:

I followed up with our team and a few weeks ago we met about your report. We realized you are 100% correct, and we’re re-evaluating our decision RE adoptable storage. I don’t have news on when that answer is coming, but the topic is open internally and I want to thank you for your detailed emails and notes. Hopefully we can figure this out and get you back.
Matt, ComiXology Support, May 30, 2018

Unfortunately, months passed, and no changes were pushed to the app. The tablet got an Android OS update, ComiXology got updates every few months, but the app to this day has any way to store its content on microSD cards. The last contact I have from support is from last summer:

Our team has tracked down what’s going on and you are correct in your analysis. They are working on a solution, though we do not have an estimate for when you will be seeing it. We will keep on checking in on this and making sure things move along.
Erin, ComiXology Support, August 13th, 2018

This is not just a simple annoyance. There is a workaround, that involves using the microSD as so-called “portable storage”, and telling the app to store the comics on the SD card itself. But it has another side effect: you can’t then use the SD card to download Netflix content. The Netflix app cannot be moved to the card, either as adopted or portable storage – just like ComiXolgy – but it supports selecting an “adopted storage” microSD card for storage, and actually defaults to it. So you end up choosing between Netflix and ComiXology.

And here’s the kicker: the Kindle app, developed by a different branch of the same company, does this the right way.

And this brings me back to the topic of this post: the Kindle app is not stellr for reading comic books in my experience, ComiXology did a much better job at navigating panels. But that’s where it stops — Kindle has a better library handling, a better background download support, and clearly better support for modern Android OS. But I can’t read the content I already paid for in ComiXology on that.

I think the best value for the customers, for the people actually reading the comic books, would be if Amazon just stopped investing engineering into the ComiXology app at this point, which clearly appears understaffed and not making any forward progress anyway, and instead allowed reading of ComiXology content on Kindle apps. And maybe Kindle hardware — I would love reading my manga collection on a Kindle, even if I had to upgrade from my Paperwhite (but please, if you require me to do that, use USB-C for the next gen!)

Will you, Amazon?

London, an Year and a Half Later

Given that nearly everything we hear, both here in the UK, and it appears everywhere else, is the stinking pile of burning rubbish that is Brexit, I thought I would bring at least a bit of positivity, by giving an update on my life in London, which I announced just shy of two years ago.

London has been a significant change of pace for me, both professionally (not always in a good way) and personally (almost all in a good way). I now live in a flat with my girlfriend, who’s the world to me. I have effectively stopped globetrotting, compared to Dublin — because I have so many things to do here, that were not available there. And I’m actually dedicating a forced 45 minutes a day to reading books (and another 45 are usually dedicated at reading the news), thanks to my higher-than-median commute.

As I said, the professional change of pace was not entirely positive. I ended up with a bad case of burnout between teams, and took two weeks of stress leave in February to “recenter myself”, which mostly involved me spending time on usbmon-tools, and a few kernel patches that (hopefully) I’ll be sending out this week. I am not entirely sure if this is due to a difference in the office environment, or in my own way to relate to the office itself. In Dublin I found there was more camaraderie, which might be caused by being a smaller office for my organisation, or the fact that so many of us lived in the same area that we spent a lot more time together outside of work too. As for myself, I find myself trying to put more explicit boundaries on how much I interact with my colleagues, even when I find them stimulating company.

On the personal level, the past two years (including the few months before the actual move) have been a roller-coaster ride, between the fear of change, my computer getting stolen, meeting my girlfriend, attending a number of concerts (not all, but most, metal), and getting photographed together with some of my most admired celebrities (I would put Simon Jones, John Lloyd, and Alexander Siddig as the top-three!)

And even when we didn’t go full-fan waiting over two hours to get a quick sketch of Spider-Man from John Romita, Jr, being able to go and see the Elves at No Such Thing as A Fish, or listen to Stephen Fry tell stories of ancient Greece all have had a very positive impact to my personal mental health.

And now that the rollercoaster is slowing down (and ending in a high note, at least on the personal side, ignoring Brexit), I think you may get more content from me. Because I have missed my blog tremendously, and migrating to WordPress was also a very good idea, as it allows me a lot more flexibility in writing.

Speaking of Foreign Transaction Fees

In the previous post about Revolut, I have left open a topic that I wanted to move to its own post: foreign transaction fees.

For those who are not acquainted with the terminology here, with foreign transaction fee I’m referring to the additional fee levied by banks and payment card companies when you incur expenses in a different currency than the one the card was issued for. Sometimes (particularly in UK and Ireland) this is referred to as an “overseas transaction fee” — which is confusing, particularly for Ireland, where the fee is applied for expenses in GBP (which is not overseas, but rather “up the road”), but not in EUR (which is mostly oversea).

This is a different cost incurred than the possible bad exchange rate that the financial institution may be applying, and it has nothing to do with the various DCC scams that you may run into when going to touristy destinations with a non-local card, although there is a link there: even online, services may suggest you to apply the charge in your local currency to avoid foreign transaction fees — as you can see in the linked post, that’s rarely a good idea, with a few exceptions (e.g. PayPal actually applies sane conversion fees in my experience, even if not the best ever).

These foreign transaction fees are set by the card issuers, and vary widely. I have seen cards with up to 6% “fex fees”, but that was back in Italy (why I say that will be clearer in a moment). In Ireland, with the exception of various fintech companies, the typical fex fees were of 2-3% — I was very happy with Tesco Banks‘s 1.75% fex fee (Tesco Bank no longer operates in Ireland.) In the UK, it appears most cards either have 0% fex fee, or 2.99% fex fee; there are a few divergences, but those two appear to be the most common options.

The reason why I am specifying this information with a country attached is that, in addition to telling you what the currency is, the mix of local-vs-foreign spend for the average person is also connected to the country. For instance, for my friends and family living in Italy, foreign transaction fees only exist when buying from foreign websites (or eBay), or when going on a “far” trip — Croatia and Switzerland being the closest countries that incur the fex fee. On the other hand, if you live in Ireland, you’ll probably have at least one recurring expense in GBP — depending on how Brexit is going to go this may change.

Indeed, for electronics you often need to look at the UK, rather than the continent — because of plugs, regulations, availability, etc. And quite a few eShops with presence both in the continent and the UK used to refuse you service from the European website, referring you to the UK one instead — this is another thing that may change after Brexit. There is a reason why, when discussing markets, most companies call it “UKI”.

I’m told that a similar situation exists for those living in Switzerland, and I can imagine this goes similar in the Nordics, given that Denmark, Sweden, and Norway have their own currencies as well, and likely a lot of services overlap.

In the UK (and again this may change after Brexit), you may very well never spend money outside of GBP because all the services exist within the country. Unless you’re an expat, in which case you’re probably still visiting the continent (Eurozone or not) fairly often, or may be paying for ongoing services (such as cellphone contracts) in that currency. This probably explains why the two sets of fex fee groups: if you’re part of the first group, you probably don’t need a card with no foreign transaction fees — while you really do in the latter case.

In my case, I have two credit cards: one from Santander, which I spoke of last time, with no foreign transaction fee, and an American Express with a 2.99% foreign transaction fee. I effectively spread the expenses on the two cards, depending on where I am — namely I try to use the Amex in the UK, and the Santander anywhere the other does not work. I could give up on the Amex, as the Santander is strictly a superset usage, but the perks provided by Amex are worth having. And that’s the most important thing: cards have perks, so you should probably consider those as well.

Thus the utility of fintech services like Revolut and Curve depend on the country you live in not just because it sets the band for foreign transaction fees, but also because they set the tone of foreign currency usage. In the UK, with the wide availability of debit and credit cards with no foreign transaction fees, their services are likely less useful than in other countries — except when it comes to perks. Indeed in the case of Curve, you would be able to keep most of the perks of a credit card, such as cashback, even if the card comes with a hefty foreign transaction fee. Except for Amex of course.

But is it convenient for you to pay for such a service? That’s another very good question. And to answer it, I’ll try to forget about the UK and go back to Ireland — mainly because here, as I now repeated a number of times, cards with no foreign transaction fee exists and you can just use one of those. Metro Bank has free current accounts with cards that come with cards without foreign transaction fees in Europe. Santander has a £3/month credit card with no foreign transaction fees, and 0.5% cashback. Halifax has a Clarity MasterCard that comes with no monthly fee, no foreign transaction fees (and of course no perks.)

But let’s go back to Ireland and take a look at the options. As I said the usual foreign transaction fee in the country was between 2% and 3%. In the case of Ulster Bank, the card I used to have had 2.75% foreign transaction fee. At which point would it have been cheaper for me to subscribe to Curve Black, at €9.99/month, rather than give Ulster Bank their fees? (And for simplicity here, I’m not talking about exchange rates; the exchange rate for their MasterCard is network-provided so it’s not at all bad, and in fact it’s comparable to Revolut’s.)

As most services would require a yearly commitment, we should consider the spend on an yearly basis too. This makes the cost €119.88, but we’ll call it €120 to make it easier to run umbers on them. Let’s just call the twelve cents a rounding error. If we’re ignoring the cashback options (as in Ireland there were none, beside Tesco Bank), the amount of foreign expenses you’d need to break even on Curve black with the foreign transaction fee noted above is about €4364 (divide the yearly cost by the foreign transaction fee). That’s the cost of fairly big vacation for a family (note that you can’t include flights in the vacation cost, as those would be billed by the currency of the country of origin, which is likely local).

If you have a card that provides cashback, then things become more complicated, because you’d have to include the cashback in the calculation. If you’re curious the following formula will give you the number, making S the yearly subscription cost of the service, F the foreign transaction fee percentage, and C the cashback percentage:

(S + (S/F) * C) / F

For Revolut Metal, with their variable cashback, figuring out the number is a bit more annoying. But we’re also talking about 1% in the best case scenario (all non-European spend). So the basic number (€5673) only goes down to €5616. The 0.1% cashback option of all European spend is so minimal that it’s not worth calculating exactly.

So what should you do if you don’t usually spend that kind of money on foreign transactions? You can still use the Revolut and Curve and other fintech services without paying for them, and grab the best deal you can until they go bust. Or if you don’t want to bother, you can just spend on your normal cards, get your usual perks and ignore the need for no foreign transaction fees.

Indeed, if your options are spending on Curve attached to a debit card with no cashback and no perks, or spend on an American Express Platinum Cashback Credit Card, you would need to spend more than £5330 a year in foreign transactions for it to be worth it — and that’s assuming you don’t qualify for the higher tier. And this is probably the worst case scenario for the UK, for a non-zero foreign transaction fee card.

Is Revolut Still a Good Thing?

You may remember that a few years ago I wrote a positive review of Revolut, the fintech startup that provides payment cards with stored value and no foreign transaction fees. I have been using it for a long time by now, and had mostly stood by that review, until the second half of last year, where things started to appear more complicated. Given the current flurry of stories on the company, from silly advertising shenanigans to uncovering of poisonous working conditions, I thought it would be a good time to write some more up to date words, as I don’t think I can recommend Revolut as much as I did before anymore.

First of all, I started feeling uneasy recommending Revolut since they started down the path of selling cryptocurrencies as an added-value feature. I hold a personal belief that participating in the trading of Bitcoin and other similar “currencies” is unethical (see Thomas’s rant on the topic), and I don’t like being associated with companies focusing on them. I have looked the other way for a while, though, because I knew that using the words “cryptocurrency” and “blockchain” make money appear out of nowhere for most startups, even when there’s no rhyme or reason for it. I just had a bad taste in my mouth for this.

The problem is that Revolut, even when I had the Premium version, built something very cool, but a bit rough around the edges. And as a customer, it is annoying to see them jumping the shark onto cryptocurrencies, instead of making location-based security actually reliable, implementing 3DSecure/VBV integrations, or finding a way to get a proper banking license and FSCS insurance (all of which would be requirements for me and most people to use Revolut as a replacement for high-street banking).

Instead, what we see is that Revolut is adding “features” trying to upsell you into their premium services. This is not entirely bad, because you need paying customers to run a business. Unfortunately my impression is that they offered and offer so much on their free tier, that they are tackling on random stuff that has nothing to do with banking itself, just to get people to sign up for their Premium and Metal tiers.

As an aside, I still don’t understand this trend of providing heavy (“18g” as they boast some companies) metal cards. The last thing I want from a credit card is to be heavy, as I barely even want to have to take it out. I’m all in favour of the trend of not embossing the name and number, preferring to print it on the back, but it does not need to be metal for it. Indeed, Curve (that I’ll get again in a moment) did exactly that.

We’ve just come back from a trip to the Continent, and what we did notice that Revolut tried to upsell us medical and travel insurance at every change of country (even when we just connected flights through third countries). This is not just annoying as we’re not interested in it (we’re European citizens, visiting European countries, and work provides both of us with a basic travel insurance), but it’s also annoying because it makes use of the location information, which I provide for the security feature, for marketing. Similarly, I recently had more notifications about them trying to upsell me Metal than actual transactions.

For a while, I actually did pay for the Premium service. Mostly under the idea of “putting my money where my mouth is”, that is to make sure that the company could keep operating a service I loved. Unfortunately it turned out a bad idea: not just because Revolut cannot replace a high street bank in the UK (no FSCS to protect your account, no BACS direct debits, etc), but also because the Premium “perks” were not something I cared about, and the dedicated service team was still useless when it came to even telling me the top-up limits when I changed the card I used for top-up.

If you already have two physical cards (and paid for it), you need to pay to replace one of them with a Premium card, if you so wish (but it gains nothing but a different colour, so I never did that). The unlimited exchange is not particularly useful when you already don’t reach the free tier’s spend, and the ATM limits is only useful if you plan to actually use cash, which I really try not to. The one interesting feature that is advertised for Premium customers, but as far as I can tell is also present as a one-off charge for non-Premium one, is the disposable virtual card, that changes PAN every time you use it. But even that is not as secure as it looks, as I’m told that vendors are still able to charge again a disposable card that already changed number.

Okay admittedly there’s the travel and medical insurance, but as I said earlier, I get a better travel medical insurance from work (and probably there’ s better out there) and a credit card such as American Express would provide a better baggage/flight insurance. This is very subjective of course, it’s well possible that for other people, with other employers, and in other countries, these insurances are actually worth it.

Speaking of circumstances, I think I might not have felt so strongly against Revolut if I was still in Ireland. Not just because they seem to have implemented SEPA DD Core support, so you can actually use it to pay your bills there, but also because the alternatives of high street banking there are significantly worse than here.

In London, I now settled on Santander as my primary bank, both for the current account and for a 0% foreign transaction fee credit card, their All-in-One Credit Card. These come to £5 per month for the account, and another £3 per month for the credit card (compare against Revolut’s premium at £6.99 and Metal tier at £12.99), and while the free foreign ATMs withdrawal are limited to Santander’s own network (limiting the countries you can use them on), this is a full-featured, FSCS-insured account, with cashback, retailer offers, and active interest on the current account’s deposit. If you don’t want (or can’t afford) a credit card, Metro Bank offers 0% foreign transaction fee for European transactions on their free accounts’ debit cards. And I’m sure that other banks have similar arrangements all over the place. Basically, the UK has a significantly wider range of offers, that make Revolut less necessary than in Ireland.

But even for Ireland, and for other countries that do not have such a selection of high-street banks, Curve – that I complained about before – decided to change their target marketing a bit, now offering a “front” for any Visa and MasterCard card to provide 0% foreign transaction fee, with their premium option existing to raise the limit of monthly transactions. That would have been something awesome to have when I lived in Dublin, to keep getting Tesco points, while not paying the 1.75% of foreign transaction fee on their credit card. (If you are interested to try that, my referral code is BG2G3).

Both Curve and Revolut have a Metal card with which they provide cashback. In the case of the former, these are retailers-limited, and I can only assume they are based on some third party’s selection of perks, as the retailers are pretty much the same that Santander and Lloyd’s provide retailers offers for. Revolut instead provides cashback on all spend, 0.1% on European spend, and 1% for non-European spend (although there does not seem to be an obvious definition of Europe on their marketing material, I assume it’s deep into the terms of service).

While cashback is always a nice bonus, it only makes sense if you can break even on the cost of one’s service by spending. With Revolut Metal, that would be an astounding £13k (thirteen thousands pound) per month in European spend, or £1299 of non-European spend. I do know some extremely frequent travellers to the States or Asia that would be able to spend the latter, but that’s more of an exception than a rule. And if you can spend the former, you probably can get more than that in interest by keeping the money in an active-interest current account, and paying with a normal credit card.

For comparison, Santander’s card I linked above costs £3/month (you don’t even need their bank account). It has 0% foreign transaction fee on all spend. And a cashback of 0.5% (five times Revolut’s European cashback) on all spend. It takes only £600 a month to break even, and that’s without counting additional retailer offers, or additional perks from their current accounts.

And even if you look at American Express (which is never considered a cheap option) and their cashback options, the numbers are significantly different. Their Platinum cashsback card is £25 per year, and includes a better travel insurance, 1% cashback on all spend to £10k and 1.25% over that. Plus retailers offers and supplementary cards for the family. Although be warned if you want to go down that road, that American Express charges you 2.99% foreign transaction fees, for every single one of their cards in the UK.

I was going to take a detour talking about foreign transaction fees, but I will leave it for another post, because it’s a lot of content, and a lot of explanation to be done there.

So the final words of this post are: I’m not sure I trust Revolut anymore. They seem to be taking “marketing risks” to get people to pay for services, but at the same time there’s very little value in their paid services. I don’t think that the company will be able to sustain the current trajectory without venture capital money, and I find scary the idea of relying on a VC-funded pseudo-bank for my own money.

Update (2019-03-27): just a few days after I wrote this blog post, I received two email from Revolut, with widely different content, that I think merit a bit of description, thus why this update.

The latest email is an announcement of new details (new sort code and account number) for their GBP accounts. This is effectively a change in intermediary bank that maintains the GBP account proxies for Revolut. Nothing particularly eventful in by itself, but there are a few notable things. The announcement is declared “great news” for their customers, but it also highlight yet another feature that high street banking would have, and Revolut lacks: redirections.

When you switch bank account with a high street bank, the bank will take care of moving standing orders, direct debits, automatic salary payments, and redirect any transfer to the old bank account to the new one. Revolut is instead telling all the customers that they have to deal with all the required changes of both payment and transfer. Not just that, but they don’t appear to guarantee any specific grace period in which both accounts would exist: they say that the new details will appear in the app before May 22nd, which is when the old account will stop working:

⚠️ Your old account details will stop working from the 22nd May 2019.

Salaries and standing orders

If you receive your salary into your Revolut account, you’ll need to send your new account details to your employer before the 22nd May. Again, we’ll let you know as soon as they arrive.

For standing orders from your external bank to your Revolut account, you’ll need to update your bank with your new details before 22nd May. For recurring payments set up from your Revolut account to another bank, you don’t need to do anything.
Revolut email arrived on 2019-03-27

To give you an idea of time frame involved, the company I work for freezes the salary payment details around the 5th of the month for payments on the 25th. This means that if the new details arrive after 5th of May, and you’re paid monthly, you may be unable to receive the salary. Hopefully, the old accounts would just reject the transfer, but even in that case, retrieving the missing salary can easily take two weeks, which for a number of people would be a significant risk.

For comparison, the previous email I received just twenty hours before, also from Revolut, had as subject «👕Should we release Revolut merch?». This is a company that just before announcing a significant disruption of service, that a high street bank would never subject their customers to, asks whether you would like to wear their brand around, making yourself not just a product, but a walking billboard.

Update 2019-01-04: see also the October update.