Truth about the electricity prepaid meter “bug”
The need to update tens of millions of prepaid electricity meters to ensure they can continue accepting tokens is not due to a “bug” or “glitch” but an intentional time-based feature to combat fraud.
The deadline for recoding Standard Transfer Specifications (STS) meters to extend their useability passed on 24 November 2024.
By that point, about 2.1 million STS-compliant prepaid meters in South Africa were not updated, most of which were used by Eskom direct customers.
These meters cannot load new electricity tokens until they are recoded with two key change tokens.
Several public commentators recently described the issue as a “bug”, calling it a design flaw similar in principle to the infamous Y2K bug or Year 2000 problem.
While both events relate to date fields in a computer system running out of range, there are some big and important differences between them.
The Y2K bug was caused by software developers in the 1970s and 1980s who incorrectly assumed their applications would no longer be used after the turn of the century.
To save memory and storage space in the medium-term, they elected to store only the last two digits of the year when dealing with dates.
It should be noted that this did not impact all systems and software, although a significant number were affected.
To fix the date error that could occur at midnight on 1 January 2000, an enormous effort was made by information technology experts to update software and systems.
In other words, Y2K was an unintentional problem — a “bug” — caused by a lack of foresight.
On the other hand, the Key Revision Number (KRN) rollover event was part of an intentional design and well accounted for.
A simple mechanism was built into the system powering prepaid electricity meters to update the KRN before the date rollover event occurred, with a ten-year grace period designed into it.
To understand why the KRN rollover event cannot be classed as a “bug” or “design flaw” in the same realm as the Y2K issue, it is important to understand the reason it had to occur.
Eskom initially developed the STS standard as a secure message protocol for carrying information between a point-of-sale that generates an electricity voucher to the prepaid meter.
After its introduction in South Africa in 1993, it was published by the International Electro-technical Commission as the IEC62055 series of specifications and adopted in many other countries.
More than 500 power utilities across roughly 40 countries use the standard for at least some of their meters.
The technology is now licenced to the STS Association, of which Eskom is a founding member.
To prevent digital fraud, you need to keep time
The reason the meters needed to be updated was because the 20-digit token system in STS allows for only a limited number of token identifiers (TIDs).
These TIDs embed a part of the token with a value corresponding with the minute it was bought. Initially, the base date from which these minutes were counted was set as 1 January 2013.
The TIDs prevent several fraudulent actions in the electricity-buying process, including:
- Fraudulent transfer of credit resulting from hit-and-miss attempts at entering the correct number
- Fraudulent generation of tokens from a stolen vending station
- Fraudulent generation of tokens from legitimate vending stations outside of the utility’s area
- Fraudulent re-use of tokens which have already been used
- Tampering of legitimate tokens to change the value
The STS designers intentionally limited the number of minutes to about 16.7 million (technically, 24 bits) to avoid exceeding the range occupied by the token digits.
In other words, they could have chosen to increase how many minutes the timer counts, but then the voucher codes would also become longer.
Once the timer reached the final minute it could count at 20:15 on 24 November 2024, it rolled over to zero.
If a meter is not recoded, it will reject new tokens as they appeared to have been bought in 1993.
Meters store the last 50 tokens entered into their keypad, and any tokens older than this are rejected.
STS has a built-in mechanism for updating the base date by setting a field known as the Key Revision Number. When it equals 1, the base time is midnight on 1 January 1993.
Updating the KRN to 2 shifts the base date forward 21 years, to 1 January 2014.
Therefore, STS gives a ten-year window within which meters can be updated before hitting the cutoff time.
The real issue was not that KRN rollover was necessary, but that Eskom and municipalities waited too long before they started updating their over eleven million prepaid customers’ meters.