Dave Birch has an interesting case study on the Octopus system that apparently doesn't do its math completely well. It appears that quite some users have paid for topping up the card while in fact it wasn't. And the central bank has stepped in to take a look.
This makes me wonder. Our contactless system also works with the Octopus stuff. And quite recently Dutch students did discover errors in the system for single load cards.
Would it be possible that TLS now have the same error embedded in their systems or would the adaptation to Dutch circumstances have eliminated it...?