9.2 Electronic cash systems

Almost all statistical investigations show that consumers make extensive use of cash. Depending on the country involved, somewhere between 75% and 95% of all financial transactions are paid with cash, even though the value of these transactions are for the most part quite low. As mentioned above, prepaid or cashlike payment systems provide an electronic analog for physical cash.

In short, a bank issues electronic cash (e-cash), and customers use e-cash to purchase goods or services from merchants that accept this form of payment. Consequently, there are three parties involved in an e-cash system:

An e-cash issuing bank;
A customer (or payer);
A merchant (or payee).

Typically, the customer and merchant have accounts with the same bank. However, the customer and merchant may also have accounts with different banks. In this case, the banks are referred to as the customer s bank or issuer and the merchant s bank or acquirer.

Given this cast, an e-cash transaction typically takes place in three distinct and independent phases:

In the first phase, the customer withdraws some e-cash. He or she therefore requests his or her bank (i.e., the issuer) to transfer some monetary value from his or her account to the e-cash issuing bank. Following this value transfer, the bank issues ^[6] and sends a corresponding amount of e-cash to the customer. The customer, in turn , stores the e-cash locally (e.g., on his or her hard disk or smart card).
In the second phase, the customer uses the e-cash to purchase some goods or services. In particular, he or she selects goods or services and transfers the corresponding amount of e-cash to the merchant. The merchant, in turn, delivers the goods or services to the customer.
In the third phase, the merchant redeems the e-cash he or she has just received from the customer. He or she therefore transfers the e-cash to the issuing bank. Alternatively, the merchant may also transfer the e-cash to his or her bank (the merchant s bank), and this bank may, in turn, redeem the money from the e-cash issuing bank. In this case, the issuing bank transfers money to the merchant s bank for crediting the merchant s account.

It is commonly agreed that e-cash should satisfy some general properties. For example, e-cash should be independent in the sense that its existence must not depend on a particular system platform or location. Probably one of the distinguishing features of physical cash (at least in the case of coins ) is anonymity, meaning that cash must not provide information that can be used to trace previous owners . One can reasonably argue that e-cash must also provide this form of anonymity. Consequently, e-cash should be transferable from one person to another, and this transfer should occur without leaving any trace of who has been in possession of the e-cash before. In this case, however, it must be ensured that each owner can spend the e-cash only once and that double spending can be prevented or at least be detected in one way or another. Furthermore, e-cash should be available in several denominations and be divisible in a way similar to physical cash. Finally, e-cash should be available in such a way that it can be securely stored on various media, such as hard disks or smart cards.

Not all e-cash systems that have been proposed in the past satisfy all of these properties. For example, the anonymity property is still very controversial today, since it leads to the undesired possibility of illegal money laundering, or hiding of black market and blackmail money. This has led to development of fairly anonymous e-cash systems, in which the customer s anonymity may leak under certain conditions. The development of fairly anonymous e-cash systems is an active area of research today.

There are many electronic cash systems developed in theory and practice. Examples include David Chaum s e-cash system [4 “6], ^[7] an electronic cash system that was developed in a European research and development project called Conditional Access for Europe (CAFE) [7, 8], NetCash ^[8] developed at the University of Southern California [9], the Mondex electronic cash card, ^[9] EMV cash cards [3], as well as cards that conform to the Common Electronic Purse Specification (CEPS). All of these systems and their corresponding protocols are overviewed and further described in Chapter 6 of [1].

^[6] In general, e-cash is issued by having the bank mint digital coins. The digital coins, in turn, are minted by digitally signing an item, such as a serial number for the coin, with a private key that is characteristic for the actual denomination of the coin.

^[7] The system was originally marketed by a Dutch company called DigiCash. DigiCash was acquired by eCash Technolgies, Inc. in August 1999, and eCash Technolgies, Inc. was acquired by InfoSpace, Inc. in February 2002. As of this writing, it is not clear if and in what form the e-cash system developed by Chaum will be marketed in the future.

^[8] http://www.isi.edu/gost/ info /netcash

^[9] The concept of the Mondex card was developed in 1990 at NatWest, a major banking organization in the United Kingdom. After several field trials, a separate company, called Mondex International Ltd., was formed in 1996 to promote the technology through a series of further trials in many different locations around the world. Today, Mondex International is a subsidiary of MasterCard International. As of this writing, little is publicly known about the security features used in the Mondex electronic cash cards. Consequently, the cards have not been subject to public scrutiny.