Cashless Society

roomisigloomis writes "France has released "en masse" a new card to replace money. No private information is stored on the card and anybody can use it. Just like cash: you lose it and someone else uses it. Do you think we could be nearing the end of life of paper money?"

Old news

[reynaert]

In Belgium this has been available for a couple of years now. It's called Proton over here and is pretty popular.

Fatal Flaws

[NeoMoose]

What the hell are you supposed to do when someone decides to be an ass and demagnetize your card? Does your money just vanish since you can't scan it and it carries no identifying information?

Re:Fatal Flaws

[trmj]

Ok I'll bite.

I happen to work at a store that uses an all-computerized POS system. It's a fairly big retail store, and I have watched the system go down and power go out before, while the store was open and there were customers in there.

What happened? Well, we pulled calculators off the shelves and found the prices manually, hand wrote reciepts, and anbody that had cash was able to pay and leave. Anybody that needed to use credit / debit had to wait until the power came back on (usually 30 min).

Australia's plastic money is much better..

[Large+Green+Mallard]

All of Australia's banknotes are made out of plastic. Which gives them the advantage of last a sodding long time...

Australians or anyone with them.. the first two digits of the serial number are the year of manufacture. I have a $20 made in 1994 and another from 1998. I jut got some 2002 date $20s.. ei, they only need to print new $20s every 4 years :) Granted, $5s last a lot less, but it's still a whole lot better than paper (cotton pulp) notes.

Of course, they spring around like no-body's business and are absolutely frictionless, but the concept is so cool! :)

Pictures at -> http://theducks.org/notes

How it works

[Paul+Johnson]

These things have been around for a while. They depend on two things:

1: Secure chip cards.

2: Public key cryptography. This post assumes you know the basic concepts.

IIRC the protocol works (roughly) like this.

1. Card 1 says "I am a genuine card. Here is my public key and a certificate for that key issued by the bank."
2. Card 2 says "I accept your certificate. I am also a genuine card. Here is my public key and certificate."
3. Card 1 says "I have decremented my cash register by $5. Please increment your cash register by $5. Signed: Card 1."
4. Card 2 says "OK."

This transfers $5 from card 1 to card 2.

Step 3 is the critical one. If that message gets lost then the $5 is lost as well. Of course a real protocol will include nonces and resends so that a single lost bit won't destroy your money.

This has applications beyond just replacing cash. People have been looking for a way of making small transactions over the net for years. These cards are potentially it. Plug a card reader into your USB port, put a similar one on a server somewhere, and you can purchase information off the server, paying by the page if you want. Conventional credit card transactions have high fixed costs. The costs on these cards are very low.

(Actually the server will probably have a PCI card with a high-speed, high-capacity version of the chip. But the principle is the same).

On security, PKC is the easy bit. Securing chip cards is much harder. If you can spoof a card into accepting messages from something other than a real card then you can forge money untraceably. To do this you either have to extract the private key from a card or find some other way to increment its cash register. Both of these need tamper-proof cards. The techniques for doing this are too many to go into here, but you need to worry about power supply signalling information about the processes going on in the cards, and random errors induced by putting the card in a microwave oven (no, I'm not kidding) giving information away too, in addition to raw physical attacks like stripping off the plastic and using very fine patch leads.

The biggest weakness is that any card is potentially an entry point to destabilise the entire system. I suspect this is the real reason for the $107 limit: cracking a single card would give you as an individual considerable wealth, but moving that wealth into the rest of the financial system by (e.g.) depositing it at a bank would show up in odd deposit patterns long before you could "forge" enough money to destabilise the economy. Also the individual who does this has every incentive to keep it quiet: not only has s/he committed a crime, but everyone in the know is a potential blackmailer.

Of course someone might find an easy crack and publish it. This is probably the worst case scenario. The only solution is to recall the cards and go back to cash until the problem can be sorted out. Again, the card limit helps put an upper limit on the cost of this.

Paul.