Cashless Society 661
roomisigloomis writes "France has released "en masse" a new card to replace money. No private information is stored on the card and anybody can use it. Just like cash: you lose it and someone else uses it. Do you think we could be nearing the end of life of paper money?"
The End Of Paper Money? (Score:1, Interesting)
Old news (Score:5, Interesting)
Fatal Flaws (Score:4, Interesting)
Sounds good to me (Score:2, Interesting)
Of course, I'm not so certain that this needs to be a government implemented project. Companies in the private sector have already done something similar, see Visa [visa.com].
And anyway, don't many people choose to be cashless as it is now? When I was in retail, a large percentage of people paid with debit cards linked to a major credit card. There's no cash! John Doe has his paycheck directly deposited in to his checking account, then pays for purchases with his debit card which utilizes a preexisting network system (Visa, Mastercard).
So bottom line: yeah, a (near-)cashless society is cool, but is government intervention necessary?
Re:Fatal Flaws (Score:3, Interesting)
Re:Fatal Flaws (Score:5, Interesting)
I happen to work at a store that uses an all-computerized POS system. It's a fairly big retail store, and I have watched the system go down and power go out before, while the store was open and there were customers in there.
What happened? Well, we pulled calculators off the shelves and found the prices manually, hand wrote reciepts, and anbody that had cash was able to pay and leave. Anybody that needed to use credit / debit had to wait until the power came back on (usually 30 min).
Re:I'm not sure.. (Score:2, Interesting)
You are wrong. Like the system used here in the Netherlands it is an off-line system. The card itself stores the bit string representing the money. On-line transcations are too expensive for this type of transaction, which is typically used here for parking fees.
Hacking it may be possible, but is quite difficult. Reasonbly strong crypto is used in these card. The cards carry a smart card that is capable of doing arithmetic functions that are needed for doing the cryptographical computations.
The protocol used for "charging" the cards does work on-line, and needs special terminals that are mostly located at banks.
Re:Australia hasn't had paper money for 10 years! (Score:4, Interesting)
Who gets the float...as if I need to ask (Score:3, Interesting)
Let's say you buy a $100 dollar card from the bank. The bank transfers $100 from YOUR account to their account from which it can be used by the bank to loan to other customers and earn interest (mortgage loans, auto loans, credit card loans, etc). So if it takes 2 months for you to use up the $100, you've "given" your capital to the bank to use for two months.
On top of the banks getting the "earning power" of your $100, they charge you to get your capital back through transaction fees! So at a minimum, the bank makes 50 cents on every card it "fills up". If it takes you two months to use the card, they get up to ~$2.00 more!
On top of all that, what happens to the money that never gets used, lost cards, broken cards, cards that have only 50 cents left on them so they get tossed into glove box. I'm sure the banks won't let go of that "unclaimed" cash without a fight.
No, I'll continue to use my ATM card that's linked to an interest bearing checking account, even though its a microscopic rate and live under the illussion that I have control of my cash.
The first step (Score:1, Interesting)
Consider this:
> No private information is stored on the card and anybody can use it.
Step 1: Put infrastructure into place in benign manner.
Step 2: Wait for natural convenience to grow user base.
Step 3: Start mandating it for a growing number of transactions.
Step 4: Change rules so ID is present or tied to transaction (to prevent money laundering, drugs, etc.)
Step 5: Wait until appropriate minority steps out of line.
Step 6: Flip the switch to their cards don't work, or cards call police, etc.
Step 7: Oppression!
Shudder.
Remember kids: In the US, transactions over $10,000 are tracked by the government to fight money laundering, drugs, etc. This law brought to you courtesy of the Clinton administration and the letters I R S.
Re:Fatal Flaws (Score:3, Interesting)
Re:Claimed anonimity is bogus (Score:4, Interesting)
Though I imagine you're right for this implementation, it is possible to build a digital cash cryptosystem that is as anonymous as cash. I believe Bruce Schneier covers the basics in Applied Cryptography; we went over it in an intro cryptography course I took, and I think that was the source.
The basic system is that the bank signs individual units of value (think individual bills). You then insert your card, and it transfers several of them over, gets change if needed, etc.
For the more detailed explanation (somewhat):
You, the party desiring cash from the bank, begin a transaction to create a bill. You tell the bank the account number to take the money from, and prove you're you through whatever standard techniques. Then, you create a handful (say 10) "bills"; they're real bills, minus the bank's signature. You give them each a randomly chosen 128 bit id (128 bits is enough to avoid collisions, globaly -- but you need a good source of randomness). Then, you blind each bill with a new random number. Then, you encrypt all the bills, using a different key created only for this purpose. This extra key will be thrown away when the transaction is complete. The blinding and encryption work such that you can only recover the original text with both the key and the blinding number. The bank then chooses one bill, signs it, asks to see the blinding numbers on the other 9 and also asks for the decryption key. The bank verifies that the other bills are valid, and can assume the tenth is too. They sign it and return it to you. You decrypt it and deblind it. The math works such that the banks signature is still intact. Basically, using RSA, encryption and decryption are exponentiation, and blinding is multiplication (all done modulo the key).
The bank has now signed your bill as being worth money, without knowing the id number on the bill.
This system is rather complicated, and it is unlikely something equivalent has been implemented in this case. But it is possible to do it right (just hard). I've simpleified a little, but the major pieces are there.
Australia's plastic money is much better.. (Score:5, Interesting)
Australians or anyone with them.. the first two digits of the serial number are the year of manufacture. I have a $20 made in 1994 and another from 1998. I jut got some 2002 date $20s.. ei, they only need to print new $20s every 4 years
Of course, they spring around like no-body's business and are absolutely frictionless, but the concept is so cool!
Pictures at -> http://theducks.org/notes
Time to go to france... (Score:2, Interesting)
Smartcard reader/writers have been available to the general public for quite a few years now (The Eltron 310 [yahoo.com] does full color card printing, mag encoding, bar codes and smart card encoding in one box for $3k), and you can find schematics on how to build your own all over the place.
Re:Card to card transfers? (Score:1, Interesting)
Here in the Netherlands, when you want to travel by bus, you pay for every bus-zone you travel through. A bus card allows you to travel through up to 23 (I think) zones. But once in a while they will issue new (and more expensive) buscards, and invalidate the old ones. If you still have half of your zones left - well, sorry.
I only carry a buscard for emergency reasons (when my bike breaks - I travel a lot by bike), and it bother me a great deal that when I need it, almost invariably I find myself faced with having to buy a newer, more expensive card while I still have most of the zones on the old one left.
The same is true for other reuseable card types. I have an old phone card. Technically I guess it is still valid, but in practice they removed most phone booths because everybody is using mobile phones by now, so it is useless to me now.
And if you own a pre-paid mobile phone that you *only* use to receive calls, well tough: the phone companies decided they were not making enough profit on you and disconnected your paid for phone. The only way you can use it again: pay for it *again*.
There is a morale here: whenever something takes the role of money, be it in the form of a pre-paid reuseable buscard, phonecard, or phone, they will periodically try to get you to pay again. And that's exactly why I am not using those money-cards.
You buy cash vouchers... (Score:3, Interesting)
Re:Europe already has stopped using paper money. (Score:3, Interesting)
High-quality paper is always made with linen, cotton and other natural fibres. It is a common misunderstanding that "paper" is synonymous with "wood pulp".
TWW
How it works (Score:5, Interesting)
1: Secure chip cards.
2: Public key cryptography. This post assumes you know the basic concepts.
IIRC the protocol works (roughly) like this.
Step 3 is the critical one. If that message gets lost then the $5 is lost as well. Of course a real protocol will include nonces and resends so that a single lost bit won't destroy your money.
This has applications beyond just replacing cash. People have been looking for a way of making small transactions over the net for years. These cards are potentially it. Plug a card reader into your USB port, put a similar one on a server somewhere, and you can purchase information off the server, paying by the page if you want. Conventional credit card transactions have high fixed costs. The costs on these cards are very low.
(Actually the server will probably have a PCI card with a high-speed, high-capacity version of the chip. But the principle is the same).
On security, PKC is the easy bit. Securing chip cards is much harder. If you can spoof a card into accepting messages from something other than a real card then you can forge money untraceably. To do this you either have to extract the private key from a card or find some other way to increment its cash register. Both of these need tamper-proof cards. The techniques for doing this are too many to go into here, but you need to worry about power supply signalling information about the processes going on in the cards, and random errors induced by putting the card in a microwave oven (no, I'm not kidding) giving information away too, in addition to raw physical attacks like stripping off the plastic and using very fine patch leads.
The biggest weakness is that any card is potentially an entry point to destabilise the entire system. I suspect this is the real reason for the $107 limit: cracking a single card would give you as an individual considerable wealth, but moving that wealth into the rest of the financial system by (e.g.) depositing it at a bank would show up in odd deposit patterns long before you could "forge" enough money to destabilise the economy. Also the individual who does this has every incentive to keep it quiet: not only has s/he committed a crime, but everyone in the know is a potential blackmailer.
Of course someone might find an easy crack and publish it. This is probably the worst case scenario. The only solution is to recall the cards and go back to cash until the problem can be sorted out. Again, the card limit helps put an upper limit on the cost of this.
Paul.
How much is on my smart card? (Score:1, Interesting)
Re:The black market is the answer to the success (Score:2, Interesting)
Since the card is 'anonymous' you could merely hand it over to someone you wanted to pay. At the moment the cards are too costly to make this practical, but once the price drops the more dubious members of society can merely shuffle their cards around to hide their transactions. Even with expensive cards, you could still trade them with anyone for a card with the same debit level on it, thus obfuscating the paper trail. I can see a new form of e-money laundering being created out of this.
Re:Why so many different standards? (Score:2, Interesting)
Nope (Score:3, Interesting)
The money is anonymous, but it's numbered.
A legitimate "add cash" operation leaves a record in the database.
When the user tries to pass the counterfeit card, the database is checked and when it finds, for example, that "card 0x8782a321=54.21" but the card says "card=100.00" the POS terminal knows it's counterfeit. The integrated security camera clicks on, homes in on your face, and e-mails your picture to the authorities.
I like that. We in theory could do this now with old-fashioned bills. One camera (with a *very good* machine vision system) looks over the shoulder of the cashier. Camera one is looking at the serial numbers of the bills. Camera two is looking at the customer.
Camera one is hooked into a database that tracks the locations of bills and serial numbers (think WheresGeorge on steroids). If the system discovers a bill passed with SN that isn't in the database, or that is already in a till someplace else, the customer becomes a counterfeiting suspect. This obviously requires some sophistication. For example, a bill may not be in the till anymore, but if it left the till in Hawii, and enterred a till in Maine 45 minutes later, you know the bill in Maine is counterfeit. The program would obviously have to be updated if commercial hypersonic transports ever became available (!).
Such a system won't catch a counterfeiter every time, but the odds would catch up with him. A more cumbersome system that doesn't use machine vision and requires the cashier to run bills through a scanner could probably be implemented in a much shorter time. Building RFID tags into the money makes even better sense if they are robust enough, but ongoing passage of "microwaved" money would make you a counterfeiting suspect even if your money was being legitimately zapped..
I like this. It is, in some ways, the antithesis of "the beast" because they are numbering the money as opposed to numbering the people.