[CTRL] Smart Cards and Private Currencies

[Kris Millegan]

 -Caveat Lector-

from:
http://www.zolatimes.com/V3.12/pageone.html
<A HREF="http://www.zolatimes.com/V3.12/pageone.html">Laissez Faire City Times
- Volume 3 Issue 12</A>
The Laissez Faire City Times
March 22, 1999 - Volume 3, Issue 12
Editor & Chief: Emile Zola
-----
Smart Cards and Private Currencies

by J. Orlin Grabbe


Smart cards are a type of electronic card, looking much like a credit
card, but with a computer chip embedded in the plastic instead of a
magnetic stripe attached to the surface.

Smart cards can be used for many purposes, such as identification,
access control to an office or a computer, making phone calls, or
storing money (value) which may be spent in more than one location.
Millions of smart cards are currently in use  providing billing for
digital mobile phones, allowing prepayment for gas, and controlling the
viewing privileges of satellite television subscribers.

Smart cards have a natural role to play in eliminating government
monopoly over currency issue. (I include among government monopolies the
curious case of the U.S. Federal Reserve, which is privately chartered,
but which acts as a government handmaiden.) Smart cards will assist in
the development of private currencies to compete with, if not replace,
today�s prevalent types of monopoly money.

Writing in the 1970s about the need for private currencies to compete
with official national brands, the economist Friedrich A. Hayek noted
the practical difficulties of having different sizes, shapes, and
weights of coins when it came to acceptance by vending machines and
similar devices. He wrote:

"Another possible development would be the replacement of the present
coins by plastic or similar tokens with electronic markings which every
cash register and slot machine would be able to sort out, and the
�signature� of which would be legally protected against forgery as any
other document of value." [18]

Hayek thus anticipated smart cards and digital signatures. More recently
Browne and Cronin have asserted: "We believe that research on
laissez-faire banking should give greater attention to the potential
implications of rapidly improving technology in electronic payment
instruments (based on integrated circuit/smart cards and advances in
telecommunications) which are being developed by private sector banks."
[5]

In this article I will pay particular attention to the use of smart
cards for storing or transferring money. Money in a modern economy
consists mainly of numbers in a computer. When you write or draw a check
on your banking account, the account balance  or number  associated with
your name in the bank�s computer is reduced. When you make a deposit,
this number is increased. It works the same way with stored-value cards
or other balance-maintaining mechanisms.

For security, it is important is to ensure that this number, or balance,
is only altered under approved circumstances. You wouldn�t want some
bank employee to embezzle from your checking account by decreasing your
balance and putting the equivalent cash into his or her own pocket.

Similarly, for other forms of digital cash�such as money stored in the
computer chip of a smart card  the circumstances under which the balance
is changed are controlled in various degrees by cryptological protocols
[13] and tamper-resistant hardware. But  just as with an ordinary
checking account  the underlying system is all about numbers: what you
did to get them, and what you can do with them. If you gave up goods and
services to acquire your numbers (your money), then you expect to get
something equivalent back when you spend it.

It is confidence that money represents goods and services (that is, the
confidence that money is backed by, or exchangeable for, goods and
services) that allows any modern monetary system to function. (When
additional forms of backing such as gold are used, this simply adds to
the confidence level, but in no way alters the preceding statement. In
fact, the commodity backing of most "commodity-backed" paper monies and
bank deposits has turned out to be a scam, historically. When, in times
of inflation, people have demanded that their notes or deposits be
turned into the underlying commodity  cotton, or gold, or whatever  it
was discovered that this additional "backing" wasn�t really there. In
any case, inflation undermines confidence that money represents a store
of value, because inflation indicates that money was created without a
concomitant creation of goods and services.)

Cash represents an anonymous payment mechanism that does not require
bank approval at the point of sale or transfer. But cash in the
traditional form of currency and coins has the drawback that it cannot
be sent over the Internet or over the telephone to a friend or relative
or stranger as a loan, gift, or means of payment. (Of course one can pay
by credit card over the Internet, but this is not the same thing: unlike
with cash, the bank is involved in, and records, both sides of the
transaction.)

Cash should be no further away than the nearest mobile digital phone.
One should be able to send cash over the telephone (as can be done with
Mondex cards over specially equipped British Telecom phones), or
download cash from a bank account over the Internet and privately
transfer it to someone else around the world. Public payphones ought to
function both as Internet kiosks and ATMs for dispensing electronic
cash.

One of the main reasons for optimism concerning a role for smart cards
in making electronic cash possible is the simple fact the
telecommunications industry is already the largest user of smart cards.
But how smart cards should be imbued with the proper digital e-motion or
inscribed with the right Hayekian monetary "electronic markings" isn�t
always obvious.

What is a Smart Card?

Traditional credit and debit (such as ATM) cards store information on a
magnetic stripe, which is attached to the surface of the card. (Pull out
one of your own cards, and look at the back.) This stripe is composed of
three tracks: the first (airline) track holds up to 79 alphanumeric
characters, the second (banking) track holds 40 numerical digits, while
the third (financial transaction) track holds up to 107 numerical
digits. None of the three tracks has storage capacity for very much
information, and what information is recorded there is easily
overwritten by any device capable of erasing or recording magnetic tape.
Thus there is no way to securely store account balances or cryptographic
keys on a traditional magnetic stripe card. Such cards are simple "memo
ry-only" cards, without much memory.

Transaction cards contemplated for storing cash, by contrast, make use
of integrated circuit chips (hence the frequent designation "IC cards").
IC cards contain memory for data storage, and often also a processor for
making calculations (in which case they are called "smart cards"). Many
different but overlapping terms are used to refer to electronic cards.
Table 1 helps sort through the terminology.



------------------------------------------------------------------------
Table 1: Types of Electronic Cards


Card Type
Definition
  Access card
a machine-readable card used to gain computer access, physical entry, or
passage.Contact card
an IC card adhering to the ISO 7816 standard [21] for electrical
contacts (see Table 2).Contactless card
an IC card that allows energy to flow between it and the interfacing
device without contacts. Instead, induction or a high-frequency
radio-transmission is used. These are primarily used in transportation
applications, and adhere to ISO 14443.Dual Interface card
a combination of a smart card with contacts and a contactless card, all
on a single chip. Compare with hybrid card.Electronic purse
a reloadable card that stores value for small transactions.Electronic
wallet
an IC or smart card that can perform a variety of transaction and
identification functions, in addition to storing value.Hybrid card
a combination of a smart card with contacts on one chip, and a
contactless card on another chip, both in the same plastic card. Compare
with dual interface card.IC card
also integrated-circuit card, microcircuit card: a card containing one
or more embedded integrated circuits. Includes both memory cards and
smart cards.Memory card
an IC card that can store information but which lacks a microprocessor,
and hence cannot perform calculations.Multi-application card
also universal card: a smart card which can support different
applications, which may be provided by different parties.Optical card
a memory card with a memory of several megabytes; the card is written
once, and the information cannot be erased. Most are used in health care
and follow ISO standards 11693 and 11694.Stored-value card
also prepayment card, cash card, decrementing-value card:
a card purchased complete with a stored value, which is decremented
whenever the card is used; more generally, any card (such as an
electronic purse or wallet) capable of storing value.
Smart card
an IC card with a microprocessor, so that the card is capable of making
calculations or decisions. Most adhere to ISO 7816.




------------------------------------------------------------------------


Smart cards used in the French banking system can authorize transactions
off-line when cardholders enter their PINs. A more recent application is
Mondex, which is an electronic wallet system that allows electronic
currency to pass from hand to hand without redepositing. Mondex cards
can also store several national currencies.

According to the European Commission there were 24 multi-application
(smart card) schemes operating in Europe at the end of 1996. [11] The
maximum limit of stored value on 19 of the cards was then less than 250
ECUs (now 250 euros). Some cards are used for very small value payments,
such as   or   of a euro cent for downloading a page from the Internet.
This allows journals that would otherwise be available only in printed
form in a distant library to offer copies of their articles on the World
Wide Web. But for this to happen, transactions costs have to be low, and
that requires electronic cash.

Smart cards are only now starting to gain acceptance in the U.S. Europe
has about 75 percent of the smart card market, North America about 4
percent, and the Rest of the World 21 percent. [4]

Proton is the largest distributor of smart cards, especially for banking
applications. The Proton smart card platform is used in 30 million cards
distributed by over 250 banks, and accepted by 200,000 terminals in 15
countries. Proton was created by Banksys, the Belgian electronic funds
transfer and security specialist. Users include American Express, ERG (a
public transport smart card company), Interpay Nederland, and Visa
International.

Smart Cards and the Money Supply

Currently in the U.S., there are no restrictions on who can issue
electronic money. In many respects, as noted by Osterberg and Thomson
[25], the monetary value that circulates on such cards functions a lot
like the private bank notes issued by nationally chartered banks after
the National Banking Act of 1864, up to the founding of the Federal
Reserve in 1913. However, their analogy is a little misleading, because
non-banks may issue electronic money also. There is no monopoly held by
a special category of commercial banks or other financial institutions
(and even if there were such a regulatory monopoly, the regulations
could not be generally enforced without driving the electronic currency
market offshore).

In Europe, under the regulations of the European Central Bank, the
minimum bank capital requirement is 5 million euros, while the proposed
requirement for electronic money issuers (which are classified as credit
institutions) is 500,000 euros. Banks have a minimum own funds
requirement of 8 percent, while the proposed figure for electronic money
issuers is 2 percent. This means that electronic money issuers must hold
own funds equal to 2 percent of the amount of unredeemed e-money,
subject to a minimum of 500,000 euros. [11]

The bulk of the funds obtained by issuing e-money, of course, is used to
buy interest-bearing assets. The interest earned from these assets is
the e-money issuer�s profit once expenses have been covered.

Technically, "electronic money" is defined by the European Commission as
"monetary value which is;
i.stored electronically on an electronic device such as a chip card or a
computer memory;
ii.accepted as means of payment by undertakings other than the issuing
institution [note that this would omit, say, ATT phone stored-value
cards which were only accepted by ATT];
iii.generated in order to be put at the disposal of users to serve as an
electronic surrogate for coins and banknotes; and
iv.generated for the purpose of effecting electronic transfers of
limited value payments."

This shall serve us as a fairly good definition. But note that by
"limited value" payments, I have in mind a few thousand dollars, rather
than a few hundred.

Current systems in use are basically either float systems or token
 systems. Float systems are much like traveler�s checks�a type of
prepaid promissory system. You purchase electronic cash from a bank, and
the bank keeps your payment in a special float account to meet its
obligation when the cash is spent. All transactions may be audited. Visa
Cash is a float system. Token systems operate more like physical cash.
Person-to-person transfers are possible (as with Mondex), and there is
no settlement or audit process except at the time value is transferred
into or out of the banking system (just as currently occurs when
physical cash is deposited with or withdrawn from a bank).

In either case, the primary attraction of electronic cash for an
organization that issues it is the interest earned on the unused cash
stored on its customers� cards. On the user side, merchants may realize
a savings from the costs otherwise associated with handling physical
cash and processing transactions. And non-business users can acquire
mobility and convenience without giving up the privacy aspects of
physical cash. That, at any rate, is the goal. Reaching that goal
requires some work.

Inside a Smart Card

The basic parts of a smart card will be familiar to any personal
computer user. These include a Central Processing Unit (CPU), which
performs calculations; a Read-Only Memory (ROM), which stores the
operating system; Random Access Memory (RAM), which is used for
temporary storage while calculations are performed; Electronically
Erasable and Programmable Read-Only Memory (EEPROM), which stores data
(such as account balances or encryption keys) that will be regularly
changed; a Clock (which paces the rate at which instructions are
processed); and Input-Output (IO)  via contacts which interface with a
card reader (or, if the card is contactless, through induction or
high-frequency radio transmission).

A typical smart card might have an 8-bit CPU operating at 5 megahertz,
256 to 1024 bytes of RAM, 6 to 24 kilobytes of ROM, 1 to 16 kilobytes of
EEPROM, and perhaps an on-chip encryption module.

Back in 1986 smart-card maker Philips programmed the DES algorithm on a
chip, using less than 700 bytes to do so. A more recent example (1999)
is IBM�s Multi-Function Card (MFC/16K PKA) which has 16 kilobytes of
EEPROM, contains DES and triple-DES algorithms, allows for RSA key
generation (up to 2048 bits), implements the SHA1 hash algorithm, and
allows for DSA�as well as RSA�signatures. [19]

Some of the physical aspects of smart cards are shown in Table 2.



------------------------------------------------------------------------
Table 2: Smart Card Basics


Under ISO 7816, a smart card has eight electrical contacts [21]:

C1: Power supply (VCC)
C5: Ground (GND)
C2: Reset (RST)
C6: Programming voltage (VPP)
C3: Clock (CLK)
C7: Input/output (I/O)
C4: Reserved (RFU)
C8: Reserved (RFU)


A transaction between the outside world and the card involves the
following steps:

1. Activation of the contacts by the smart card reader
2. Resetting of the card by the reader
3. Answer-to-reset by the card
4. Optional selection of a protocol type
5. Processing of successive commands
6. Deactivation of the contacts by the card reader.

Input/output involves asynchronous characters transmitted in half-duplex
mode. Each character is ten consecutive bits: a start bit, eight data
bits, and an even parity bit. A short interval or "guard time" between
successive characters allows for synchronization in the transmission.

The contacts connect to the internal parts of a chip. These are
illustrated below:

CPU � �  ResetROM (operating system)� � � � [Memory Areas] &not     �
RAM (scratch pad)� � � � Input/OutputEEPROM/EPROM (non-volatile)� �
Clock



These are all contained in a single chip called a SPOM
(self-programmable one-chip microcomputer). Europay, MasterCard, and
Visa jointly created a set of smart card specifications (EMV �96) based
on ISO 7816. [8] [9] [10] Visa then developed a specification based on
EMV. [28]



------------------------------------------------------------------------

In Table 2, notice contact C7, input/output (IO). This can be thought of
as the smart card�s serial port. Information is transferred into, or out
of, the smart card here, one bit at a time. The data packets through
which smart cards talk to the outside world are called Application
Protocol Data Units (APDU). The structure of these is defined by ISO
7816. An APDU is either a command sent to the smart card, or a reply
from the smart card. The terminal, which always initiates communication,
is the master and the smart card is the slave. The communication
interface is half duplex, typically operating at 9600 baud. (Half duplex
means that the card and the terminal take turns sending signals to each
other.)

C1 and C5 (supply voltage and ground) are used to power the card. Power
is supplied by the card terminal (card reader). In the EMV �96
specifications, the supply voltage is 5V, plus or minus a half volt.
(When you see an article in a Usenet hacking group that explains how to
"hack" a card using 21 volts, you are being conned. That level voltage
may fry the card. Such articles are posted by smart card manufacturers
and pranksters.) C6, external programming voltage, is rarely used
anymore.

Multi-Application Operating Systems

Stored in a smart card�s ROM is the operating system. Just as a personal
computer may run on DOS, or Windows, or Linux, so must a smart card  a
credit-card sized computer  also have an operating system (OS). The OS
is burnt into ROM (a process called "masking").

Even though virtually all smart cards adhere to the ISO 7816 standard,
the smart card operating systems themselves are usually proprietary (one
example is MPCOS which is patented by Gemplus). But that means that most
smart card applications have limited scope, because an application
developed for one operating system won�t work on the one next door. And
it isn�t just a "Windows vs. Linux" debate: around the world up to a
hundred proprietary systems are in use.

Thus creating low-cost smart cards that handle more than one
application�such as simultaneously acting as a banking and
identification card, while giving mobile phone access�represents a
daunting task, but one that is necessary if smart cards are to be widely
utilized by the general public.

There are various ways to deal with this problem: create common
standards for operating systems; create a common interface between
applications and operating systems; or adopt an operating system that is
already in widespread use. At the moment, all of these solution paths
are occurring simultaneously.

Java Card. Java Card is produced by JavaSoft, a division of Sun
Microsystems. Java Card is a specification, not an operating system.
Like the programming language Java, Java Card uses an interpreter
(called a Java Card "virtual machine") that sits between an application
(called an "applet") and the card operating system. A smart card
application programmed in Java Card thus can run on different
proprietary systems through the Java Card virtual machine interface,
which is burnt into ROM along with the operating system. The Java Card
specification is supported by companies like Bull, IBM, Motorola,
Toshiba, and Visa.

Java Card programs are written in Java, but not all features of the Java
Language Specification are supported. Java Card is compatible with ISO
7816 and the EMV financial standards. Two claimed drawbacks to Java Card
are that it requires faster processors and more memory than many smart
cards currently have. The Java Card 2.0 specification has a minimum
system requirement of 16 kilobytes ROM, 8 kilobytes EEPROM, and 256
bytes of RAM. [29]

MULTOS. MULTOS stands for multi-application operating system. It was
originally developed by Mondex, then transferred to MAOSCO, whose
members include smart card manufacturers Gemplus, Hitachi, Keystone,
Motorola, and Siemens-Nixdorf. The intent was to make MULTOS an open
standard. Financial organizations supporting MULTOS include American
Express, Discover Novus, EuroPay, and MasterCard.

One implementation of MULTOS (version 4.02) has been done by Keycorp
Limited (Australia) using the Siemens SLE66 chip with a 8051 CPU core
along with a math coprocessor. According to a Keycorp press release,
"Keycorp�s MULTOS implementation, which was developed in Australia,
supports the ISO 7816 and EMV standards as well as the Mondex electronic
purse, and is being certified to the ITSEC E6 security level � the
highest possible security level for computer systems. The 4.02
implementation has two significant features that distinguish it from
earlier versions of MULTOS: memory recovery, which allows application
space to be re-used when applications have been deleted; and secure
inter-application communication, which enables applications to work
together while maintaining privacy." [22]

MULTOS applications are written in the MULTOS Executable Language (MEL),
an assembly language. Alternatively, they can be written in C and
compiled into MEL. The operating system is held in 32k of ROM, while 16k
of EEPROM is sufficient for applications.

Smart Card for Windows. Microsoft entered the picture in October 1998,
with its Smart Card for Windows operating system for Win32-based
platforms, based on the existing PC/SC standard [6] for integrating
smart cards with personal computers. Windows 2000 (i.e., the successor
to Windows 98) will include a smart card as a standard part of the
Windows package. Microsoft�s plan is to load "blank" smart cards with
the card operating system, and the user will then download the
applications he wants from the Internet.

Smart Card for Windows is an 8-bit multi-application operating system
for smart cards with 8k of ROM. Applications may be written in Visual
Basic or Visual C++. Microsoft claims that "cards developed using Smart
Card for Windows are expected to cost $2-$4 each, compared to the $15 or
so it costs for a typical Java Card or MULTOS card." [24]

The OpenCard Framework

In addition to standards for card operating systems, there need to be
agreed standards for the software applications that use smart cards as
part of the system. Applications talk to card terminals (also referred
to as "card readers" or "card acceptance devices"), which in turn read
data from and write data to smart cards. Examples of terminals include
card readers attached to a personal computer, readers integrated into
vending and ATM machines, readers attached to GSM mobile phones, and
hand-held readers with their own small LCD screen. If one wants to be
able to download smart card applications from the Internet, then�under
an open system�neither the card terminal nor the issuer of the card that
the applications will use will necessarily be known in advance.

The primary general framework for applications is the OpenCard Framework
. The OpenCard Framework is a set of open standards that apply to the
software application that runs on the card terminal or on a workstation
providing the interface to the card terminal (by contrast, say, to Java
Card or MULTOS, either of which runs on the smart card itself). The goal
of the OpenCard Framework is to allow successful applications to be
written which are independent of the card terminal vendor, the card
operating system provider, or the card issuer. [20]

The OpenCard Framework was developed by IBM, Netscape, NCI, and Sun
Microsystems specifically to integrate smart cards with network
computers and other card-using devices such as point-of-sale terminals
and personal computers. It supplies standardized application programming
interfaces (APIs). The reference implementation is written in Java, but
the specifications can be implemented in other object-oriented
languages, such as C++.

An application program talks to the card terminal and the card itself
through the ISO 7816-defined data packets called Application Protocol
Data Units (APDU), which were mentioned previously. The program sends
commands with an onion structure. First, the command must be one the
card supports, such as "generate a 1024-bit RSA key." This is wrapped
inside an ISO command packet that tells the terminal how to talk to the
card. Then the ISO command packet is wrapped inside an OpenCard-based
packet for communicating with the card reader.

Smart Card Security

Let�s now return to the internal structure of a smart card. To prevent
counterfeiting or misuse, a smart card relies on the access to the data
residing in EEPROM for its own internal applications being controlled by
a secure operating system residing in ROM. The EEPROM data might include
a newly generated 1024-bit RSA key, or updateable information about the
cardholder (if the card is used for identification), or the current cash
balance on the card, while the secure operating system might include ROM
cryptographic routines.

If one could change the authentication information on a card�by altering
the RSA key or the identification information�then one could masquerade
as another person. If one could change the cash balance on a card, then
one could rip-off merchants or the card issuer.

A well-designed card system will involve various security measures. The
smart card may authenticate the card holder through a password (or
passwords) stored in EEPROM. The user must enter the correct password
before the other functions of the smart card chip are unlocked.

The card may authenticate the card reader (the external world) by
generating a random number and sending it to the reader. The reader has
to encrypt the random challenge with a shared encryption key and return
the result to the card. The card then compares the returned result with
its own encryption before agreeing to communicate with the reader.

The card reader (the external world) may also authenticate the card�s
identity by sending a random challenge (number) to the card. The card is
then required to sign the number with its own private key (of a private
key/public key pair) and return it to the external world for
verification.

The integrity of data exchanged between the card and the outside world
can be verified through a MAC (message authentication code). The MAC is
a number that is calculated based on 1) the data itself, 2) an
encryption key, and 3) a random number. If data has been altered (for an
y reason, including transmission errors), the MAC will not verify.
Alternatively, if the chip has sufficient memory and processing power,
the data can be verified through a digital signature.

Some important advances in applied cryptography have been smart-card
driven. The digital-signature algorithm (DSA) recently adopted by the
U.S. government, and now widely used around the world, is based on the
concept of a Schnorr signature [27], which was first announced as a
smart card application. (Most smart cards currently implement RSA
signatures, however, preferring to conserve resources through the use of
the Chinese Remainder Theorem. [26])

Alongside interoperability, security is a leading smart card issue.
Before one contemplates storing $50,000 on a smart card [15], one needs
to think a lot about security. Attacks on security can take the form of
attacks on the smart card�s software or hardware, or both
simultaneously. Is it possible to create tamper-proof, or at least
tamper-resistant, modules?

That tamper-resistance is more difficult that it looks was shown by Ross
Anderson and Markus Kuhn, who cracked the Dallas DS5002FP Secure
Microcontroller, described at the time by one European signals
intelligence agency as the most secure processor available on general
sale. The processor is Intel 8051 compatible and is used in financial
transaction terminals and pay-TV access systems.

"The attack requires only a normal personal computer, a special read-out
circuit built from standard electrical components for less than US$100,
and a logic analyzer test clip for around US$200. It was performed in a
student hardware laboratory . . ." [1]

They created a protocol attack, which exploits the fact that one of the
chip�s block ciphers operates on 8-bit blocks. Anderson and Kuhn were
able to brute force (i.e. find the encryption key by trying every
possible variation) the encrypted data by matching inputs and outputs
from the card in a complex way they describe in detail.

Protocol failure is one problem. Another paper [2] also discusses
differential fault analysis, chip-rewriting attacks, and memory
remanence attacks.

An example of differential fault analysis might entail subjecting a chip
which runs at 5 megahertz to small bursts of 20 megahertz. The clock
frequency (contact C3, in Table 2) speedup would be applied with the
intention of making the chip skip or improperly execute an instruction
as the chip is running through a program sequence. Ross and Kuhn
illustrate with examples involving RSA and DES.

Chip rewriting attacks involve identifying specific memory cells in ROM
or EEPROM and altering their contents. Single bits in ROM can be
overwritten with a laser cutter microscope, while those in EEPROM can be
altered through two microprobing needles. Of course, the information
garnered this way has to be worth the effort  but it may be if it gives
access to the right computer or building or bank account.

When values have been stored in computer memory for a long period of
time, it is virtually impossible to erase them without leaving magnetic
traces that can be used to recover the values. This is the basis of
memory remanence attacks. Many banks have ATMs with a security module
developed by IBM and revised by VISA. Inside the security module are
key-encrypting ("master") keys. These keys are used to encrypt PIN keys
as well as other encryption keys, such as the encryption keys used to
communicate with other banks. If the security module is opened under the
wrong circumstances, it erases these master keys. But this erasure isn�t
really secure, since there are now well-known techniques for recovering
the original values. (The same, of course, applies to any computer hard
disk that has stored the same information in the same place for a period
of time.)

All of these attacks assume the encryption algorithm itself is secure.
But that may not be true. The encryption cipher used in the SIM
(subscriber identification module) in GSM (mobile) telephones was
cracked in a day by two researchers at the University of California,
Berkeley. The SIM is a small smart card with encryption functions which
stores subscriber-specific information separate from the phone itself.

It is important to keep the security issues associated with smart cards
(and hence with money stored in, or accessed by, smart cards) in
perspective. Paper money, such as U.S. currency, for example, is easily
counterfeited (despite the recent rash of security�as well as
surveillance�measures added to various dollar bill denominations). That
counterfeiting doesn�t take place more often is due to the great
resources of the U.S. Secret Service�an enforcement arm of the U.S.
Treasury. Smart card cash issuers don�t have these same resources. A
start-up operation will not benefit from the huge cash flow that
seigniorage grants the U.S. Federal Reserve (seigniorage being the
difference between the cost of issuing currency and the interest earned
from the government bonds purchased with it). Thus, living on a limited
budget, creators of private currencies have to approach security with
applied intelligence.

Smart Card Legal Issues in the U.S.

The U.S. likes to regulate everything, from electronic funds transfer to
unclaimed property. U.S. laws have had a dramatic impact on the
availability of smart cards which store and transact monetary value. We
now consider two examples in detail. These will make the point that
banking regulation, while marketed as consumer protection, can operate
to maintain the government�s money-supply monopoly by imposing
dead-weight costs (such as extensive record-keeping for the convenience
of the government) that make competition by private currency issuers
unprofitable.

Regulation E. The Federal Reserve�s Regulation E implements the
Electronic Fund Transfer Act (EFTA) of 1978. Under the guise of consumer
protection, Regulation E requires various disclosures related to
electronic funds transfer, as well as advance notice of changes in te
rms, transaction receipts, periodic statements, error resolution
procedures, limitations on consumer liability, and restrictions on
unsolicited giving of funds-transfer access-devices to consumers. On May
2, 1996, the Federal Reserve proposed to extend Regulation E to stored
value cards. It would classify stored-value systems as "on-line",
"off-line accountable", or "off-line unaccountable".

On-line systems would be simple debit cards where accounts balances are
stored in a central database, not on the card, and communication with
the central facility is required for balance transfers. Off-line
accountable systems are ones in which balances are recorded on the card,
transactions do not have to be transmitted to a central facility to be
pre-authorized, but where each transaction is stored and periodically
transmitted to a central facility. Off-line unaccountable systems are
those in which transactions are not pre-authorized, transactions are not
traceable to a particular card, and the card�s value is only recorded on
the card itself.

The Fed proposes to make both on-line and off-line accountable systems
subject to Regulation E requirements on transaction receipts and dispute
resolutions if the maximum value that can be loaded is greater than
$100, but exempt if the maximum value is $100 or less. Off-line
unaccountable systems allowing values greater than $100 would be subject
to the Regulation E requirement on initial disclosure, but would be
totally exempt with respect to payment transactions. On-line systems
allowing values greater than $100 would have to meet all requirements of
Regulation E, except for periodic statements, provided an account
balance and account history is available on request.

The Fed�s proposal would thus seem to eliminate on-line anonymous
systems (because of the transaction history requirement), but would
allow for off-line anonymous systems under the "off-line unaccountable"
option--as long as account withdrawals were recorded.

Other banking questions concerning seigniorage and whether stored value
is a bank deposit are discussed in another article. [14]

Escheat. Escheat has to do the state taking over "abandoned" property
 property in which there is no person legally qualified to claim or
inherit. Most states have adopted some form of the Uniform Unclaimed
Property Act, which empowers the state to seize "dormant" or unclaimed
property such as bank accounts after some period of time. Stored value
cards are much like traveler�s checks, whose value may be seized after
fifteen years if the checks have not been used. Bank accounts are
usually declared dormant after five years.

The state that has jurisdiction is the state in which the owner of the
unclaimed property maintains his address, if this address is known. If
the address is not known, then the state in which the funds issuer is
incorporated has jurisdiction.

"Property" includes "intangible personal property" and is defined
broadly enough to appear to include many, if not all, stored value
products. Example: Customer pays retailer $100 for a closed system,
stored value card, uses the card once ($10 purchase) and does not use
the card again for the dormancy period. For unclaimed property purposes,
retailer is a "holder" and customer is the "owner" of a $90 performance
obligation. The retailer/holder must comply with the reporting, notice
and delivery requirements of the state statute.

Reporting requirements vary by state, but in general the holder must
report the name and last known address of the apparent owner of each
item of property over a particular value (no specified amount in New
York, $25 for the Uniform Act and California, $50 for Texas and
Delaware, and $100 for Massachusetts). For items under the specified
amount, the holder can report the value in aggregate.

At the time the report is filed, or up to six months thereafter
depending upon the state, the holder is required to deliver the property
[$90 in the example] to the state, as "custodian" for the owner, at
which time the holder is freed from further liability. The Uniform Act
and other state statutes, however, require the holder to maintain
available records for such property for up to 10 years after it has been
reported.

Which state has jurisdiction? If address of owner is known: the State of
the owner. Texas v. New Jersey, 379 U.S. 674 (1965). If address of owner
is not known: the state of incorporation of the holder. Delaware v. New
York, 113 S. Ct. 1550 (1993).

"Anti-cheating" provisions preclude creative efforts to avoid statutes.
For example, contract between owner and holder that property reverts to
holder upon failure to use or at an expiration date is generally void.
Penalties -- Most unclaimed property statutes provide for penalties for
the failure to report unclaimed property as abandoned or comply with the
statute's provisions. Under the Uniform Act, a holder must pay an
interest penalty (T-Bill rate plus 10%) on the unclaimed property from
the time it should have been reported. If the failure to report or
comply with the statute is willful, the penalty is 25% of the value of
the property plus $100/day for each day the report is late up to $5,000.
Texas and California authorize jail terms of up to six months, and
California imposes an additional penalty of $500 per day for a failure
to keep records on traveler's checks or money orders. [7]

The record-keeping provisions of escheat laws are contrary to the whole
spirit of low-cost transactions envisioned by electronic money.

The existence of U.S. barriers to competition like the ones considered
here partly explains why smart card-based financial transactions have
proven to be a resounding success in Europe, but have only recently
begun to penetrate the U.S. market.

The Future of Electronic Money

This article has highlighted some of the technical issues in creating
electronic money via smart cards. The standardization of technology will
go a long way to harmonizing the look and feel of smart-card-based
monetary transactions. This standardization may involve such apparently
simple, but actually complicated, issues as the fact that mobile phones
operate on 3 volts. Hence there is a push to change the voltage on smart
cards from 5 volts to a wider range of 3-5 volts, in order to eliminate
the charge converter when smart cards are used in mobile phones. The
latter represent the ultimate non-stationary ATMs for electronic cash.

Relevant information about the value of private electronic money from
one issuer versus another will be instantaneously transmitted by
electronic telecommunication. And just as with Citibank or American
Express traveler�s checks, electronic money that does not trade at or
near par will quickly be abandoned altogether. Electronic money
inflation will be quickly and severely penalized. (*)



------------------------------------------------------------------------

(*) A paper by Arthur J. Rolnick, Bruce D. Smith, and Warren E. Weber of
the Federal Reserve Bank of Minneapolis discusses the discounting of
private bank notes during the 1800s. The authors ask that the paper not
be cited or quoted, but you can find it on the Web here.



------------------------------------------------------------------------

But more is needed. Much, much more. The whole objective is to
denationalize money, to decentralize it, to put it beyond the control of
regulatory authorities who operate to maintain a government or central
banking monopoly, to create mobile network banks that do not become
sitting targets for Big Brother information collectors, to distribute
private currency operations in such a way that they can be said to exist
in no single political or legal jurisdiction�or for that matter cannot
be said to exist in any jurisdiction. Electronic monetary transactions
will take place out there, somewhere in cyberspace, unobserved by third
parties. The intent is to deliver an honest service at an honest price,
and to give the user of the system complete privacy.

This goal isn�t radical. It is in fact just a simple characterization
(with extensions) of information flow through the Internet. Legal
frothing does not alter the basic truth that "(a) financial services are
information commodities and (b) public computer networks offer a fast,
cheap way to trade information" [3].

Recently, the Financial Crimes Enforcement Network (FinCEN), the agency
of the U.S. Treasury that administers the Bank Secrecy Act (BSA), put
forth a proposal to amend BSA regulations so as to define certain
issuers, sellers and redeemers of "stored value" as "money services
businesses" (MSBs). The proposal would require all MSBs to register with
the Department of the Treasury and maintain certain information for
possible Treasury review. In other words: more fixed costs and Big
Brother invasion of financial privacy. The objective of a good
electronic money system is to put FinCEN and similar government
financial information collectors out of business.

But Hayek�s dream of competing currencies will only be realized by
engineers and economists who are not hamstrung by the Luddite Austrian
vision of economics without mathematics or by the neolithic nightmare
schemes that envision all financial transactions being conducted by gold
or silver coins. People who waste their time blabbing about "the need
for a gold standard" don�t seem to realize that Bretton Woods broke down
because government gold agreements don�t work. [16]

Austrian economics has a fine tradition of concern with individual
freedom, but just because von Mises couldn�t do modular math doesn�t
mean it�s not important. Even Hayek didn�t live long enough to learn how
to do digital signatures, but the world and technological progress
didn�t end with Hayek.

Gold coins are a great thing�at a minimum they represent an alternative
competing currency all by themselves. But they don�t help much in
effecting transactions at a distance or in minimizing transactions
costs. The gold market itself is organized electronically. [17]

And the gold standard? Forget it: the objective is to get the government
out of the process. And if you argue that government is not necessary
for a gold standard, then quit bitching and create one privately. That�s
what private currencies are all about: if you have a better idea, then
implement it and sell it to others.

Private currencies are on their way. And smart cards are an important
part of that process.

Bibliography

[1] Anderson, Ross and Markus Kuhn, "Tamper Resistance--a Cautionary
Note," in The Second USENIX Workshop on Electronic Commerce Proceedings,
Oakland, CA, Nov. 18-21, 1996.

[2] Anderson, Ross and Markus Kuhn, "Low Cost Attacks on
Tamper-Resistant Devices," manuscript undated.

[3] Berentsen, Aleksander, "Supervision and Regulation of Network Banks
," First Monday, Vol. 2, No. 8, August 4, 1997.

[4] Birch, David G.W., "Smartcard Futures  An Overview of Key Trends and
Technologies," Hyperion Systems, Oct. 28, 1998.

[5] Browne, F.X., and David Cronin, "Payments Technologies, Financial
Innovation, and Laissez-Faire Banking," Cato Policy Journal, Vol 15, No
1 (Spring/Summer 1995).

[6] Bull CP8, et. al., Interoperability Specification for ICCs and
Personal Computer Systems, December 1997.

[7] Burke, John L., Jr., "Legal and Regulatory Implications of Advanced
Card Programs," presented at the Financial Applications Seminar of
CardTech/ SecurTech, May 16, 1996, Atlanta, Georgia.

[8] Europay International, MasterCard International, Visa International,
EMV �96: Integrated Circuit Card Specification for Payment Systems,
Version 3.0, June 30, 1996.

[9] Europay International, MasterCard International, Visa International,
EMV �96: Integrated Circuit Card Terminal Specification for Payment
Systems, Version 3.0, June 30, 1996.

[10] Europay International, MasterCard International, Visa
International, EMV �96: Integrated Circuit Card Application
Specification for Payment Systems, Version 3.0, June 30, 1996.

[11] European Commission, "Explanatory Memorandum" (on the business of
electronic money institutions), July 29, 1998.

[12] Federal Deposit Insurance Corporation, "General Counsel�s Opinion
No. 8--Stored Value Cards," by William F. Kroener, III, General Counsel,
FDIC, July 16, 1996.

[13] Grabbe, J. Orlin, "Cryptography and Number Theory for Digital Cash
," October 10, 1997.

[14] Grabbe, J. Orlin, "Digital Cash and the Regulators," The Laissez
Faire City Times, Vol 2, No 3, Jan. 1998.

[15] Grabbe, J. Orlin, "The End of Ordinary Money, Part II: Money
Laundering, Electronic Cash, and Cryptological Anonymity," April 1995.

[16] Grabbe, J. Orlin, International Financial Markets, 3rd Edition,
Prentice Hall, Englewood Clifss, NJ, 1996. ISBN 0-13-206988-1.

[17] Grabbe, J. Orlin, The Gold Market, Parts 1-6. Part 1. Part2. Part3.
Part 4. Part5. Part6.

[18] Hayek, Friedrich A. von, Denationalisation of Money: An Analysis of
the Theory and Practice of Concurrent Currencies, The Institute of
Economic Affairs, Lancing, 1976.

[19] IBM, "IBM Smart Card Solution Elements: Technical Overview," July
1997.

[20] IBM, "OpenCard Framework: General Information Web Document,"
October 1998.

[21] International Organization for Standardization (ISO), ISO 7816.

[22] Keycorp Limited, "Keycorp leads the world with MULTOS 4.02," press
release, Sidney, Jan. 12, 1999.

[23] Office of the Comptroller of the Currency, "
Interpretations--Conditional Approval #220," published in
Interpretations and Actions, December 1996.

[24] Microsoft Corporation, "Smart Card for Windows: Backgrounder,"
1998.

[25] Osterberg, William P., and James B. Thomson, "Bank Notes and Stored
Value Cards: Stepping Lighly Into the Past," Economic Commentary,
Federal Reserve Bank of Cleveland, Sept. 1, 1998.

[26] Schneier, Bruce, Applied Cryptography, Second Edition, John Wiley &
Sons, New York, 1996. ISBN 0-0471-11709-9.

[27] Schnorr, C.P., "Efficient Signature Generation for Smart Cards",
Journal of Cryptology, vol. 4 no. 3, 1991.

[28] Visa International, Visa Integrated Circuit Card (ICC)
Specification, Version 1.3.1, May 31, 1998.

[29] Zhiqun Chen (with special contribution by Rinaldo Di Giorgio), "
Understanding Java Card 2.0," Java World, March 1998.



------------------------------------------------------------------------

J. Orlin Grabbe is the author of International Financial Markets, and is
an internationally recognized derivatives expert. He has recently
branched out into cryptology, banking security, and digital cash. His
home page is located at http://www.aci.net/kalliste/homepage.html .

-30-

from The Laissez Faire City Times, Vol 3, No 12, March 22, 1999

------------------------------------------------------------------------
Published by
Laissez Faire City Netcasting Group, Inc.
Copyright 1998 - Trademark Registered with LFC Public Registrar
All Rights Reserved

Disclaimer
The Laissez Faire City Times is a private newspaper. Although it is
published by a corporation domiciled within the sovereign domain of
Laissez Faire City, it is not an "official organ" of the city or its
founding trust. Just as the New York Times is unaffiliated with the city
of New York, the City Times is only one of what may be several news
publications located in, or domiciled at, Laissez Faire City proper. For
information about LFC, please contact [EMAIL PROTECTED]
-----
Aloha, He'Ping,
Om, Shalom, Salaam.
Em Hotep, Peace Be,
Omnia Bona Bonis,
All My Relations.
Adieu, Adios, Aloha.
Amen.
Roads End
Kris

DECLARATION & DISCLAIMER
==========
CTRL is a discussion and informational exchange list. Proselyzting propagandic
screeds are not allowed. Substance�not soapboxing!  These are sordid matters
and 'conspiracy theory', with its many half-truths, misdirections and outright
frauds is used politically  by different groups with major and minor effects
spread throughout the spectrum of time and thought. That being said, CTRL
gives no endorsement to the validity of posts, and always suggests to readers;
be wary of what you read. CTRL gives no credeence to Holocaust denial and
nazi's need not apply.

Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://home.ease.lsoft.com/archives/CTRL.html

http:[EMAIL PROTECTED]/
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]

To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]

Om