this is similar to the problem with identity x.509 certificates that EU financial institutions identified in the early 90s .... and resulted in EU (as well as other) financial institutions migrating to relying-party-only certificates in the mid-90s (i.e. effectively containing only an account number and a public key).
also in the mid-90s ... the EU has some dictate that retail point-of-sale electronic transactions should be as anonymous as cash. there was then some push to have "names" taken off of payment cards for point-of-sale transactions .... leaving only the PAN (not just chip-cards ... but all retail, point-of-sale cards). of course, the relying-party-only certificates with just PAN and public key .... resulted in mainly online transactions; however it was trivial to show that relying-party-only certificates are redundant and superfluous in online transactions .... since the relying-party will also be the issuing party and therefor have the public key onfile at the relying/issuing party. a traditional ISO 8583 payment transactions (upgraded to include an appended digital signature) coming into a issuing/relying party ... will have a PAN ... looking up the account number ... and being able to retrieve the public key from the account record. this makes the public key carried in an appended relying-party-only certificate redundant and superfluous .... since the only other information in the relying-party-only certificate is the PAN ... which is carried in the 8583 transaction itself, this makes the whole relying-party-only certificate also redundant and superfluous. the other issue with redundant and superfluous relying-party-only certificates that various of the payment pilots of the mid-90s that had relying-party-only certificates .... was that the typical redundant and superfluous relying-party-only certificate could be approximately two oders of magnitude (100 hundred times) larger than the base 8583 payment transaction itself. the result was an enormous payload bloat (of 100 times) to append a redundant and superfluous relying-party-only certificate to a typical 8583 payment transaction similar thread in this mailing list earlier this spring: http://www.garlic.com/~lynn/aadsm17.htm#12 A combined EMV and ID card http://www.garlic.com/~lynn/aadsm17.htm#13 A combined EMV and ID card at 9/17/2004 10:50 pm, anders wrote: In Sweden banks are combining the EMV payment application(s) with a separate identity application using PKI. The reasons are obvious, one card does it all. The drawback is that the card holder's identity including social security numbers etc. is available for any merchant terminal to read if they want, as the public keys (certificates) are not protected by PIN codes etc. If they were protected the card would be incompatible with existing software and become harder to use so that is not an option. I would like to hear if anybody have heard of similar efforts in other parts of the world. Anders Rundgren -- Internet trivia, 20th anv: http://www.garlic.com/~lynn/rfcietff.htm
