91av

Banking on electronic money

Imagine a world where no one remembers what purses were for, money is just an icon on the computer screen, and the First Bank of Microsoft knows what you ate for lunch. Explores the frontier territory

“WELCOME to the Digicash home page,” screams the bold text on the computer screen. Click on any of the icons and a list of goods and services appears, each with its own brightly coloured logo. There’s Encyclopaedia Britannica offering information searches, a Dutch author selling samples of his “lifestyle” book, and Ricky’s Junk Shop hoping to sell anything that people might find interesting. Click again with your mouse and you are now shopping on the Internet.

A little golden counter at the top of the screen shows your money draining away as you buy whatever takes your fancy and your cash is transferred electronically, in total privacy and security, to whomever you are doing business with. You can even give your money away. An appeal from the Samaritans in Cheltenham, in the west of England, asks for digital money to help with the town’s social problems. Decide to make that generous donation of a few Digidollars and a prompt asks whether you wish to remain anonymous or leave your electronic address so that you can receive a digital thank-you note for your kindness.

Spend! Spend! Spend!

If you’ve already been out there spending electronic money then you are one of 5000 pioneers who are taking part in the first public trial of a totally electronic currency. Digicash is the brainchild of David Chaum, a former professor of computing at Stanford University in California who now runs the Digicash company from his new home in Amsterdam. The million digi-dollars he distributed to get the trial going are not real money in the sense that they can be converted back into guilders, pounds or dollars. But they can be used to buy goods and services from the 50 companies that agreed to join in the trial. If the scheme proves successful, then Digicash will be in the running to establish the first global electronic currency.

Digicash may be first but there will soon be plenty of others with their own version of electronic cash. The prize is enormous. Sitting there now are millions of Internet users, all of whom might like to buy something straight from the screen. It is a vast market worth billions, but, perhaps more importantly, it is a whole international electronic economy in the making.

Business is beginning to recognise the potential. Companies large and small have been teaming up with big banks to develop secure ways of sending payments over the Internet and other computer networks. The first out of the starting gate was First Virtual Holdings working with a subsidiary of General Motors. For a year now, the partners have allowed users to make payments backed by credit cards. The software giant Microsoft is developing secure payments systems in league with Visa. With Microsoft’s marketing clout this is a partnership to be reckoned with. Then there’s Cybercash of Vienna, Virginia, which has its own e-money nearly ready to test along with the Wells Fargo Bank. Not to be left out of the action, Mastercard and Bank of America have joined forces with Netscape, the World Wide Web sofrware designer, to pioneer a secure payment system. And in Britain, the National Westminster and Midland Banks are preparing to set customers loose with their Mondex smart card e-money system in Swindon, Wiltshire.

Depending on what happens, and who you talk to, these technologies and others like them could deeply affect not only our finances, but also our freedom. If every electronic transaction can be recorded, some day soon tax returns will disappear – the authorities will know everything about you and simply debit your account with what you owe. If that scares you, think about the problems at the other extreme: money launderers, drugs barons and other criminals could have a field day with totally anonymous, untraceable e-money. On the far horizon, e-money could largely replace paper money. When and if that happens, governments might lose some of their hold on their own currencies as capital effortlessly migrates from country to country.

But back in the real world, the companies involved have a lot of problems to solve to make those electronic transactions securely and at very low cost. Suppose you wanted to buy a sophisticated piece of software costing the local equivalent of several hundred pounds. At the moment, you’re likely to have to trudge down to the computer shop because there is no way to download it from the Internet without sending your credit card number over a network that passes through thousand computers – and that is risky.

Then again, you might be a poet who would like to make a few pounds charging a penny a poem. But there’s no cheap way to collect small amounts of money from poetry lovers, so you either give it away or forget the whole thing.

There are lots of different ideas, and each of the companies has its own unique twist. But, overall, two main approaches to electronic transaction are emerging – credit card charges and e-money.

First Virtual depends on credit card charges. You give First Virtual your credit card number, and it gives you an identification number. Then, if you want to make a purchase, you send the ID number to the merchant, who forwards it to First Virtual. After you have confirmed by e-mail that you really do want to buy the goods, your credit card is charged in the normal way. Naturally, the Microsoft/Visa scheme will also depend on credit cards. They are designing software that lets you encrypt your credit card number and send it to the authorised merchant, who would decrypt the number and make the charge himself. But schemes based on credit cards have some obvious drawbacks: they only work if you have a credit card, they tie you in to the credit card supplier, and they cost the vendor money, making them unsuitable for low-value transactions.

Enter the digital equivalent of notes, coins and purses, which are being tested in several European countries. Banks in Portugal, France and Belgium are running electronic cash schemes. Customers are given a smart card – a piece of plastic the size of a credit card containing a computer chip – which can be used to buy goods in conventional shops. Every time a purchase is made by placing the card through a card reader in a store, some of that credit is transferred to the store. To stop people cheating, the bank keeps track of all transactions on a central computer.

The British foray into the electronic cash market, Mondex, is being run by the National Westminster Bank, and Midland Bank working alongside BT. It works slightly differently, with electronic data representing the money in your purse or in your bank account, which can be taken out and put in someone else’s purse or bank account (a friend’s or one belonging to a business). Instead of trying to track every transaction to avoid cheating, security is built into the microchip: each Mondex card has a unique chip which will accept instructions only from another Mondex chip.

Some critics have claimed that this approach leaves the chips open to reverse engineering, and the possibility of producing replicas. But Mondex claims that the cost of this process is huge, and is likely to be higher than the return.

While Mondex is testing the value of e-money in daily shopping, which may include Internet transactions, it was not designed specifically for network transactions. That has been left to Chaum to blaze the trail in this area. But he has faced one huge problem. Messages on the Internet are passed from computer to computer and there is little to prevent eavesdroppers listening in to financial transactions. To make electronic money secure and reliable, Chaum decided to use public key cryptography (see “Network Confidential”, 91av, 8 October 1994). These keys come in pairs – public and private – one that is kept secret and one that can be made known to anyone. One key can be used to encrypt a message and a second can decode it. Although it sounds contrary to common sense, the encrypting key cannot work in reverse and decrypt a message that it encrypts, and a decrypting key cannot work in reverse and encrypt a message that it can decrypt. These “one-way” processes are fundamental to Chaum’s scheme.

A customer opens an account with a bank, depositing paper currency. Whenever he wants to withdraw e-money, he uses his computer to generate a 100-digit serial number that will be used for his “electronic banknote” and gives it a denomination. He then uses his private key to encrypt the serial number and sends it to his bank. The bank uses its public key to decrypt the message. As only these two keys will work together, if the bank successfully decrypts the message, it knows that it must have come from a particular customer – the act of encrypting has added a unique “digital signature” to the serial number.

The bank then deducts the money from the account, signs the serial number with its own digital signature, and sends it back to the customer. The customer now has digital money. When the customer spends the money by sending the coded message to a merchant, the merchant simply checks the bank’s digital signature by decrypting the note using the bank’s public key. Successful decryption means the note must have been authorised by the bank, just as the colour and watermark of a bank note guarantees that paper money is genuine.

Of course, the nuts and bolts are invisible to the user: encryption and decryption algorithms are running when Digicash is being transferred electronically, but all that appears on the computer screen are icons. Unless you’re curious, you need never know how it is all done.

The big question is the impact of these schemes. It is easy to predict what will happen if electronic payment systems can be provided at a low cost: the Internet economy will take off into the stratosphere. Today, it costs several pence to clear a credit card transaction and around 50p to clear a cheque if you are a small business. That is fine if you are buying something that costs a lot, such as furniture or software. But if transaction costs can be brought down to a tiny fraction of a penny, suddenly it becomes feasible to pay for the information as you download it at a few pennies per item. Suddenly, the Internet would be a lot more attractive for information providers who want to capitalise on the market niches. And opening a shop on the Internet will cost next to nothing compared to renting a property in a high street.

But a multibillion dollar Internet economy is just the first step. If the visionaries are right, e-cash will transform every aspect of our lives. Take Digicash as an example. The “money” it gives out is not backed by real cash. It just circulates among a group of retailers who are willing to join in the experiment.

Imagine that you are a software author called Joe Hacker and you’ve got a pool of like-minded friends. You decide you are sick of central governments and start issuing “Hackers”, e-money which all your friends accept for selling software to one another. Pretty soon Hackers are in electronic circulation, along with perhaps hundreds of other home-made electronic currencies. Anyone who wants to could set up a money server, and people could decide whether the reputation of the server warranted accepting the cash at face value. Some cash from untrustworthy sources would be rejected, or accepted only at a discount. The First Bank of Microsoft’s e-dollar might become a sort of gold standard against which a lesser company’s e-dollar would be pitched at only 97 cents, while the Joe Hacker International Bank e-dollar might not be worth the bits it’s composed of.

Sounds bizarre? Impossible? In fact, the situation has interesting parallels with banking in 19th-century America, when individual banks were licensed to issue their own paper currency, according to Steven Horwitz, a professor of economics at St Lawrence University in New York who is interested in electronic payment. Those different currencies could be exchanged at rates that varied every day. Newsheets sprang up with lists of the discounts at which each currency was being offered, based on the financial soundness of the issuing bank.

Chaum hopes e-money could become similarly interchangeable at a global level. Easy to convert into any of the national currencies, it would remove the trouble and expense of constantly converting currencies back and forth while doing business internationally.

Power to the people

More dramatically, Horwitz believes that e-money might also undercut national institutions such as the US Federal Reserve, which are jealous of their power to issue money. That threat to national power is likely to encourage governments to attempt to severely regulate e-money: “Any time there is a new financial instrument, people are afraid. But technology moves faster than governments can,” says Horwitz.

As technology changes our concept of money, it could also change our concept of what makes a bank. Eric Hughes, a financial systems consultant in Berkeley, California, thinks that electronic payment networks will let consumers take greater control of their finances. For instance, many credit cards today give you automatic extended warranty protection on your purchases. In the future, if you decide to pay for something by credit card, your computer might reject the extended warranty offered by that credit card and buy a warranty from a different company on better terms. And your friendly computer could also constantly juggle your finances and shift money to the account with the best interest rate.

“Given all that, what is the value-added of the Bank of America, or Chase Manhattan? In the next ten years, we’ll ask why we need a community-based bank at all,” says W. Brian Arthur, an economics professor at Stanford University. In fact, Arthur believes that in the near future the banks might face serious competition in the financial services industry from computer companies. “This may mean Microsoft or AT&T will be competitors. All of these electronic banking portals will be difficult competition for the banks – banking will cease to be done in banks and will be done right on our desks,” he says.

While many people may welcome this challenge to the state and financial institutions, there is an obvious flip side: e-money can seriously compromise your privacy. Already, most major purchases appear in someone’s records somewhere, in the form of credit card charges or records of cheques.

“The fundamental question is, do you as a payer have a right of control over your identity when you make a payment? If someone tells you when you make a purchase that you always have to identify yourself, you’d wonder what kind of a country you’re living in,” says Chaum. But people making a purchase with a debit card, for instance, identify themselves, and they also leave an electronic trail with their bank, which knows where and when they spent the money.

Spy catchers

Most people, of course, do not have too much to hide. But as more and more information gets filed away in computers automatically, it becomes possible to construct detailed electronic dossiers with almost no effort. How would you like it if someone at your bank could, with a few key strokes, get a picture of your entire day? At 7.15 am, got on the tube. Paid £1 for a cappuccino. Spent the morning shopping for software, bought a wargame. Spent £35 on lunch for two. Another cappuccino at 3.30 pm. At 6.00 pm, stopped at the supermarket and spent £15 on cat food and groceries.

Governments have been known to snoop on and harass innocent citizens in the past, but at least they had to expend some manpower and effort to do so. People like Chaum fear a future where repressive governments would scarcely have to issue an order. “Think of making a condom purchase under a repressive regime. You can create your own horror stories on the left or the right,” says Hughes.

There is also the danger of invasion of privacy from the private sector. Retailers might cooperate to build detailed accounts of your spending habits. Already, supermarkets can keep track of the products you buy, automatically issuing coupons for competing brands with your receipt. It would not take much more to keep a detailed dossier of your purchasing habits. How much ice cream do you buy every week? How much beer? How many cigarettes? And what if it was not just the ice cream and beer and cigarette companies that wanted to look at this information, but your life and health insurance companies as well?

Of course, some retailers might also lose out. For instance, banks could easily put together lists of every retailer’s customer base – valuable corporate intelligence, especially if the bank or one of its subsidiaries happens to own a rival outfit.

David Sobel from the Electronic Privacy Information Center thinks that maintaining the privacy of financial transactions is vital. He points out that the director of the US’s Internal Revenue Service mentioned in a speech last year that soon it might be able to track everything a taxpayer earns and spends, and simply send out a tax bill at the end of the year.

Record collection

With impressive understatement, Sobel said that most people are “uncomfortable” with such a level of government intrusion. “We’re already seeing the credit reporting companies maintaining electronic dossiers on our lifestyles. At least now we have the option of forgoing that system by using cash. I wouldn’t like to see the day when that option is no longer available to us.”

John Gilmore of the advocacy group Electronic Frontier Foundation agrees. “The only real solution to the privacy problem posed by electronic money is to make it anonymous so the information is never collected. Once the information is collected, it’s guaranteed to be abused.” Chaum also takes seriously the threat from abuse of privacy. He has designed his system to provide electronic money that can be made totally anonymous and untraceable. To do this, he adds several twists to the process of encoding the digital money so that the bank can verify that the money is genuine while it is unable to read the serial number of the electronic bill. But fully anonymous payment systems are a double-edged sword: they may well prevent information from being misused, but they also threaten to undermine accountability, opening up the possibility of tax evasion and increasingly efficient criminal activity.

Kawika Daguio, who works for the American Bankers Association, which represents the industry, thinks that people have no automatic right to make absolutely anonymous transactions. Even today, there is no such thing.

“Most people mistake physical currency (for) an anonymous payment method. It truly isn’t,” he says. Large cash transactions have to be reported to governments, which are interested in preventing illegal activity and tax evasion. Even smaller cash purchases are not entirely anonymous – when buying a bottle of wine or a dirty magazine, a customer still has to interact with a shop assistant.

But with anonymous payments, drug transactions and contract murders could be carried out with impunity, and governments would lose their ability to track much of the taxable income. Daguio thinks anonymous e-money creates more serious problems than it solves. “You can protect privacy and hold people accountable for their actions without buying into anonymity wholesale,” says Daguio.

Chaum. however, dismisses the idea that anonymous e-money would increase crimes such as pornography and drug dealing. Such claims are “bogus,” he says, since government has not been wildly successful in stopping those enterprises anyway. His great fear is that governments will outlaw anonymous e-money before it can prove itself. “New technology cannot be outlawed a priori. As it is used and problems occur, they can be dealt with,” he says. Daguio adds that financial laws similar to those already in existence will be enough to keep government and businesses from abusing financial information.

More from 91av

Explore the latest news, articles and features