Smart Cards and Private Currencies

Smart cards are a type of electronic card, looking much like a credit card, but with a computer chip embedded in the plastic instead of a magnetic stripe attached to the surface.

Smart cards can be used for many purposes, such as identification, access control to an office or a computer, making phone calls, or storing money (value) which may be spent in more than one location. Millions of smart cards are currently in use¾ providing billing for digital mobile phones, allowing prepayment for gas, and controlling the viewing privileges of satellite television subscribers.

Smart cards have a natural role to play in eliminating government monopoly over currency issue. (I include among government monopolies the curious case of the U.S. Federal Reserve, which is privately chartered, but which acts as a government handmaiden.) Smart cards will assist in the development of private currencies to compete with, if not replace, today’s prevalent types of monopoly money.

Writing in the 1970s about the need for private currencies to compete with official national brands, the economist Friedrich A. Hayek noted the practical difficulties of having different sizes, shapes, and weights of coins when it came to acceptance by vending machines and similar devices. He wrote:

Hayek thus anticipated smart cards and digital signatures. More recently Browne and Cronin have asserted: "We believe that research on laissez-faire banking should give greater attention to the potential implications of rapidly improving technology in electronic payment instruments (based on integrated circuit/smart cards and advances in telecommunications) which are being developed by private sector banks." [5]

In this article I will pay particular attention to the use of smart cards for storing or transferring money. Money in a modern economy consists mainly of numbers in a computer. When you write or draw a check on your banking account, the account balance¾ or number¾ associated with your name in the bank’s computer is reduced. When you make a deposit, this number is increased. It works the same way with stored-value cards or other balance-maintaining mechanisms.

For security, it is important is to ensure that this number, or balance, is only altered under approved circumstances. You wouldn’t want some bank employee to embezzle from your checking account by decreasing your balance and putting the equivalent cash into his or her own pocket.

Similarly, for other forms of digital cash—such as money stored in the computer chip of a smart card¾ the circumstances under which the balance is changed are controlled in various degrees by cryptological protocols [13] and tamper-resistant hardware. But¾ just as with an ordinary checking account¾ the underlying system is all about numbers: what you did to get them, and what you can do with them. If you gave up goods and services to acquire your numbers (your money), then you expect to get something equivalent back when you spend it.

It is confidence that money represents goods and services (that is, the confidence that money is backed by, or exchangeable for, goods and services) that allows any modern monetary system to function. (When additional forms of backing such as gold are used, this simply adds to the confidence level, but in no way alters the preceding statement. In fact, the commodity backing of most "commodity-backed" paper monies and bank deposits has turned out to be a scam, historically. When, in times of inflation, people have demanded that their notes or deposits be turned into the underlying commodity¾ cotton, or gold, or whatever¾ it was discovered that this additional "backing" wasn’t really there. In any case, inflation undermines confidence that money represents a store of value, because inflation indicates that money was created without a concomitant creation of goods and services.)

Cash represents an anonymous payment mechanism that does not require bank approval at the point of sale or transfer. But cash in the traditional form of currency and coins has the drawback that it cannot be sent over the Internet or over the telephone to a friend or relative or stranger as a loan, gift, or means of payment. (Of course one can pay by credit card over the Internet, but this is not the same thing: unlike with cash, the bank is involved in, and records, both sides of the transaction.)

Cash should be no further away than the nearest mobile digital phone. One should be able to send cash over the telephone (as can be done with Mondex cards over specially equipped British Telecom phones), or download cash from a bank account over the Internet and privately transfer it to someone else around the world. Public payphones ought to function both as Internet kiosks and ATMs for dispensing electronic cash.

One of the main reasons for optimism concerning a role for smart cards in making electronic cash possible is the simple fact the telecommunications industry is already the largest user of smart cards. But how smart cards should be imbued with the proper digital e-motion or inscribed with the right Hayekian monetary "electronic markings" isn’t always obvious.

Traditional credit and debit (such as ATM) cards store information on a magnetic stripe, which is attached to the surface of the card. (Pull out one of your own cards, and look at the back.) This stripe is composed of three tracks: the first (airline) track holds up to 79 alphanumeric characters, the second (banking) track holds 40 numerical digits, while the third (financial transaction) track holds up to 107 numerical digits. None of the three tracks has storage capacity for very much information, and what information is recorded there is easily overwritten by any device capable of erasing or recording magnetic tape. Thus there is no way to securely store account balances or cryptographic keys on a traditional magnetic stripe card. Such cards are simple "memory-only" cards, without much memory.

Transaction cards contemplated for storing cash, by contrast, make use of integrated circuit chips (hence the frequent designation "IC cards"). IC cards contain memory for data storage, and often also a processor for making calculations (in which case they are called "smart cards"). Many different but overlapping terms are used to refer to electronic cards. Table 1 helps sort through the terminology.

Table 1: Types of Electronic Cards

Smart cards used in the French banking system can authorize transactions off-line when cardholders enter their PINs. A more recent application is Mondex, which is an electronic wallet system that allows electronic currency to pass from hand to hand without redepositing. Mondex cards can also store several national currencies.

According to the European Commission there were 24 multi-application (smart card) schemes operating in Europe at the end of 1996. [11] The maximum limit of stored value on 19 of the cards was then less than 250 ECUs (now 250 euros). Some cards are used for very small value payments, such as ¼ or ½ of a euro cent for downloading a page from the Internet. This allows journals that would otherwise be available only in printed form in a distant library to offer copies of their articles on the World Wide Web. But for this to happen, transactions costs have to be low, and that requires electronic cash.

Smart cards are only now starting to gain acceptance in the U.S. Europe has about 75 percent of the smart card market, North America about 4 percent, and the Rest of the World 21 percent. [4]

Proton is the largest distributor of smart cards, especially for banking applications. The Proton smart card platform is used in 30 million cards distributed by over 250 banks, and accepted by 200,000 terminals in 15 countries. Proton was created by Banksys, the Belgian electronic funds transfer and security specialist. Users include American Express, ERG (a public transport smart card company), Interpay Nederland, and Visa International.

Currently in the U.S., there are no restrictions on who can issue electronic money. In many respects, as noted by Osterberg and Thomson [25], the monetary value that circulates on such cards functions a lot like the private bank notes issued by nationally chartered banks after the National Banking Act of 1864, up to the founding of the Federal Reserve in 1913. However, their analogy is a little misleading, because non-banks may issue electronic money also. There is no monopoly held by a special category of commercial banks or other financial institutions (and even if there were such a regulatory monopoly, the regulations could not be generally enforced without driving the electronic currency market offshore).

In Europe, under the regulations of the European Central Bank, the minimum bank capital requirement is 5 million euros, while the proposed requirement for electronic money issuers (which are classified as credit institutions) is 500,000 euros. Banks have a minimum own funds requirement of 8 percent, while the proposed figure for electronic money issuers is 2 percent. This means that electronic money issuers must hold own funds equal to 2 percent of the amount of unredeemed e-money, subject to a minimum of 500,000 euros. [11]

The bulk of the funds obtained by issuing e-money, of course, is used to buy interest-bearing assets. The interest earned from these assets is the e-money issuer’s profit once expenses have been covered.

Technically, "electronic money" is defined by the European Commission as "monetary value which is;

This shall serve us as a fairly good definition. But note that by "limited value" payments, I have in mind a few thousand dollars, rather than a few hundred.

Current systems in use are basically either float systems or token systems. Float systems are much like traveler’s checks—a type of prepaid promissory system. You purchase electronic cash from a bank, and the bank keeps your payment in a special float account to meet its obligation when the cash is spent. All transactions may be audited. Visa Cash is a float system. Token systems operate more like physical cash. Person-to-person transfers are possible (as with Mondex), and there is no settlement or audit process except at the time value is transferred into or out of the banking system (just as currently occurs when physical cash is deposited with or withdrawn from a bank).

In either case, the primary attraction of electronic cash for an organization that issues it is the interest earned on the unused cash stored on its customers’ cards. On the user side, merchants may realize a savings from the costs otherwise associated with handling physical cash and processing transactions. And non-business users can acquire mobility and convenience without giving up the privacy aspects of physical cash. That, at any rate, is the goal. Reaching that goal requires some work.

The basic parts of a smart card will be familiar to any personal computer user. These include a Central Processing Unit (CPU), which performs calculations; a Read-Only Memory (ROM), which stores the operating system; Random Access Memory (RAM), which is used for temporary storage while calculations are performed; Electronically Erasable and Programmable Read-Only Memory (EEPROM), which stores data (such as account balances or encryption keys) that will be regularly changed; a Clock (which paces the rate at which instructions are processed); and Input-Output (IO)¾ via contacts which interface with a card reader (or, if the card is contactless, through induction or high-frequency radio transmission).

A typical smart card might have an 8-bit CPU operating at 5 megahertz, 256 to 1024 bytes of RAM, 6 to 24 kilobytes of ROM, 1 to 16 kilobytes of EEPROM, and perhaps an on-chip encryption module.

Back in 1986 smart-card maker Philips programmed the DES algorithm on a chip, using less than 700 bytes to do so. A more recent example (1999) is IBM’s Multi-Function Card (MFC/16K PKA) which has 16 kilobytes of EEPROM, contains DES and triple-DES algorithms, allows for RSA key generation (up to 2048 bits), implements the SHA1 hash algorithm, and allows for DSA—as well as RSA—signatures. [19]

Some of the physical aspects of smart cards are shown in Table 2.

Table 2: Smart Card Basics

A transaction between the outside world and the card involves the following steps:

Input/output involves asynchronous characters transmitted in half-duplex mode. Each character is ten consecutive bits: a start bit, eight data bits, and an even parity bit. A short interval or "guard time" between successive characters allows for synchronization in the transmission.

The contacts connect to the internal parts of a chip. These are illustrated below:

CPU
¯
Reset ROM (operating system)
¯ ¯
[Memory Areas] ¬ ¾ ¾ ® RAM (scratch pad)
¯ ¯
Input/Output EEPROM/EPROM (non-volatile)
¯
Clock

These are all contained in a single chip called a SPOM (self-programmable one-chip microcomputer). Europay, MasterCard, and Visa jointly created a set of smart card specifications (EMV ‘96) based on ISO 7816. [8] [9] [10] Visa then developed a specification based on EMV. [28]

In Table 2, notice contact C7, input/output (IO). This can be thought of as the smart card’s serial port. Information is transferred into, or out of, the smart card here, one bit at a time. The data packets through which smart cards talk to the outside world are called Application Protocol Data Units (APDU). The structure of these is defined by ISO 7816. An APDU is either a command sent to the smart card, or a reply from the smart card. The terminal, which always initiates communication, is the master and the smart card is the slave. The communication interface is half duplex, typically operating at 9600 baud. (Half duplex means that the card and the terminal take turns sending signals to each other.)

C1 and C5 (supply voltage and ground) are used to power the card. Power is supplied by the card terminal (card reader). In the EMV ’96 specifications, the supply voltage is 5V, plus or minus a half volt. (When you see an article in a Usenet hacking group that explains how to "hack" a card using 21 volts, you are being conned. That level voltage may fry the card. Such articles are posted by smart card manufacturers and pranksters.) C6, external programming voltage, is rarely used anymore.

Stored in a smart card’s ROM is the operating system. Just as a personal computer may run on DOS, or Windows, or Linux, so must a smart card¾ a credit-card sized computer¾ also have an operating system (OS). The OS is burnt into ROM (a process called "masking").

Even though virtually all smart cards adhere to the ISO 7816 standard, the smart card operating systems themselves are usually proprietary (one example is MPCOS which is patented by Gemplus). But that means that most smart card applications have limited scope, because an application developed for one operating system won’t work on the one next door. And it isn’t just a "Windows vs. Linux" debate: around the world up to a hundred proprietary systems are in use.

Thus creating low-cost smart cards that handle more than one application—such as simultaneously acting as a banking and identification card, while giving mobile phone access—represents a daunting task, but one that is necessary if smart cards are to be widely utilized by the general public.

There are various ways to deal with this problem: create common standards for operating systems; create a common interface between applications and operating systems; or adopt an operating system that is already in widespread use. At the moment, all of these solution paths are occurring simultaneously.

Java Card. Java Card is produced by JavaSoft, a division of Sun Microsystems. Java Card is a specification, not an operating system. Like the programming language Java, Java Card uses an interpreter (called a Java Card "virtual machine") that sits between an application (called an "applet") and the card operating system. A smart card application programmed in Java Card thus can run on different proprietary systems through the Java Card virtual machine interface, which is burnt into ROM along with the operating system. The Java Card specification is supported by companies like Bull, IBM, Motorola, Toshiba, and Visa.

Java Card programs are written in Java, but not all features of the Java Language Specification are supported. Java Card is compatible with ISO 7816 and the EMV financial standards. Two claimed drawbacks to Java Card are that it requires faster processors and more memory than many smart cards currently have. The Java Card 2.0 specification has a minimum system requirement of 16 kilobytes ROM, 8 kilobytes EEPROM, and 256 bytes of RAM. [29]

MULTOS. MULTOS stands for multi-application operating system. It was originally developed by Mondex, then transferred to MAOSCO, whose members include smart card manufacturers Gemplus, Hitachi, Keystone, Motorola, and Siemens-Nixdorf. The intent was to make MULTOS an open standard. Financial organizations supporting MULTOS include American Express, Discover Novus, EuroPay, and MasterCard.

One implementation of MULTOS (version 4.02) has been done by Keycorp Limited (Australia) using the Siemens SLE66 chip with a 8051 CPU core along with a math coprocessor. According to a Keycorp press release, "Keycorp’s MULTOS implementation, which was developed in Australia, supports the ISO 7816 and EMV standards as well as the Mondex electronic purse, and is being certified to the ITSEC E6 security level – the highest possible security level for computer systems. The 4.02 implementation has two significant features that distinguish it from earlier versions of MULTOS: memory recovery, which allows application space to be re-used when applications have been deleted; and secure inter-application communication, which enables applications to work together while maintaining privacy." [22]

MULTOS applications are written in the MULTOS Executable Language (MEL), an assembly language. Alternatively, they can be written in C and compiled into MEL. The operating system is held in 32k of ROM, while 16k of EEPROM is sufficient for applications.

Smart Card for Windows. Microsoft entered the picture in October 1998, with its Smart Card for Windows operating system for Win32-based platforms, based on the existing PC/SC standard [6] for integrating smart cards with personal computers. Windows 2000 (i.e., the successor to Windows 98) will include a smart card as a standard part of the Windows package. Microsoft’s plan is to load "blank" smart cards with the card operating system, and the user will then download the applications he wants from the Internet.

Smart Card for Windows is an 8-bit multi-application operating system for smart cards with 8k of ROM. Applications may be written in Visual Basic or Visual C++. Microsoft claims that "cards developed using Smart Card for Windows are expected to cost $2-$4 each, compared to the $15 or so it costs for a typical Java Card or MULTOS card." [24]

In addition to standards for card operating systems, there need to be agreed standards for the software applications that use smart cards as part of the system. Applications talk to card terminals (also referred to as "card readers" or "card acceptance devices"), which in turn read data from and write data to smart cards. Examples of terminals include card readers attached to a personal computer, readers integrated into vending and ATM machines, readers attached to GSM mobile phones, and hand-held readers with their own small LCD screen. If one wants to be able to download smart card applications from the Internet, then—under an open system—neither the card terminal nor the issuer of the card that the applications will use will necessarily be known in advance.

The primary general framework for applications is the OpenCard Framework. The OpenCard Framework is a set of open standards that apply to the software application that runs on the card terminal or on a workstation providing the interface to the card terminal (by contrast, say, to Java Card or MULTOS, either of which runs on the smart card itself). The goal of the OpenCard Framework is to allow successful applications to be written which are independent of the card terminal vendor, the card operating system provider, or the card issuer. [20]

The OpenCard Framework was developed by IBM, Netscape, NCI, and Sun Microsystems specifically to integrate smart cards with network computers and other card-using devices such as point-of-sale terminals and personal computers. It supplies standardized application programming interfaces (APIs). The reference implementation is written in Java, but the specifications can be implemented in other object-oriented languages, such as C++.

An application program talks to the card terminal and the card itself through the ISO 7816-defined data packets called Application Protocol Data Units (APDU), which were mentioned previously. The program sends commands with an onion structure. First, the command must be one the card supports, such as "generate a 1024-bit RSA key." This is wrapped inside an ISO command packet that tells the terminal how to talk to the card. Then the ISO command packet is wrapped inside an OpenCard-based packet for communicating with the card reader.

Let’s now return to the internal structure of a smart card. To prevent counterfeiting or misuse, a smart card relies on the access to the data residing in EEPROM for its own internal applications being controlled by a secure operating system residing in ROM. The EEPROM data might include a newly generated 1024-bit RSA key, or updateable information about the cardholder (if the card is used for identification), or the current cash balance on the card, while the secure operating system might include ROM cryptographic routines.

If one could change the authentication information on a card—by altering the RSA key or the identification information—then one could masquerade as another person. If one could change the cash balance on a card, then one could rip-off merchants or the card issuer.

A well-designed card system will involve various security measures. The smart card may authenticate the card holder through a password (or passwords) stored in EEPROM. The user must enter the correct password before the other functions of the smart card chip are unlocked.

The card may authenticate the card reader (the external world) by generating a random number and sending it to the reader. The reader has to encrypt the random challenge with a shared encryption key and return the result to the card. The card then compares the returned result with its own encryption before agreeing to communicate with the reader.

The card reader (the external world) may also authenticate the card’s identity by sending a random challenge (number) to the card. The card is then required to sign the number with its own private key (of a private key/public key pair) and return it to the external world for verification.

The integrity of data exchanged between the card and the outside world can be verified through a MAC (message authentication code). The MAC is a number that is calculated based on 1) the data itself, 2) an encryption key, and 3) a random number. If data has been altered (for any reason, including transmission errors), the MAC will not verify. Alternatively, if the chip has sufficient memory and processing power, the data can be verified through a digital signature.

Some important advances in applied cryptography have been smart-card driven. The digital-signature algorithm (DSA) recently adopted by the U.S. government, and now widely used around the world, is based on the concept of a Schnorr signature [27], which was first announced as a smart card application. (Most smart cards currently implement RSA signatures, however, preferring to conserve resources through the use of the Chinese Remainder Theorem. [26])

Alongside interoperability, security is a leading smart card issue. Before one contemplates storing $50,000 on a smart card [15], one needs to think a lot about security. Attacks on security can take the form of attacks on the smart card’s software or hardware, or both simultaneously. Is it possible to create tamper-proof, or at least tamper-resistant, modules?

That tamper-resistance is more difficult that it looks was shown by Ross Anderson and Markus Kuhn, who cracked the Dallas DS5002FP Secure Microcontroller, described at the time by one European signals intelligence agency as the most secure processor available on general sale. The processor is Intel 8051 compatible and is used in financial transaction terminals and pay-TV access systems.

They created a protocol attack, which exploits the fact that one of the chip’s block ciphers operates on 8-bit blocks. Anderson and Kuhn were able to brute force (i.e. find the encryption key by trying every possible variation) the encrypted data by matching inputs and outputs from the card in a complex way they describe in detail.

Protocol failure is one problem. Another paper [2] also discusses differential fault analysis, chip-rewriting attacks, and memory remanence attacks.

An example of differential fault analysis might entail subjecting a chip which runs at 5 megahertz to small bursts of 20 megahertz. The clock frequency (contact C3, in Table 2) speedup would be applied with the intention of making the chip skip or improperly execute an instruction as the chip is running through a program sequence. Ross and Kuhn illustrate with examples involving RSA and DES.

Chip rewriting attacks involve identifying specific memory cells in ROM or EEPROM and altering their contents. Single bits in ROM can be overwritten with a laser cutter microscope, while those in EEPROM can be altered through two microprobing needles. Of course, the information garnered this way has to be worth the effort¾ but it may be if it gives access to the right computer or building or bank account.

When values have been stored in computer memory for a long period of time, it is virtually impossible to erase them without leaving magnetic traces that can be used to recover the values. This is the basis of memory remanence attacks. Many banks have ATMs with a security module developed by IBM and revised by VISA. Inside the security module are key-encrypting ("master") keys. These keys are used to encrypt PIN keys as well as other encryption keys, such as the encryption keys used to communicate with other banks. If the security module is opened under the wrong circumstances, it erases these master keys. But this erasure isn’t really secure, since there are now well-known techniques for recovering the original values. (The same, of course, applies to any computer hard disk that has stored the same information in the same place for a period of time.)

All of these attacks assume the encryption algorithm itself is secure. But that may not be true. The encryption cipher used in the SIM (subscriber identification module) in GSM (mobile) telephones was cracked in a day by two researchers at the University of California, Berkeley. The SIM is a small smart card with encryption functions which stores subscriber-specific information separate from the phone itself.

It is important to keep the security issues associated with smart cards (and hence with money stored in, or accessed by, smart cards) in perspective. Paper money, such as U.S. currency, for example, is easily counterfeited (despite the recent rash of security—as well as surveillance—measures added to various dollar bill denominations). That counterfeiting doesn’t take place more often is due to the great resources of the U.S. Secret Service—an enforcement arm of the U.S. Treasury. Smart card cash issuers don’t have these same resources. A start-up operation will not benefit from the huge cash flow that seigniorage grants the U.S. Federal Reserve (seigniorage being the difference between the cost of issuing currency and the interest earned from the government bonds purchased with it). Thus, living on a limited budget, creators of private currencies have to approach security with applied intelligence.

The U.S. likes to regulate everything, from electronic funds transfer to unclaimed property. U.S. laws have had a dramatic impact on the availability of smart cards which store and transact monetary value. We now consider two examples in detail. These will make the point that banking regulation, while marketed as consumer protection, can operate to maintain the government’s money-supply monopoly by imposing dead-weight costs (such as extensive record-keeping for the convenience of the government) that make competition by private currency issuers unprofitable.

Regulation E. The Federal Reserve’s Regulation E implements the Electronic Fund Transfer Act (EFTA) of 1978. Under the guise of consumer protection, Regulation E requires various disclosures related to electronic funds transfer, as well as advance notice of changes in terms, transaction receipts, periodic statements, error resolution procedures, limitations on consumer liability, and restrictions on unsolicited giving of funds-transfer access-devices to consumers. On May 2, 1996, the Federal Reserve proposed to extend Regulation E to stored value cards. It would classify stored-value systems as "on-line", "off-line accountable", or "off-line unaccountable".

On-line systems would be simple debit cards where accounts balances are stored in a central database, not on the card, and communication with the central facility is required for balance transfers. Off-line accountable systems are ones in which balances are recorded on the card, transactions do not have to be transmitted to a central facility to be pre-authorized, but where each transaction is stored and periodically transmitted to a central facility. Off-line unaccountable systems are those in which transactions are not pre-authorized, transactions are not traceable to a particular card, and the card’s value is only recorded on the card itself.

The Fed proposes to make both on-line and off-line accountable systems subject to Regulation E requirements on transaction receipts and dispute resolutions if the maximum value that can be loaded is greater than $100, but exempt if the maximum value is $100 or less. Off-line unaccountable systems allowing values greater than $100 would be subject to the Regulation E requirement on initial disclosure, but would be totally exempt with respect to payment transactions. On-line systems allowing values greater than $100 would have to meet all requirements of Regulation E, except for periodic statements, provided an account balance and account history is available on request.

The Fed’s proposal would thus seem to eliminate on-line anonymous systems (because of the transaction history requirement), but would allow for off-line anonymous systems under the "off-line unaccountable" option--as long as account withdrawals were recorded.

Other banking questions concerning seigniorage and whether stored value is a bank deposit are discussed in another article. [14]

Escheat. Escheat has to do the state taking over "abandoned" property ¾ property in which there is no person legally qualified to claim or inherit. Most states have adopted some form of the Uniform Unclaimed Property Act, which empowers the state to seize "dormant" or unclaimed property such as bank accounts after some period of time. Stored value cards are much like traveler’s checks, whose value may be seized after fifteen years if the checks have not been used. Bank accounts are usually declared dormant after five years.

The state that has jurisdiction is the state in which the owner of the unclaimed property maintains his address, if this address is known. If the address is not known, then the state in which the funds issuer is incorporated has jurisdiction.

Reporting requirements vary by state, but in general the holder must report the name and last known address of the apparent owner of each item of property over a particular value (no specified amount in New York, $25 for the Uniform Act and California, $50 for Texas and Delaware, and $100 for Massachusetts). For items under the specified amount, the holder can report the value in aggregate.

At the time the report is filed, or up to six months thereafter depending upon the state, the holder is required to deliver the property [$90 in the example] to the state, as "custodian" for the owner, at which time the holder is freed from further liability. The Uniform Act and other state statutes, however, require the holder to maintain available records for such property for up to 10 years after it has been reported.

Which state has jurisdiction? If address of owner is known: the State of the owner. Texas v. New Jersey, 379 U.S. 674 (1965). If address of owner is not known: the state of incorporation of the holder. Delaware v. New York, 113 S. Ct. 1550 (1993).

"Anti-cheating" provisions preclude creative efforts to avoid statutes. For example, contract between owner and holder that property reverts to holder upon failure to use or at an expiration date is generally void. Penalties -- Most unclaimed property statutes provide for penalties for the failure to report unclaimed property as abandoned or comply with the statute's provisions. Under the Uniform Act, a holder must pay an interest penalty (T-Bill rate plus 10%) on the unclaimed property from the time it should have been reported. If the failure to report or comply with the statute is willful, the penalty is 25% of the value of the property plus $100/day for each day the report is late up to $5,000. Texas and California authorize jail terms of up to six months, and California imposes an additional penalty of $500 per day for a failure to keep records on traveler's checks or money orders. [7]

The record-keeping provisions of escheat laws are contrary to the whole spirit of low-cost transactions envisioned by electronic money.

The existence of U.S. barriers to competition like the ones considered here partly explains why smart card-based financial transactions have proven to be a resounding success in Europe, but have only recently begun to penetrate the U.S. market.

This article has highlighted some of the technical issues in creating electronic money via smart cards. The standardization of technology will go a long way to harmonizing the look and feel of smart-card-based monetary transactions. This standardization may involve such apparently simple, but actually complicated, issues as the fact that mobile phones operate on 3 volts. Hence there is a push to change the voltage on smart cards from 5 volts to a wider range of 3-5 volts, in order to eliminate the charge converter when smart cards are used in mobile phones. The latter represent the ultimate non-stationary ATMs for electronic cash.

Relevant information about the value of private electronic money from one issuer versus another will be instantaneously transmitted by electronic telecommunication. And just as with Citibank or American Express traveler’s checks, electronic money that does not trade at or near par will quickly be abandoned altogether. Electronic money inflation will be quickly and severely penalized. (*)

But more is needed. Much, much more. The whole objective is to denationalize money, to decentralize it, to put it beyond the control of regulatory authorities who operate to maintain a government or central banking monopoly, to create mobile network banks that do not become sitting targets for Big Brother information collectors, to distribute private currency operations in such a way that they can be said to exist in no single political or legal jurisdiction—or for that matter cannot be said to exist in any jurisdiction. Electronic monetary transactions will take place out there, somewhere in cyberspace, unobserved by third parties. The intent is to deliver an honest service at an honest price, and to give the user of the system complete privacy.

This goal isn’t radical. It is in fact just a simple characterization (with extensions) of information flow through the Internet. Legal frothing does not alter the basic truth that "(a) financial services are information commodities and (b) public computer networks offer a fast, cheap way to trade information" [3].

Recently, the Financial Crimes Enforcement Network (FinCEN), the agency of the U.S. Treasury that administers the Bank Secrecy Act (BSA), put forth a proposal to amend BSA regulations so as to define certain issuers, sellers and redeemers of "stored value" as "money services businesses" (MSBs). The proposal would require all MSBs to register with the Department of the Treasury and maintain certain information for possible Treasury review. In other words: more fixed costs and Big Brother invasion of financial privacy. The objective of a good electronic money system is to put FinCEN and similar government financial information collectors out of business.

But Hayek’s dream of competing currencies will only be realized by engineers and economists who are not hamstrung by the Luddite Austrian vision of economics without mathematics or by the neolithic nightmare schemes that envision all financial transactions being conducted by gold or silver coins. People who waste their time blabbing about "the need for a gold standard" don’t seem to realize that Bretton Woods broke down because government gold agreements don’t work. [16]

Austrian economics has a fine tradition of concern with individual freedom, but just because von Mises couldn’t do modular math doesn’t mean it’s not important. Even Hayek didn’t live long enough to learn how to do digital signatures, but the world and technological progress didn’t end with Hayek.

Gold coins are a great thing—at a minimum they represent an alternative competing currency all by themselves. But they don’t help much in effecting transactions at a distance or in minimizing transactions costs. The gold market itself is organized electronically. [17]

And the gold standard? Forget it: the objective is to get the government out of the process. And if you argue that government is not necessary for a gold standard, then quit bitching and create one privately. That’s what private currencies are all about: if you have a better idea, then implement it and sell it to others.

Private currencies are on their way. And smart cards are an important part of that process.

Smart Cards and Private Currencies

What is a Smart Card?

Table 1: Types of Electronic Cards

Smart Cards and the Money Supply

Inside a Smart Card

Table 2: Smart Card Basics

Multi-Application Operating Systems

The OpenCard Framework

Smart Card Security

Smart Card Legal Issues in the U.S.

The Future of Electronic Money

Bibliography