1995-07-18 - Mondex (forward)

Header Data

From: “Rev. Mark Grant” <mark@unicorn.com>
To: cypherpunks@toad.com
Message Hash: 15bb7cd8e0a9802ed8da6ebb053a146808539732fd52b3d903785a4a05e16df3
Message ID: <Pine.3.89.9507181524.A3308-0100000@unicorn.com>
Reply To: N/A
UTC Datetime: 1995-07-18 14:06:32 UTC
Raw Date: Tue, 18 Jul 95 07:06:32 PDT

Raw message

From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Tue, 18 Jul 95 07:06:32 PDT
To: cypherpunks@toad.com
Subject: Mondex (forward)
Message-ID: <Pine.3.89.9507181524.A3308-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



Thought this might be of interest... forwarded with permission..

From Andy Meredith (meredith@bcs.org.uk) on the ecm list :

On Jul 18,  9:21am, Marcel van der Peijl wrote:
> Subject: Re: e$, c$$$, Cyberbucks & ECash - terminology.
> > > electronic cash (also digital cash) is a general term for
> > > the concept of encrypted messages that have inherent  value
> > > - as opposed to credit notes or electronic checks. I guess
> > > that the Mondex smart cards have ecash in them, but that
> > > seems different.
>
> I am such a bad reader! You are right. This is a good definition
> of  electronic cash or digital cash. Mondex is questionable. The
> card has an account, and uses crypto to proof it is a real Mondex
> card, so you'd better believe it when it says it took the money
> of it's internal balance. I would vote this is not digital cash.

I am participating in the Mondex pilot scheme in Swindon. It took me
a great deal of pushing to get _any_ details at all. The details I
did get didn't go into the encryption schemes used or any such fun
stuff. It did in fact take quite a while for me to realise the
significant differences between ecash and Mondex. As they didn't, in
the end, make me sign an NDA, I guess I can share.

1 - The Value is not encrypted on the card, that is held as plain
    text, it is the front door on the card that is heavily guarded.

    If therefore you can inject value into the card from the back
    door, it is then taken as real money. The logic being; Hey it
    managed to get through all that security which is imposible for
    anything except another mondex card to do, it must therefore be
    Mondex money ... that's Ok then.

    There can never be a software only version of Mondex
    as it stands. The trust is in the front door, not the cash
    values themselves.

2 - Some of their transaction monitoring is very "Big Brother"esque.
    As you can imagine, if a card is seen to be creating money but
    not consuming it, there IS a problem. Therefore whenever you get
    some money from a "hole in the wall", the bank sucks over your
    transaction log & error log. It will of course only ever use
    this for security monitoring. It will never follow the likes of
    AMEX and start stock pilling these transactions, using it's
    knowledge of the which physical entity own what card ID, and
    using the cross reference for market research/direct
mail/consumer
    profiling. No of course not. That would be TOTALLY unethical ...

3 - Mondex is billed as "Electronic Cash", but you won't find the
    concept of anonymity in there anywhere. They talk about it, but
    I haven't seen them write it down explicitly. One could suggest
    however that that "Cash == Anonymous", so the scheme would have
    to be anonymous for them to have a right to the "Electronic
    Cash" title.

> So what is the name for schemes like this?

How about "Stored Value Card"

>-- End of excerpt from Marcel van der Peijl

One interesting thing that I noted. When I read through the technical
blerb on ecash a while back, I had to sit back and think very
clearly, and read very slowly. However, it was relatively easy to
understand the bits, and then even easier to put the bits together
into a system.

The reason, I suggest, is that if you understood all the encryption
technology behind ecash, and had the requirements that it has for
anonymity and security (hand in hand). You would reinvent ecash.
Maybe the layering would be subtly different, the real one ond your
independant derivative wouldn't interact, but ...

If however you were to have asked me to explain ecash a week later, I
would have been totally stumped. It is a very elegant system.

Mondex, on the other hand, worried from the word go. It just didn't
seem to add up. Apart from everything else, why were they being so
damned secretive. I read and thought, and read and thought. Then it
finally dawned on me. Mondex just simply doesn't have the same
requirements list as ecash. I was prejudging the requirements from my
previous exposure to ecash.

Ask me to explain Mondex to you now ... what do you want to know :)

Andy M

     (this is my opinion of information gained outside of
       company time. It is not the opinion my employer.)


And :


On Jul 18, 12:29pm, Marcel van der Peijl wrote:
> Subject: Re: Mondex
> > I am participating in the Mondex pilot scheme in Swindon. It
> > took me a great deal of pushing to get _any_ details at all.
>
> Of course! Security through obscurity has always been a good way of
> protecting your systems... ;)

Absolutely. That's why VISA have lost so little money :)

> > 3 - Mondex is billed as "Electronic Cash", but you won't find the
> >     concept of anonymity in there anywhere. They talk about it,
> >     but I haven't seen them write it down explicitly.
>
> Hahahaha. Let me explain. You can buy the card anonymously. This
> gives anonimity....
> NOT!

Actually, you can't. You need to supply bank details in order to get
one. At least you do for the Swindon trial. The cards in use here are
in fact combined ATM and Stored Value ;) cards. They have all your
bank details in a mag. stripe on the back of the card. The current
batch of EPOS terminals don't use this stripe, but I wait with
interest.

> They are forgetting that tracebility plus one link of a person to
an
> 'anonymous' account is the same as identification.

Sainsbury's (et al) sussed that one a while back. Hence the
introduction of "Customer Loyalty Cards" (yuch!!). Thereby allowing
them to bind purchases/times/locations => Credit card numbers =>
Physical customer addresses & therefore demographic data. Only in
this situation for Credit card number read Mondex card ID.

> Do you realise any ATM, and a lot of stores, have security camera's
> embedded? No, they wouldn't use that to link a person to a card,
> would they? That would be unethical...

No need. They have not only formed the link, but they are getting you
to fill in the damned form :)

> > How about "Stored Value Card"
> For Mondex, perfect. What about FV? And NetChex?

Don't know about these ones.

> About your perception of ecash: I admit that the blurp on our
server
> does not fully cover the system in such a way it is easy to
remember
> and explain.

Not at all. If you had asked me to explain the system while it was
still fresh in my mind, I would have had no trouble. It is very neat
and logical, but it is also pretty intricate. Apart from anything
else, I didn't feel it was necessary to hold on to the mental model
of how it works. I liked it. However, Mondex ...

>-- End of excerpt from Marcel van der Peijl

Cheers

Andy M







Thread