Sunday, September 28, 2014

The Coming Digital Currency Future

For digital currency on a personal electronic device (PED) to find widespread worldwide acceptance it must meet, at a minimum, the following requirements:

  • Invulnerability to theft.
  • Anonymous use (with allowances for law enforcement)
  • Easy and real time conversion to non-digital currency
  • Legal protection

Invulnerability to theft may seem to be unattainable, however if sufficient business processes exist, theft can become so hazardous to the perpetrators, that it simply will not be worth the attempt. Simple features such as user authentication function accepting two personal identification numbers, one for regular access to the stored value, and one that broadcasts a robbery is in progress. Payment applications revoke the user signature if the payee does not receive a transaction within a configurable period. Insurers restore funds (OK insurers will still be vulnerable to theft, but they are insurers, they will make more than they lose or will not be in the business) in a rare case of a successful attack (an attack is only successful if the attacker converts the digital funds to regular currency). Regular synchronization of the payment log with the insurer will limit friendly fraud and losses due to damaged or lost PED.

The possibility of anonymous use will attract the paying public away from card technology and will become a great draw for widespread acceptance of digital currency. All transferred values will require the signature of the payee, but the insurer and/or the FI that issued the value to the PED only need to know the real identity of the signer.

A typical payment application might give users a menu shown in Diagram 28.

Diagram 28 A Sample Menu for PED Digital Currency Application

Shoulder surfers might see the log displayed in Diagram 29 or exactly what the user intends.

Diagram 29 Example Payment Log

Secure, fast, and cheap means widespread acceptance by PED users. Unlimited deposited funds for unlimited time will attract the first issuers followed rapidly by their competitors. It cannot happen fast enough what with the flat footed response by payment industry to data scraping attacks and the loss of revenue by capped interchange fees. Will the last retailer using a point of sale, please turn out the lights.

Next Blog: A timed embezzlement attack

No comments:

Post a Comment