Electronic money (also called electronic cash or digital cash) is a term that is still fairly vague and undefined. It refers to transactions carried out electronically with a net result of funds transferred from one party to another. Electronic money may be either debit or credit. Digital cash per se is basically another currency, and digital cash transactions can be visualized as a foreign exchange market. This is because we need to convert an amount of money to digital cash before we can spend it, and the conversion process is analogous to purchasing foreign currency.
Pioneer work on the theoretical foundations of digital cash was carried out by Chaum [Cha83] [Cha85]. Digital cash in its precise definition may be anonymous or identified in nature. Anonymous schemes do not reveal the identity of the customer and are based on blind signature schemes (see Question 39). Identified spending schemes always reveal the identity of the customer and are based on more general forms of signature schemes. Anonymous schemes are the electronic analog of cash, while identified schemes are the electronic analog of a debit or credit card. There are other approaches payments can be anonymous with respect to the merchant but not the bank; or anonymous to everyone, but traceable (a sequence of purchases can be related, but not linked directly to the spender's identity).
Since digital cash is merely an electronic representation of funds, it is possible to easily duplicate and spend a certain amount of money more than once. Therefore, digital cash schemes have been structured so that it is not possible to spend the same money more than once without getting caught immediately or within a short period of time. Another approach is to have the digital cash stored in a secure device, which prevents the user from double spending.
Electronic money also encompasses payment systems that are analogous to traditional credit cards and checks. Here, cryptography protects conventional transaction data such as an account number and amount; a digital signature can replace a handwritten signature or a credit-card authorization, and public-key encryption can provide confidentiality. There are a variety of systems for this type of electronic money, ranging from those that are strict analogs of conventional paper transactions with a typical value of several dollars or more, to those (not digital cash per se) that offer a form of "micropayments" where the transaction value may be a few pennies or less. The main difference is that for extremely low-value transactions even the limited overhead of public-key encryption and digital signatures is too much, not to mention the cost of "clearing" the transaction with bank. As a result, "batching" of transactions is required, with the public-key operations done only occasionally.
Several Web pages surveying payment systems and other forms of electronic money are available, including the following:
<http://ganges.cs.tcd.ie/mepeirce/Project/oninternet.html> , by Michael Peirce
<http://www.w3.org/hypertext/WWW/Payments/roadmap.html> , by Phillip Hallam-Baker
<http://nii.isi.edu/info/netcheque/related.html>, part of the NetCheque project at the Information Sciences Institute (University of Southern California)
The following questions cover a few of the more recent and prominent
of these efforts, including IBM's iKP (see Question 139), MasterCard's
SEPP (see Question 140), Netscape's Secure Courier
(see Question 141),
and STT (see Question 142), which was developed by Microsoft and
Visa.