[Go to Part I]

The End of Ordinary Money, Part II:

Money Laundering, Electronic Cash, and Cryptological Anonymity

by J. Orlin Grabbe


It was bright lights and balmy action. Thomas Constantine, the head of the U.S. Drug Enforcement Administration (DEA), claimed we've entered a "new world order of law enforcement" [1]. He meant the cooperation of British, Italian, and Spanish authorities in setting up a fake bank in Anguilla, in the Caribbean. It was a sting to trap money launderers.

Like all pirate organizations, the group calculated success by the amount of booty seized. And this cleverly code-named "Operation Dinero" added $52 million, nine tons of cocaine, and a number of paintings (including works by Reynolds, Reuben, and Picasso) to official coffers. There were also 88 arrests. In many ways it was a great scam in classic DEA style: government officials got to keep the goods, while taxpayers got to pay for the incarceration of up to 88 people.

The British Foreign Office--those wacky guys who, you will recall, conveniently released a barrage of information about Nazis in Argentina at the outbreak of the Falklands (Malvinas) war, and who also helped coordinate Operation Dinero--have since made a propaganda video about this official foray into fraudulent banking. Among others it stars Tony Baldry, junior minister.

Be prepared for more of the same. The nine tons of coke should enable the British Foreign Office and the nosy DEA to burn the midnight oil for months to come, planning other booty-gathering raids and video thrillers. After all, the FATF report of 1990 encouraged international banking stings like this one. But it isn't just the pseudo-bankers you should worry about.

The Banker as Snitch: the Brave New World of Law Enforcement

One of the precepts of the Church of the Subgenius is: You will pay to know what you really think [2]. But in the world of money-laundering, you will pay your thankless banker to turn you in to the government. In 1993 a Federal judge in Providence, Rhode Island, issued the longest sentence ever given for a non-violent legal offense: he sentenced a man to 600 years in prison for money laundering. The individual was fingered by his Rhode Island bankers, who then cooperated with federal agents in building a case against him, even while the same bankers received fees for banking services.

American Express was recently fined $7 million for failing to detect money laundering, and agreed to forfeit to the U.S. Justice Department another $7 million. As part of the settlement, the bank will spend a further $3 million in employee education, teaching them recommended procedures for spying on customer transactions.

In a book about banker Edmond Safra [3], author Bryan Burrough notes: "To truly defeat money launderers, banks must know not only their own customers--by no means an easy task--but their customers' customers, and in many cases their customers' customers' customers." (p. x). And then, as part of an argument clearing Safra's Republic National Bank of money laundering charges, Burrough recounts how he visited the office of the Financial Crimes Enforcement Network (FinCEN) and talked with one of its top officials. The official said that, on the contrary, Republic had made "some solid suggestions about new ways the government could track dirty money" (p. xii).

Most have still not gotten the message that their banker is a spy. They are still stuck in yesterday's world, where legislation like the Right to Financial Privacy Act of 1978 allowed banks, on the one hand, to monitor their own records and inform the government when there were suspicious transactions in an account. On the other hand, the bank was prohibited from identifying either the account number or the account's owner. But the Privacy Act was effectively gutted by the Annunzio-Wylie Anti-Money Laundering Act of 1992, which gives protection from civil liability to any financial institution, director, officer or employee who makes a suspicious transaction report under any federal, state or local law. The latter Act essentially implies banks can reveal to the government any information they want to about their customers, without fear of prosecution. [4]

Money Laundering--What Is It, Anyway?

There's a specter haunting the international financial markets: the specter of crime by nomenclature, by theological semantics. To be sure, the faceless piece of transaction information that makes money "money"--a useful medium of exchange, whereby we exchange everything for it, and avoid the direct bartering of wheelbarrows for oranges--has been under attack before. The 60s brought us "euro"-dollars, and the 70s "petro"-dollars. Now we have "narco"-dollars, "terror"-dollars, and (who knows?) maybe "kiddie-porn"-dollars. For some of the data bits stored in banks' computers comprise "clean" money and others "dirty" money, the latter legalistically smitten with original sin.

As Yoga Berra might say, it's digital voodoo, all over again.

Since the governmental powers that be can't do much about drug-dealing or terrorism--if only because they themselves are the chief drug dealers and the chief terrorists- -they have transferred these and other (often alleged) sins to the money supply. And since every dollar is a potential "narco" dollar or "terror" dollar, they must track each one as best they can [5]. The fact that monetary monitoring has done nothing to diminish either drug-dealing or terrorism is treated of no importance, because it's all part of a larger game. All the players can easily see that this same financial tracking yields political side benefits in the form of social control and government revenue enhancement.

Anyone who has studied the evolution of money- laundering statutes in the U.S. and elsewhere will realize that the "crime" of money laundering boils down to a single, basic prohibited act: Doing something and not telling the government about it. But since the real Big-Brotherly motive is a Thing That Cannot Be Named, the laws are bogged down in prolix circumlocution, forming a hodge- podge of lawyerly fingers inserted here and there into the financial channels of the monetary system.

U.S. legislation includes the Bank Secrecy Act of 1970, the Comprehensive Crime Control Act of 1984, the Money Laundering Control Act of 1986, the Anti-Drug Abuse Act of 1988, the Annunzio-Wylie Anti-Money Laundering Act of 1992, and the Money Laundering Suppression Act of 1994. International efforts include the UN Convention Against Illicit Traffic in Narcotic Drugs and Psychotropic Substances of 1988; the Basle Committee on Banking Regulations and Supervisory Practices Statement of Principles of December 1988; the Financial Action Task Force (FATF) Report of April, 1990 (with its forty recommendations for action); the Council of Europe Convention on Laundering, Search, Seizure and Confiscation of Proceeds of Crime of September 8, 1990; the sixty-one recommendations of the Caribbean Drug Money Laundering Conference of June, 1990; the agreement on EC legislation by the European Community's Ministers for Economy and Finance of December 17, 1990; the Organization of American States Model Regulations on Crimes Related to Laundering of Property and Proceeds Related to Drug Trafficking of March 1992; and a tangled bouillabaisse of Mutual Legal Assistance Treaties (MLATs).

"Most economically motivated criminals always have wanted to appear legitimate," says attorney Kirk Munroe. "What is new is the criminalization of money laundering. The process itself now is a crime separate from the crime that produced the money" [6].

Money laundering is said to be the "process by which one conceals the existence, illegal source, or illegal application of income, and then disguises that income to make it appear legitimate" (emphasis added) [7]. Notice the word "existence." The sentence could be construed to mean that simply disguising the existence of income is money laundering. But whatever money laundering is, in practice U.S. law purports to detect it through the mandatory reporting of cash transactions greater than or equal to a threshold amount of US$10,000. For countries in Europe the figure ranges from ECU 7,200 to 16,000.

In the U.S., Section 5313 of the Banking Secrecy Act (BSA) requires a Currency Transaction Report (CTR) of cash deposits or transactions of $10,000 and above, which is IRS Form 4789, and a Currency Transaction Report by Casinos (CTRC), which is IRS Form 8362. Section 5316 of BSA also requires a Currency or Monetary Instrument Report (CMIR) for transport of $10,000 or more of currency in or out of the U.S. This is Customs Form 4790. Section 5314(a) of BSA requires reporting of foreign bank or financial accounts whose value exceeds $10,000 at any time during the preceding year. This is called a Foreign Bank Account Report (FBAR) and is Treasury form TDR 90-22-1. Section 60501 of the IRS Code requires the reporting of business transactions involving more than $10,000 cash. These are reported on IRS Form 8300.

Suppose you're an arms dealer in trouble and need a criminal lawyer. You've violated those pesky ITAR restrictions because you carried a copy of PGP on your portable computer when you drove over to Matamoros from Brownsville for the day, and you forgot to fill out those customs forms, and that girl you met said she just had to set up a secure channel to her cousin who works in Washington, D.C., as an undocumented maid for a potential Cabinet nominee . . . The lawyer charges a modest $200 an hour, so the first month you pay him $7,000 in cash. The next month you pay him $4,000 in cash. Under current U.S. law, the lawyer is required to report complete information about you, including the $11,000 total cash payment, on IRS Form 8300, and ship it off to the IRS Computing Center in Detroit, Michigan, within fifteen days of receiving the second payment (which put the total above the reporting threshold). Never mind if either you or your lawyer thinks filing such a form violates attorney-client privilege, the Sixth Amendment right to counsel, or the Fifth Amendment right to be free from self-incrimination. For if the report is not made, and the IRS finds out about it and penalizes and/or prosecutes your lawyer, the courts will most probably back up the IRS. [8]

The scope and arrogance of the money-laundering statutes knows no bounds. The Kerry Amendment to the Anti-Drug Abuse Act of 1988 demands that foreign nations must also require financial institutions to report deposits of US$10,000 or greater, and to make this information available to US law enforcement. Otherwise the President is directed to impose sanctions against non-cooperative countries. [9]

Having extended the concept of evil to a vaguely defined practice called "money laundering," and having put in a detection system to help trace it, the laws have proceeded to make evasion of the monitoring system evil also. This tertiary evil may be found in the practice of "smurfing" or "structuring," which is basically any method of spreading cash among accounts or across time to avoid the $10,000 reporting threshold. Structuring is defined in a 1991 amendment to the Bank Secrecy Act thusly: "Structure (structuring). . . . a person structures a transaction if that person, acting alone, or in conjunction with, or on behalf of other persons, conducts or attempts to conduct one or more transactions in currency in any amount, at one or more financial institutions, on one or more days in any manner, for the purpose of evading the reporting requirements . . . 'In any manner' includes, but is not limited to, the breaking down of a single sum of currency exceeding $10,000 into smaller sums, including sums at or below $10,000, or the conduct of a transaction or series of transactions, including transactions at or below $10,000. The transaction or transactions need not exceed the $10,000 reporting threshold at any single financial institution on any single day in order to constitute structuring within the meaning of this definition" [10].

And what does the government do with the information it collects? When your lawyer's Form 8300 reaches the IRS Computing Center in Detroit, it will be entered into the Treasury Financial Data Base (TFDB). Similarly, if you cross a U.S. border with more than $10,000 cash, you will fill out Customs Form 4790. This form will be sent off to customs' San Diego Data Center, and it too will eventually show up in TFDB. These and other forms will now be available on-line in the Treasury Enforcement Communications System (TECS II). The TFDB data will also be processed through the FinCEN Artificial Intelligence (AI) System, which is trained to identify suspicious transaction patterns.

So when you deal in cash, expect to give a note to the government, a crumb to the friendly FinCEN AI. But AI has a voracious appetite, so the reporting doesn't stop with cash. The heart of any modern monetary system is the digital transfer of electronic money through the telecommunication links among bank computers. Internationally, banks are connected by a computer messaging system operated by the Society for Worldwide Interbank Financial Telecommunication (SWIFT). Domestically, banks within a country use equivalents of the U.S. clearing systems operated by the Federal Reserve (Fedwire) and the Clearing House Interbank Payments System (CHIPS). A Federal Reserve Policy Statement of December 23, 1992 asks financial institutions to include (if possible) complete information on the sender and recipient of large payment orders sent through Fedwire, CHIPS and SWIFT. "Historically, law enforcement efforts to curtail money laundering activities have focused on the identification and documentation of currency-based transactions; however, recent investigations have focused on the use of funds transfer systems," the statement notes.

The focus on funds transfer brings in the resources of the U.S. National Security Agency (NSA). The NSA has been monitoring civilian communications ever since it installed IBM computers at Menwith Hill in the U.K. in the early 60s to keep track of international telex messages. NSA tentacles are now ensconced not only in transatlantic communications, but also in Pacific satellite transmissions, the regional Bell System offices, the SWIFT messaging system, the CHIPS clearing computers in Manhattan, and Fedwire. In addition, a satellite surveillance system picks up high frequency transmissions of specially constructed computer chips which are activated by certain types of transactions-oriented financial software. U.S. agencies are not alone in financial monitoring. As a trivial additional example, the Council of Europe has recommended Interpol be given access to SWIFT to assist in money-laundering detection [11].

PROMIS Land

When they hear the term "money laundering," many automatically think of Miami, London, Hong Kong, or Panama City. How about Arkansas? According to what Money Laundering Bulletin calls The Greatest Story Never Told, an "archive of more than 2000 documents . . . allege that western Arkansas was a centre of international drug smuggling in the early 1980s--perhaps even the headquarters of the biggest drug trafficking operation of all time" [12]. Perhaps that is why it was in Arkansas that modifications were made to the stolen PROMIS software system to enable it to spy on banking transactions. For where there are drugs, there must be money laundering, or so one can suppose. Curiously, however, some of the same set of characters were apparently involved on all sides: in drug running, money laundering, and also in the theft and modification of the PROMIS system. (I will leave it to someone with more money, guns, and lawyers than I have to bring that part of the story to light, and will not pursue it further here.)

The PROMIS software was created by the Washington, D.C.-based software company Inslaw for a single purpose: to track people. It was initially designed for the use of federal prosecutors. Want to know who the judge was on a particular case? Ask PROMIS. Now want to know all the similar cases that same judge has heard? Ask PROMIS again. How about all the accused money launderers a particular attorney has defended? And so on. But after the Justice Department acquired the PROMIS software by "trickery, deceit, and fraud," and installed it in most of its regional offices, the system was modified and sold to foreign intelligence organizations, then modified again and sold to banks.

To see the relationship among these different uses, apparently diverse as they may appear, consider the following items of information about Joe Blowup who lives in Sacramento:

  • Item 1: Monday, June 3. Master Charge record of payment by Joe Blowup for lunch at the Cliff House in San Francisco.

  • Item 2: Wednesday, June 5. Motor vehicle records show an automobile registered to Joe Blowup is involved in a minor accident in Barstow.

  • Item 3: Saturday, June 8. Check for $3,000 made out to Pierre "C-4" Plastique is deposited in Pierre's account in Glendale Federal Savings, and clears against Joe Blowup's First Interstate account in Sacramento on Tuesday, June 11.

Who might be interested in this computer-sorted chronology?

Firstly, anyone wanting to track Joe Blowup's movements. He was in San Francisco on Monday and in Barstow on Wednesday. The sequence also generates obvious questions for further investigation. Did he meet Pierre in Barstow and give him the check there, or did he drive on to Los Angeles? What is the check payment for? And who did Joe Blowup have lunch with in San Francisco? In order to generate relevant questions like these, federal agents, spies, and other detectives all want a copy of this neat software.

Secondly, banks and other financial institutions. Notice that, in fact, most of the information is financial. That's because financial institutions keep carefully detailed transaction records, and over the years they've become increasingly sophisticated in doing so. There is nothing nefarious in this per se. If I go to a bank to get a loan, the bank has a right to make an evaluation as to whether I will repay it. They are principally concerned with 1) ability to pay, and 2) willingness to pay--and to make this evaluation, they rely on current and historical information. In the example here, none of the items is of interest to banks, unless that accident in Barstow created a financial liability which would affect Joe Blowup's ability to repay other loans. But if the (modified) PROMIS software organizes banking transactions in a nice way, then banks want a copy of it also.

Thirdly, tax authorities. Do Joe Blowup's financial records indicate a pattern of rather more income than he has been reporting? Or, in the case of doubt (and this is the fun part), is there a record of assets the IRS can seize in the meantime? The IRS wants a copy of the software so they can better understand Joe Blowup's--and your--spending patterns, even though present IRS files already put private credit bureaus like TRW and Equifax to shame.

In the decade of the 1980s, intelligence organizations around the world salivated over the ability of the PROMIS software to track terrorists, spies, political opponents, and attractive models. Aside from distribution to almost all the U.S. three-letter agencies, PROMIS was sold to intelligence organizations in Canada, Israel, Singapore, Iraq, Egypt, and Jordan among others. In addition, the DEA, through its proprietary company, Eurame Trading Company Ltd. in Nicosia, Cyprus, is said to have sold PROMIS to drug warrior agencies in Cyprus, Pakistan, Syria, Kuwait, and Turkey. PROMIS was also converted for use by the British Navy in connection with its nuclear submarine intelligence data base. [13]

But there was more to these sales than the simple desire of the cronies of Ed Meese and Hillary Clinton to make a fast buck, important as the latter motive may be. The sale was itself an intelligence operation. As former Attorney General Elliot Richardson noted, "One important motive for the theft of Enhanced PROMIS may have been to use it as a means of penetrating the intelligence and law enforcement agencies of other governments. The first step in this scheme was the sale to the foreign government of a computer into which had been inserted a microchip capable of transmitting to a U.S. surveillance system the electronic signals emitted by the computer when in use. Enhanced PROMIS has capabilities that make it ideally suited to tracking the activities of a spy network. Several INSLAW informants formerly affiliated with United States and Israeli intelligence agencies claim that both the United States and Israel have relied on 'cutout' companies to provide ongoing support for the PROMIS software" [14]. Of course, what can be done with foreign intelligence computers can also be done with banking computers, and at least one of these "cutout companies" is a major provider of banking software. [15]

The Gathering Storm

All of these efforts--the legal reporting mechanisms, the spying by bankers, and the supplementary activities of organizations like FinCEN, NSA and Interpol--fly in the face of a contrary technological and social development: anonymous digital cash made possible by advances in cryptology.

The principal opponents of any contemplated system of encrypted digital cash are the money-laundering laws and the Leviathan that feeds off them. The edicts against money- laundering represent a broader attempt to make all financial transactions transparent, while the aim of anonymous digital cash is to keep financial activities private. People-monitoring systems such as those utilizing PROMIS track individuals by the electronic trails they leave throughout the financial system. But anonymous digital cash is specifically designed to make such tracks virtually invisible.

Money laundering, Barry A. K. Rider frankly offers as a definition, "amounts to a process which obscures the origin of money and its source" [16]. On that basis, the pursuit of anonymity in financial transactions is money laundering.

At the beginning of the 90s, money laundering was an offense in only four states of the (then) twelve members of the European Union. Now all twelve have a law making it a crime. In a scramble to justify continued large budgets, intelligence organizations have hopped on the anti-money- laundering bandwagon. The U.K. intelligence service MI5, in an attempt "to justify its existence after reviewing its future in the light of a probable reduction in counter-terrorist operations in Northern Ireland," has been "pressing for a change in the law which would see it involved in countering drug-trafficking, money laundering, computer hacking, nuclear proliferation and animal rights groups--a far cry, say police, from its original remit to 'protect national security' " [17]. Even accountants are getting in on the act. The Institute of Chartered Accountants in Australia has issued "a set of guidelines on money laundering, including a recommendation that client confidentiality take second place to public interest if an accountant suspects laundering is occurring" [18].

So the coming battle over financial footprints is inevitable, and perhaps inevitably bloody. But in the end it is the money-laundering regulations that will have to go. Firstly, advances in the technology of anonymity are putting financial privacy within the reach of everyone. Secondly, there is a growing awareness that the existing laundering statutes have little or no effect on terrorism or drug dealing, but instead are related to an upswing in government- sponsored harassment of targeted political groups.

Electronic Finance 101

Many of the basic features of electronic cash-- variously referred to as "ecash", "digital cash", "digital money", and so on--may sound novel to those unfamiliar with the financial markets. But much of the financial system is already on an electronic basis, and has been so for years.

To see why, consider the foreign exchange market [19]. This is a largely interbank market for trading the currency of one country for the currency of another: dollars for pounds, dollars for yen, and so on. But if I, as an interbank trader, sell U.S. dollars for British pounds, what are the actual logistics of the transfer? Consider the problems that would be imposed by a cash-based market. The standard transaction size in the foreign exchange market is an amount of currency equivalent to US $1 million. A US $20 bill weighs about 1 gram. So, if transacted in cash, the $1,000,000 (50,000 bills) would weight approximately 50 kilograms or 110 pounds. Imagine the cost involved in such a transaction if in order to sell dollars for pounds I had to fill up a suitcase with $20 bills, lug the 110-pound suitcase to a Manhattan taxi, take a long ride to Kennedy Airport, fill out a CMIR form and check my baggage, arrive at Heathrow seven hours later, retrieve my baggage, go through customs, and catch a cab to the appropriate British bank in central London. Once there I would pick up the equivalent in pounds sterling and reverse the whole process.

There's a problem with this scenario: transactions costs. Anyone trying to change dollars into pounds will go to some other bank where he doesn't have to pay for my plane tickets and cab fares, not to mention my courier salary and that lunch I had at the Savoy before I headed back to New York.

(In the present markets for cocaine and heroin it is hard to reduce transactions costs, because the weight of the drugs is less than the weight of the cash proceeds. In the early 80s, cash bills were actually loaded into suitcases and moved around. To save time and money, however, the cash wasn't counted. After a spot check of bills for denomination and authenticity, the suitcases were simply weighed to determined the total value. This measurement was accurate to within a few dollars--close enough. But foreign exchange trading isn't illegal and doesn't, and can't, happen this way.)

To see how international money transfers really work, consider the case of a Greek immigrant, who has opened a restaurant in Boston, has made a little money, and wants to send some cash to the folks back home. In earlier days he probably would have gone down to the Western Union office and handed the attendant cash to "wire" to his mother in Athens. The Western Union office in Boston would put the cash in its safe, or perhaps deposit it in a Boston bank, and would meanwhile send a message to the Athens office: "Give so-and-so X dollars" (or, more likely, "Y drachmas"). That is, the cash received was not the same as the cash sent. All that was sent was a message. But no one cared, because cash itself is fungible: the dollar that is taken out is interchangeable with, but not the same as, the dollar that was put in. The bills are also not registered: no particular name is associated with any particular serial number.

In this example, bills were put into the safe at one end of the transaction, and different bills were taken out at the other. Consider now a slight modification to this scenario: Eurobond trading. Eurobonds are generally placed in the depository systems operated by Euroclear in Brussels or Cedel in Luxembourg. Once bonds are in the vault, they generally stay there, because of transactions costs. If a trader in Frankfurt sells a GM eurobond with a coupon of 7 1/8 percent and maturing in 2012 to a trader in London, they both send messages to Euroclear. Euroclear compares the two set of instructions, checks the cash balance of the London trader, then switches the computer label of ownership of the bond to the London trader, and the ownership of the requisite cash to the Frankfurt trader. Again, however, the bonds are not registered, and are fungible within the parameters of a particular issue. There may be several thousand GM eurobonds with a coupon of 7 1/8 percent and maturing in 2012, and the London trader owns one of them, but his ownership is not attached to a particular bond serial number. [20]

This is pretty much the way the foreign exchange market works. If a New York bank deals dollars for deutschemarks with a London bank, they send each other confirmations through SWIFT. Then the New York bank will turn over a dollar deposit in New York to the London bank, while the London bank will turn over a deutschemark deposit in Frankfurt to the New York bank. The Frankfurt bank simply switches the name of the owner of the deutschemarks from the London bank to the New York bank. The New York bank now owns X-number of fungible, unregistered (but completely traceable) deutschemarks at the Frankfurt bank.

"I remember my shock when I learned that the fastest way for two banks in Hong Kong to settle a dollar transaction was to wire the money from Hong Kong to New York and back again," said Manhattan assistant district attorney John Moscow [21]. He was shocked because he didn't understand how the process works. The "wired" dollars were sitting in New York all along as numbers in a bank computer, originally labeled as owned by the first Hong Kong bank. After the transaction is completed, they are still in the same place, but labeled as owned by the second Hong Kong bank. There is nothing mysterious about this at all.

Now let's modify the basic scenario again: Yankee bond trading. Yankee bonds are dollar-denominated bonds issued by non-U.S. citizens in the U.S. bond market. Yankee bonds are registered. If you buy a bond, your name is attached to a particular bond with a particular serial number. If someone steals the bond, he will not be able to receive interest or principal, because his name is not attached to the bond serial number. So when Yankee bonds are traded, the seller's name is removed from the serial number of the bond being sold, and the buyer's name is attached.

To this point we have talked about things that potentially exist in physical form. I can take a bond out of the vault, or I can cash in my electronic deutschemarks for printed bills. The final modification to these various scenarios is to get rid of the physical paper entirely. Such purely electronic creatures already exist: U.S. Treasury bills- -short-term debt instruments issued by the U.S. government. You buy, for example, a $10,000 T-bill at a discount, and it pays $10,000 at maturity. But you don't see printed T-bill certificates, because there aren't any. T-bills are electronic entries in the books of the Federal Reserve System. You can trade your T-bill to someone else by having the Fed change the name of the owner, but you can't stuff one in your pocket. You can "wire" your T-bill from one bank to another, because the "wire" is just a message that tells the Federal Reserve bank to switch the name of the owner from one commercial bank to another.

Smart and Not-So-Smart Cards

In the previous section we saw that most of the financial system is already on an electronic basis. And we understand that "wiring" money doesn't at all correspond to the mental image of stuffing bills down an electrical wire or phone line. To bring this story closer to home, let's consider how most of us use a computer and a modem on a daily basis to make financial transactions. Even if we don't own a computer. Or a modem. Let's talk about smart and dumb cards--ATM cards, credit cards, phone cards, and much more.

Some "smart cards" have microprocessors and are actually smart (and relatively expensive). They are really computers, but missing a keyboard, video screen, and power supply. Others, such as laser optical cards and magnetic stripe cards, are chipless and only semi-smart.

Laser optical cards are popular in Japan, and can hold up to 4 megabytes of data--enough for your tax and medical files and extensive genealogical information besides. The cards are a sandwich, usually a highly reflective layer on top of a nonreflective layer. A laser beam is used to punch holes through the reflective layer, exposing the nonreflective layer underneath. The presence or absence of holes represents bits of information. A much weaker laser beam is then used to read the card data. You can later mark a file of information as deleted, or turn it into gibberish, but you can't reuse the area on the card.

Magnetic stripe cards, popular everywhere, doesn't hold much information. An ATM card is one example. Data is recorded on the magnetic stripe on the back of the card similar to the way an audio tape is recorded. There are three tracks--the first of which is reserved for airline ticketing [22]. This track holds up to 79 alphanumeric characters including your name and personal account number (PAN). The ATM doesn't actually use the first track for transactions, but it may read off your name, as when it says, "Thank you, Joe Blowup, for allowing me to serve you." The second track contains up to 40 numerical digits, of which the first 19 are reserved for your PAN, which is followed by the expiration date. The third track will hold 107 numerical digits, starting again with your PAN, and perhaps information related to your PIN (personal identification number, or "secret password"), along with other information, all of which potentially gets rewritten every time the track is used.

The ATM machine into which you insert your card is itself a computer. The ATM typically has both hard and floppy drives, a PC mother-board which contains the microprocessor, and a power supply--as well as drawers for deposits, cash, and swallowed cards. If the ATM is "on-line" (i.e. one that is connected to a distant central bank computer, which makes all the real decisions), then it also has a modem to communicate over phone lines with the central computer. When you make a request for cash, the ATM machine compares your password to the one you entered. If they are the same, it then takes your request and your PAN, encrypts (hopefully) the information, and sends it on to the central computer. The central computer decrypts the message, looks at your account information, and sends an encrypted message back to the ATM, telling it to dispense money, refuse the transaction, or eat your card.

In between the ATM and the authorizing bank is usually a controller, which services several ATMs. The controller monitors the transaction, and routes the message to the correct authorization processor (bank computer). Some transactions, for example, will involve banks in different ATM networks, and the transaction will have to be transferred to a different network for approval. The controller would also generally monitor the status of the different physical devices in the ATM--to see that they are operating properly and that the ATM is not being burglarized.

Consider some of the security problems in this framework. The first duty of the local ATM is to verify you've entered the correct PIN. A typical way of doing this is to recreate your PIN from your card information and then to compare it to the one you entered.

Here is a general example of how PINs are created (there are many variations). The bank first chooses a secret 16-digit "PIN key" (PKEY). This key will be stored in the ATM's hardware. The PKEY is then used as a DES- encryption key to encrypt 16-digits of your account number, which the ATM reads off your card. The result of the encryption is a 16-digit hexadecimal (base 16) number. Hexadecimal numbers uses the digits 0 to 9 and also the letters A to F (the latter standing for the decimal numbers 10 to 15). Next a table is used to turn the 16-digit hexadecimal number back into a 16-digit decimal number [23]. The first four numbers of the resulting 16-digit number are the "natural PIN". (If you are allowed to choose your own PIN, a four digit "offset" number is created, and stored on the third track of your ATM card. This offset will be added to the natural PIN before it is compared to the one you entered at the ATM keyboard.)

Since this comparison between the natural and entered PIN is done locally in the ATM hardware, the customer's PIN is not transmitted over phone lines. This makes the process relatively more secure, assuming no one knows the PKEY. But if an evil programmer knows the PKEY, he can create a valid PIN from any customer's account number. (Customer account numbers can be found by the hundreds on discarded transaction slips in the trash bin.) He can easily and quickly loot the ATM of its cash contents.

The security problems worsen when the ATM gets a "foreign" card. A foreign card is essentially any card from any bank other than the one that runs the ATM. The local ATM does not know the PKEYs of these other banks, so the PIN which is entered at the ATM must be passed on to a bank that can authorize the transaction. In this process, the account number and PIN will be encrypted with a communication key (COMKEY), and then passed from the ATM to the ATM controller. Next the account number and PIN will be decrypted at the controller, and then re-encrypted with a network key (NETKEY) and sent on to the proper bank.

Foreign PINs give the evil programmer three additional possibilities for defeating security. The first way is to get hold of the COMKEY. He then taps the line between the ATM and the controller, and siphons off account number/PIN pairs. A second possibility is to get access to the controller, because the account number/PIN pairs may be temporarily in the clear between encryptions. The third possibility is to obtain the NETKEY, and tap the line between the controller and the foreign network. [24]

The COMKEY and NETKEY are generally transmitted over phone lines, so the chances of acquiring them are pretty good. These two encryption keys are themselves usually transmitted in an encrypted form, but the keys used to encrypt them are sometimes sent in the clear. Thus while banks are generally somewhat careful with their own customers, they are often quite helpful in giving rip-off artists access to the customers of other banks. The evil programmer simply reads off the encryption keys, uses them to decrypt the COMKEY and NETKEY, which are in turn used to decrypt account numbers and PINs.

The way to solve these security problems is to use smart cards and public key cryptography. Banks can transmit their public keys in the open without worrying about evil wire-tapping programmers. Customer messages encrypted with a bank's public key can only be decrypted with the bank's private (secret) key. Digital cash issued by the bank can be signed with the bank's private key, and anyone will be able to check that the cash is authentic by using the bank's public key. In addition, the bank will not be able to repudiate cash signed in this way, because only the bank had access to its own secret key. Communications between ATM machines and bank computers can also take place with randomly-generated encryption keys that can be determined by each of the two parties, but which cannot be discovered by someone who listens in on both sides of the traffic. [25]

Are Smart Cards the Mark of the Beast?

Besides optical and magnetic stripe cards, there are two types of "chip" cards. Chip cards are basically any cards with electronic circuits embedded in the plastic. One type of chip card, called a memory (or "wired logic") card, doesn't have a microprocessor and isn't any smarter than the cards we discussed previously. Prepaid phone cards are of this type. They may have about 1K of memory, and can execute a set of instructions, but can't be reprogrammed.

Then there are the truly smart cards that have a microprocessor and several kilobytes of rewritable memory. Smart cards allow for greatly increased security, since access to their data is controlled by the internal microprocessor. And there can be built-in encryption algorithms. This versatility has made smart cards controversial.

The negative reputation arises from certain cases where smart cards were imposed by force, as well as from smart-card storage of biometric data. The use of smart cards became a prerequisite for Marines to receive paychecks at Parris Island, S.C. Finger-print based smart-card ID systems were implemented by the Los Angeles Department of Public Social Services and the U.S. Immigration and Naturalization Service. The "Childhood Immunization" bill, introduced by Sen. Ted Kennedy (D-MA), would have tracked vaccination of all children under six years of age, together with at least one parent, across geographical areas through smart cards Access control at the U.S. Department of Energy Hanford Site requires smart card badges which store the cardholder's hand geometry. Security access through retinal scan patterns stored in smart card memory have been tested at the Sandia National Laboratory.

Visa recently announced plans for creating an "electronic purse." The purse would be a reloadable spending card. You would charge the card up at an ATM machine, where it would suck some cash value out of your account, and store it in memory. You would then use the card instead of cash to make small purchases. Visa is attracted by the estimate that consumer cash transactions in the U.S. are about five times the size of bank-assisted transactions (those that use checks, credit cards, and debit cards). Visa has been joined in this endeavor by a consortium that includes VeriFone, the leading supplier of point-of-sale transaction systems, and Gemplus, the leading manufacturer of smart cards.

There may be increased security in the use of an electronic purse, but it is not clear how replenishing one's card balance at an ATM is any more convenient for the user than getting cash at an ATM. Since Visa is not advertising the privacy aspects of electronic purse payments, one must assume this feature was omitted in the planning. Hence a cynic could conclude that the "electronic purse" is little more than a Rube Goldberg device which, by substituting for cash, will create a better set of PROMIS-type transaction records.

These and other examples suggest possible uses of smart cards for more general surveillance and social control. The truly paranoid envision the use of a single smart card for every financial transaction, medical visit, and telephone call. This information would be sent directly to a common PROMIS-like data base, which would constitute a record of all your activities. In addition, "your card could be programmed to transmit its identification code whenever you use it. So you (or your card, anyway) could be instantly located anywhere on earth via the satellite-based Global Positioning System" [26].

But smart cards don't have to be used this way. Recall that mainframe computers once appeared destined to turn the average citizen into Organization Man, a creature to be folded, spindled and mutilated in lieu of IBM's punched cards. The advent of the personal computer, however, showed the same technology could be a tool of individual freedom and creativity.

There is nothing intrinsically evil in storing a great deal of information about ourselves, our finances, and our current and future plans. That is, after all, exactly why some of us carry around portable computers. But in this case the use of the computer is voluntary, and we ourselves control both access to, and the content of, the information. The same principle applies to smart cards. It is smart cards more than any other aspect of banking technology, I believe, that will allow for financial privacy through cryptology, for anonymous and secure digital cash transactions. It's simply a matter of taking control of the technology and using it to enhance personal freedom.

Electronic Cash the Way It Ought To Be

Suppose we had it our way. Suppose we sat down to create digital cash that had all the right properties. What would these be? Think of the attractive properties of currency--physical cash. [27]

1) Physical cash is a portable medium of exchange. You carry it in your pocket to give to people when you make purchases. The digital equivalent of this process could be provided by smart cards, which would have the mobility of physical cash and even improve on it. The weight of $1,000,000 in digital money is the same as the weight of $1.

2) You would want the ability to make digital cash payments off-line, just like you can with physical cash. A communication link between every store you shop at and your bank's authorization computer shouldn't be required. Moreover, if digital cash is to have all the desirable qualities of physical cash, you should be able to transfer digital cash directly to another smart-card-carrying individual. Smart cards that could connect directly to other smart cards would be ideal in this respect, and would represent an improvement over physical cash. Even if everyone observed two smart cards communicating, they would have no way of knowing whether the transaction involved $5 or $50,000. There would be no need to slide money under the table.

3) Digital cash should be independent of physical location--available everywhere and capable of being transferred through computer and other telecommunication channels. So we want a smart card that can jack into the communication nodes of the global information network. One should be able to pop into a phone booth to make or receive payments.

4) Got change for a dollar for the quarter slots in the pool table? Just as we "make change" or divide physical currency into subunits, so should electronic cash be divisible. Is this a problem? Hmm. Electronic calculators can perform an operation know as division, and so can third-graders. So smart cards ought to be able to handle this also, even if it presents a few difficulties for theoretical cryptology.

5) To be secure against crooks and rip-off artists, digital cash should be designed in such a way that it can't be forged or reused. We wouldn't want people spending the same money twice, or acting as their own mini-Federal Reserve Systems and creating money from nothing. This cryptological problem is different between on-line and off- line cash systems. In on-line systems the bank simply checks whether a piece of cash has been spent before.

Proposed off-line systems rely on a framework developed by David Chaum. Chaum has been the preeminent cryptological researcher in the field of digital cash [28]. In his framework for off-line systems, one can double-spend the same piece of digital cash only by losing one's anonymity. This has considerable value, because the bank or the person defrauded, knowing the identity of the devious double- spender, can send out a collection agent.

But I consider this way of enforcing the "no double- spending" rule a serious flaw in Chaum's framework. Catching thieves and rip-off artists is not the comparative advantage of either banks or the average citizen. (Banks are usually only good at providing transactions services, and charging interest and fees.) Would you really want to see, say, The First Subterranean Bank of Anonymous Digital Cash merge with the Wackenhut Corporation? Luckily, however, there are alternative approaches that will prevent double-spending from ever taking place [29].

6) The most important requirement for individual freedom and privacy is that digital cash transactions should be untraceable, yet at the same time enable you to prove unequivocally whether you made a particular payment. Untraceable transactions would make impossible a PROMIS- type data sorting of all your financial activities. In Joe Blowup's financial chronology, discussed previously, you wouldn't be able to connect Joe Blowup's name to any of his purchases. Similarly, no one would know about the money you wired to Lichtenstein, your purchase of Scientology e- meters and the banned works of Maimonides, or your frequent visits to the Mustang Ranch. Privacy-protected off- line cash systems can be made nearly as efficient as similar systems that don't offer privacy.

Parallel Money Systems

To set up a digital cash service meeting these requirements, you would need to buy the rights to use patents held by David Chaum and RSA, or equivalent rights, and then set up a bank to issue accounts and smart cards in a legal jurisdiction where the service won't run foul of the local banking and money-laundering laws. Of course, in many other countries the money-laundering statutes will be quickly amended in an attempt to apply the same reporting requirements to anonymous digital cash transactions as currently apply to currency transactions. Such laws will probably generate little compliance. [30] Since the transactions in question are unconditionally untraceable, there won't be any evidence of wrong-doing.

The system of anonymous digital cash will arise as a parallel system to the existing one of ordinary money. Therefore there will be a record of the initial entry into the anonymous system. For example, you might write a $10,000 check drawn on Citibank to The First Subterranean Bank of Anonymous Digital Cash. This check will be recorded, but no subsequent transactions will be traceable, unless you make transfers back out into the ordinary banking world. Over time, as more people begin to use the anonymous cash system, some wages will be paid in anonymous digital cash. This will enable all income transactions, as well as expenditures, to take place entirely outside the ordinary monetary system.

Since the anonymous cash system will exist parallel to the existing system, a floating exchange rate will be created by market transactions between ordinary money and anonymous money. Think, by analogy, of a currency board. Such a board issues domestic currency through the purchase of foreign "hard" currencies. In the same way, anonymous digital cash will be issued through the purchase of ordinary cash or bank deposits. That is, when you make a deposit at The First Subterranean Bank of Anonymous Digital Cash, First Subterranean will issue you an anonymous digital cash account, and will in turn acquire ownership of the ordinary money. The exchange ratio will not necessarily be one-for- one. Anonymous digital cash that does not meet some of the ease-of-use requirements listed previously may exchange for less than 1 ordinary dollar. On the other hand, digital cash that meets all those requirements will trade at a premium, because anonymous digital cash has enhanced privacy aspects. Money launderers, for example, currently get about 20 percent of the value of money that is made anonymous. That represents an exchange rate of 1.25 "dirty" dollars for one "clean" dollar. The market will similarly determine the exchange ratio between ordinary and anonymous digital money.

In the 1960s various tax and regulatory burdens, and political risk considerations, gave rise to a new international money market, the eurodollar market, which was created specifically to get around these regulatory and political road- blocks [31]. When a junior staff member of the Council of Economic Advisors named Hendrik Houthakker discovered the eurodollar market's existence, he thought it was an important development, and recommended that some discussion of it be included in the annual Economic Report of the President. "No, we don't want to draw attention to it," he was told. When Houthakker himself later became a member of the Council under Nixon, he made sure the Report included a discussion of the euromarkets. But it was only much later, in the mid-70s, that the Report said, in a burst of honesty: "The emergence and growth of the Eurodollar market may be viewed as a classic example of free market forces at work, overcoming obstacles created by regulations, and responding to market incentives to accommodate various needs" [32].

In a similar way it will be said in some future Report, that "the emergence and growth of anonymous digital cash may be viewed as a classic example of free market forces at work, overcoming obstacles created by surveillance technologies and money-laundering regulations, and responding to market incentives to accommodate the public's need for financial privacy."

Go to Part I of this article.


Footnotes

[1] Quoted in Money Laundering Bulletin, January 1995, p. 3.

[2] Some may view this as a trade secret of the Church of the Subgenius, so let me cite two sources of publicly available information. Firstly, I heard it in a sermon by David Meyer, Pope of All New York, at the Kennel Club in Philadelphia in the fall of 1985. Secondly, it is similarly proclaimed in Subgenius Recruitment Tape #16, which may be rented from Kim's Video in the East Village of Manhattan.

[3] Bryan Burrough, Vendetta: American Express and the Smearing of Edmond Safra, HarperCollins, New York, 1992.

[4] Sec. 1517 (c) states: "Any financial institution that makes a disclosure of any possible violation of law or regulation or a disclosure pursuant to this subsection or any other authority, and any director, officer, employee, or agent of such institution, shall not be liable to any person under any law or regulation of the United States or any constitution, law, or regulation of any State or political subdivision thereof, for such disclosure or for any failure to notify the person involved in the transaction or any other person of such disclosure."

[5] "A completely cashless economy where all transactions were registered would create enormous problems for the money launderers" (emphasis added), Report of the Financial Action Task Force on Money Laundering, Paris, February 7, 1990.

[6] Kirk W. Munroe, "Money Laundering: the Latest Darling of the Prosecutor's Nursery," law firm of Richey, Munroe & Rodriguez, P.A., Miami, FL, 1994.

[7] President's Commission on Organized Crime, The Cash Connection: Organized Crime, Financial Institutions, and Money Laundering, U.S. Government Printing Office, October 1984. This definition is certainly more coherent than Michael Sindona's circular statement that "laundering money is to switch the black money or dirty money . . . to clean money."

The U.S. definition of money laundering is found in 18 U.S.C. 1956, which was enacted in 1986, and strengthened in 1988, 1990, and 1992. It sets out three categories of offenses: transaction offenses, transportation offenses, and "sting" offenses.

Transaction Offenses: It is a money laundering transaction crime for any person to conduct, or to attempt to conduct, a financial transaction which, in fact, involves the proceeds of specified unlawful activity, knowing that the property involved in the transaction represents the proceeds of some crime, and, while engaging in the transaction, with either a) the intent to promote the carrying on of the specified unlawful activity, or b) the intent to commit certain tax crimes, or with the knowledge that the transaction is designed at least in part a) to conceal or disguise the nature, location, source, ownership, or control of the proceeds, or b) to avoid a cash reporting requirement.

Transportation Offenses: It is a money laundering transportation crime for any person to transport, transmit or transfer, or to attempt to transport, transmit or transfer, a monetary instrument or funds into or out of the U.S., and, while engaging in the act, with either a) the intent to promote the carrying on of specified unlawful activity, or b) the knowledge the monetary instrument or funds represent the proceeds of some crime, and the knowledge that the transportation, etc., is designed, at least in part, (i) to conceal or disguise the nature, location, source, ownership, or control of the proceeds, or (ii) to avoid a cash reporting requirement.

"Sting" Offenses: It is a money laundering crime for any person to conduct, or to attempt to conduct, a financial transaction which involves property represented to be the proceeds of specified unlawful activity, or property used to conduct or to facilitate specified unlawful activity, said representation being made by a law enforcement officer or by another person at the direction of, or with the approval of, a federal officer authorized to investigate or to prosecute Section 1956 crimes, and, while engaging in the transaction, with the intent to a) promote the carrying on of specified unlawful activity, or b) conceal or disguise the nature, location, source, ownership, or control of the property believed to be the proceeds of specified unlawful activity, or c) avoid a cash reporting requirement.

[8] See Samuel J. Rabin, Jr., "A Survey of the Statute and Case Law Pertaining to 26 U.S.C. 60501 (Forms 8300)," in Money Laundering, Asset Forfeiture and International Financial Crimes, by Fletcher N. Baldwin, Jr., and Robert J. Munro, 3 vols., Oceana Publications, New York, 1994.

[9] Section 4702 of P.L. 100-690.

[10] 31 C.F.R. 103.11(p) (1991).

[11] "The means should, in fact, include access by Interpol to the telecommunications system SWIFT . . .," Draft Explanatory Report on the Convention on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime," September 8, 1990.

[12] Money Laundering Bulletin, March 1995, p. 3.

[13] U.S. Congress, Committee on the Judiciary, The Inslaw Affair, House Report 102-857, September 10, 1992.

[14] Memorandum to Judge Nicholas Bua from Elliot Richardson, p. 34. The NSA, naturally, is not acknowledging the existence of such a chip, much less providing technical information. But in order to avoid detection of the chip's transmission signal by the organization being spied upon, the chip would be designed so its broadcast would be masked by the general--or some characteristic--electronic noise of the computer. This could imply a low-probability-of-interception digital spread spectrum (SS) communication system with a broad bandwidth, perhaps with a transmission frequency in the range of 1 to 10 gigahertz. As a related example of this technique, a "low level wideband SS signal, can easily be hidden within the same spectrum as a high power television signal where each signal appears to be noise to the other" ("Spread Spectrum Techniques," in Geoff Lewis, Newnes Communications Technology Handbook, Oxford, 1994). The broadcast power requirements of such a chip would not be large, but rather similar to a walkie- talkie's. The information broadcast by the chip could then either be monitored locally and re-transmitted to satellite, or transmitted directly to a geosynchronous signals-collection satellite such as Magnum. The Magnum and other U.S. spy satellites are operated by the Air Force on behalf of the National Reconnaissance Office, while NSA does the signal processing. (I am grateful to John Pike, Director of Space Policy & CyberStrategy Projects, Federation of American Scientists, for advice on the information in this footnote. He is not responsible for any errors or the specific content of any statement.)

[15] I have in mind an NSA operation. But after Part I of The End of Ordinary Money was circulated, the CIA approached my own former company (which sells banking software) and proposed that it provide cover for their agents to enter foreign banks. The CIA also separately offered to pay $100,000 for the customer list of a particular bank among the Swiss big four.

[16] Barry A. K. Rider, "Fei Ch'ien Laundries--the Pursuit of Flying Money," in Money Laundering, Asset Forfeiture and International Financial Crimes.

[17] Money Laundering Bulletin, April 1995, p. 2.

[18] Ibid, p. 4.

[19] Details of the foreign exchange, eurocurrency, and eurobond markets are covered at length in J. Orlin Grabbe, International Financial Markets, 3rd edition, Simon & Schuster, New York, 1995.

[20] Eurobonds are bearer bonds. So if you have the bond in your pocket, you own it, in the same way you own the dollar in your pocket. The same goes for interest coupons--they are to be paid to bearer. Most eurobond-issuing companies pay interest to Euroclear, which distributes the payments to the owners of the bonds stored in its depository vaults. But the companies are afraid that if the bonds are stolen, they will have to pay the same coupons again. Hence they insist coupons be clipped and destroyed as they are paid. When I visited Morgan Guaranty (which operates Euroclear) in Brussels in 1982, there were 20 employees whose full-time job was clipping coupons.

[21] John W. Moscow, "The Collapse of BCCI," in Money Laundering, Asset Forfeiture and International Financial Crimes.

[22] Details of the card size, layout, coding, and recording are laid out in ISO standards 7810 to 7813. The first track is sometimes called the International Air Transport Association (IATA) track, the second the American Bankers Association (ABA) track, and the third the Mutual Institutions National Transfer System (MINTS) track.

[23] This may be as simple as assigning the numbers 0 to 5 to the letters A to F. If this assignment is made, the probability is three-fourths that a digit in the resulting decimal number is one of 0 to 5, while there is only one- fourth probability that a digit is 6 to 9.

[24] Computer logs are often kept for each part of a transaction. So the evil programmer doesn't have to tap lines if he can get hold of the logs instead.

[25] Public key encryption is implemented in the Datakey smart card of the National Institute of Standards and Technology. This card uses the Hitachi H8/310 processor. Atmel and Phillips chips also include public-key encryption hardware, and allow algorithms to be implemented by the card's application designer. Smart and other chip card standards are laid out in ISO 7816. (More on smart cards can be found in Jose Luis Zoreda and Jose Manuel Oton, Smart Cards, Artech House, Boston, 1994.) The recent ANSI X9F standards include those for using public key systems to secure financial transactions. The communication link would involve two-way authentication using Diffie-Hellman key exchange.

[26] Clark Matthews, "Tomorrow's 'Smart Cards': Technical Marvels That Give Government Fearful Power," reprinted from The Spotlight, undated.

[27] Some of the following points were broached in a different way by T. Okamoto and K. Ohta, "Universal Electronic Cash," Advances in Cryptology--Crypto 91, Springer-Verlag, Berlin, 1992.

[28] See David Chaum, "Achieving Electronic Privacy," Scientific American, August 1992, pp. 96-101; "Blind Signatures for Untraceable Payments," Advances in Cryptology-- Crypto 82, D. Chaum, R.L. Rivest, & A.T. Sherman (Eds.), Plenum, pp. 199-203; "Online Cash Checks," Advances in Cryptology--Eurocrypt 89, J.J. Quisquater & J. Vandewalle (Eds.), Springer-Verlag, pp. 288-293; "Efficient Offline Electronic Checks," with B. den Boer, E. van Heyst, S. Mjxlsnes, & A. Steenbeek, Advances in Cryptology--Eurocrypt 89, J.-J. Quisquater & J. Vandewalle (Eds.), Springer-Verlag, pp. 294-301; "Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer" with E. van Heijst & B. Pfitzmann, Advances in Cryptology--Crypto 91, J. Feigenbaum (Ed.), Springer-Verlag, pp. 470-484; "Numbers Can Be a Better Form of Cash than Paper," Smart Card 2000, D. Chaum (Ed.), North Holland, 1991, pp. 151-156; "Privacy Protected Payments: Unconditional Payer and/or Payee Untraceability," Smart Card 2000, D. Chaum & I. Schaumuller-Bichl (Eds.), North Holland, 1989, pp. 69-93; "Security Without Identification: Transaction Systems to Make Big Brother Obsolete," Communications of the ACM, vol. 28 no. 10, October 1985, pp. 1030-1044; "Smart Cash: A Practical Electronic Payment System," J. Bos & D. Chaum, CWI-Report CS-R9035, August 1990; "Untraceable Electronic Cash," with A. Fiat, & M. Naor, Advances in Cryptology--Crypto '88, S. Goldwasser (Ed.), Springer- Verlag, pp. 319-327.

[29] "[P]rior restraint of double-spending can be achieved by using a tamper-resistant computing device that is capable of merely performing a signature scheme of the Fiat-Shamir type (of one's own choice), such as the Schnorr signature scheme" (Stefan Brands, "Highly Efficient Electronic Cash Systems," March 17, 1994.)

[30] I highly recommend Henry David Thoreau's essay Civil Disobedience. .

[31] These included the interest ceilings set by the Federal Reserve's Regulation Q, Kennedy's Interest Equalization Tax, and the Foreign Credit Restraint Program. See International Financial Markets, Chapter 1.

[32] Economic Report of the President, 1975.

Go to Part I of this article.


First posted to the Internet May 1995.

Copyright 1995 J. Orlin Grabbe