Publications by DigiCash

An introduction to ecash

The Ease of Using ecash

 This is a cross-platform summary of the basic user functions.
The user functions of ecash are the same for all platforms (Windows, Macintosh and Unix) although the screens may appear slightly different to those shown below.

Overview

Ecash has been designed to be easy to use. Consumers are given a simple 'point-and-click' graphical user interface that is simpler to use than many bank ATMs. To demonstrate how easy you will find it to use ecash, various transactions involving two ecash Account-holders, Alice and Bob, are explained below.

Startup and Background Operation

Once Alice starts her ecash program, it runs on her PC in the background, much like a memory monitor or clock program.

Figure 1 - ecash status window

While ecash is running, a small window is displayed that shows her the amount of ecash coins which are stored on her hard disk and are available to be spent. The optional toolbar allows her to access various functions.

Withdrawing ecash from the account

In order to use ecash to purchase goods or services, ecash must first be available on the Alice's hard drive, in the same way that cash is needed in your wallet before you can pay for goods or services in the physical world. Withdrawing ecash is as simple as withdrawing regular cash from an ATM.

The screen below shows the actual dialog box used to withdraw ecash (Version 2.1 of the actual MS Windows ecash client is shown throughout). This window appears when the Mint icon has been clicked on the toolbar. Alice simply enters the amount to be withdrawn from her account and clicks the 'OK' button. This amount of ecash is then downloaded from her ecash account at the Mint to her hard disk.

Figure 2 - Alice withdrawing ecash

Making a Payment

There are two ways to spend ecash. Alice can decide to send a payment herself, or she can answer a request for payment.

Responding to a Payment Request

Bob has sent a payment request to Alice because she has asked to buy something from him. (The merchants' Purse software will generate and send such requests). For example, in the dialog box below, Alice is being asked to make a payment of $0.02 to participate in a tic-tac-toe game. If she agrees to make the payment, she just clicks on the 'Yes' button. Similarly, clicking the 'No' button will refuse the payment.

Figure 3 - Alice gets an incoming payment request

According to her preferences, Alice may also instruct her system to respond automatically to similar payment requests in the future.
When the Policy button is clicked (see window above), the dialog box is extended downwards (see window below). Alice can now set the policy under which payment requests are to be answered automatically. These extra settings can be used to simplify certain repetitive payments.

Figure 4 - Alice setting the policy for performing subsequent payments automatically

Initiating a Payment

To make an unsolicited payment directly, Alice brings up the payment dialog box from the toolbar and fills in the blanks, much like writing a personal check.

Figure 5 - outgoing payment to Bob from Alice

Receiving ecash

When Alice has sent ecash to Bob, he may want to deposit it in his ecash account or have ecash coins returned to his hard drive for future use. The dialog box shown below will appear on Bob's screen.

Figure 6 - Bob gets an incoming payment

Just as Alice could set a policy for payment requests, Bob can also set a simple policy which automatically accepts subsequent incoming payments.

Figure 7 - Bob sets a policy to accept payments automatically

Depositing ecash in a Mint account

Ecash can, of course, be deposited in the user's ecash account. Again a simple dialog box is used. (Actually this is done with the same box used for withdrawals; see Figure 2 above).

Figure 8 - Alice deposits some ecash in her account

Receipts and Records

Ecash tracks withdrawals, payments, receipts, and deposits, and can provide Alice with various statements of her account.

Figure 9 - The debit colunm of Alice's digital statement

Cancel Payment

If the Merchant has not deposited the payment yet, (i.e. the status is not marked 'OK' in the payment log) then it is still possible to cancel the payment by clicking on the 'Cancel Payment' button.

Recovery

If the Purse-Holder's computer crashes and stored ecash coins are lost (along with records of recent transactions), then execution of the recovery procedure (using the special Recovery Key) will restore the account to its correct state using the Mint's records from the Transaction Log.

How ecash Works Inside

Overview

Like banknotes, ecash can be withdrawn from and deposited to transaction demand deposit accounts. And like banknotes, one person can transfer possession of a given amount of ecash to another person. But unlike cash, when a customer pays another customer an electronic bank will play an unobtrusive but essential role.

To show how it all works we'll explain how a withdrawal works, then follow the ecash in a payment to a merchant. Combining these two transactions, we can then understand why the customer perceives that ecash is paid from person to person without involving any bank. Finally the withdrawal is explained in greater detail to illustrate the 'blind signature' concept, which is the foundation of the privacy feature, and explain why the bank cannot trace it's own money!

Simple Withdrawal of ecash

Figure 10 shows the two participants in the withdrawal transaction: the bank and customer, Alice. The digital coins that have been withdrawn from Alice's account at the bank are on their way to her PC. When they arrive, they will be stored along with some coins she already has on her hard disk.

Figure 10 - Alice withdraws ecash from her bank account

No physical coins are involved in the actual system of course, but the messages include strings of digits, and each string corresponds to a different digital coin. Each coin has a denomination, or value, so that a purse of digital coins is managed automatically by Alice's ecash software. It decides which denominations to withdraw and which to spend in particular payments. (The ecash software keeps plenty of 'small change', but will prompt the user to contact the bank in the rare event that more change is needed before the next payment, to restructure its purse of coin denominations.)

An ecash Purchase

Now that Alice has some ecash on her hard drive, she can buy things from Bob's shop (as shown below).

Having received a payment request from Bob, she agrees by ticking the 'Yes' box. Her ecash software chooses coins with the desired total value from the purse on her hard disk. Then it removes these coins and sends them over the network to Bob's shop. When it receives the coins, Bob's software automatically sends them on to the bank and waits for acceptance before sending the goods to Alice along with a receipt.

Figure 11 - Alice buys something from Bob

To ensure that each coin is used only once, the bank records the serial number of each coin in its spent coin database. If the coin serial number is already recorded, the bank has detected someone trying to spend the coin more than once and informs Bob that it is a worthless copy. If, as will be the usual case, no such serial number has been recorded, the bank stores it at that position and informs Bob that the coin is valid and the deposit is accepted.

Person-to-Person Cash

When a consumer receives a payment, the process could be the same. But some people may prefer that when they receive money, it be made available on their hard disk immediately, ready for spending; just like when someone hands them a five dollar bill. This user preference can be realized as depicted in Figure 12.

The only difference between this payment from Alice to another consumer, Cindy, and the one Alice paid to Bob's shop in Figure 11, is what happens after the bank accepts the cash. In Figure 12, Cindy has configured her software to request the bank to withdraw the ecash she has just deposited and send it back to her PC as soon as the coins are accepted. (Actually Cindy's bank will check with Alice's bank to make sure that the coins deposited are good.) Now when Alice sends Cindy five dollars, new coins are immediately available to spend from Cindy's PC.

Figure 12 - person-to-person payment

How Privacy Is Protected

In the simple withdrawal of Figure 10, the bank created unique blank digital coins, validated them with its special digital stamp, and supplied them to Alice. This would normally allow the bank (at least in principle) to recognize the particular coins when they are later accepted in a payment. And this would tell the bank exactly which payments were made by Alice.

By using 'blind signatures, a feature unique to ecash, the bank can be prevented from recognizing the coins as having come from a particular account. The idea is shown in Figure 13. Instead of the bank creating a blank coin, Alice's computer creates the coin itself at random. Then it hides the coin in a special digital envelope and sends it off to the bank. The bank withdraws one dollar from Alice's account and makes its special 'worth-one-dollar' digital validation like an embossed stamp on the envelope before returning it to Alice's computer.

Figure 13 - Alice sends her coin for signature by the bank

Like an emboss, the blind signature mechanism lets the validating signature be applied through the envelope. When Alice's computer removes the envelope, it has obtained a coin of its own choice, validated by the bank's stamp. When she spends the coin, the bank must honor it and accept it as a valid payment because of the stamp. But because the bank is unable to recognize the coin, since it was hidden in the envelope when it was stamped, the bank cannot tell who made the payment. The bank which signed can verify that it made the signature, but it cannot link it back to a particular object or owner.

How It All Works with Numbers

When Alice's computer creates a blank coin it chooses a random number. The bank's validating stamp on the coin is a public key digital signature encoded by the bank with the random coin number serving as the message to be coded. Checking the validity of a coin involves the verification of the digital signature using the bank's corresponding public key. The blinding operation is a special kind of encryption designed so that it can only be removed by the party who placed it there. It can be reversed using the public key digital signature process, and can thus be removed without disturbing the signature.

How Funds Flow

 Although ecash works just like cash in the hands of a consumer, for a bank its properties are somewhat different.

As can be seen in the top of Figure 14, the first step in each case occurs when value comes out of a customer's account. In an ATM transaction, the cash given to the consumer constitutes a reduction in vault cash. In an ecash withdrawal, however, the value is moved within the bank and becomes an ecash liability that will be reversed when the ecash is presented for deposit.

The second step is the spending of the value, where cash and ecash are very similar. In each case the merchant (or other party receiving it) can choose to be issued with new cash coins or can make a deposit to an ecash account.

Figure 14 - ecash flow

When the merchant takes the final step and deposits the traditional cash, it constitutes an increase in vault cash, whereas deposit of ecash reduces the ecash liability and increases deposit liability.

The chart below shows in more detail the difference in the actual transaction path for a 'hard cash' payment (on the left) and a digital cash payment, on the right

While the main difference is invisible to the consumer, it is vitally necessary to protect the integrity of ecash. When a digital coin is received as payment it must be surrendered to the bank who will exchange it for an account credit or for freshly minted ecash.

Figure 15 - cash flow / ecash flow

Back to the tutorials page.
[Publications] [DigiCash home]