Home/red-rock-eater/Mondex not anonymous

Mondex not anonymouswriting

forwarded-content
1995-09-16 · 12 min read · Edit on Pyrite

Source

Automatically imported from: http://commons.somewhere.com:80/rre/1996/Mondex.not.anonymous.html

Content

This web service brought to you by Somewhere.Com, LLC.

Mondex not anonymous

``` [I somehow missed the news, back in June, that Simon Davies of Privacy International had finally obtained a ruling from the UK Trading Standards authorities that the Mondex electronic "cash" system is not anonymous, as its sponsors had repeatedly claimed. In fact it is much closer to a credit card. It had always been curious that Mondex, unlike real digital cash systems, had not drawn any noticeable flak from those concerned about money laundering. Despite the passage of time, the documents are informative.]

---

This message was forwarded through the Red Rock Eater News Service (RRE). Send any replies to the original author, listed in the From: field below. You are welcome to send the message along to others but please do not use the "redirect" command. For information on RRE, including instructions for (un)subscribing, send an empty message to rre-help@weber.ucsd.edu

---

[http://www.privacy.org/pi]

MEDIA RELEASE PRIVACY INTERNATIONALS MONDEX COMPLAINT IS UPHELD

ELECTRONIC CASH IS ANYTHING BUT ANONYMOUS

JUNE 21, 1996 After a nine month investigation, government Trading Standards authorities in Britain have confirmed that Mondex electronic cash is not anonymous, as has been consistently claimed by the company. The investigation was sparked by a complaint last year by Privacy International director Simon Davies, who objected to the manner in which the cards had been promoted. Davies argued that the word anonymous, used by Mondex to describe its product, was misleading and incorrect. He said Mondex transactions were logged by the trader and were known to the bank. In a letter of 21 June announcing the outcome of the informal inquiry, Robert Gilham of the Environmental Health and Trading Standards Department in Bromley, South London, confirmed the traders till chip retains the last 300 transactions as card number, value and date. "It appears the customer is identified to the trader...and, ultimately, the bank, by the 300 previous transactions....These can be monitored by the bank and could be used for marketing purposes. This is the audit trail and ultimately could be sold to business users for third party marketing." Gilham observed The potential exists for unauthorised use of transaction information by banks, traders or third parties but he conceded that no evidence was available to confirm that this stage has been reached. The Department has decided, in view of the embryonic state of the Mondex trials, not to prosecute, but to resolve the matter through negotiation and discussion. Responding to the outcome, Simon Davies said, "I'm disappointed that Mondex has escaped further action by the Trading Standards authority, but I hope the outcome of this inquiry motivates other projects in this field to be more honest in the promotion of their product." "During the course of this investigation it has become clear that Mondex cards have more in common with credit cards than cash. "

16 September 1995 Customer Services, Bromley Council, Stockwell Close, Bromley BR1 3UH Attention : Tom Dent Dear sir, I am writing to notify you of an apparent breach of the Trade Descriptions Act, and to lodge a formal complaint. Please forgive the length and detail of this letter. The complaint involves a complex technical project about which there is only limited public information. For this reason I feel it is important that I present a full background to the subject area. I am making this complaint to Bromley Council because I viewed the offending material in the Bromley area. This complaint involves the activities of Mondex Ltd, a partnership between the Midland and National Westminster Banks. Since June of this year, Mondex has been engaged in a trial of smart cards which are designed to replace cash. The trial is being conducted in Swindon. The Mondex cards (being given to Midland and National Westminster bank customers) can electronically store the value of cash authorised from a bank ATM machine or by way of specially adapted payphones connected to the customers bank. Instead of handing over cash to a store, customers hand over the card, which acts in place of cash. The card is inserted into a machine which debits the amount of the transaction. Because it is a debit card (that is, customers have already paid for the value of cash contained in it) no signature or authorisation is needed. The relevant amount is electronically deducted from the card. Many big High Street retailers, including Boots, Asda, Safeway, J Sainsbury, WH Smith, BP and McDonald's are participating in the scheme. Currently, six thousand people are using the cards in Swondon, and Mondex hopes this will rise to as many as 40,000. SOME BACKGROUND I should explain at this point that a smart card is a credit-card size device containing a microchip, which can store and process considerable amounts of data. Most smart cards can hold several A4 pages of data. The smart card can independently process this data, and present it in different forms according to requirements. Information on the chip can be locked with a PIN number, and protected through a range of encryption methods. These cards have been developed in various countries for health, social welfare benefits, transport, and financial transactions. The Mondex trial is being eagerly watched by banks and governments around the world. The common view of these bodies is that cash is a costly, cumbersome and messy commodity. It is insecure and untraceable. UK banks estimate that they spend 2 billion a year on cash distribution, and the cost to retailers has been put at 800 million. Banks want to save money not only by taking cash out of the system, but also by charging customers and retailers for an alternative system that avoids the traditional drawbacks. A cash smart card is one way of achieving this. The Mondex experiment is widely seen as crucial to the future of electronic cash worldwide. Mondex has signed up Midland's sister company, HongkongBank, as the first overseas partner. HongkongBank has acquired the rights to franchise Mondex in Hong Kong, China, India, Indonesia, Macau, the Philippines, Singapore, Sri Lanka, Taiwan, Thailand and Malaysia. Trevor Blackler, NatWest's chief executive of group services, has been reported as saying discussions are being conducted with 30 banks in 15 countries around the world. While the Mondex experiment is at the cutting edge, other banks are not far behind. Barclays and Lloyds are in partnership with Visa International to pioneer an international system that may, in effect, create a single international cash unit of currency. The Visa International project is co-operating with bank-led groups in Belgium, France, Portugal, Spain, Taiwan and the US. Like Mondex, it plans to create an extensive network of shop-based card readers. The importance of this project, nationally and internationally, cannot be easily overstated. The concept of electronic cash is almost certain to take hold throughout Europe, particularly in the lead-up to a single unit of currency. In 1995, European Commission premises across Europe are to act as host to a trial of an electronic multi -currency payment system similar to the one being pioneered by Mondex. The technology is known more popularly in Europe as an electronic purse. Under the EU's own research programme in Information Technology, a seven-country consortium of partners in industry and academia has developed the purse, which can be loaded with money from the owner's bank account, then used to meet expenses in ECU and national currencies by down -loading payments into compatible terminals in shops, pay-phones, toll roads, public transport and so on. At the same time, a specialized working group attached to the European Committee for Standardization (CEN) is on the point of developing a European standard that could open the door to cross-border use of electronic cash. An international standard has already been finalised for point-of-sale machinery for the cards. Thirteen European countries have been involved since 1991 in the effort. The mechanism of the Mondex system is complex. Each card is linked to an existing bank account. The card can be topped up, or the security instructions changed, by using any ATM or modified pay phone. Although the card is a direct substitute for cash, it can be made more secure than cash. The owner can encode it with a PIN number which locks the cash value, and thus makes the card useless for anyone else. THE COMPLAINT Mondex has consistently promoted its product as privacy friendly, anonymous, and cash-like. These are important selling points of the Mondex product, because many people value their financial privacy, and would support a technology that offers secure and anonymous transactions. However, I dispute the claims made by Mondex, and will set out below evidence that I believe will show that Mondex has set out intentionally to deceive the public. Transactions using the cards are neither anonymous nor are they privacy friendly. In the Mondex Home Page - an electronic promotional advertisement located on the internet, Mondex makes the following statement: What about privacy? In everyday use Mondex transactions are anonymous, just like cash. However, if the card is lost, a unique 16-digit identity number stored on the chip, which will have been registered by a card-providing bank against the personal details of the customer, may be used in order to return the card to its rightful owner. Cards also contain a "purse narrative". The customer's narrative would contain the names of the retailers - letting them know where they have used their card. Only a cardholder will have access to the statement entries on their card which detail transactions. A cardholder will be able to lock their card and prevent unauthorised access. Here, Mondex has made the case for privacy, setting out in very specific terms the way the data will be restricted. The statement Only a cardholder will have access to the statement entries on their card which detail transactions sets out to reassure the public that Big Brother will not be a party to the system. The claim is an outright lie. In late September I interviewed the project manager of the Swindon experiment (Rob Jameson) and was told without equivocation that Mondex uses a full audit trail of all transactions. Jameson told me all retailers have a card linked record of all transactions which are available to the bank. This directly contradicts the publicity. Mondex, in fact, uses the same audit trail systems as any other card system. This is, to my knowledge, the first time Mondex has revealed this dimension of its system. Mondex consistently makes its claim of being privacy friendly. Page 15 of the Mondex Media Pack (August 1994) states the cards are as anonymous as cash. In defence of its tactics, Mondex might well argue that the cards are transferable, and thus the audit trail cannot technically link a transaction to an identified individual in, say, the way a credit card could (the credit card requires a signature). This justification is largely irrelevant. I believe Mondex has conducted research which shows that almost one hundred per cent of transactions are conducted by the owner of the card. I believe Mondex is in clear breach of the Trade Descriptions Act. It has willfully and intentionally set out to mislead the public. I believe the case warrants prosecution. Mondex must either cease describing their product as anonymous and cash like, or it must remove all transaction recording machinery at point of sale. Please do not hesitate to contact me for any further information. Yours sincerely Simon Davies (transmitted by modem. Original sent by mail)

21 June 1996 Environmental Health and Trading Standards Bromley UK Dear Mr Davies, MONDEX ELECTRONIC FUNDS TRANSFER CARD TRADE DESCRIPTIONS ACT 1968 After some considerable time examining what may have appeared a straightforward matter, I am now in a position to let you know how the matter has been resolved. Having finally gained access to the internet and read the information available relating to Mondex I believe that the relative part of that information could be treated as an advertisement. I also noted that words had been changed from the original entry which you sent to me. I will return to both these matters later in this letter. I took the opportunity to meet Mr Capelthorne of Mondex International on 12 June to seek explanation of the system, having had the chance to see the internet statements. I understand the following to be the system operation. Loading a card shows on customers bank statements. That is to say, there is no other paper record of the transaction as would be the case in credit card transactions having monthly statements. The retailers transaction to pay in Mondex cash shows on his bank statement but nothing ties the customer to the electronic money used. The transaction log on the card can be read by the cardholders electronic wallet. The previous ten transactions are identified as amount, trader and date; this includes personal transfers and load-up, which are not identified. The traders till chip retains the last 300 transactions as card number, value and date. The trader cannot trace the customer as the Personal Identification (PID) Number is only traceable through the card issuing bank and is not disclosed under the banks duty of privacy to its customer. The PID is required in order for the till to read the card and conduct the transaction. In addition, the customer uses a 4 digit Personal Identification Number (PIN) to free the card for loading from ATMs and to lock/unlock the card for access authorisation. Lost cards can be read if not locked by the card owner. The card is not defaulted to lock when sent, as it is of no use to anyone until given a PIN by the user. The user must choose to lock the card, and must unlock it for transactions to take place. An unauthorisd user can only use or read the card if the PIN is known or discovered, otherwise, after a set number of attempts to discover the PIN, the card locks up and is no use to anyone. It appears the customer is identified to the trader, as in paragraph seven above and, ultimately, the bank, by the 300 previous transactions. Each of these will soon be superseded by further transactions and drop off the end of the list. These can be monitored by the bank and could be used for marketing purposes. This is the audit trail and ultimately could be sold to business users for third party marketing. I am assured this does not occur at present. I am assured that descriptions will be appropriate and data protection issues addressed if this avenue is pursued. Mondex International has changed the word anonymous to private as a description within the internet promotion. This word seems to have more appropriate meanings than anonymous, reflecting the limited access to information, equating with the privacy of a (pocket) wallet where the information is not for third party consumption, but is available to unauthorised people. The card system has checks and balances, which means that the amount of information available to third parties is protected or currently not available at all. The potential exists for unauthorised use of transaction information by banks, traders or third parties, but no evidence is available that this stage has been reached. Currently, no false trade description has been demonstrated. The POS (Point of Sale) material makes no claim for privacy. The only claim was made in a press release and as explained previously, is not within the scope of a trade description. A privacy claim is made, via promotional material (advertisements) on the Internet. I do not believe this is the issue which should be used to test whether the material on the Internet is an advertisement. More correctly, the issue relates to a trial of the card, and the pitfalls discovered should be corrected by negotiation and discussion. To this end I am making my colleagues in the City of London Trading Standards aware of the complaint, since the card company is based in their area. I have invited Mondex to discuss with them and concerns or proposed descriptions. Thank you for bringing this complex matter to my attention and for your patience over an enquiry which may at times have seemed to have become bogged down in bureaucracy. Yours sincerely Robert Gilham Area Trading Standards Officer ```

This web service brought to you by Somewhere.Com, LLC.