Electronic Wallet

In a general business sense, an electronic wallet (or electronic purse) is a consumer device providing some additional security compared to a mere credit card solution. An electronic wallet could be as simple as an encrypted storage of credit card information that saves consumers to re-enter their credit card data manually each time they make a payment. There is a considerable variety of products and services, each called “electronic wallet” or “electronic purse”, that turn up in the marketplace and in investors’ press conferences, while the technical specifications and the life time of these products and services are left unclear. We will thus concentrate on the more specific use of the term “electronic wallet” in the cryptographic literature. In a more specific, cryptographic sense, an electronic wallet is a consumer device designed to store and manage electronic funds or electronic cash. In particular, an electronic wallet is used to download funds from a bank account, to store those funds inside the electronic wallet and transfer deliberate amounts to other electronic wallets or point of sale terminals in order to make purchases. Even, Golreich and Yacobi [EGY84] were one of the first to consider electronic wallets as consumer devices with keypad and display allowing their holders to also inspect the current amount of stored electronic cash and configure their own devices. If such electronic wallets have an offline electronic cash scheme installed, consumers experience increased autonomy because they can make payments offline and manage the amounts of electronic cash remaining in their e-wallets offline, i.e, without a bank or any other trusted third party being involved in the payments or management actions. Such electronic wallets differ from ATM cards, debit cards or credit cards, which are merely tokens that identify their holders to access the respective bank accounts or allow payees to deduct certain payment amounts from the respective payers’ bank accounts. An electronic wallet shall satisfy security requirements of their holders and of the banking industry operating the financial infrastructure behind those electronic wallets. Pfitzmann, Pfitzmann, Schunter and Waidner [PPSW97] distinguish the following three security requirements on mobile user devices in general and on electronic wallets in particular: