On-Line E-Wallet System with Decentralized Credential Keepers

We propose a generalization of the architecture of an electronic wallet, as first developed in the seminal European research project CAFE. With this model you can leave most of the content of your electronic wallet at the security of your residential electronic keeper, while roaming with your favorite mobile terminals. Emerging mobile handsets with both short range Bluetooth and cellular GPRS communications provide a sufficient communication platform for this electronic wallet architecture. However, new security requirements must be addressed, and new threats of attack must be carefully analyzed and met with appropriate security protocols. The proposed approach is fundamentally distinct from the remote wallet proposals, in that it protects important user requirements and takes a multiparty security approach using a fully decentralized architecture. Technically, the user remains in control of the input/output and usage of his credentials, likely carried by smart cards. At the same time, the model provides a solution to the pressing practical problem of the multitude of special-branded cards the user has to carry and sort. Currently used magnetic stripe and chip cards with applications such as debit and credit transactions are easily included within the architecture with minor enhancement to these legacy systems and their functionality. We show in this paper how an account-based payment system can be solved with the proposed architecture. Our claim is that users achieve payment mobility and independence of both terminals and payment service providers while maintaining secure access to their payment authorization credentials.