Electronic assets are digital representations of value. Electronic assets might be used to represent cash, coins, tokens, entertainment tickets, government entitlement provisions, and so one.
One attribute of electronic assets is transferability. Transferable electronic assets are similar to paper dollars in that the same assets can be exchanged, traded, and reused numerous times. Non-transferable electronic assets are used only once, and then retired from circulation after this single use; they are not reused numerous times. U.S. patent application Ser. No. 08/600,409, entitled "System and Method for Detecting Fraudulent Expenditure of Electronic Assets," which was filed on Feb. 12, 1996, in the name of Yacov Yacobi and assigned to Microsoft Corporation, describes a system involving non-transferable electronic assets. This invention is particularly directed to transferable electronic assets, although it scales to non-transferable electronic assets as well.
Electronic assets are long, mostly random binary strings, with some relatively small recognizable pattern that are signed by the issuer. For instance, an electronic asset might consist of 500 bits in which the left most 400 bits are truly random, the right most 50 bits are an identifiable string (e.g., all binary zeroes), and the intervening 50 bits are an expiration date. The binary strings are typically generated by an institution that issues the electronic assets. Banks, ticket companies, federal or local government, and businesses are all possible issuers of different kinds of electronic assets.
Once issued, the electronic assets are carried in an electronic storage facility, often referred to as an "electronic wallet." Electronic wallets are tamper-resistant storage devices which make it difficult to commit fraud. The size of the electronic wallet depends upon the kind and amount of assets to be stored thereon. As an example, with current design, an electronic wallet uses approximately 100 kilobytes of memory to store $100 in units of $1 digital coins. It should be noted that other e-wallet designs, where only the balance is stored and not individual coins, require much less storage (however, they do not have a good fraud detection criteria).
Driven by technological advances, there is an increasing desire to conduct more commerce electronically, thereby replacing traditional asset forms (bills, coins, ticket paper, etc.) with electronic assets that represent them. A big segment of commerce is found at the low end of the value scale. This commerce involves values equivalent to present day cash, such as paper bills (i.e., $1, $5, $10, $20, $50, and $100 bills) and coins (i.e., nickels, dimes, quarters, half-dollars, and dollars). It is this low end of the market where online systems are too expensive or too slow. Users are also more likely to desire anonymity for low end purchases since they may dislike or distrust a system where every purchase, down to every vending machine and toll bridge, is monitored and traced. Additionally, this low value end is where fraud is likely to germinate because there is less incentive to detect fraud due to the small value involved. In contrast, transactions involving electronic assets at the higher end of the value scale are more closely scrutinized by both parties and are often guided by rigid protocols involving signatures and confirmation of available funds for the transactions. Also, in the higher end of the market, where credit and checks are used, the danger of forging money does not exist, since the bank is checking each transaction before approving it. Although there remains a danger of users cheating each other, there is no danger of cheating the banking system, the Federal Reserve, and so on. This danger, however, exists with cash-like systems.
One main problem with electronic assets is that they can be easily duplicated. Unlike paper dollars or coins, a string of bits that constitutes the electronic assets can be easily and rapidly replicated using computers. This presents a significant risk of fraud. Criminals can reproduce the bit string of an asset and pass off the forged or counterfeited electronic assets as real. To the recipient, the counterfeit bit string offered by the criminal is identical to the expected asset bit string, rendering it difficult to detect whether the offered bit string is the original asset or a reproduced asset that has been used many times before. If successful, the criminals have the opportunity to multi-spend the same asset many times. This type of digital fraud is known as "double spending."
One proposed solution to this problem is to devise a system that prohibits double spending. This solution is centered on use of a tamper-proof electronic wallet which, by its design, makes it nearly impossible to modify or clone the wallet to perform fraudulent transactions. Unfortunately, such designs are never truly tamper-"proof," rather just tamper-"resistant." In other words, if criminals are willing to invest the necessary capital, albeit large, they can reverse engineer the electronic wallet to perform fraudulent tasks. The cost of breaking tamper-resistant devices varies dramatically with the technology and the evolution of technology over time.
Another proposed solution to double spending is to develop an online banking system to discover assets which have been double spent. In this system, each electronic asset that is spent is collected by a central bank or other institution and evaluated for possible double expenditure. Since the asset is non-transferable and can be spent only once, the discovery of identical assets reveals that the asset has been double spent. When a recipient receives a new asset, it uses the online banking network to determine whether that same asset has been previously spent. The primary drawbacks of the online approach are the high expense involved in managing an online system and the potentially long delay periods experienced when a recipient is attempting to verify a new asset. In addition, for the very large data bases required here, the current cost per transaction is too high for sub $1 transactions; hence, batching deposits into aggregates of total value $100, as proposed here, make it cost-effective. Another drawback is that not all recipients are online with the bank. For instance, the assets might be used in off-line devices, such as vending machines or toll booths. Networking all possible recipient machines would be extremely expensive.
A variation of the online bank system is for the bank to offer "after the fact" exposure of double spenders, which is particularly used in anonymous electronic asset systems. In this scenario, the bank evaluates each spent asset for possible double spending. As long as the user follows the stipulated guidelines and spends each asset only once, the user remains anonymous. However, if the user multi-spends the same asset, the bank detects the fraud and has enough information to identify the criminal user. Those culprits are then sought out and prosecuted.
Like the online system, however, this "after the fact" system has drawbacks in the enormous size and expense required to store and track every asset. Moreover, due to the shear volume of assets being evaluated, detection and enforcement might be delayed long enough for the criminal to make an illegitimate profit and then slip away before being apprehended.
Accordingly, there is a need to design a system which facilitates use of electronic assets, even in the low value commerce segment, while detecting and preventing fraud. Such a system should also satisfy countervailing goals of being efficient, reliable, and cost effective.