The present invention relates to a method and apparatus for implementing hierarchical electronic cash through utilization of a telecommunication system or readable/writable storage such as a smart card.
In recent years there has been popularized an electronic funds transfer employing a telecommunication system. In general, a certificate convertible into money, such as a draft or check, has a symbolic function of its own (which guarantees its possessor to the rights stated thereon). When handled in the telecommunication system, the certificate is digitized data, which could easily be copied for repeated arbitrary or unfair conversion into money. This problem arises as well in the implementation of electronic cash such as a prepaid card, because it could also be copied for repeated arbitrary or unfair conversion into money or purchase of merchandise. On the other hand, the credit card is essentially free from the danger of such double usage, but instead it has a disadvantage that the whole history of customer's use of the card becomes known to a credit card issuing company (that is, user privacy is not preserved). As a solution to these problems, there has been proposed a scheme that uses a card having a computation facility and devises the exchange of data between a card reader and the card for its conversion into money to thereby ensure user privacy and detects its double usage. This is disclosed in, for example, Chaum, Fiat and Naor, "Untraceable Electronic Cash," Proc. Of CRYPTO '88.
With the Chaum et al. scheme, however, it is necessary, for preserving security to some extent (the probability of success in overspending is 1/2.sup.30, for instance), that three procedures of inquiry, response and verification in the processing of user's payment of electronic cash to a shop be repeated by the number of times (30 times, for example) corresponding to the security intended to provide--this significantly increases the volume of communication required. Another problem is indivisibility of electronic cash.
The principle for divisional use of electronic cash proposed so far is based on mathematically ingenious logic that utilizes a hierarchial structure as disclosed in U.S. Pat. No. 5,242,162, for instance. However, the actual implementation of this conventional scheme involves many procedures and large computational loads.
The electronic cash implementing system is configured primarily on the assumption that the same financial institution both issues electronic cash and manages users' accounts, and consequently, the electronic cash issued by the financial institution returns thereto from the user via shops and banks. Hence, it is impossible to keep a watch on the amount of electronic cash issued and circulated in financial circles.