1. Field of the Invention
The invention concerns information security generally and is more specifically concerned with transactions in which a third party approves the transaction.
2. Description of the Prior Art
As computing and data storage become less expensive, it becomes easier to assemble the information which an individual reveals about himself when he enters into transactions and to use the assembled information in ways which invade the individual's privacy. It is particularly easy to assemble such information when the transactions involve a third party. For example, a credit card company or bank can use the information it acquires in the course of credit- or bank card transactions made by a customer to determine the spending habits of a customer and can then either use that information in its own business or make it available to others. The consequences of the availability of information about an individual's spending habits range from the annoying to the serious. At a minimum, the individual receives more targeted junk mail than he or she otherwise might; more seriously, the same information that is used to target the individual for junk mail can be used to target the individual for private or governmental harassment. Thus, at some point, the ability to collect information about an individual reduces the individual's willingness to deviate from the norm and thus has a chilling effect on his exercise of his rights.
One way an individual can avoid this problem is to pay for everything in cash, since nothing on a bank note indicates who its owner is or was. This same property, however, makes cash both easy to lose and a tempting target for criminals. For both these reasons, few people desire to carry a large amount of cash. One way of solving this difficulty is to use electronic cash, as described in David Chaum, "Security without Identification: Transaction Systems to make Big Brother Obsolete", Communications of the ACM, vol. 28, no. 10, pp. 1030-144, October, 1985. When electronic cash is used in an automated transaction, a purchase cannot be associated with a customer. The scheme, however, may be insecure against fraud; see Steven H. Low, et al., "Collusion in a Multi-Party Communications Protocol for Anonymous Credit Cards," submitted to IEEE/ACM Transactions on Networking. In addition, since the electronic cash is given to a customer, a means is needed to prevent the individual from duplicating and spending it over and over again.
Protocols are also known for performing payment transactions between mutually distrustful parties over an insecure network. See Semyon Dukach, "SNPP: A Simple Network Payment Protocol", in Proceedings of the Computer Security Applications Conference, San Antonio, Tex., November, 1992. However, these protocols do not prevent parties involved in a transaction from compiling information about purchase habits.
What is needed is a way of performing transactions which has the convenience and safety of credit card transactions and the anonymity of cash transactions. It is an object of the invention to provide such a technique, and thereby to overcome major disadvantages of present-day credit card and cash transactions.