e-Wallet – THE FUTURE OF CARDS

ABSTRACT:

Using the basic concepts of Embedded Systems, an idea for changing the

future of Cards (Banking, Petro, Health, Televoice, etc.) is proposed in this paper.

Requirement of a special card reader, limited lifetime, acceptance being the main

disadvantages of today’s traditional cards, led to the design of e-Wallet. The main

objective of e-Wallet is to make paperless money transaction easier. The main idea

behind this paper is to bring in a cheaper, more versatile and much more easily

usable kind of a card. Using this e-Wallet the transaction procedure can be as

simple as: the customer goes to the point of sale (POS), does the purchasing and

when it comes to the payment, the customer submits his e-Wallet to vender who

connects it to his terminal (PC).The vender displays the billing information to the

customer who finalizes it. The amount in the e-Wallet is updated accordingly. Later

at periodic intervals, the vender intimates the bank (in case of credit cards) which

transfers the amount from the customer’(s) account to his. The advantages of e-

Wallet are its ease of use (doesn’t require a separate card reader), ease of

maintenance, flexibility, safety, being the primary ones. The designing of the card is

similar to any other embedded card. The designing cost of the card (e-Wallet) being

as low as the price of a pizza. There are ample enhancements to this application

from credit cards to televoice cards. Unlike traditional cards which are application

oriented, all the applications’ software can be embedded into this e-Wallet which

provides multi-functionality.

1

1

1. INTRODUCTION:

With the advent of computers many technologies are taking this world by a

surprise. These include Embedded Systems (ES), Artificial Intelligence (AI),

Neural Networks (NN), Fuzzy Logic, Bluetooth and many more are upcoming. This

paper deals with Embedded Systems in a new perspective.

In easy terms, Embedded Systems can be viewed as a combination of

hardware and software components, in which the software is implanted into the

hardware to do the specific job. These ES were implemented in various fields from

Battery chargers to Aviation Systems besides Cell phones (GSM, GPRS, CDMA,

etc.). These ES are being developed in ‘leaps and bounds’. The never-ending efforts

of many scientists in the field of ES led to the evolution of Smart Technology (ST).

The main objective of e-Wallet is to make paperless money transaction

easier. The electronic wallet (e-Wallet) is just like a leather wallet as it does the

same, in terms of e-cash. In today’s life where monetary value and security both, go

hand in hand, it is difficult to satisfy customers using the routine cards. The main

idea behind this paper is to bring in a cheaper, more versatile and much more easily

usable kind of a card.

Using the basic concept of ES, an idea for changing the future of Cards

(Banking, Petro, Health etc.) is proposed in this paper. To interpret this idea, it is

first needed to know the pros & cons of today’s ‘traditional’ cards. . Consider the

example of banking, The magnetic stripe cards used for transactions are as simple

as visiting cards, with a magnetic tape to hold the information

2

2

The basic advantages of these cards are:

Ease of mobility

Ease of use

Coming to the disadvantages of these cards, few are listed here under:

Easy Duplication

Requires a special card reader

Networking problems

No memory to hold the current balance

Limited lifetime

No particular user authentication

Unsecured remote transaction

Limited acceptance

Vulnerable to moisture, heat, dirt etc.

and the list goes on……

Keeping these pros & cons in view, the Smart Technology is introduced to

develop a new class of cards. This stream of Smart Technology can be termed as

Smart Card Technology (SCT). This smart card has a microprocessor or memory

chip embedded in it that, when coupled with a reader, has the processing power to

serve many different applications. Such cards can be referred to as e-Wallet

(electronic Wallet).

3

3

2. What is a e-Wallet?

A e-Wallet(digital wallet) is a software component that allows a user to make an

electronic payment with a financial instrument (such as a credit card or a digital

coin), and hides the low-level details of executing the payment protocol that is used

to make the payment.

A e- Wallet functions much like a physical wallet. The digital wallet was

first conceived as a method of storing various forms of electronic money (e-cash),

but with little popularity of such e-cash services, the digital wallet has evolved into

a service that provides internet users with a convenient way to store and use online

shopping information

3. Transaction Procedure:

The e-Wallet cardholder goes to a point of sale (POS) location where the e-

Wallet is accepted. Having chosen the goods he wishes to buy, he goes to the cash

desk. Here, the merchant calculates the total value and enters it on the payment

terminal using a keypad. The terminal then displays the amount on a small screen

facing the cardholder, who confirms the amount by pressing an "OK" button. In less

than a second, the value is transferred from the e-Wallet to the terminal, and the

value remaining in the e-Wallet is adjusted. This is an off-line transaction. A

message is displayed to both the cardholder and the merchant saying that the

payment has been accepted.

4

4

Periodically, the merchant connects the terminal to his bank to do a

collection that is to transfer the value collected in the terminal to his bank account.

This is an on-line transaction. The terminal sends a message for each transaction to

the e-Wallet host system, identifying the card number and issuer and the amount.

The host system debits the float account of the issuer and credits the merchant's

account. This typically takes a few seconds per transaction.

Merchants can program their terminals to automatically do collections each

day, week or month, or when a specified value of transactions is reached. If

merchants have a number of terminals (e.g. a vending machine operator, or a large

supermarket) then they can use the "shuttle collection" system, where terminals

download their data onto a special collection card, which in turn then downloads it

into a central terminal, which is then used to perform an on-line collection.

5

5

4. Wallet Architecture:

Figure1: e-Wallet architecture

Brief description of the core components of e-wallet is as follows:

4.1 Instrument manager:

It manages all of the instrument instances contained in the wallet, and, for

example, may be queried to determine which instrument classes and instances are

available to execute a given payment or other operation.

6

6

4.2 Protocol manager:

The Protocol Manager manages all of the protocols that the wallet may use

to accomplish various operations, and invokes protocols to carry out the interaction

between the digital wallet and the vendors and banks.  The Protocol Manager relies

on the Communication Manager to process low-level communications requests with

other computers representing banks and vendors.

4.3 Wallet controller:

The Wallet Controller presents a consolidated interface for the wallet to the

client.  The Wallet Controller hides the complexity of the other components of the

wallet, and provides a high-level interface to the client.  A non-human client, or

software agent, can make method calls on the Wallet Controllers interface through

the Client API.  A human client may use a graphical user interface (GUI) which

may make method calls on the Wallet Controller.  The Wallet Controller

coordinates the series of interactions between the User Profile Manager, Instrument

Manager, and Protocol Manager necessary to carry out high-level requests received

from the client, such as purchase a product.

4.4 User profile manager:

The User Profile Manager manages information about clients and groups of

clients of the wallet including their user names, passwords, ship-to and bill-to

addresses, and potentially other user profile information as well.  In addition, the

7

7

User Profile Manager keeps access control information about what financial

instruments each user has the authority to access.

4.5 Communication manager:

The Communication Manager provides the wallet with an interface to send

and receive string messages between wallets and peer commerce components by

setting up a connection with a remote Communication Manager.  The Protocol

Manager builds on top of the connection abstraction to support the concept of a

session.  A connection is typically asynchronous, while communications between

peer commerce components in a Session occur in (message,response) pairs where

one peer sends a message, the other peer receives the message, executes some

action, and returns a response.  Depending upon the implementation of the

Communication Manager, the messages may be sent over different types of

networks using different communication protocols. 

  For example, one implementation of a Communication Manager may send

and receive messages over the Internet using HTTP requests and responses over a

TCP/IP ethernet network.  In this case, a Session may be made up of a sequence of

several HTTP GET messages and their corresponding responses.  In another

example, a second implementation of a Communication Manager may send and

receive messages over a RS232 serial interface using TCP/IP. 

 Note that the Protocol Manager is responsible for making calls to the

Cryptographic Engine to encrypt any data that is passed to the Communication

Manager, such that the data can be securely transmitted over the communications

medium.  The Communication Manager cannot be responsible for encryption of

sensitive data from the wallet because it is formally outside the wallet architecture,

and can be replaced by another Communication Manager to run the wallet on

another device.  If the Communication Manager is relied upon to encrypt sensitive

8

8

data, then the Communication Manager might be replaced with a malicious

Communication Manager that sends all sensitive data to an adversary.

4.6 Client API:

The Client API is an interface provided by the Wallet Controller that may

be used by an autonomous software agent acting on behalf of a human user.

4.7 User Interface:

The User Interface provides a graphical interface to the services offered by

the Wallet Controllers interface.  The User Interface is an optional component of

the wallet.  Some devices, such as most smart cards, do not have the ability to

display a graphical user interface, and hence the Wallet Controller interface must be

accessed through the Client API.  Note that the user interface is a core component

within the wallet because certain parts of the user interface have access to sensitive

user data.  For example, the edit box object into which a user enters the password to

unlock the wallet should run within the wallets protected address space.  On the

other hand, users may want to customize the wallets interface by plugging-in GUIs

developed by other software vendors.  To accomplish both these conflicting goals,

the user interface exports parts of its interface as the User Interface API that may be

overloaded by software vendors to render customized parts of the interface

9

9

5. CHARACTERISTICS:

5.1 Extensible:

 A wallet is able to accommodate all of the users different payment

instruments, and inter-operate with multiple payment protocols.  For example, a

digital wallet is able to hold a users credit cards and digital coins, and be able to

make payments with either of them, perhaps using SET in the case of the credit

card, and by using a digital coin payment protocol in the latter case.  As banks and

vendors develop new financial instruments, a digital wallet should be capable of

holding new financial instruments and make payments with these instruments.  For

instance, vendors are able to develop electronic coupons that offer discounts on

products without requiring that users install a new wallet to hold these coupons and

make payments with them.

5.2 Client-Driven:

The interaction between the wallet and the vendor, is driven by the client

(i.e., the customer).  Vendors are not capable of invoking the clients e-wallet to do

anything that the end-user may resent or consider an annoyance.  For example, a

vendor is not able to automatically launch a clients e-wallet application every time

the user visits a web page that offers the opportunity to buy a product.  Imagine

what life would be like if, simply by walking into someones store, the store owner

had the right to reach into your pocket, pull out your wallet, hold it in front of you,

and ask you if you wanted to buy something from him!  A client-driven approach

for building a digital wallet is important because software which customers consider

10

10

intrusive will hinder the success of electronic commerce for all participants

involved.

5.3 Symmetric:

Vendors and banks run software analogous to wallets, which manage their

end of the financial operations.  Since the functionality is so similar, it makes sense

to re-use, whenever possible, the same infrastructure and interfaces within wallets,

vendors, and banks. For example, the component that manages financial

instruments (recording for instance account balances, authorized uses) can be

shared across these different participants in the financial operations.  If the wallet

components that are re-used are extensible, then we automatically get extensibility

at the bank or vendor.  So, for instance, an extensible instrument manager will allow

the bank or vendor to easily use new instruments as they become available.

5.4 Generalized:

Interfaces should be similar regardless of what type of device or computer

that the wallet, bank, or vendor application is running on.  A digital wallet running

on an alternative device, such as a personal digital assistant (PDA) or a smart card,

for example, has substantial functionality in common with a digital wallet built as

an extension to a web browser.  Thus, a digital wallet in these two environments

should re-use the same instrument and protocol management interfaces.

11

11

6.TECHNOLOGY:

A e-wallet has both a software and information component. The software

provides security and encryption for the personal information and for the actual

transaction. Typically, digital wallets are stored on theclient side and are easily self-

maintained and fully compatible with most e-commerce Web sites. A server-

side digital wallet, also known as a thin wallet, is one that an organization creates

for and about you and maintains on its servers. Server-side digital wallets are

gaining popularity among major retailers due to the security, efficiency, and added

utility it provides to the end-user, methods (including credit card numbers, expiry

dates, and security numbers), and other which increases their enjoyment of their

overall purchase. The information component is basically a database of user-

inputted information. This information consists of your shipping address, billing

address, payment information

7. Card Designing:

7.1 Application Specific Integrated Circuit:

Most of the home friendly electronic oriented products works on custom

specified integrated circuit chips like electric oven, cellular phones, washing

machines etc. Following this global trend we are using FIELD PROGRAMABLE

GATE ARRAY (FPGA) belonging to the family of APPLICATION SPECIFIC

INTEGRATED CIRCUIT

12

12

7.2 Field Programmable Gate Array (FPGA):

FPGA is widely used in all consumer electronic devices because of its low

cost and better reliability. It can be easily programmed by the end user and used in

any applications. FPGA can be broadly classified into two types:

1.Custom designed IC

2.General purpose IC

Custom design FPGA’s are developed by user specification from wafer

level and final output is obtained. It is only suitable for mass production systems

with unique programming .

general purpose FPGA’s which were supplied by the vendor in IC form

where the user has to program to his requirements with the help of EDA tools

(electronic device automation).

8. INTERNAL BLOCKS OF FPGA IC:

Embedded Microcontroller:

The embedded microcontroller used here is ATMEL AT40K. It has the

overall system control and it interprets the encryption algorithm. A dedicated logic

is used for security measures such as personal identification number (pin)

authentication or challenge response. The voltage level is: VCC= 1.8 +/- 0.15V.

13

13

Crypto Coprocessor:

This is a custom designed unit (Modular Exponential unit) to implement

encryption algorithm. Inside, it has a ROM to store the password used. It runs

independent of the microcontroller unit and it minimizes the delay in data

encryption and decryption. By using a crypto-coprocessor, the password in

encrypted and stored and it would be almost impossible for a hacker to crack the

password.

Random Word Generator:

The random word generator unit generates a random word which replaces

the password (correct password) in the buffers and other terminals with a random

word after the transaction is over. Hence it is almost impossible to replicate the

behavior of the ASIC and thereby obtain the encryption key or algorithm used.

On Chip Security Power Management:

This unit protects the card (ASIC) against over voltage or under voltage

and over frequency or under frequency of the clock signals given for operation.

Access Control:

Access control unit protects the on chip memory. It provides address and

data bus scrambling and detects any non-standard attempt to acquire memory

access.

Flash ROM / ROM:

Flash ROM stores the instruction set for the microcontroller unit, the

necessary monitor routine programs and the application code. Here the flash ROM

is used because there are 32 available instructions sets for different applications.

14

14

But only one instruction set is used. If another instruction set is used the card can be

used for only the specific application.

EEPROM:

EEPROM is used to store the processed data i.e. the balance amount in the

card. This part is of commercial importance as it holds the monetary information of

the card. Also the EEPROM sends the data to be read for establishing transaction.

RAM:

It provides the workspace for both the microcontroller unit and the crypto

co-processor. It’s where the actual comparison of the stored password (original

password) and the given password for transaction to take place. Only if the given

password is the actual password, the access is given to view the details of the card,

deposition, withdrawal are allowed.

Serial Interface:

It has six valid pins CS-chip select, CLK-external clock, DI-data input, D0-

data input, VOC-voltage input, GND-ground. Actually a parallel printer port is used

for interface of the card with PC. But only the six required pins of the printer ports

are activated. Thus the advantages of parallel and serial communication are utilized.

There is no need for a separate USB.

RF Interface:

This unit provides establishment of transaction using Blue tooth

technology, which is our future enhancement.

15

15

9. Internal 16 Bit Address/Data Bus:

This provides communication between different units inside ASIC chip.

This ASIC chip is built satisfying ISO 7816 standards.

Operation:

1. Once the card is given the power supply all the units are activated.

2. The password is sought and the password is sent. The first bit is chip select then

the start bit, two opcode bits, 6-address bits and 16 data bits.The dedicated

embedded microcontroller looks after this process.

3. Then the given password is sent to the RAM work space.

4. The password (original password) after decryption by the crypto processor is

sent to the RAM.

5. Here the passwords are compared by the microcontroller. Only if the both the

passwords are correct, the access control unit brings the flash ROM, EEPROM

units of low impedance state.

6. Otherwise the units are kept in high impedance state.

7. The on-chip security power management unit provides the correct voltage and

correct frequency (CLK signal) for functioning of the ASIC.

8. If the password is correct, then the microcontroller fetches the instructions from

the instruction set in the FLASH ROM.

9. The balance amount can be fetched form the EEPROM, through the D0 pin of

the serial interface.

10. After the transaction is over the balance amount is stored in the EEPROM

through D1 pin of the serial interface.

16

16

11. Once the transaction is over, the random word generator generates a random

word and sends it to the terminal ends and other buffers where the original

password is present.

This protects the original password from being hacked by hackers.

12. Thus the ASIC is designed for effective transaction with proper security to the

customers.

10. SALIENT FEATURES OF e-WALLET:

More than 40 years of data retention

Firewall encrypted security logic,its level of security is also impressive

Compatible with many supporting hardware.

No separate card reader is required to access our card

Polarity reversal indicator is pre-built in our card.

Reusability of our card is unlimited.

Multiple card features are incorporated in the same card.

External complexities are less.

Whatever information you want to keep safe, eWallet is designed to help you

entering and retrieving your data with the least hassle possible

10.1 Encryption:

To store personal information using a digital wallet requires the use of

encryption technology. This is where all information is securely transferred to the

merchant so that someone's personal information is not compromised.

17

17

10.2 Digital Certificate:

To effectively identify everyone, each digital wallet will provide consumers

with a digital certificate. This allows a consumer to visit different websites without

having to re-enter their credit card information because the digital certificate stores

all required information.

11. SETUP AND USE:

A client side digital wallet requires minimal setup and is relatively easy to

use. Once the software is installed, the user begins by entering all the pertinent

information. The digital wallet is now setup. At the purchase/check-out page of an

e-commerce site, the digital wallet software has the ability to automatically enter

the user information in the online form. By default, most digital wallets prompt

when the software recognizes a form in which it can fill out, if you chose to

automatically fill out the form, you will be prompted for a password. This keeps

unauthorized users from viewing personal information stored on a particular

computer.

12. MEMORY AID:

None:

This option will generate the most secure password but at the expense of

being harder to remember.

18

18

Mnemonic Sentence:

With this option, Pass Builder will also generate a sentence that Could help

you to remember the password. For example, if Pass Builder generates the

Password Bni, it would show you the mnemonic sentence was Brian nibbled icons.

Any Numbers or Punctuation will be added to the end of the sentence.

When selecting this option, you will also be presented with two additional

buttons: the Copy to Clipboard button will copy the mnemonic sentence to the

clipboard for your use in other software and the Append To Card Note button will

add the mnemonic sentence to the end of your card notes.

Pronounceable :

The Pronounceable option is based on the U.S. governments FIPS

181 specifications for creating pronounceable passwords. The key advantage is that

a Pronunciation Aid will be displayed that uses syllables to help you remember your

password. Any Numbers or Punctuation will be prepended and/or appended to the

Password.

Dictionary:

The Dictionary option starts with a word from a built-in dictionary.

Additional characters are then mixed into the password to fill it out to the requested

Length.If the Warped option is checked, certain characters will be changed so the

password is still readable, but it would be harder for someone to guess. For

example, an a might be changed to an @ and a s might be changed to a 5 or a z.

19

19

13. Advantages of e-Wallet:

Ease of use:

Withdraw or deposit value by telephone

No signature required

Pay the exact amount, no fiddling for change

Immediate payment

Accessibility and convenience:

Cash machines and telephones give more access points to funds in bank account

Available 24 hours / 365 days

Cash machines and telephones cannot run out of electronic cash.

Flexibility:

Transfer value by telephone

Pay person to person

For low or high values

Multi-currency capability

No age limit, so suitable for all the family

Safety and control:

Spend only what you have

Read your balance

Load value at home

20

20

Lock your card or wallet

Keep track of what you have spent and where

Customer is traceable if a lost card is found.

14. Conclusion:

With all the above mentioned features it is definite that the future of cards is

definitely e-Wallet’s. Besides credit cards, this e-Wallet can also be extended into

the following fields, namely:

Sim – card

Petro – card

Credit – card

Health – card

Intelligent web – surfing card

Insurance – card

Access – card

ATM

Televoice card

These are only the few to mention. Due to its ease of adaptability to its

environment, this e-Wallet would certainly change the way people transact

(monetary transactions).

21

21

REFERENCE:

1. www.technologyreview.com

2. www.wikipedia.com

3. http://www.publicradio.org

4. http://futureexplorers.com

5. www.entecollege.com

22

22