Ryan Lackey wrote:
Does anyone know how open the Mondex architecture is? Is it in any way possible to set up a competing system with your own card manufacture and issuing bodies for currencies which can be used in deployed Mondex POS terminals without too much hassle? [...]
Wesley Felter <wesf@mail.utexas.edu> wrote:
As I understand it, Mondex is a completely closed system. Everything that you don't absolutely need to know is undocumented. Since you can settle offline, the potential for fraud is frightening; unless I'm getting the benefit of these, um, weaknesses in the system, I don't want there to be any. The lack of privacy seems to be somewhat of a smokescreen; since you can settle offline, they don't have a really accurate way of tracking transactions except at the interface between e$ and other forms of money or goods (like their POS terminals and ATMs).
Can you hack Mondex? They say you can't...
David Jones,a computer science professor at McMaster University and president of Electronic Frontier Canada, has written an interesting article on the subject of Mondex security:
Here's my latest article published online in "The Convergence". Please visit the web page version because it has lots of hyperlinks to related documents, including some never before published on the Net (e.g., Australian bank report on Mondex security)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Mondex: A House of Smart-Cards? With e-cash, privacy is illusory and security is questionable by David Jones Mondex International has already conceded that its electronic 'cash' isn't really as private as they once claimed. Now critics are questioning whether their security is all it's cracked up to be. If crooks managed to create counterfeit cyber-cash, and if Mondex failed to detect it quickly enough, the deposits backing up the electronic currency could be drained dry, leaving customers out of pocket -- unable to redeem the 'value' on their cards. Do participating banks have any contingency plans for what Mondex calls its 'meltdown scenario'? [...] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -- Martin Janzen janzen@idacom.hp.com