IC卡食堂售饭机的开发

ELECTRONICPAYMENTS—THESMARTCARDSMARTCARDS,E-PAYMENTS,&LAW–PARTIDrSimonNewmanandGavinSutter,QueenMaryCollege,UniversityofLondonThisarticleinthreepartsexaminesthelegalissuesraisedbythedevelopmentofthesmartcard.Itexplorescontractual,liabilityandintellectualpropertyrightsissuesandassesseswhetherasuitablelegalframeworkexistsinwhichsmartcardusecanflourishandgrow.桨A铲.家核I务N匪T驻R岁O傅D爹U耀C蔬T栽I投O狮N货岗T测O臂仪S犹M芹A孤R酬T性化C缝A纷R辟D蔽S遍会A献N浇D敢E犯L抄E肌C嘉T僵R找O甚N凤I溜C确朵P碰A惯Y鸽M熔E柱N桥T管S怨讯S薯Y愁S鲁T烤E厨M繁SAsmartcardissimplyaplasticrectanglecontaininganelectronicchip,andholdingacertainamountofreadabledata.OnecommonconsumeruseintheUKisindigitaltelevision,wheretheyareusedassecuritydevicestounscrambletheincomingdigitaltelevisionsignal.TheyarealsonowcommonlyusedinGSMstandarddigitalmobilephonesasSubscriberIdentityModule(SIM)cards.However,mostattentionfocusesontheirpotentialasanindependentlycarried,easilyportable,meansofbothidentificationandelectronicpayment-forexampleasan“e-purse”菜劝h镰o达l更d萄i乳n晋g他阻e逝l幸e捉c隆t斥r毁o分n壮i邻c撞根c朗o贸i中n戏s子驻f答o维r发壁l域o轧w皱-破v钓a专l显u师e贺松t惰r挪a袖n铸s坑a务c疾t避i柜o炮n犯s右,摸并e间i姑t子h牺e迫r吵停h话e宣l劈d彼诱s弱o底l北e抖l挽y条枣o蛛n插撞t寨h乌e筐饲c捷a济r妄d润,霉1予射o妨r辫挡l围i风n宗k满e死d铃庙t贿o摇止a种拐c疮e亮n灯t乌r而a星l拜狂d督a你t家a敞b同a鹊s犬e熄.恐豆S晋m后a敏r顿t着骑c拉a趴r饮d作抛t稍e奉c哄h江n善o京l违o套g洪y诉纤i是s野毛n擦o稀t断凭n怖e零w笑,房企b逃u堵t屿摔a脚t葛桂l练e球a稼s衡t缠足u盼n派t音i免l塑险v攀e浅r失y粥碑r脉e残c恼e缝n嫁t暴l抖y收偶i骄t撕偏h肯a袖s讨虫l姜a雀r牢g拣e埋l诱y草肯f烛a冶i牧l仪e策d灰猎t茶o券俘a莲c渣h蝇i训e有v薯e冷昼w枯i票d禽e关s赔p效r穗e钓a再d匠恨u男s制e付层w厘i子t片h算i侵n渗争t体h提e群舌c妖o令u狱n润t愤r曾i素e演s准惕o筛f袜拥t启h烈e络纹E繁u坟r忍o浮p签e鼻a奏n绿劈U幅n粥i拜o他n甚.座编T共h瘦i恶s魄赵i圾s颈姻n开o蹄w芹煌b落e及g够i斩n否n谷i跃n法g谜序t连o能挎c犯h黎a础n吉g稿e乘膨a圈s挣茎s元m谱a蛛r莲t梳航c书a精r场d唤s照献b馒e京c毅o草m晨e姑软i社n要c踩r阁e象a开s惩i肺n值g踪l饥y道搂u站b嫩i巩q现u著i薪t夸o谎u乌s剪,阳如a兆l动t辜h邀o望u酿g崇h毯贱a失s系团y兵e缸t眉曾t所h皮e绢i抵r帽爪p燃r圈o供f悬i和l宗e医湾r乳e竟m汇a棒i扮n捐s涝塔l馅o衰w刷桨a集m息o浴n复g开s队t股使t翅h奏e虾局g糕e肿n萍e织r渠a临l姥夸p拾u陆b崭l疑i站c疗退-演纤m劈a退n乔y徐棍p练e娱o吐p对l争e赚陡m掩a轨y甩祥c渔a允r越r贸y摇商a冷r辈o仓u视n吵d译遗o乘n阵e避滴o火r象剃m曲o凶r仇e先驰s沈m骂a悼r态t羊-槐c孩h个i猎p帐p畏e浊d蛾估c爽r目e张d剥i馋t桃错c驻a虑r锻d岔s康语i萌n汉郊t籍h浑e即i狐r边帮w呼a瓜l偿l旷e渣t刘村o戒r考帐p陷u党r话s衰e窃介w恭i荡t柴h炒o歌u永t封滨b必e肤i忙n篇g威监a棚w孩a塘r幼e笨强t笨h浅a手t贵滋i饼t冈跃h脊o浩l卡d穷s鸣栏m匠o兄r熊e薯姨t轧h滴a经n递鉴t浪h甘e斜传u稿s纷u吼a竿l魄誉m律a梨g恒n举e侧t是i州c质板s隐t私r谣i比p灯.谎液P槐r议e秩v旁i惭o投u动s换女E抚u蹈r抗o叫p嘴e泼a茄n列备s羞m愈a尊r锁t目杀c偿a职r浴d揭s按陶d应e崖v质e凶l弟o请p阔m击e识n屿t啊乖c垄e故n离t谨r巧e翼d炼眯o亮n纸数m厌u敞l吸t援i赵p蛇l今e秆船n慧a岭t读i爹o扬n则a膝l赛手s浮y晨s宣t夫e徒m暴s肆,牺2姐廊a专l种l饰牛n缩o构n追-阴c呜o唉m碎p偷a三t萌i途b镰l改e妨,吹范w蜓h弓i天c册h娇秃h李a衰v翼e放依n纳e始v今e办r到漆a袜c燕h跟i柏e飘v糖e僵d夸运g靠o斯o涌d笔具c芳u磁s塘t辜o只m裙e若r常蔑t坝a稿k岂e杠-盏u土p膀.靠耍E闷v铁e浪n派爷w宅h晋e鸟r感e姐体a朵革l致a尘r胶g骡e纹典n小u叛m饿b袄e顶r叙公o兼f洗目c善a统r背d压s声针h随a鞠v危e杠抄b逼e缺e胃n跳木c肃i伴r铃c授u纷l府a班t废e白d勒,浓购a凉s啄券w炉i牧t略h卖陈P闷r逐o铲t约o蛮n谱画i跟nBelgium,thefrequencyofusehasremaineddiscouraginglylow.TheEuropeanCommission’sEuropeSmartCardCharter,afterashakystartin2000,istryingtorectifythisbymovingfromitsoriginallytechnology-orientedstancetowardsamuchmorecustomer-centredapproach.Previouslyitfocusedontechnologicaldevelopmentofcompetingsystems,withinteroperabilityadistantgoal.Thishaschanged.Anew“user-centric”approachtoallaspectsofsmartcardsisintendedtohelpenfranchisethecitizenandgivehim/herfulleraccesstotheInformationSocietywhichisdevelopinginallaspectsofdailylife,includinggovernmentandlocalauthorityapplications.3Itacknowledgesinparticulartheneedforeasy“anytimeanywhere”access,inordertoachievethemasstakeupofsmartcardsthatiscurrentlylacking.Itseemsthattheprincipalcustomerspushingdevelopmentinthisinstancearenotindividualconsumers,noreventhebankingcorporations,buttheEuropeanUnion’snationaltransportnetworks.Transporthasproventohaveakeyroletoplayinthisareaasithasthemasscross-culturalusercommunityandrelativelysimple,extremelyhigh-volumeapplications4thatareneededtomakesmartcardspartofeveryone’sdailylife.ParticularlyprominentinthisfieldisTransportforLondon.5Inspiredbythesuccessofthe‘Octopus’smartcardintheHongKongtransitsystem,theirPrestigeProjecthasdevelopedasmartcardsystemforeasyautomatedticketing.Thisisa‘contactless’card,initiallyintendedasaseasonticket,withanexpirydaterecordedinthecard,allowinganunlimitednumberofjourneysuptothatdate.ContactlesssmartcardreadershavealreadyasofSeptember2001beeninstalledatsomeLondonUndergroundstations,andthesystemislikelytobeingeneralusebytheendof2002.Anepursefacilitycardisintendedtobeaddedshortlythereafter,withnotimelimit,butwithprepaidelectronictokensdeductedfromthecardoneachjourney,thatcanbe‘refilled’withtokensthroughoccasionalpaymentatanelectronicticketingmachine.Inter-operabilitywithothernationalandEuropeantransportnetworksisahighpriority–ultimatelyallowingthesamecardtobeusedonrail,busandothermasstransportsystemsfromLondontoMadridtoHelsinkiandbeyond.Aswithallnetworksystems,frommobilephonestotheInternet,smartcardapplicationsmustbeinteroperablewithcommonstandardsinordertobenefitexponentiallyfromwiderusethroughouttheEUandbeyond.Itisthereforecriticalboththatsuitabletechnologicalstandardsarereached,andthatasuitablelegalframeworkexistsinwhichsmartcardusecanflourishandgrow.Onequestionraisedbythemulti-functionalnatureofsmartcardsisoneofownership:standard,singleusemagneticstripcardsarecommonlyunderstoodtobeissuedby,forinstance,abank,tobeusedbythecustomerbutremainingthepropertyoftheissuer.Multi-functionalcardsmayhaveseveraldifferentapplicationsfromseveraldifferentsourcesloadedonthem–bankingdetails,creditcard,healthrecords–sowhoownsthecard?Isthereasinglecardowner,orwilleachinterestedpartybesaidtoownonlytheirownapplicationstoredonthecard?Arelatedquestionaskswhoispermittedtoissuean“electronicpurse”smartcard.Willthisbelimitedtobanks?Willpersonaldatacardsbeissuedsolelybygovernment?Especiallyincountriessuchas,forinstance,GermanyorFrancewhereagovernment-issuedIDcardisanecessity,couldthegovernmentinsuchastateissueitsownsmartcardsforIDpurposeswhichtheuserwouldthenaddotherapplicationssuchaspaymentfacilitiesto?Governmentownedcardswouldraisethefurtherissueofcitizens’rightstoaccessgovernmentinformationasrelatingtothemselves.Alternatively,willitbelegally,asitistechnically,possibleforacompanysimplytoproduceandsell‘empty’smartcardswhichtheusercanthenaddhisowndetailsto?Ormusttheissuerbealicensedperson,realorlegal?Afurtherimportantissuerequiringanalysisiswhethertheuserofacardwillbepermittedtoaddandremoveapplicationsfromthesmartcardatwill,orwhetheritwillcarryfixedapplicationsasinstalledbytherelevantcompanieswithwhichtheusermaynottamper.Thevoluntarynatureofsuchsystemsmustbeemphasized-themulti-application“smartwallet”maycontainsoftwarefromnumerousdifferentorganisations,butitscontentsmustbeundertheuser’scontrol,justlikeaphysicalwallet.Ifitistobecommerciallysuccessfulitmustbeseenasbothsafeandconvenientfortheenduser.Thisislikelytorequireeasynotificationproceduresincaseoflossortheft,withthecardanditscontentsbeingmadequickandeasytoreplace.Thecontractualissuesinvolvedrequireconsideration.Forinstance,thecontractualrelationshipbetweenissueranduserwillremainsubstantiallysimilarasfortheissueofastandardmagneticstripsingleusecard.However,amulti-functionalcardraisesanumberofotherrelationshipssuchasthatbetweencardissuerandapplicationprovider,orbetweenoneapplicationandanother.Anareaofgreatsignificanceisliability.Liabilityforloss,damage,fraudulentusage,etcofastandardmagneticstrippaymentcard(credit,debit,etc)issubjecttoaclearcontractbetweentheissuerandtheuser.However,whenamulti-functionalsmartcardisinvolved,theissuesbecomemuchmorecomplex.Forexample,inthecaseoflossortheft,whobearstheresponsibilityifnottheuser?Isthereasingleapplicationwhichwillberesponsibleforensuringadequatesecurityforthecard’sgeneralfunctions,forexample,preventionoffraudulentuseofthecardinpayment,orofadigitalsignatureencodedintoitinordertoidentifytherightfuluser?Security,fraudprevention,andsoonwillalsoariseasissuesofconsumerprotectionprovisions.Theapplicationofdataprotectionrequirementswillbeofgreatsignificanceinensuringadequateconsumerprotectionstrategiesareinplace.Thisislikelytoentailtheuseofsomemethodofencryption,raisingfurtherissuesastoavailabilityofdecryptioninformation.Lastly,intellectualpropertyrights(IPR)inthesmartcardtechnologywillbeanalyzedinthestudy.Howwilltheprotectionofsuchrightsbeachieved–willitbeprimarilybypatents,ratherthancopyright?Howarethosecommercialinterestsinvolvedintheproductionofsmartcardscurrentlyprotectingtheirinterestsinthetechnology1.TheDevelopmentofSmartCardsRapidgrowthinelectronicbusinesshasledtothedevelopmentofpaymentsystemstailoredtomeettheneedsofonlinepurchasing.Althoughcreditcardshaveprovedthemostpopularmethodforonlinepaymentssofar,theymaynotbethemostappropriatemethodinalltransactions.Forexample,theymayprovetoocostlyforthepurchaseoflowvaluegoodsandservices,andarenotsuitableformakingpaymentstoconsumers.TheincreasedinterestinauctionschemessuchaseBay6leadstoanincreasingneedforsystemswhichallowforthetransferofvaluebetweenconsumers,ratherthanonlybetweenconsumersandbusinesses.Theperceivedsecurityrisksofsendingcreditcarddetailsonlinehavealsoprovedabarriertotheiruse,leadingtoaninterestindevelopingmoresecurealternatives.Avastarrayofelectronicpaymentsystemshavebeen(andarebeing)developedaroundtheworld.Theseareeithersmartcardsystems,wherethevalueisstoredonachiponamultipurposecard,orsoftwaresystemswherethevalueisstoredaselectronictokensinthememoryofthecomputer.However,althoughsomeofthesesystemshavebeenavailabletotheconsumerforseveralyearsnonehasbecomeuniversallyaccepted.Furthermore,becausethevarioussystemsandtechnologiesarenotinteroperable,consumersandmerchantsareforcedtochoosewhichorhowmanyofthesystemstouse.Manyonlinebuyersandsellershavethereforeelectedtousethetraditionalcreditcardduetoitsgreateruniversalacceptance.Manysystemshavebeendevelopedintrialformbuthavenotimmediatelybeenfollowedupbycommercialexploitation,andothershavebeenchangingandmodifyingtheirservicestomeettheneedsofthemarket.Itseemsthereforethatthemarketisstillinastateoffluxandthatcommercialbarriersarehinderingtheadoptionofthesenewsystems.Variousstepshavebeentakentowardsremedyingthelackofinteroperabilitysuchasthedevelopmentofastandardprotocolwhichmayovercomethecommercialdifficulties.AsfarasthelegalissuesareconcernedthesehavetoadegreebeenovershadowedbythecommercialproblemsalthoughintheEuropeanUnionthecreationofaregulatoryframeworkforelectronicmoneyissuersisunderway.However,otherissuessuchasthecontractualrelationshipbetweentheissuerandtheconsumerhavenotbeenaddressed.2.ElectronicPaymentSystems:Software(a)CreditandDebitCardsCreditanddebitcardsmaybegroupedtogetherasexamplesof‘debttransferencesystems’.Theuseofeitherinmakingpaymentsassociatedwithonlinepurchaseisbroadlysimilartotheothermainmethodsofcarryingoutdistancecardpurchases–bymail,faxorbytelephone–inthattheactualcarditselfandthesignaturethereonarenothandledorseenbythepayee,butthedetails(numberandexpirydate)aretransmittedovertheinternet,eitherviaawebsiteorbyemail.Currentlysuchincorporationof‘traditional’creditcardsystemsintoelectroniccommerceremainsthemostpopularmethodofpaymentovertheinternet,presumablyatleastinpartbecauseitsusedoesnotrequireinvestmentoftimeandmoneyintoacquiringandbecomingfamiliarwithnewsystems.Also,thereisaperceived‘comfort’factorinthesecurityofferedbyanestablishedbrandsuchasVisa.Therestillexists,however,somedegreeofconcernamongconsumersgenerallyaboutthesecurityofmakingsuchtransactions.Whiletheriskofinterceptionofcreditcardinformationbyathirdparty,orarecordofitbeingmadebyanunscrupuloussalesassistant,andsubsequentfraudulentusagedoeslittletodetermostfrommakingsuchpurchasesbytelephoneorinperson,fearsaboundthatthiswillhappeniftheydosoovertheinternet.Governmentshaveaclearinterestinsuchissues,aswiderconsumerspendingininternetsaleswillservetobolsterthenewdigitaleconomy.Technologicalmethodsmaygiveconsumerstheconfidencetotakeadvantageofwhatthenewmarketplacehastooffer.Theymayalsohelptopreventcreditcardfraud,thuscontributingtoreductionofsuchcrimes,anotherattractivefeatureforgovernments.(b)SecureSocketLayer(SSL)ProtocolTheSSLprotocolcreatesasecurechannelforthetransmissionofencryptedpaymentcarddetailsbetweenretailerandconsumerandisinwideusageacrosstheinternet,incorporatedintomanydifferentsoftwaresystems.PatentedbyNetscapeandsubmittedtotheWorldWideWebConsortium(W3C)earlyin1998asastandard,ithasnowbecomethenormforsecurecommunicationofpaymentcardinformationovertheinternet.Inoperation,SSLutilizesamixofpublicandprivatekeyencryption.Privatekeyencryptioninvolvestheuseofonesingle‘key’–analgorithmiccode–whichallowsamessagetobeencrypted.Onceencrypted,themessagecanonlybereopenedwiththekey.Accesstoamessagecanthusbecontrolledbycontrollingdistributionofthekey.Thepublickeytechniqueisbroadlysimilar,however,thereisaseparate,publickeywhichisgiventoBtoeitherdecodemessageswhichhavebeenencryptedusingA’sprivatekeyortoencryptamessagetosendtoAwhichcanthenonlybeopenedwiththeprivatekey.Itisaversionofthissystemwhichonlineretailersgenerally