A Free Educational Resource Created by Carnegie Mellon University to Empower You to Secure Your Part of Cyberspace

Digital Wallet

The electronic equivalent of a wallet for e-commerce transactions

The digital wallet was first conceived as a method of storing various forms of electronic money (e-cash). With little popularity of such e-cash services, however, the digital wallet has evolved into a service that provides Internet users with a convenient way to store and use online shopping information. Also called an "e-wallet," it holds credit card data and passwords for logging into Web sites. The data may reside in the user's machine or on the servers of the digital wallet service provider. When stored in the client machine, the wallet may use a digital certificate that identifies the authorized card holder.

Information stored in a digital wallet is extremely sensitive and requires high levels of confidentiality and privacy. This can be a challenge, especially when this information is used over a medium like the Internet. E-wallets present the following types of threats:

  • Illegal uses of digital cash, including money laundering, tax evasion and illegal gambling
  • Tampering with digital cash itself, including counterfeiting, fraud and disruption of the system
Microsoft's Passport  and Yahoo! Wallet  are examples of digital wallets.

Legal Issues

Legal

Fraud and unfair practices: There are many laws to protect citizens generally from fraud and unfair practices, many of which provide protection from fraud with respect to digital cash. For example, consumer protection laws apply if a retailer did not deliver a good purchased.

Financial loss: The government has traditionally protected consumers from certain kinds of losses and has developed systems to instill confidence in financial institutions. For example, FDIC insurance  was created to insure a consumer from loss due to a bank failure and to restore confidence in the banking system. There are also regulations (specifically, Regulation Z ) that limit losses due to unauthorized credit card transactions.

Privacy

While the government has a duty to protect personal privacy, this duty often conflicts with proposed solutions to stem criminal activity. For example, very strong encryption is one way to make digital cash transactions private, but the government regulates encryption methods to attempt to ensure that it has the ability to crack encryption codes used by criminals for illegal activity.

References

Links

My home page