E-Money

A: E-transactions centre around trust (that the transaction will work), adequate remedies (an audit trail is in place), robust technology and evidence of safety. To provide a commercial viable alternative to cash, the level of risk must be weighed up and be proportionate to the benefits of providing e-money solutions.

A: It is interesting that the mobile phone is now becoming a key in e-transactions. One reason is the wide availability of phone technology - in developing countries such as China there is a far greater distribution of mobile phones than laptops. There is now a blurring of boundaries between banks and mobile phone companies - eg Vodafone involved in banking services.

A: For the future of e-commerce we need a uniform payment structure across Europe; Simpay attempted a payment system via mobile phones, but this collapsed in the attempt due to the inability to settle on an agreed network.

A: Risk arises where you believe there can be 100% security. An e-money system has to be safe enough for the practical purpose, but you have to accept that you won't manage absolute security.

A: They are very hard to crack. The cost of decrypting the data is disproportionate to the likely gain that could be made financially by doing so. Access to an electron microscope would allow decryption, but for an individual SMART card the cost would be prohibitive. In credit cards the technology is slightly different and the magnetic strip holds the chip information, but the PIN is stored in a different place. The PIN is encrypted so that it can be seen, but not read.

A: Clearly there are risks in wireless - you don't know who you are hooking up with. Be aware that your data can be seen and accessed and there is the danger of impersonation. You could be sued under contract in relation to your duty of care if you haven't taken proper precautions in a transaction. One safeguard is to make sure proper authentication is in place.

A: Full interception of online communications is covered by Part 1 of the Regulation of Investigatory Powers Act 2000, and a warrant is required from the Home Secretary to enable this to happen. For tracing traffic the authority of a senior law enforcement officer is required. There has to be a valid reason for undertaking interception or monitoring, such as suspicion of criminal or intelligence activity or a threat to National security, and this may only take place where there is no other way of obtaining this information.

A: There are now built in certificates in mobile phones or Outlook which authenticate who you are. The problem is that in a free market there are a number of schemes and in order to be able to transact securely you need to belong to more than one scheme.

The other dilemma is that if the encryption-decryption becomes too cumbersome they become unusable. For example, several High Street banks have such unwieldy security checks on their online transactions that the security becomes a barrier to people using them. An end user has to see the value in a security system and not be frustrated by it.

A: A long way to getting to a fully audited system in which there is universal confidence. Another reason however is our informal 'black' economy which relies upon cash payment - e-money, where 'real' money does not pass hands, would be a huge disturbance to this existing economy. Also, outside of the UK and US there is still a huge amount of reliance on bartering. Where e-money does have a very useful role to play is in micro payments - for example where there is a nominal payment of, say, 1p required.

A: If liability rests with the bank, why should you care? Now that chip and pin has become widespread, retailers are liable for fraud if they accept a signature. It is wise, to safeguard yourself, to check what liability you have and what liability your bank accepts, to be aware of the strength of your own position.

A: This is still not as good as it is suggested. There are simply too many variables. For example the iris is not readable in certain ethnic groups and there are problems in particular light conditions. To be certain of accuracy you need at least two biometrics. There is also a problem in the sheer scale; if you are looking at a database of over 50 million for the whole population of the UK, not only will you need more biometric options for accurate matches, there is also a huge time implication in getting to the match. To date all testing has been run on very small numbers which is not representative of how the system would work on a large scale.