The Nature of Digital Currency Options Track this topic Email this topic Print this topic Download this topic Subscribe to this forum Display Modes Switch to: Outline Switch to: Standard Linear+

[Ayeohx]

Since my campaign takes place in Seattle the nuyen is our primary currency. Unfortunately I have very little information on how the currency works.

Here's what I know:

1. Nuyen has digital signatures. (pg 124 Sprawl Survival Guide)
2. "The only way to counterfeit nuyen is to copy an existing certified credstick." (Forgery rules, pg 95 Unwired)

Here's what I need to know:

1. What media can nuyen be stored on? Banks and credsticks only or anything which has memory.
2. If you can store nuyen on anything, say an optical chip or a commlink, why would you specifically need a certified credstick for forgeries?
3. If nuyen can be stored on any storage media then how is nuyen stored? One file per nuyen?
4. Is every single nuyen tracked and by whom?
5. If I steal "Nuyen A" from Bank #1 can I deposit it in Bank #2? Or is that nuyen somehow flagged as stolen?
6. Similar to the above, say I hold up a fellow and transfer his money to a certified credstick. If he reports that money as stolen, is the nuyen flagged as stolen?
7. If nuyen can be flagged as stolen what stops people (Mr J) from paying people and they saying that money was stolen? And professionalism isn't enough; half the time they try to kill you.
8. Can you move nuyen from a bank account to credsticks or can this only be done by the bank that issues the credstick? The reason that I ask this is banks use to charge (and possibly still do) charge fees for certified credsticks equal to 10% of what went on the credsticks.

I know I'm missing a few questions but this is a good starting place. Please leave references for your post if at all possible. The more facts the better.

[kzt]

Yup. And the answer to how banks securely work today it is partially/largely encryption.

[Cthulhudreams]

Perversely, I think actual cash would be more secure - anti forgery features would be pretty advanced in 2080, and you could probably make things that would stand up to being nanotech manufactured.

[Heath Robinson]

1) How can you have anonymous transfers of money that doesn’t allow you to create money?
2) How can a merchant verify that someone has money in the account they are using?
3) How can a merchant verify that someone is authorized to spend money from a given account? Are they who they say they are?
4) Can the person paying ensure that the money they transfer goes to who they want it to go to?
5) How can we prevent the person receiving the payment from endlessly cycling the transaction to drain all the money from the account?
6) How can a 3rd party (like a bank) fairly handle complaints from either party and verify what really happened?

For a proposed database-only system where Cert Credsticks contain asymmetric keys attached to a Zero-Disclosure account you get the following answers:

1. Accounts unattached to any ID, assumption of Cert Credsticks being bought by lackeys, laundering systems assumed, encrypted transaction records. Balance unencrypted.
2. Query the nearest bank database (there are multiple synchronised copies to reduce risks of catastrophic failure) to check if it has enough money.
3. They have access to the private key attached to the account, which is protected using defensive hardware design.
4. Can you do that today? I ask the bank I'm giving money to whether the account holder is my friend and they tell me that I'm not allowed to do this. Corps will have payment systems built into whatever AR system they're using and will use alternative channels to communicate verification information if necessary. You're already seeing this kind of thing today.
5. Payer authentes the transaction, must be done over secured link using the asymmetric encryption - access to the private key is the best possible guarantee of ownership of the account.
6. Since everything is done on their servers, they can just perform a reverse transaction. Slightly more complex if the transaction is done between banks, but ultimately they'll have business agreements to enable it all. You'll have to give a reason and they'll try to verify it. Is it really all that different from today?

Cert Credstick providers will encrypt your transaction records with the accounts Public Key so that only the credstick possessor can read them, ever (for a given value of "ever"). You can't easily prove anything about the transactions into and out of this account. In fact, with at least one intermediary transfer between accounts on these services you cannot connect money heading into and out of these banks. However, 0 disclosure accounts cannot support transaction reversal in any secure way. It's something that people dealing with you will know and be alerted to. People in the Shadows know this and just deal with it.

Why do Corps let this situation go? Because Damien Knight works this way. Because Shadowrunners need payments. Because Inazo Aneki was a paranoid bastard. Because higher-ups need to pay for hookers without their wives knowing from their financial records. Why do countries? Because the Megas are above disclosure laws.


For non-cert accounts they can do things like using Biometric cryptohashes for the Private Key. Where the Biometric sensors are secure kinds (i.e. none of the stupid fingeprint lifting off the actual detector). You can also include PINs or passwords as an extra layer of security.


Edit: I should point out that reversing a transaction requires reading the transaction records to verify the transaction actually occured. That's why I used it as an example. For encrypted transaction records this is impossible because they don't have the key to decrypt the records. However, they can totally disclose the record ciphertext without much worry. They won't, because infinite monkeys, but it's safe to do it.

[Cthulhudreams]

The biggest problem with 1) is that you have to actually pay the money in with an ID - and if Joe from Ares accounts department pays in 2 million nuyen from his private account, thats pretty much the same as if Ares just did it.

So its not particularly anomyous - particularly because they have to fess this up to another organisation - whhich holds the database.

If Ares holds the database, it isn't anonymous because Ares knows exactly who did what with whom then. So as the recipient, yeah, you may as well have just been paid in Ares corp script.

[Heath Robinson]

Assumption of laundering. When both ends of a transaction involve Zero Disclosure policy providers that encrypt the transaction records using the Private Key of the Asymmetric Key Pair then no-one outside the owners of the Private Keys for the accounts involved can prove the transaction ever took place. The providers can easily provide systems that only provide balance information that updates on certain time schedules to ensure that no-one can perform a traffic analysis attack assuming sufficient movement. This is probably a 5 minute boundary system and they synch multiple databases before the update to ensure that sufficient "noise" traffic is included in the information provided by any update.

With a laundering situation you pay a legitimate front business some money for an inconspicuous purchase, and they then transfer it through a few of these and then onto a stick of your choosing ("paying" people that don't exist except in the SIN database for doing work that they never did). They take their cut along the way. You now have Nuyen that no-one can connect to your stick. They use multiple (random number) rounds of distributed transactions to ensure that nobody can ever definitively link your account as the end recipient if they possess one of the sticks involved in the ring. They cycle sticks into and out of the laundering system to ensure that you can't use past data to ID a unique account entry.

They do this honestly because the Shadows works on reputation, like any business. If they stiffed anyone then their name is mud.


I may also have updated details whilst you're writing your post. Encrypted transaction records form a major part of the guarantee of anonymity. I only really put that in the answer to 1 when I felt secure in the system I drafted. The actual weakness is that the anonymous parts of the system have no answer to 6. That's just accepted as part of doing business in the Shadows - you can't get help from a third party.

I mean, it's impossible to let a third party check transactions whilst also making it impossible to disclose the identity of transactors. If they can look at records then they can trace nuyen trails backwards arbitrary distances. Anonymity requires transactions be safe from the people who hold the records as well as everyone else.

[Cthulhudreams]

Sure, but the only problem is that the only people big enough to run the secure database you posit are also run highly illegal secret wars against each other all the time.

If Ares owns the database, they know who pays in. While they can provide a system that cannot be attacked externally, they are literally the man in the middle and have every reason to want to know what is going on.

Encrypted transaction records form a major part of the guarantee of anonymity.

There is no encryption in shadowrun that can resist sustained attack. And by sustained I mean 5, 10 minutes. Given that, there is no anonymity, even ignoring the MitM attack, so we have just lost the primary condition.

[kzt]

I mean, it's impossible to let a third party check transactions whilst also making it impossible to disclose the identity of transactors. If they can look at records then they can trace nuyen trails backwards arbitrary distances. Anonymity requires transactions be safe from the people who hold the records as well as everyone else.

True. But it's essential for routine transactions. If I can't complain effectively that I didn't buy the car that someone ordered delivered to a city I've never been using my money there is a show-stopping issue being ignored.

The reliance on cryptography that doesn't work is the major issue with your idea. Plus the minor detail that being in the chain of people who paid for blowing up a 24 billion system belonging to SK means you are going to get tortured to death as part of the un-onioing process. Rubber hose cryptographic analysis is NOT something that you want to encourage as a payment processor.

[Heath Robinson]

True. But it's essential for routine transactions. If I can't complain effectively that I didn't buy the car that someone ordered delivered to a city I've never been using my money there is a show-stopping issue being ignored.

The reliance on cryptography that doesn't work is the major issue with your idea. Plus the minor detail that being in the chain of people who paid for blowing up a 24 billion system belonging to SK means you are going to get tortured to death as part of the un-onioing process. Rubber hose cryptographic analysis is NOT something that you want to encourage as a payment processor.

The failure of criteria 6 only applies for the Zero Disclosure segment of the system. Normally the banks can read your transaction history and perform reverse transactions. If it's a 0D account then you've waived that option in exchange for guarantees that nobody except yourself will ever be able to verify your transactions.

I don't think this is a major flaw of the system. It's not for everyone because, well, not everyone lives in a world where Corps are hunting you to pay you back for the last time you did wetwork on their operatives. Normal people let the corps see their account history and are happy when it lets them cancel fraudulent charges. Joe Shadowrunner doesn't and can't expect for any cheery service representative to help him when George Mafia has taken his money and not given him his fucking car. But George Mafia needs to eat, and to eat he needs other people to trust him.


Dramatic Encryption. Because the game demands it.

Sure, but the only problem is that the only people big enough to run the secure database you posit are also run highly illegal secret wars against each other all the time.

If Ares owns the database, they know who pays in. While they can provide a system that cannot be attacked externally, they are literally the man in the middle and have every reason to want to know what is going on.



There is no encryption in shadowrun that can resist sustained attack. And by sustained I mean 5, 10 minutes. Given that, there is no anonymity, even ignoring the MitM attack, so we have just lost the primary condition.

If Ares runs a MitM attack on your accounts then you stop using Ares. They lose a stream of revenue and Damien Knight is very annoyed because there are copies of his hookers'n'blow accounts that can be hacked. Like, annoyed enough to fire the entire department involved and trash their reputations forever.


Like I just said. Dramatic Encryption. Because, seriously, it's necessary. Handwaving is good when the rules are crap in a way that precludes the game working at all.

[Cthulhudreams]

I think we are all arguing the same thing then - my point of view is that the rules make the background impossible.

You are proposing an alternative set of rules (with some people arbitrarily having strong encryption for no reason) which sacrifices university consistency to make something else functional. Which is fine, but that is an arbitrary rule you are making up to solve a problem, which needs to be clearly acknowledged.

If Ares runs a MitM attack on your accounts then you stop using Ares. They lose a stream of revenue and Damien Knight is very annoyed because there are copies of his hookers'n'blow accounts that can be hacked. Like, annoyed enough to fire the entire department involved and trash their reputations forever.

You misunderestimate me. In this world, the megacorps ARE the financial institutions. The very guys you are trying to hide from are the only ones that also broker transactions. They man in the middle everything you do, because they are you banker. They are your broker. They are in the man in the middle. They own the database. They own the infrastructure. They process the money. They have the 'coins'

Where are you going to take your data away from ares? To some other corp - they'll be the ones doing it instead. You have to give it all to someone.

[kzt]

And each mega is in a stronger position to demand things from non-megas than the US justice department is to demand things from UBS. The senior executives of UBS can be pretty confident that Obama won't have them methodically murdered if they don't give up tax records, but would the head of a 6th world bank feel so confident about Juan Atzcapotzalco when Aztechnology wants account histories and transaction logs?

[Chrysalis]

Reading through this thread all I could think of was how unbelievably nitpicky this is.

When I swipe my card at the store, on the bus, or in the cash machine I do not know how it works. Only that it does.

Nonetheless I wish that there are real assurances that if I leave my card on the counter, or is cloned by the clerk, that I can get my money back.

I do not see cred sticks having any money on them. They are simply verification tools for a letter of credit from a bank. The best analogy is an account with say 10,000 nuyen that can be accessed when you hold the credit stick. You can clone a credit stick, but you can't clone the money in the account since it does not reside on credit stick, only the verification tool resides on the credit stick. Worse situation? Because of cloned credit sticks, the credit stick and all its copies, are cancelled and the left-over money is returned to the account holder.

Once the credstick account is empty or is inactive for a set period of time (say three months), the bank closes the account. Any left over money is recycled back to the bank.

[FrankTrollman]

Reading through this thread all I could think of was how unbelievably nitpicky this is.

When I swipe my card at the store, on the bus, or in the cash machine I do not know how it works. Only that it does.

Yeah. But you're not a career computer criminal. Some of the characters in a Shadowrunner team are. They are getting new identities on a weekly basis, breaking computer systems and encryption for a living, and lying to the system just to stay alive. So the question of "Why don't they fake credit card payments and live like kings?" is a damn good question. And the stuff spewed in Unwired has no answer for that.

Shadowrunners need to be able to get an answer to how the credit system works because committing fraud on that system is their life's work. And the answers given by the book, heck the answers given personally by Ancient History on this thread, are wholly unsatisfactory. As long as I'm allowed to carry around a digital imprint that is "like gold" and transferable in an untraceable way, I can just copy it and double my money. And once that happens, Shadowrunners don't need to run the shadows. And while they are relaxing on the beaches of Ibiza having crazy sex parties, the world financial system will collapse under the crushing weight of an absence of confidence.

-Frank

[Heath Robinson]

I think we are all arguing the same thing then - my point of view is that the rules make the background impossible.

You are proposing an alternative set of rules (with some people arbitrarily having strong encryption for no reason) which sacrifices university consistency to make something else functional. Which is fine, but that is an arbitrary rule you are making up to solve a problem, which needs to be clearly acknowledged.




You misunderestimate me. In this world, the megacorps ARE the financial institutions. The very guys you are trying to hide from are the only ones that also broker transactions. They man in the middle everything you do, because they are you banker. They are your broker. They are in the man in the middle. They own the database. They own the infrastructure. They process the money. They have the 'coins'

Where are you going to take your data away from ares? To some other corp - they'll be the ones doing it instead. You have to give it all to someone.

Arbitrary madeup rules? It's in Unwired under the Encryption section (albeit Optional instead of fully included). You could also make it 24hr Encryption at Rating 6 if you want to highlight the absurdity of the rules. However, seriously, you want the Hacker to actually play the game instead of just sitting around trying to crack someone's accounts to get their moneys, so you tell the Hacker that the encryption is arbitrarily hard and he just says "Okay, I understand that we play this game to do what the game says on the tin." Or he's an egomaniac asshole and you dump him from the group for that.


I've given two good reasons why Megas would not MitM their anonymous segment, and they don't need to MitM the non-anonymous segment. The non-anonymous segment lets them look at their transaction history. It's easier to remove the segment where I explain why and just ask you a simple question. Are the Megas organisations with motivations that involve profit somewhere, or are they Ocelot in this comic?

And each mega is in a stronger position to demand things from non-megas than the US justice department is to demand things from UBS. The senior executives of UBS can be pretty confident that Obama won't have them methodically murdered if they don't give up tax records, but would the head of a 6th world bank feel so confident about Juan Atzcapotzalco when Aztechnology wants account histories and transaction logs?

The Megas run the system. That's why it's permitted when most governments hate the idea of untracable accounts. The Megas obey no laws they don't actually consent to. They only consent to laws when they see a profit from the consent. They get more money by running this system, because it taps a market that isn't tapped when you've got Ocelot in this comic running the banking system.

And the UCAS government can't touch them for it. That makes the UCAS government so very angry. But they can't do a thing. They've no legal jurisdiction.

[Cthulhudreams]

Why wouldn't the megas MitM their segement? It makes perfect sense. If someone blew you up real good you want to know about that. If someone just paid someone else to blow up Horizon, you want to know about that too. Even if all that is done with the data is that its dumped into a big datamining application which you don't tell anyone about, you'd still do exactly that.

Heck, I'd set fire to my profit margin just so that I knew most or all of the data about covert payments to terrorists was being funnelled through my banking arms - then I know who is getting blowed up by who and that is worth a stack of cash - if the production facility for Horizon widgets is going to get shot up, having my own widget factor staffed up to run overtime is looking good - even if it was a pack of ecomentalists that blew up Horizon, I can still benefit, a lot.

Also if I can work out why the ecomentalists are pissed off with Horizon, hey, now I know who they are using to illegally channel money and firearms to terrorists. If they'll keep shooting at Horizon, maybe I'll give them some guns. And if someone is funnelling money to people shooting at me, I can have it quitely arranged for them to have a traffic accident.

[Heath Robinson]

To begin with, you've got around 10% of the necessary info to do all this data mining, and the other people ain't selling theirs because that implies things that you can sell to the shadows to increase your profit margin by stealing their customers. So you've got insufficient info for most useful things.

Except, wait, some professional backstabber in your backstabbing organisation - let's call them Revolver Ocelot - has sold the info that you're backstabbing your 0D customers to the shadows and you no longer have even 10% of the information. You have 0%. You can't run a data mining system without people knowing about it somehow, and good info is worth money. Lots of money. Enough to cover their extraction.

So, screwing your customers leads to them abandonning you. So you lost all your profit margin for only a temporary advantage (based entirely in possibly dodgy past data) and you can't even revolving door this system since it needs extraterritoriality to work (meaning that you have to file paperwork which fingers the institution as yours). You've burnt revenue streams for no benefit. Shot yourself in the foot, but Blighty isn't near - Blighty doesn't even exist. There's nothing you can do to persuade the shadows that you're legit the next time. That ship has sailed for good.

The others in the big 10, though, commend you. They certainly like their new customers, and they've learnt an important lesson from your suicide.


Even worse - they could leave behind people whose job is to lie to your data mining system. Making your data mining worse than useless - it's an actual liability.

[hyzmarca]

You deal in something other than electronic currencies. For example, if you bought three pounds of gold and paid for something with that (or a stock certificate, bond, etc.)

That doesn't really solve the counterfeiting issue, as the man with a lead bar and a can of spraypaint can tell you.

The ease of counterfeiting is inversely proportional to the ease of verification. For this reason, the counterfeiting on certified nuyen and other certified electronic currencies is limited to transactions between private individuals. Merchants, even the smallest ones, will have online verification equipment that can instantly identify copied nuyen as being such, in a fashion.

Paper is easier to counterfeit, and half-decent counterfeit paper can be used at small merchants, or busy large ones, as the use of verification systems would be too time-consuming and costly to bother with.

Verifying precious minerals can be even more time consuming, and requires a knowledge of their physical properties and sufficient scientific background to test these properties. Shaving coins and representing alloys as being pure are both very old counterfeiting tricks. Even banks would have trouble dealing with these without dedicated professionals to examine all the precious metals they intake.


In the end, all private currency transfers are a matter of trust.

Certified nuyen requires the least amount of trust, however, because it is the most easily verifiable. In SR4, anyone with a comlink would be able to verify the currency almost instantly.

In the case of electronic currency, such as certified nuyen, it is also possible to provide total anonymity using blind signatures. Assuming that ZOG is the only valid signer, a blind-signature e-coin scheme designed for unlinkability could be made totally anonymous and untracable.

It would be necessary to design the system this way intentionally, which cypherpunks are substantially more likely to do than any major banking group is, but it is possible. Assuming that untracability is the point, ZOG can do it. The technological and mathematical foundations for it to be done exist now. All that is needed is ubiquitous wireless internet access devices and amoral bankers who are willing to use privacy concerns as an excuse to set up a system that allows them to obfuscate their criminals dealings to render the whole thing perfect.

As long as I'm allowed to carry around a digital imprint that is "like gold" and transferable in an untraceable way, I can just copy it and double my money.

You can carry around a digital imprint that is "like gold" (and backed with gold) now. It is transferable in untraceable ways now. But you can't copy it and double your money.

The reason is simple. E-coin issuing banks will only accept one copy of a given e-coin. In other words, if more than one copy of any give e-coin gets put into the system, all except for the first are invalidated. Given the ease on online electronic depositing of e-coins, this makes it substantially less effective than using photocopied 20s, which don't go to the bank until the end of the day at the earliest.

As a result, the only transactions that are vulnerable to counterfeiting are those without immediate deposit of the e-coins, generally between private individuals without immediate internet access. Since these sorts of transactions are also vulnerable to photocopying and other forms of counterfeiting, the problem isn't too great.

[Chrysalis]

I just realized there is a RL comparison: a prepayed credit card. Mastercard, Visa, and AMEX versions are available.

You can also make a numbered account, have a credit card registered, and you are sorted.

Forensic accounting is possible, but then there is the question of amounts. A numbered account can be set up so someone can buy a boat or pay a bomber for bombing an orphanage or even slush fund for the mistress. Money does not describe intent unless the receipts say something like, 16ft. yacht, detonators for explosives, or sex with little Natalie.

Besides once the money jumps to extraterritorial banks, the trail is now only behind a mountain of paperwork.

[hobgoblin]

http://en.wikipedia.org/wiki/Bearer_bond

[Cthulhudreams]

To begin with, you've got around 10% of the necessary info to do all this data mining, and the other people ain't selling theirs because that implies things that you can sell to the shadows to increase your profit margin by stealing their customers. So you've got insufficient info for most useful things.

Except, wait, some professional backstabber in your backstabbing organisation - let's call them Revolver Ocelot - has sold the info that you're backstabbing your 0D customers to the shadows and you no longer have even 10% of the information. You have 0%. You can't run a data mining system without people knowing about it somehow, and good info is worth money. Lots of money. Enough to cover their extraction.

So, screwing your customers leads to them abandonning you. So you lost all your profit margin for only a temporary advantage (based entirely in possibly dodgy past data) and you can't even revolving door this system since it needs extraterritoriality to work (meaning that you have to file paperwork which fingers the institution as yours). You've burnt revenue streams for no benefit. Shot yourself in the foot, but Blighty isn't near - Blighty doesn't even exist. There's nothing you can do to persuade the shadows that you're legit the next time. That ship has sailed for good.

The others in the big 10, though, commend you. They certainly like their new customers, and they've learnt an important lesson from your suicide.

hhaha. Remember, corporations in this world are seriously summoning spirits from other dimensions that seek to eliminate all human life and illegally enslaving and possessing human hosts with them, while others are illegally selling biological and nuclear weapons to other people. Or buying them. Or both. Man, if that is under that hat, I'm totally sure I can keep the fact that I read my own banking transaction database secret. And operation that needs to be known about by three people - the head of my black ops division, the 2iC and the agent hearder who runs it. Way less than the insect possession farm Ares is running.

There is no transparency in shadowrun. No-one ever defects, presumably because people with actually sensative infomation are banned from communicating with the outside and murdered if they do. Remember, these guys are actually out illegally murdering people every day, and that fact never leaks. Sure they may have extraterrorality, but commissioning a crime on UCAS territory is still a UCAS crime.

But of course all this is predicated on adding rules to the game that don't exist and contradict the setting. If I can strong encrypt my banking infomation, I'll strong encrypt everything and the game breaks. (IMG:style_emoticons/default/biggrin.gif)

[Chrysalis]

Yeah. But you're not a career computer criminal. Some of the characters in a Shadowrunner team are. They are getting new identities on a weekly basis, breaking computer systems and encryption for a living, and lying to the system just to stay alive. So the question of "Why don't they fake credit card payments and live like kings?" is a damn good question. And the stuff spewed in Unwired has no answer for that.

Shadowrunners need to be able to get an answer to how the credit system works because committing fraud on that system is their life's work. And the answers given by the book, heck the answers given personally by Ancient History on this thread, are wholly unsatisfactory. As long as I'm allowed to carry around a digital imprint that is "like gold" and transferable in an untraceable way, I can just copy it and double my money. And once that happens, Shadowrunners don't need to run the shadows. And while they are relaxing on the beaches of Ibiza having crazy sex parties, the world financial system will collapse under the crushing weight of an absence of confidence.

-Frank

Hi Frank,

It is one of the pitfalls. Nothing to stop people from going around and mugging people who roughly fit their roughly equivalent biometric data and steal their commlinks and accounts.

Going into banks and taking out large loans are also possible and then transfer the money into a numbered account in Zürich and then disappear. The only trouble is that walking into any branch of those banks will have the bank teller make you wait while they call security. Using SINless with fake SINs is a workaround for the biometric data, just an updated version of a certain type of bank fraud.

Anyways, I would have to study accounting to be able to answer this thread with any further authority. besides the only problem with moving large sums of cash into my account is only with government institutions. The bank does not give a damn where the money comes from as long as it comes.

[Cthulhudreams]

In the future, the private institutions are the government.

Edit: Heck in the past too, in 1856 a private corporation controlled India and was the government.

[hyzmarca]

I just realized there is a RL comparison: a prepayed credit card. Mastercard, Visa, and AMEX versions are available.

We need a headbanging against wall emoticon. We really do.

It's different. Prepaid credit cards are tied to accounts, and they are usually in a person's name. The money is in a bank somewhere. It's really a debit card. You add money to your account and it is withdrawn when you use the card. The difference is that it's easier to get a prepaid card than it is to get a normal bank account, and the card generally has higher fees.

Certified credsticks are stored value devices. The money exists on the device in electronic form. There is no attached account.

These things exist today in various forms. Mondex , Visa Cash, Octopus Card*, Dexit, Oyster Card**

If a prepaid card is lost, the bank can issue you a new one and you won't lose anything. If a stored value card is lost, your money is gone, just as if you had lost hard cash. More importantly for Shadowrun, the stored value card is not in anyone's name and not tied to any account. It can be used by anyone at any time, and it can be transferred freely in whole.

Does no one here ride the Hong Kong subway often enough to understand this?


*More Octopus Card links
http://www.octopuscards.com/consumer/en/index.jsp
http://www.hong-kong-travel.org/Octopus.asp

** Sort of. Oyster Card and Onepulse are substantially less anonymous than is usual for stored value cards, having the ability to be registered to a person, and requiring a PIN for some transactions.

[Heath Robinson]

hhaha. Remember, corporations in this world are seriously summoning spirits from other dimensions that seek to eliminate all human life and illegally enslaving and possessing human hosts with them, while others are illegally selling biological and nuclear weapons to other people. Or buying them. Or both. Man, if that is under that hat, I'm totally sure I can keep the fact that I read my own banking transaction database secret. And operation that needs to be known about by three people - the head of my black ops division, the 2iC and the agent hearder who runs it. Way less than the insect possession farm Ares is running.

There is no transparency in shadowrun. No-one ever defects, presumably because people with actually sensative infomation are banned from communicating with the outside and murdered if they do. Remember, these guys are actually out illegally murdering people every day, and that fact never leaks. Sure they may have extraterrorality, but commissioning a crime on UCAS territory is still a UCAS crime.

But of course all this is predicated on adding rules to the game that don't exist and contradict the setting. If I can strong encrypt my banking infomation, I'll strong encrypt everything and the game breaks. (IMG:style_emoticons/default/biggrin.gif)

The thing is that you're assuming that the organisation in general is more competant than the individual. Real life proves the opposite - the organisation is as incompetant as the least experienced person in the team. Meanwhile, a team of 1 can stay utterly silent because he doesn't need to communicate with anyone.

Look at it this way - the people trying to find the information out only have to be lucky enough once. Security has to be lucky all the time. And when you've got 3 people who might mess up, you've got something approaching 3 times the risk of a single person. The info that the Ares 0D system isn't actually 0D is worth a lot of money to Horizon, who also run a 0D system and also all those pretty news outlets. Tarring the name of Ares might be worth a few political points in blackmail, or maybe it might be just worth it to push Ares out of the banking game altogether and take their old customers.

The people who actually find out about the chemical weapons probably aren't the targets, and those who they sell the info to are not, exactly, paragons of civil service, now. Meanwhile, give them good evidence that Ares is stiffing them, personally, and they'll suddenly care. A lot. Like, dropping their Ares accounts and fucking with Ares for kicks and giggles forever. Because you just made it personal.


That whole "no defectors" noise is retarded when one of the default types of mission is the Extraction.


Let me remind you that you can, actually, just rule it's 24hr Strong encryption, which is a non-optional rule from Unwired. It will take someone 24 hours to take the first test. In 24 hours it's extremely possible that it's gone out of accessible range behind other secured systems. Rendering it impossible to crack.

I just said use Dramatic Encryption because it's nicer as a GM to just up and tell your player "no, you can't crack this whole shebang" instead of doing the whole passive-aggressive "sure, you can crack it" bullshit and then tell them that they're down for the next 24 hours waiting for the first interval to pass. That's just being an asshole.

[Cthulhudreams]

All these versions are different from the cred stick in 1 respect - they close the loop by using the issuing company as a sort of broker.

When you buy visa cash, you get some token, which you can give to visa and then they pay someone else on your behalf. This closes the loop, because it makes it impossible to create money out of thin air - visa has to hand over real cash to the company. So if you haxor the card, and buy a billion ferraris.

However, this makes all the transactions traceable, because one party (Visa/Ares) owns both ends of the transaction. So they can see they issued the card to Joe Blogs onto cred stick C, and then cred stick C was used by someone to buy a ferrari. They can even make sure your transaction to buy a second ferrari is denied.

The value is not physically stored on the card instead, the card number uniquely identifies a record in a central database, where the balance is recorded. These cards are similar to closed system prepaid cards, but are endorsed by a credit card company such as Visa or MasterCard and can, unlike gift cards, be used anywhere a Visa or Mastercard debit cards may be used. They are very similar to a debit card except that they don't require a checking account. However, they do not have many of the benefits of a debit card, such as product or service return/refund assistance. They have been heavily marketed in the United States as a safe and responsible means for parents to give their children some spending power which is why they sometimes are referred to as teen cards. These cards are also sometimes referred to as "open loop" cards.

A cred stick explictly isn't linked back to a database with a recorded balance, which is why the system is stupid. If Visa Cash was like a credstick, I could just by everything with my Visa Cash card, never run out of money and no-one would have any way of knowing that I was defrauding anyone.

The thing is that you're assuming that the organisation in general is more competant than the individual. Real life proves the opposite - the organisation is as incompetant as the least experienced person in the team. Meanwhile, a team of 1 can stay utterly silent because he doesn't need to communicate with anyone.

Look at it this way - the people trying to find the information out only have to be lucky enough once. Security has to be lucky all the time. And when you've got 3 people who might mess up, you've got something approaching 3 times the risk of a single person. The info that the Ares 0D system isn't actually 0D is worth a lot of money to Horizon, who also run a 0D system and also all those pretty news outlets. Tarring the name of Ares might be worth a few political points in blackmail, or maybe it might be just worth it to push Ares out of the banking game altogether and take their old customers.

Sure, but the fact that Ares is actually murdering dozens of people with alien spirits who then want to kill everyone else is A) Known by many more people and B) somewhat worse for Ares PR that the abolition of one product line that is already noted as going the way of the dodo.

That whole "no defectors" noise is retarded when one of the default types of mission is the Extraction.

I didn't say no defectors, I just said no defectors who knew anything really important. Like someone knows the full details of Ares wetwork and illegal operations. Is that person going to defect? The information is worth way more than 1 product line - you could destory the entire corporation.

Let me remind you that you can, actually, just rule it's 24hr Strong encryption, which is a non-optional rule from Unwired. It will take someone 24 hours to take the first test. In 24 hours it's extremely possible that it's gone out of accessible range behind other secured systems. Rendering it impossible to crack.a

I just said use Dramatic Encryption because it's nicer as a GM to just up and tell your player "no, you can't crack this whole shebang" instead of doing the whole passive-aggressive "sure, you can crack it" bullshit and then tell them that they're down for the next 24 hours waiting for the first interval to pass. That's just being an asshole.

Why? Agents can crack the system in their spare time. Its not like they get bored. They won;t need a second check.

Anyway the system explictly doesn't work like that, otherwise I couldn't make forgeries of nuyen. Which I can. If they are checking at a central database every time I do anything, I couldn't, because it would be instantly detected.

[Cthulhudreams]

<<DELETE>>