Okay replying loosely to posts above and questions from Haplo:
1. The card does not know the balance -> The terminal will check if the address the card returns along with the tx has sufficient funds.
If so the terminal sends the tx to the network otherwise it says "overcharge" on the screen.
2. The card would be programmed by a third party that you would have to trust, however:
* The program loaded would be the same for ALL card manufacturers.
* The program would be open source and standardized.
* Anyone with a with a cable could program cards - for the paranoid.
* Using web-of-trust you would choose a trusted card programmer.
-> The cost for the individual remains 2$ for the card.
-> 15$ for the Android Phone + Cable Terminal (APCT) for the merchants.
3. PIN, address and keys would be sent to you along with the card or you would know if you programmed it yourself.
4. Maintaining anonymity:
* The card would contain multiple addresses and keys (~50).
* This allows spending with it again within 60 mins. after use.
* It also allows maintaining anonymity by only sending the address to the terminal that will be used to pay with.
5. Overcharge prevention:
* The card will have a number only you know.
* This number will be multiplied by the charge amount from the terminal and sent back.
* If the wrong result is shown you know you have been tricked and can just leave.
* If a new charge is sent before giving the PIN the card locks itself for 10 minutes.
6. Backend:
* We can add two features to the APCT app.
* A QR code scanner to scan price and item type from the wares. (QR code formats are standardized)
* The app will create a file with a column with QR results and a column with charged price.
* The auto-file/spreadsheet can later be merged with corporate databases automatically with a small parsing program.
* If the auto-spreadsheet is saved as XLS (Excel) it could also be used as-is.
7. "Needing a reader" - only merchants will need a reader (15$) (+Android and APCT app).
8. Hackability:
* Locked memory: Casascious (who seems knowledgeable about this field) said there is locked memory ONLY the card can see.
* Force: You would need access to the physical card and a microscope to FORCE the chip.
* Hack: If you hack the APCT app, save all used customer addresses and pins THEN you MAY one day be able to overcharge a multi-return customer for the small amount he keeps on his spending card.
So YES you CAN hack the smartcard, but it requires the physical card and collecting a lot of card information.
Merchants will have little incentive to do this anyway as their shops would be raided shortly after.
I'm sure Visa is no better really.
To BitCoinAndie about early markets:
1. First market:
Market:
* Bitcoin promoters and bitcoin physical exchanges.
Motive:
* This could be used by people trying to replace Western Union and such.
Users:
* It would be used by early adopters or rarely by normal people as a novel means of easy money moving.
2. Second market:
Market:
* Greece and other oppressed economies.
Motive:
* Cash is good and WILL be used, but it is not always practical - hiding your pension as devaluing bills inside your couch is hardly optimal.
* With a BTC client you have a safe savings account.
* All the users need is access to internet bars and a smartcard.
* The shop owners can more easily hide BTCs than cash in case of a raid.
* Transferring cash over larger distance (pay, relatives and investors) is a complete pain.
Users:
* Savers, businessmen, drug dealers and at times shops.
3. Third market?