The headline for the news item on Nanowerk and for the originating news release says ‘unforgeable’ but the researchers are being a little more cautious as I’m also seeing the words ‘almost impossible’ and ‘high probability’ in the text.

First, here’s a bit more about the researchers and their paper in an Oct. 2, 2012 news item on Nanowerk,

A team of physicists at Max-Planck-Institute of Quantum Optics (Garching [MPQ]), Harvard University (Cambridge, USA), and California Institute of Technology (Pasadena, USA) has demonstrated that such [noise-tolerant] protocols can be made tolerant to noise while ensuring rigorous security at the same time (“Unforgeable noise-tolerant quantum tokens”).

The researchers seem to be relying on a principle that perhaps we could call ‘imperfection’. The Max Planck Institute of Quantum Optics’ Oct. 2, 2012 news release, which originated the news item, provides some context,

Whoever has paid a hotel bill by credit card knows about the pending danger: given away the numbers of the card, the bank account and so on, an adversary might be able to forge a duplicate, take all the money from the account and ruin the person. On the other hand, as first acknowledged by Stephen Wiesner in 1983, nature provides ways to prevent forging: it is, for example, impossible to clone quantum information which is stored on a qubit. So why not use these features for the safe verification of quantum money? While the digits printed on a credit card are quite robust to the usual wear and tear of normal use in a wallet, its quantum information counterparts are generally quite challenged by noise, decoherence and operational imperfections. Therefore it is necessary to lower the requirements on the authentication process. A team of physicists at Max-Planck-Institute of Quantum Optics (Garching), Harvard University (Cambridge, USA), and California Institute of Technology (Pasadena, USA) has demonstrated that such protocols can be made tolerant to noise while ensuring rigorous security at the same time (Proceedings of the National Academy of Science (PNAS), 18 September, 2012 [article behind a paywall]).

The researchers illustrated their news release with this image,

Figure: Illustration of a quantum bill (IN QUANTUM PHYSICS WE TRUST)
© background by vektorportal.com, collage by F. Pastwaski

I have worked as a technical writer for telecommunications companies and in fact started with a data communications company that specialized in software for the financial services sector. Consequently, I feel reasonably comfortable about presenting this very brief overview of what happens when you (a legitimate user) put your credit/charge card or your bank/direct pay card (e.g. Interac) into a reader at a store or bank as a little background information before you read more about the ‘quantum credit card’.

• All cards have bits of information on the magnetic strip which identify you and your financial institutions, e.g. your name, MasterCard, (issued by) Bank of Montreal
• That data along with whatever amount you wish to charge or withdraw from your bank account is relayed from the reader through various pieces of hardware and software both to and from your financial institutions.
• The hardware and software used in the transaction all operate according to protocols (rules for handling data). Difference pieces of hardware can and often do  have different protocols as do the different pieces of software.
  • For example, if your cards and institutions are based in Mexico and you’re in India trying to charge a purchase, your data is being sent through the network set up by the various financial institutions (hardware and software) in India then eventually bounced to Mexico (it may not be direct) via satellite and sent through the networks in Mexico onto your institutions (hardware and software) and then back again. That’s a lot  of hardware and software and while some of it may operate according to the same protocols, it’s reasonable to assume there’ will be a lot of changes and imperfections will creep in and this is the source of at least some of what the engineers call ‘noise’.

What I’ve just described (as accurately as I can recall) is the process for a legitimate user. These researchers are trying to find a means of foiling illegitimate users, which shifts the focus. Now, if I understand the information in the news release properly, the researchers have devised and tested two protocols for their unforgeable credit card (from the news release),

In both approaches, the bank issues a token and sends it to the holder. The “identity” of the token can be encoded on photons transmitted via an optical fibre or on nuclear spins in a solid memory transferred to the holder. However, only the bank stores a full classical description of these quantum states.

In the approach denoted by “quantum ticket”, the holder has to return the token to the bank or another trusted verifier for validation. The verifier is willing to tolerate a certain fraction of errors which should be enough to accommodate the imperfections associated with encoding, storage and decoding of individual quantum bits. The only information returned to the holder is whether the ticket has been accepted or rejected. Thus it is “consumed” and no longer available to the holder. The scientists show that through such an approach, both the likelihood of rejecting the token from an honest user and that of accepting a counterfeit can be made negligible.

The second approach is the “classical verification quantum ticket”. In some cases it may be impossible that the quantum tickets are given back to the bank physically. Here the holder has to validate his quantum token remotely – by answering challenge questions. The group considers a scheme where the quantum information is organized in blocks of qubit pairs. A non-revealing challenge question consists of requesting the holder to use a specific measurement basis for each block. By doing so, the holder is capable of providing a correct answer, but the token is consumed. This excludes the possibility for a dishonest user to cheat by answering complementary questions. As before, the given tolerance threshold determines the number of correct answers that is necessary for the verification of the token. The block structure used for the tokens allows exponentially suppressing the undesired capability of a dishonest holder to answer two complementary questions while assuring a true holder’s token will be authenticated with a very high probability.

For both protocols a realistic noise tolerance can be achieved.  “We can deduce from theory that on average no more than 83% of the secret digits may be duplicated correctly by a counterfeiter. Under realistic conditions, we can assume that an honest participant should be able to recover 95% of the digits. If now the verifier sets the tolerance level to 90%, it will be almost impossible [emphasis mine] to accept fraudulent tokens or to reject an authentic holder,” Dr. Pastawski [Dr. Fernando Pastawski (MPQ)] explains.

I think they’re proposing two different approaches rather than the simultaneous use of two different protocols.

I’ve highlighted ‘almost impossible’ in the text of the news release as it is not the same thing as ‘impossible’ which is implied by the word ‘unforgeable’. It’s been my observation that whenever crime fighter types think they’ve devised a criminal-proof solution, criminals make a point of subverting the new technology.  In any event, we’re a long way from seeing these ‘unforgeable’ credit cards, from the news release,

“I expect to live to see such applications become commercially available. However quantum memory technology still needs to mature for such protocols to become viable,” the scientist [Pastawski] adds.