The specification of most smart card applications is either confidential or fairly complex (e.g., EMV). Besides, little or no implementation of realistic smart card applications is available for research purposes. As a result, many research projects can only resort to toy examples as case studies.
Demoney is a basic electronic purse for smart cards. Although it is too simple to be used as a real electronic purse, it is realistic enough to be representative of typical features found in smart card applications requiring security, such as banking applications. In particular, it involves authentication protocols and secure messaging, based on secret keys and challenges. Demoney also features inter-applet communication, e.g., to automatically award points on a loyalty plan when making a purchase in a store.
There exists a "paper" (i.e., not formal) specification of Demoney as well as a Java CardÔ implementation for three kinds of target platforms: plain Java Card, Open Platform 2.0.1 and GlobalPlatform 2.1.
Both the specification and implementation of Demoney are to be used in case studies for research purposes concerning smart cards and Java CardÔ, e.g., for security evaluations, static analyses, automatic test generation, program transformation, etc. Moreover, Demoney can also be used as a demonstrative example to illustrate the features of a product in this domain, e.g., a test generator.