Skip to Main content Skip to Navigation
Conference papers

Taler: Usable, privacy-preserving payments for the Web

Jeffrey Burdges 1 Florian Dold 1 Christian Grothoff 1 Marcello Stanisci 1
1 TAMIS - Threat Analysis and Mitigation for Information Security
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
Abstract : GNU Taler is a new electronic online payment system which provides privacy for customers and accountability for merchants. It uses an exchange service to issue digital coins using blind signatures, and is thus not subject to the performance issues that plague Byzantine fault-tolerant consensus-based solutions. The focus of this paper is addressing the challenges payment systems face in the context of the Web. We discuss how to address Web-specific challenges, such as handling bookmarks and sharing of links, as well as supporting users that have disabled JavaScript. Web payment systems must also navigate various constraints imposed by modern Web browser security architecture, such as same-origin policies and the separation between browser extensions and Web pages. While our analysis focuses on how Taler operates within the security infrastructure provided by the modern Web, the results partially generalize to other payment systems. We also include the perspective of merchants, as existing systems have often struggled with securing payment information at the merchant's side. Here, challenges include avoiding database transactions for customers that do not actually go through with the purchase, as well as cleanly separating security-critical functions of the payment system from the rest of the Web service.
Document type :
Conference papers
Complete list of metadata

Cited literature [3 references]  Display  Hide  Download

https://hal.inria.fr/hal-01398201
Contributor : Jeffrey Burdges <>
Submitted on : Wednesday, November 16, 2016 - 7:55:48 PM
Last modification on : Friday, January 8, 2021 - 3:12:46 AM
Long-term archiving on: : Thursday, March 16, 2017 - 3:32:19 PM

File

ui_short-submit.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01398201, version 1

Citation

Jeffrey Burdges, Florian Dold, Christian Grothoff, Marcello Stanisci. Taler: Usable, privacy-preserving payments for the Web. HotPETS 2016 - Workshop on Hot Topics in Privacy Enhancing Technologies, Jun 2016, Darmstadt Germany. ⟨hal-01398201⟩

Share

Metrics

Record views

851

Files downloads

357