Taler: Usable, privacy-preserving payments for the Web

Jeffrey Burdges 1 Florian Dold 1 Christian Grothoff 1 Marcello Stanisci 1
1 TAMIS - Threat Analysis and Mitigation for Information Security
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
Abstract : GNU Taler is a new electronic online payment system which provides privacy for customers and accountability for merchants. It uses an exchange service to issue digital coins using blind signatures, and is thus not subject to the performance issues that plague Byzantine fault-tolerant consensus-based solutions. The focus of this paper is addressing the challenges payment systems face in the context of the Web. We discuss how to address Web-specific challenges, such as handling bookmarks and sharing of links, as well as supporting users that have disabled JavaScript. Web payment systems must also navigate various constraints imposed by modern Web browser security architecture, such as same-origin policies and the separation between browser extensions and Web pages. While our analysis focuses on how Taler operates within the security infrastructure provided by the modern Web, the results partially generalize to other payment systems. We also include the perspective of merchants, as existing systems have often struggled with securing payment information at the merchant's side. Here, challenges include avoiding database transactions for customers that do not actually go through with the purchase, as well as cleanly separating security-critical functions of the payment system from the rest of the Web service.
Type de document :
Communication dans un congrès
HotPETS 2016 - Workshop on Hot Topics in Privacy Enhancing Technologies, Jun 2016, Darmstadt Germany. 2016
Liste complète des métadonnées

Littérature citée [3 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01398201
Contributeur : Jeffrey Burdges <>
Soumis le : mercredi 16 novembre 2016 - 19:55:48
Dernière modification le : mercredi 16 mai 2018 - 11:24:11
Document(s) archivé(s) le : jeudi 16 mars 2017 - 15:32:19

Fichier

ui_short-submit.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01398201, version 1

Citation

Jeffrey Burdges, Florian Dold, Christian Grothoff, Marcello Stanisci. Taler: Usable, privacy-preserving payments for the Web. HotPETS 2016 - Workshop on Hot Topics in Privacy Enhancing Technologies, Jun 2016, Darmstadt Germany. 2016. 〈hal-01398201〉

Partager

Métriques

Consultations de la notice

446

Téléchargements de fichiers

198