Provably unlinkable smart card-based payments

Bursuc, Sergiu and Horne, Ross and Mauw, Sjouke and Yurkov, Semen; (2023) Provably unlinkable smart card-based payments. In: CCS '23. Association for Computing Machinery, Inc, DNK, pp. 1392-1406. ISBN 9798400700507 (https://doi.org/10.1145/3576915.3623109)

Preview

Text. Filename: Bursuc-etal-CCS-2023-Provably-unlinkable-smart-card-based-payments.pdf Final Published Version License: Download (1MB)| Preview

Abstract

The most prevalent smart card-based payment method, EMV, currently offers no privacy to its users. Transaction details and the card number are sent in cleartext, enabling the profiling and tracking of cardholders. Since public awareness of privacy issues is growing and legislation, such as GDPR, is emerging, we believe it is necessary to investigate the possibility of making payments anonymous and unlinkable without compromising essential security guarantees and functional properties of EMV. This paper draws attention to trade-offs between functional and privacy requirements in the design of such a protocol. We present the UTX protocol - an enhanced payment protocol satisfying such requirements, and we formally certify key security and privacy properties using techniques based on the applied π-calculus.

• Share and Export
  

  RDF+XMLBibTeXRIOXX2 XMLRDF+N-TriplesJSONDublin CoreAtomSimple MetadataReferMETSHTML CitationASCII CitationOpenURL ContextObjectEndNoteOpenURL ContextObject in SpanMODSMPEG-21 DIDLEP3 XMLData Cite XMLRIS (EndNote Online, Zotero, Ref manager, etc)RDF+N3Multiline CSV
• Item metadata

  Item type:	Book Section
  ID code:	88884
  Dates:	Date Event 15 November 2023 Published 2 September 2023 Accepted
  Subjects:	Science > Mathematics > Electronic computers. Computer science
  Department:	Faculty of Science > Computer and Information Sciences
  Depositing user:	Pure Administrator
  Date deposited:	22 Apr 2024 14:01
  Last modified:	27 Apr 2024 00:09
  URI:	https://strathprints.strath.ac.uk/id/eprint/88884