taler/wallet-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity

minor updates

Browse Source
This commit is contained in:
Christian Grothoff 2016-08-10 17:59:12 +02:00
parent d86897712d
commit 2e9bdd37d6
1 changed files with 93 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

183
articles/ui/ui.tex
View File

@ -39,11 +39,13 @@ Marcello Stanisci}
GNU Taler is a new electronic online payment system which provides
anonymity for customers and accountability for merchants. This paper
first describes the interaction processes of online payment systems,
and analytically compares their usability for both customers and
merchants. We then focus on the resulting assurances that Taler
provides, as---particularly for payment systems---usability and
security are intertwined. Web payment systems must also face the
reality of constraints imposed by modern Web browser security
and analytically compares the processes involved for both customers
and merchants. The focus here is in particular on how to make
electronic payments work nicely with the current Web architecture.
We then focus on the resulting assurances that Taler provides and
consider possible failure modes. Web payment systems must also face
the reality of constraints imposed by modern Web browser security
architecture, so the analysis includes considerations of how Web
payment systems exploit the security infrastructure provided by the
modern Web. We argue that the resulting system offers a good
@ -102,7 +104,7 @@ Key contributions of this paper are:
\begin{itemize}
\item A description of different payment systems using
common terminology, which allows us to analytically compare
these systems with respect to security and usability.
these systems.
\item An introduction to the Taler payment system from the
perspective of users and merchants, with a focus on how
to achieve secure payments in a way that is intuitive and
@ -328,7 +330,6 @@ by investigators~\cite{BTC:Anonymity}. This has resulted in the
development of new protocols with better privacy protections.
\begin{figure*}[b!]
\includegraphics[width=\textwidth]{figs/paypal.pdf}
\caption{Payment processing with Paypal. (From: W3c Web Payments IG.)}
@ -432,6 +433,15 @@ cryptography and real-world deployment.
There are four components of the Taler system (Figure~\ref{fig:system}):
\begin{figure*}[b!]
\includegraphics[width=0.9\textwidth]{figs/taler-withdraw.pdf}
\caption{Withdrawing coins with Taler.}
\label{fig:taler-withdraw}
\end{figure*}
\begin{itemize}
\item
{\em Customers} use a digital wallet to withdraw,
@ -441,6 +451,26 @@ realized as browser extensions, mobile Apps or even in custom
hardware. If a user's digital wallet is compromised, the current
balance may be lost just like with an ordinary wallet for cash.
\begin{figure}[t!]%[36]{R}{0.5\linewidth}
\subfloat[Bank login. (Simplified for demonstration.)]{
\includegraphics[width=0.45\linewidth]{figs/bank0a.png}
\label{subfig:login}} \hfill
\subfloat[Select exchange provider. (Generated by wallet.)]{
\includegraphics[width=0.45\linewidth]{figs/bank2a.png}
\label{subfig:exchange}} \\
\subfloat[Specify amount to withdraw. (Integrated bank support.)]{
\includegraphics[width=0.45\linewidth]{figs/bank1a.png}
\label{subfig:withdraw}} \hfill
\subfloat[Confirm transaction with a PIN. (Generated by bank.)]{
\includegraphics[width=0.45\linewidth]{figs/bank3a.png}
\label{subfig:pin}}
\caption{Required steps in a Taler withdrawal process.}
\label{fig:withdrawal}
\end{figure}
\item
{\em Exchanges}, which are run by financial service providers, enable
customers to withdraw anonymous digital coins,
@ -473,17 +503,12 @@ volume of signed digital coins in order to compensate for potential risks due to
operational failures (such as data loss or theft of private keys) of the exchange.
\end{itemize}
The specific protocol between wallet and merchant depends on the
setting. For a traditional store, a near field communication (NFC) protocol might be used
between a point-of-sale system and a mobile application. In this
paper, we focus on Web payments for an online shop.
\begin{figure*}
\includegraphics[width=0.9\textwidth]{figs/taler-withdraw.pdf}
\caption{Withdrawing coins with Taler.}
\label{fig:taler-withdraw}
\end{figure*}
% \smallskip
\subsection{Web payment workflow}
@ -498,6 +523,14 @@ Taler is integrated tightly with browsers in the future. Regardless,
installing the extension involves one or two clicks to confirm the
operation. Restarting the browser is not required.
\begin{figure*}[b!]
\includegraphics[width=0.9\textwidth]{figs/taler-pay.pdf}
\caption{Payment processing with Taler.}
\label{fig:taler-pay}
\end{figure*}
\paragraph{Withdrawing coins}
As with cash, the customer must first withdraw digital coins
@ -506,24 +539,6 @@ visit the bank's online portal. Here, the bank will
typically require some form of authentication, the specific method
used depends on the bank (Figure~\ref{subfig:login}).
\begin{figure}[h!]%[36]{R}{0.5\linewidth}
\subfloat[Bank login. (Simplified for demonstration.)]{
\includegraphics[width=0.45\linewidth]{figs/bank0a.png}
\label{subfig:login}} \hfill
\subfloat[Select exchange provider. (Generated by wallet.)]{
\includegraphics[width=0.45\linewidth]{figs/bank2a.png}
\label{subfig:exchange}} \\
\subfloat[Specify amount to withdraw. (Integrated bank support.)]{
\includegraphics[width=0.45\linewidth]{figs/bank1a.png}
\label{subfig:withdraw}} \hfill
\subfloat[Confirm transaction with a PIN. (Generated by bank.)]{
\includegraphics[width=0.45\linewidth]{figs/bank3a.png}
\label{subfig:pin}}
\caption{Required steps in a Taler withdrawal process.}
\label{fig:withdrawal}
\end{figure}
The next step depends on the level of Taler support offered by the bank:
\begin{itemize}
\item If the bank does not offer integration with Taler, the
@ -565,12 +580,6 @@ customers, and may help create a competitive market.
\paragraph{Spending coins}
% \tinyskip
\begin{figure*}
\includegraphics[width=0.9\textwidth]{figs/taler-pay.pdf}
\caption{Payment processing with Taler.}
\label{fig:taler-pay}
\end{figure*}
\begin{figure}[b!]
\subfloat[Select article. (Generated by Web shop.)]{
\includegraphics[width=0.30\textwidth]{figs/cart.png}
@ -599,6 +608,45 @@ exchanges to operate with transaction fees acceptable to most
merchants. If transaction fees are higher than what is covered by the
merchant, the customer may choose to cover them.
% \tinyskip
\lstdefinelanguage{JavaScript}{
keywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break, for},
keywordstyle=\color{blue}\bfseries,
ndkeywords={class, export, boolean, throw, implements, import, this},
ndkeywordstyle=\color{darkgray}\bfseries,
identifierstyle=\color{black},
sensitive=false,
comment=[l]{//},
morecomment=[s]{/*}{*/},
commentstyle=\color{purple}\ttfamily,
stringstyle=\color{red}\ttfamily,
morestring=[b]',
morestring=[b]"
}
\begin{figure*}[h!]
\lstset{language=JavaScript}
\lstinputlisting{figs/taler-presence.js}
\caption{Sample code to detect the Taler wallet. Allowing the
Web site to detect the presence of the wallet leaks one bit
of information about the user. The above logic also works
if the wallet is installed while the page is open.}
\label{listing:presence}
\end{figure*}
\begin{figure*}[h!]
\lstset{language=JavaScript}
\lstinputlisting{figs/taler-contract.js}
\caption{Sample code to pass a contract to the Taler wallet.
Here, the contract is fetched on-demand from the server.
The {\tt taler\_pay()} function needs to be invoked
when the user triggers the checkout.}
\label{listing:contract}
\end{figure*}
As with traditional Web transactions, customers first select which
items they wish to buy. This can involve building a traditional
shopping cart, or simply clicking on a particular link for the
@ -1219,7 +1267,8 @@ Customers and merchants should be able to easily adapt their existing
mental models and technical infrastructure to Taler. In contrast,
Bitcoin's payment models fail to match common expectations be it in
terms of performance, durability, security, or privacy. Minimizing
the need to authenticate to pay fundamentally improves usability.
the need to authenticate to pay fundamentally improves security
and usability.
% FIXME (following paragraph): it's never said that the Taler wallet
% keeps any 'receipt' of transaction -- maybe here we want to say 'contract'
@ -1232,6 +1281,12 @@ question for the future is thus whether this data collection will be
done on behalf of the citizens and under their control, or on behalf
of the Reich of big data corporations.
We encourage readers to try our prototype for Taler
at \url{https://demo.taler.net/}, and to ponder why the billion dollar
e-commerce industry still relies mostly on TLS for security given
that usability, security and privacy can clearly {\em all} be improved
simultaneously using a modern payment protocol.
% These APIs are all RESTful in the modern sense because that greatly
% simplify integrating Taler with web shops and browsers.
@ -1244,58 +1299,6 @@ thank Neal Walfield for comments on an earlier draft of the paper.
\bibliographystyle{splncs03}
\bibliography{ui,btc,taler,rfc}
\appendix
We encourage readers to try our prototype for Taler
at \url{https://demo.taler.net/}, and to ponder why the billion dollar
e-commerce industry still relies mostly on TLS for security given
that usability, security and privacy can clearly {\em all} be improved
simultaneously using a modern payment protocol.
Figures~\ref{listing:presence} and~\ref{listing:contract} provide more
detailed sample source code for how merchants might integrate their
systems with Taler.
% \tinyskip
\lstdefinelanguage{JavaScript}{
keywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break, for},
keywordstyle=\color{blue}\bfseries,
ndkeywords={class, export, boolean, throw, implements, import, this},
ndkeywordstyle=\color{darkgray}\bfseries,
identifierstyle=\color{black},
sensitive=false,
comment=[l]{//},
morecomment=[s]{/*}{*/},
commentstyle=\color{purple}\ttfamily,
stringstyle=\color{red}\ttfamily,
morestring=[b]',
morestring=[b]"
}
\begin{figure*}
\lstset{language=JavaScript}
\lstinputlisting{figs/taler-presence.js}
\caption{Sample code to detect the Taler wallet. Allowing the
Web site to detect the presence of the wallet leaks one bit
of information about the user. The above logic also works
if the wallet is installed while the page is open.}
\label{listing:presence}
\end{figure*}
\begin{figure*}
\lstset{language=JavaScript}
\lstinputlisting{figs/taler-contract.js}
\caption{Sample code to pass a contract to the Taler wallet.
Here, the contract is fetched on-demand from the server.
The {\tt taler\_pay()} function needs to be invoked
when the user triggers the checkout.}
\label{listing:contract}
\end{figure*}
\end{document}