taler/wallet-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity

minor updates

Browse Source
This commit is contained in:
Christian Grothoff 2016-08-10 17:59:12 +02:00
parent d86897712d
commit 2e9bdd37d6
1 changed files with 93 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

183
articles/ui/ui.tex
View File

@ -39,11 +39,13 @@ Marcello Stanisci}
GNU Taler is a new electronic online payment system which provides GNU Taler is a new electronic online payment system which provides
anonymity for customers and accountability for merchants. This paper anonymity for customers and accountability for merchants. This paper
first describes the interaction processes of online payment systems, first describes the interaction processes of online payment systems,
and analytically compares their usability for both customers and and analytically compares the processes involved for both customers
merchants. We then focus on the resulting assurances that Taler and merchants. The focus here is in particular on how to make
provides, as---particularly for payment systems---usability and electronic payments work nicely with the current Web architecture.
security are intertwined. Web payment systems must also face the
reality of constraints imposed by modern Web browser security We then focus on the resulting assurances that Taler provides and
consider possible failure modes. Web payment systems must also face
the reality of constraints imposed by modern Web browser security
architecture, so the analysis includes considerations of how Web architecture, so the analysis includes considerations of how Web
payment systems exploit the security infrastructure provided by the payment systems exploit the security infrastructure provided by the
modern Web. We argue that the resulting system offers a good modern Web. We argue that the resulting system offers a good
@ -102,7 +104,7 @@ Key contributions of this paper are:
\begin{itemize} \begin{itemize}
\item A description of different payment systems using \item A description of different payment systems using
common terminology, which allows us to analytically compare common terminology, which allows us to analytically compare
these systems with respect to security and usability. these systems.
\item An introduction to the Taler payment system from the \item An introduction to the Taler payment system from the
perspective of users and merchants, with a focus on how perspective of users and merchants, with a focus on how
to achieve secure payments in a way that is intuitive and to achieve secure payments in a way that is intuitive and
@ -328,7 +330,6 @@ by investigators~\cite{BTC:Anonymity}. This has resulted in the
development of new protocols with better privacy protections. development of new protocols with better privacy protections.
\begin{figure*}[b!] \begin{figure*}[b!]
\includegraphics[width=\textwidth]{figs/paypal.pdf} \includegraphics[width=\textwidth]{figs/paypal.pdf}
\caption{Payment processing with Paypal. (From: W3c Web Payments IG.)} \caption{Payment processing with Paypal. (From: W3c Web Payments IG.)}
@ -432,6 +433,15 @@ cryptography and real-world deployment.
There are four components of the Taler system (Figure~\ref{fig:system}): There are four components of the Taler system (Figure~\ref{fig:system}):
\begin{figure*}[b!]
\includegraphics[width=0.9\textwidth]{figs/taler-withdraw.pdf}
\caption{Withdrawing coins with Taler.}
\label{fig:taler-withdraw}
\end{figure*}
\begin{itemize} \begin{itemize}
\item \item
{\em Customers} use a digital wallet to withdraw, {\em Customers} use a digital wallet to withdraw,
@ -441,6 +451,26 @@ realized as browser extensions, mobile Apps or even in custom
hardware. If a user's digital wallet is compromised, the current hardware. If a user's digital wallet is compromised, the current
balance may be lost just like with an ordinary wallet for cash. balance may be lost just like with an ordinary wallet for cash.
\begin{figure}[t!]%[36]{R}{0.5\linewidth}
\subfloat[Bank login. (Simplified for demonstration.)]{
\includegraphics[width=0.45\linewidth]{figs/bank0a.png}
\label{subfig:login}} \hfill
\subfloat[Select exchange provider. (Generated by wallet.)]{
\includegraphics[width=0.45\linewidth]{figs/bank2a.png}
\label{subfig:exchange}} \\
\subfloat[Specify amount to withdraw. (Integrated bank support.)]{
\includegraphics[width=0.45\linewidth]{figs/bank1a.png}
\label{subfig:withdraw}} \hfill
\subfloat[Confirm transaction with a PIN. (Generated by bank.)]{
\includegraphics[width=0.45\linewidth]{figs/bank3a.png}
\label{subfig:pin}}
\caption{Required steps in a Taler withdrawal process.}
\label{fig:withdrawal}
\end{figure}
\item \item
{\em Exchanges}, which are run by financial service providers, enable {\em Exchanges}, which are run by financial service providers, enable
customers to withdraw anonymous digital coins, customers to withdraw anonymous digital coins,
@ -473,17 +503,12 @@ volume of signed digital coins in order to compensate for potential risks due to
operational failures (such as data loss or theft of private keys) of the exchange. operational failures (such as data loss or theft of private keys) of the exchange.
\end{itemize} \end{itemize}
The specific protocol between wallet and merchant depends on the The specific protocol between wallet and merchant depends on the
setting. For a traditional store, a near field communication (NFC) protocol might be used setting. For a traditional store, a near field communication (NFC) protocol might be used
between a point-of-sale system and a mobile application. In this between a point-of-sale system and a mobile application. In this
paper, we focus on Web payments for an online shop. paper, we focus on Web payments for an online shop.
\begin{figure*}
\includegraphics[width=0.9\textwidth]{figs/taler-withdraw.pdf}
\caption{Withdrawing coins with Taler.}
\label{fig:taler-withdraw}
\end{figure*}
% \smallskip % \smallskip
\subsection{Web payment workflow} \subsection{Web payment workflow}
@ -498,6 +523,14 @@ Taler is integrated tightly with browsers in the future. Regardless,
installing the extension involves one or two clicks to confirm the installing the extension involves one or two clicks to confirm the
operation. Restarting the browser is not required. operation. Restarting the browser is not required.
\begin{figure*}[b!]
\includegraphics[width=0.9\textwidth]{figs/taler-pay.pdf}
\caption{Payment processing with Taler.}
\label{fig:taler-pay}
\end{figure*}
\paragraph{Withdrawing coins} \paragraph{Withdrawing coins}
As with cash, the customer must first withdraw digital coins As with cash, the customer must first withdraw digital coins
@ -506,24 +539,6 @@ visit the bank's online portal. Here, the bank will
typically require some form of authentication, the specific method typically require some form of authentication, the specific method
used depends on the bank (Figure~\ref{subfig:login}). used depends on the bank (Figure~\ref{subfig:login}).
\begin{figure}[h!]%[36]{R}{0.5\linewidth}
\subfloat[Bank login. (Simplified for demonstration.)]{
\includegraphics[width=0.45\linewidth]{figs/bank0a.png}
\label{subfig:login}} \hfill
\subfloat[Select exchange provider. (Generated by wallet.)]{
\includegraphics[width=0.45\linewidth]{figs/bank2a.png}
\label{subfig:exchange}} \\
\subfloat[Specify amount to withdraw. (Integrated bank support.)]{
\includegraphics[width=0.45\linewidth]{figs/bank1a.png}
\label{subfig:withdraw}} \hfill
\subfloat[Confirm transaction with a PIN. (Generated by bank.)]{
\includegraphics[width=0.45\linewidth]{figs/bank3a.png}
\label{subfig:pin}}
\caption{Required steps in a Taler withdrawal process.}
\label{fig:withdrawal}
\end{figure}
The next step depends on the level of Taler support offered by the bank: The next step depends on the level of Taler support offered by the bank:
\begin{itemize} \begin{itemize}
\item If the bank does not offer integration with Taler, the \item If the bank does not offer integration with Taler, the
@ -565,12 +580,6 @@ customers, and may help create a competitive market.
\paragraph{Spending coins} \paragraph{Spending coins}
% \tinyskip % \tinyskip
\begin{figure*}
\includegraphics[width=0.9\textwidth]{figs/taler-pay.pdf}
\caption{Payment processing with Taler.}
\label{fig:taler-pay}
\end{figure*}
\begin{figure}[b!] \begin{figure}[b!]
\subfloat[Select article. (Generated by Web shop.)]{ \subfloat[Select article. (Generated by Web shop.)]{
\includegraphics[width=0.30\textwidth]{figs/cart.png} \includegraphics[width=0.30\textwidth]{figs/cart.png}
@ -599,6 +608,45 @@ exchanges to operate with transaction fees acceptable to most
merchants. If transaction fees are higher than what is covered by the merchants. If transaction fees are higher than what is covered by the
merchant, the customer may choose to cover them. merchant, the customer may choose to cover them.
% \tinyskip
\lstdefinelanguage{JavaScript}{
keywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break, for},
keywordstyle=\color{blue}\bfseries,
ndkeywords={class, export, boolean, throw, implements, import, this},
ndkeywordstyle=\color{darkgray}\bfseries,
identifierstyle=\color{black},
sensitive=false,
comment=[l]{//},
morecomment=[s]{/*}{*/},
commentstyle=\color{purple}\ttfamily,
stringstyle=\color{red}\ttfamily,
morestring=[b]',
morestring=[b]"
}
\begin{figure*}[h!]
\lstset{language=JavaScript}
\lstinputlisting{figs/taler-presence.js}
\caption{Sample code to detect the Taler wallet. Allowing the
Web site to detect the presence of the wallet leaks one bit
of information about the user. The above logic also works
if the wallet is installed while the page is open.}
\label{listing:presence}
\end{figure*}
\begin{figure*}[h!]
\lstset{language=JavaScript}
\lstinputlisting{figs/taler-contract.js}
\caption{Sample code to pass a contract to the Taler wallet.
Here, the contract is fetched on-demand from the server.
The {\tt taler\_pay()} function needs to be invoked
when the user triggers the checkout.}
\label{listing:contract}
\end{figure*}
As with traditional Web transactions, customers first select which As with traditional Web transactions, customers first select which
items they wish to buy. This can involve building a traditional items they wish to buy. This can involve building a traditional
shopping cart, or simply clicking on a particular link for the shopping cart, or simply clicking on a particular link for the
@ -1219,7 +1267,8 @@ Customers and merchants should be able to easily adapt their existing
mental models and technical infrastructure to Taler. In contrast, mental models and technical infrastructure to Taler. In contrast,
Bitcoin's payment models fail to match common expectations be it in Bitcoin's payment models fail to match common expectations be it in
terms of performance, durability, security, or privacy. Minimizing terms of performance, durability, security, or privacy. Minimizing
the need to authenticate to pay fundamentally improves usability. the need to authenticate to pay fundamentally improves security
and usability.
% FIXME (following paragraph): it's never said that the Taler wallet % FIXME (following paragraph): it's never said that the Taler wallet
% keeps any 'receipt' of transaction -- maybe here we want to say 'contract' % keeps any 'receipt' of transaction -- maybe here we want to say 'contract'
@ -1232,6 +1281,12 @@ question for the future is thus whether this data collection will be
done on behalf of the citizens and under their control, or on behalf done on behalf of the citizens and under their control, or on behalf
of the Reich of big data corporations. of the Reich of big data corporations.
We encourage readers to try our prototype for Taler
at \url{https://demo.taler.net/}, and to ponder why the billion dollar
e-commerce industry still relies mostly on TLS for security given
that usability, security and privacy can clearly {\em all} be improved
simultaneously using a modern payment protocol.
% These APIs are all RESTful in the modern sense because that greatly % These APIs are all RESTful in the modern sense because that greatly
% simplify integrating Taler with web shops and browsers. % simplify integrating Taler with web shops and browsers.
@ -1244,58 +1299,6 @@ thank Neal Walfield for comments on an earlier draft of the paper.
\bibliographystyle{splncs03} \bibliographystyle{splncs03}
\bibliography{ui,btc,taler,rfc} \bibliography{ui,btc,taler,rfc}
\appendix
We encourage readers to try our prototype for Taler
at \url{https://demo.taler.net/}, and to ponder why the billion dollar
e-commerce industry still relies mostly on TLS for security given
that usability, security and privacy can clearly {\em all} be improved
simultaneously using a modern payment protocol.
Figures~\ref{listing:presence} and~\ref{listing:contract} provide more
detailed sample source code for how merchants might integrate their
systems with Taler.
% \tinyskip
\lstdefinelanguage{JavaScript}{
keywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break, for},
keywordstyle=\color{blue}\bfseries,
ndkeywords={class, export, boolean, throw, implements, import, this},
ndkeywordstyle=\color{darkgray}\bfseries,
identifierstyle=\color{black},
sensitive=false,
comment=[l]{//},
morecomment=[s]{/*}{*/},
commentstyle=\color{purple}\ttfamily,
stringstyle=\color{red}\ttfamily,
morestring=[b]',
morestring=[b]"
}
\begin{figure*}
\lstset{language=JavaScript}
\lstinputlisting{figs/taler-presence.js}
\caption{Sample code to detect the Taler wallet. Allowing the
Web site to detect the presence of the wallet leaks one bit
of information about the user. The above logic also works
if the wallet is installed while the page is open.}
\label{listing:presence}
\end{figure*}
\begin{figure*}
\lstset{language=JavaScript}
\lstinputlisting{figs/taler-contract.js}
\caption{Sample code to pass a contract to the Taler wallet.
Here, the contract is fetched on-demand from the server.
The {\tt taler\_pay()} function needs to be invoked
when the user triggers the checkout.}
\label{listing:contract}
\end{figure*}
\end{document} \end{document}