Abstract/Summary

Current mobile payment schemes gather detailed information about purchases customers make. This data can then be used to infer a customer’s spending behaviour, potentially violating their privacy. To tackle this problem, we propose an untraceable mobile payment scheme that strikes a better balance, preserving user privacy while allowing the Third-Party Service Provider (TPSP) to collect necessary information such as card details and transaction amount for regulatory compliance. Our scheme offers untraceability for legitimate users from malicious adversaries and curious TPSPs using cryptographic primitives such as partially blind signatures, zero-knowledge proofs and identity-based signatures. It also guarantees that only authorised TPSPs can issue valid payment tokens, and even with limited data the TPSP can still prevent dishonest customers/merchants from double-spending a payment token. We also propose a comprehensive evaluation framework to assess the untraceable payment schemes against seven key criteria such as untraceability, exculpability - merchant double-spending, exculpability - customer double-spending, unforgeability, confidentiality, message authenticity, efficiency and regulatory compliance. We rigorously benchmark the security and privacy of our proposed payment scheme against this framework and other established schemes. Furthermore, we formally verify these properties using complexity-based analysis and Proverif modelling.