aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2016-08-10 17:59:12 +0200
committerChristian Grothoff <christian@grothoff.org>2016-08-10 17:59:12 +0200
commit2e9bdd37d6292a0fc66309bd1def340ea942aac9 (patch)
treeb30fbb1c9c408b3c33ed31d0c3d271d0201b16d1
parentd86897712d79b9728859a5d2f19eb31b95884db6 (diff)
minor updates
-rw-r--r--articles/ui/ui.tex183
1 files changed, 93 insertions, 90 deletions
diff --git a/articles/ui/ui.tex b/articles/ui/ui.tex
index de314b95c..765efcf02 100644
--- a/articles/ui/ui.tex
+++ b/articles/ui/ui.tex
@@ -39,11 +39,13 @@ Marcello Stanisci}
GNU Taler is a new electronic online payment system which provides
anonymity for customers and accountability for merchants. This paper
first describes the interaction processes of online payment systems,
-and analytically compares their usability for both customers and
-merchants. We then focus on the resulting assurances that Taler
-provides, as---particularly for payment systems---usability and
-security are intertwined. Web payment systems must also face the
-reality of constraints imposed by modern Web browser security
+and analytically compares the processes involved for both customers
+and merchants. The focus here is in particular on how to make
+electronic payments work nicely with the current Web architecture.
+
+We then focus on the resulting assurances that Taler provides and
+consider possible failure modes. Web payment systems must also face
+the reality of constraints imposed by modern Web browser security
architecture, so the analysis includes considerations of how Web
payment systems exploit the security infrastructure provided by the
modern Web. We argue that the resulting system offers a good
@@ -102,7 +104,7 @@ Key contributions of this paper are:
\begin{itemize}
\item A description of different payment systems using
common terminology, which allows us to analytically compare
- these systems with respect to security and usability.
+ these systems.
\item An introduction to the Taler payment system from the
perspective of users and merchants, with a focus on how
to achieve secure payments in a way that is intuitive and
@@ -328,7 +330,6 @@ by investigators~\cite{BTC:Anonymity}. This has resulted in the
development of new protocols with better privacy protections.
-
\begin{figure*}[b!]
\includegraphics[width=\textwidth]{figs/paypal.pdf}
\caption{Payment processing with Paypal. (From: W3c Web Payments IG.)}
@@ -432,6 +433,15 @@ cryptography and real-world deployment.
There are four components of the Taler system (Figure~\ref{fig:system}):
+\begin{figure*}[b!]
+\includegraphics[width=0.9\textwidth]{figs/taler-withdraw.pdf}
+\caption{Withdrawing coins with Taler.}
+\label{fig:taler-withdraw}
+\end{figure*}
+
+
+
+
\begin{itemize}
\item
{\em Customers} use a digital wallet to withdraw,
@@ -441,6 +451,26 @@ realized as browser extensions, mobile Apps or even in custom
hardware. If a user's digital wallet is compromised, the current
balance may be lost just like with an ordinary wallet for cash.
+
+\begin{figure}[t!]%[36]{R}{0.5\linewidth}
+\subfloat[Bank login. (Simplified for demonstration.)]{
+\includegraphics[width=0.45\linewidth]{figs/bank0a.png}
+\label{subfig:login}} \hfill
+\subfloat[Select exchange provider. (Generated by wallet.)]{
+\includegraphics[width=0.45\linewidth]{figs/bank2a.png}
+\label{subfig:exchange}} \\
+\subfloat[Specify amount to withdraw. (Integrated bank support.)]{
+\includegraphics[width=0.45\linewidth]{figs/bank1a.png}
+\label{subfig:withdraw}} \hfill
+\subfloat[Confirm transaction with a PIN. (Generated by bank.)]{
+\includegraphics[width=0.45\linewidth]{figs/bank3a.png}
+\label{subfig:pin}}
+\caption{Required steps in a Taler withdrawal process.}
+\label{fig:withdrawal}
+\end{figure}
+
+
+
\item
{\em Exchanges}, which are run by financial service providers, enable
customers to withdraw anonymous digital coins,
@@ -473,17 +503,12 @@ volume of signed digital coins in order to compensate for potential risks due to
operational failures (such as data loss or theft of private keys) of the exchange.
\end{itemize}
+
The specific protocol between wallet and merchant depends on the
setting. For a traditional store, a near field communication (NFC) protocol might be used
between a point-of-sale system and a mobile application. In this
paper, we focus on Web payments for an online shop.
-\begin{figure*}
-\includegraphics[width=0.9\textwidth]{figs/taler-withdraw.pdf}
-\caption{Withdrawing coins with Taler.}
-\label{fig:taler-withdraw}
-\end{figure*}
-
% \smallskip
\subsection{Web payment workflow}
@@ -498,6 +523,14 @@ Taler is integrated tightly with browsers in the future. Regardless,
installing the extension involves one or two clicks to confirm the
operation. Restarting the browser is not required.
+
+\begin{figure*}[b!]
+\includegraphics[width=0.9\textwidth]{figs/taler-pay.pdf}
+\caption{Payment processing with Taler.}
+\label{fig:taler-pay}
+\end{figure*}
+
+
\paragraph{Withdrawing coins}
As with cash, the customer must first withdraw digital coins
@@ -506,24 +539,6 @@ visit the bank's online portal. Here, the bank will
typically require some form of authentication, the specific method
used depends on the bank (Figure~\ref{subfig:login}).
-\begin{figure}[h!]%[36]{R}{0.5\linewidth}
-\subfloat[Bank login. (Simplified for demonstration.)]{
-\includegraphics[width=0.45\linewidth]{figs/bank0a.png}
-\label{subfig:login}} \hfill
-\subfloat[Select exchange provider. (Generated by wallet.)]{
-\includegraphics[width=0.45\linewidth]{figs/bank2a.png}
-\label{subfig:exchange}} \\
-\subfloat[Specify amount to withdraw. (Integrated bank support.)]{
-\includegraphics[width=0.45\linewidth]{figs/bank1a.png}
-\label{subfig:withdraw}} \hfill
-\subfloat[Confirm transaction with a PIN. (Generated by bank.)]{
-\includegraphics[width=0.45\linewidth]{figs/bank3a.png}
-\label{subfig:pin}}
-\caption{Required steps in a Taler withdrawal process.}
-\label{fig:withdrawal}
-\end{figure}
-
-
The next step depends on the level of Taler support offered by the bank:
\begin{itemize}
\item If the bank does not offer integration with Taler, the
@@ -565,12 +580,6 @@ customers, and may help create a competitive market.
\paragraph{Spending coins}
% \tinyskip
-\begin{figure*}
-\includegraphics[width=0.9\textwidth]{figs/taler-pay.pdf}
-\caption{Payment processing with Taler.}
-\label{fig:taler-pay}
-\end{figure*}
-
\begin{figure}[b!]
\subfloat[Select article. (Generated by Web shop.)]{
\includegraphics[width=0.30\textwidth]{figs/cart.png}
@@ -599,6 +608,45 @@ exchanges to operate with transaction fees acceptable to most
merchants. If transaction fees are higher than what is covered by the
merchant, the customer may choose to cover them.
+% \tinyskip
+\lstdefinelanguage{JavaScript}{
+ keywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break, for},
+ keywordstyle=\color{blue}\bfseries,
+ ndkeywords={class, export, boolean, throw, implements, import, this},
+ ndkeywordstyle=\color{darkgray}\bfseries,
+ identifierstyle=\color{black},
+ sensitive=false,
+ comment=[l]{//},
+ morecomment=[s]{/*}{*/},
+ commentstyle=\color{purple}\ttfamily,
+ stringstyle=\color{red}\ttfamily,
+ morestring=[b]',
+ morestring=[b]"
+}
+
+\begin{figure*}[h!]
+ \lstset{language=JavaScript}
+ \lstinputlisting{figs/taler-presence.js}
+ \caption{Sample code to detect the Taler wallet. Allowing the
+ Web site to detect the presence of the wallet leaks one bit
+ of information about the user. The above logic also works
+ if the wallet is installed while the page is open.}
+ \label{listing:presence}
+\end{figure*}
+
+
+\begin{figure*}[h!]
+ \lstset{language=JavaScript}
+ \lstinputlisting{figs/taler-contract.js}
+ \caption{Sample code to pass a contract to the Taler wallet.
+ Here, the contract is fetched on-demand from the server.
+ The {\tt taler\_pay()} function needs to be invoked
+ when the user triggers the checkout.}
+ \label{listing:contract}
+\end{figure*}
+
+
+
As with traditional Web transactions, customers first select which
items they wish to buy. This can involve building a traditional
shopping cart, or simply clicking on a particular link for the
@@ -1219,7 +1267,8 @@ Customers and merchants should be able to easily adapt their existing
mental models and technical infrastructure to Taler. In contrast,
Bitcoin's payment models fail to match common expectations be it in
terms of performance, durability, security, or privacy. Minimizing
-the need to authenticate to pay fundamentally improves usability.
+the need to authenticate to pay fundamentally improves security
+and usability.
% FIXME (following paragraph): it's never said that the Taler wallet
% keeps any 'receipt' of transaction -- maybe here we want to say 'contract'
@@ -1232,6 +1281,12 @@ question for the future is thus whether this data collection will be
done on behalf of the citizens and under their control, or on behalf
of the Reich of big data corporations.
+We encourage readers to try our prototype for Taler
+at \url{https://demo.taler.net/}, and to ponder why the billion dollar
+e-commerce industry still relies mostly on TLS for security given
+that usability, security and privacy can clearly {\em all} be improved
+simultaneously using a modern payment protocol.
+
% These APIs are all RESTful in the modern sense because that greatly
% simplify integrating Taler with web shops and browsers.
@@ -1244,58 +1299,6 @@ thank Neal Walfield for comments on an earlier draft of the paper.
\bibliographystyle{splncs03}
\bibliography{ui,btc,taler,rfc}
-\appendix
-
-We encourage readers to try our prototype for Taler
-at \url{https://demo.taler.net/}, and to ponder why the billion dollar
-e-commerce industry still relies mostly on TLS for security given
-that usability, security and privacy can clearly {\em all} be improved
-simultaneously using a modern payment protocol.
-
-
-Figures~\ref{listing:presence} and~\ref{listing:contract} provide more
-detailed sample source code for how merchants might integrate their
-systems with Taler.
-
-
-
-
-% \tinyskip
-\lstdefinelanguage{JavaScript}{
- keywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break, for},
- keywordstyle=\color{blue}\bfseries,
- ndkeywords={class, export, boolean, throw, implements, import, this},
- ndkeywordstyle=\color{darkgray}\bfseries,
- identifierstyle=\color{black},
- sensitive=false,
- comment=[l]{//},
- morecomment=[s]{/*}{*/},
- commentstyle=\color{purple}\ttfamily,
- stringstyle=\color{red}\ttfamily,
- morestring=[b]',
- morestring=[b]"
-}
-
-\begin{figure*}
- \lstset{language=JavaScript}
- \lstinputlisting{figs/taler-presence.js}
- \caption{Sample code to detect the Taler wallet. Allowing the
- Web site to detect the presence of the wallet leaks one bit
- of information about the user. The above logic also works
- if the wallet is installed while the page is open.}
- \label{listing:presence}
-\end{figure*}
-
-
-\begin{figure*}
- \lstset{language=JavaScript}
- \lstinputlisting{figs/taler-contract.js}
- \caption{Sample code to pass a contract to the Taler wallet.
- Here, the contract is fetched on-demand from the server.
- The {\tt taler\_pay()} function needs to be invoked
- when the user triggers the checkout.}
- \label{listing:contract}
-\end{figure*}
\end{document}