\relax 
\citation{dominguez1993}
\citation{quantitytheory1997volckart}
\citation{lewis_btc_is_junk}
\citation{adblockblocks}
\citation{ehrenberg2014data}
\citation{rms2013democracy}
\citation{chaum1983blind}
\@writefile{toc}{\contentsline {section}{\numberline {1}Introduction}{1}}
\citation{ezb2016ourmoney}
\citation{pets2004kuegler}
\citation{Bankrate}
\citation{kobil2016tan}
\citation{emv}
\citation{mtan}
\citation{holz2014}
\citation{pigs}
\citation{ibi2014}
\citation{nakamoto2008bitcoin}
\citation{BTCfees}
\@writefile{toc}{\contentsline {section}{\numberline {2}Existing payment workflows}{2}}
\@writefile{toc}{\contentsline {subsection}{\numberline {2.1}Cash}{2}}
\@writefile{toc}{\contentsline {subsection}{\numberline {2.2}Credit and debit cards}{2}}
\@writefile{toc}{\contentsline {subsection}{\numberline {2.3}Bitcoin}{2}}
\citation{nakamoto2008bitcoin}
\citation{BTC:Bahack13}
\citation{BTC:MajorityNotEnough}
\citation{BTC:Eclipse}
\citation{vice_btc_unsustainable}
\citation{lehmann_btc_fools_gold}
\citation{jeffries_economists_v_btc}
\citation{lewis_btc_is_junk}
\citation{BTC:Anonymity}
\citation{crinkey2011rundle}
\citation{guardian2015cap}
\@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces Bitcoin payment processing. (From: W3c Web Payments IG.)\relax }}{3}}
\newlabel{fig:bitcoin}{{2}{3}}
\@writefile{toc}{\contentsline {subsection}{\numberline {2.4}Walled garden payment systems}{3}}
\@writefile{lof}{\contentsline {figure}{\numberline {3}{\ignorespaces Payment processing with Paypal. (From: W3c Web Payments IG.)\relax }}{3}}
\newlabel{fig:paypal}{{3}{3}}
\citation{chaum1983blind}
\@writefile{toc}{\contentsline {section}{\numberline {3}Taler}{4}}
\@writefile{lof}{\contentsline {figure}{\numberline {4}{\ignorespaces Taler system overview.\relax }}{4}}
\newlabel{fig:system}{{4}{4}}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.1}Web payment workflow}{4}}
\@writefile{toc}{\contentsline {paragraph}{Withdrawing coins}{4}}
\@writefile{lof}{\contentsline {figure}{\numberline {5}{\ignorespaces Withdrawing coins with Taler.\relax }}{4}}
\newlabel{fig:taler-withdraw}{{5}{4}}
\newlabel{subfig:login}{{6a}{5}}
\newlabel{sub@subfig:login}{{a}{5}}
\newlabel{subfig:withdraw}{{6b}{5}}
\newlabel{sub@subfig:withdraw}{{b}{5}}
\newlabel{subfig:exchange}{{6c}{5}}
\newlabel{sub@subfig:exchange}{{c}{5}}
\newlabel{subfig:pin}{{6d}{5}}
\newlabel{sub@subfig:pin}{{d}{5}}
\@writefile{lof}{\contentsline {figure}{\numberline {6}{\ignorespaces Required steps in a Taler withdrawal process.\relax }}{5}}
\newlabel{fig:withdrawal}{{6}{5}}
\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces Card payment processing with 3DS. (From: W3c Web Payments IG.)\relax }}{6}}
\providecommand*\caption@xref[2]{\@setref\relax\@undefined{#1}}
\newlabel{fig:cc3ds}{{1}{6}}
\@writefile{toc}{\contentsline {paragraph}{Spending coins}{7}}
\@writefile{lof}{\contentsline {figure}{\numberline {7}{\ignorespaces Payment processing with Taler.\relax }}{7}}
\newlabel{fig:taler-pay}{{7}{7}}
\newlabel{subfig:cart}{{8a}{8}}
\newlabel{sub@subfig:cart}{{a}{8}}
\newlabel{subfig:payment}{{8b}{8}}
\newlabel{sub@subfig:payment}{{b}{8}}
\newlabel{subfig:fulfillment}{{8c}{8}}
\newlabel{sub@subfig:fulfillment}{{c}{8}}
\@writefile{lof}{\contentsline {figure}{\numberline {8}{\ignorespaces Required steps in a Taler checkout process.\relax }}{8}}
\newlabel{fig:shopping}{{8}{8}}
\@writefile{toc}{\contentsline {paragraph}{Bookmarks and deep links}{8}}
\citation{rfc6454}
\citation{cors}
\@writefile{toc}{\contentsline {paragraph}{Giving change and refunds}{9}}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.2}NFC payments}{9}}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.3}Peer-to-peer payments}{9}}
\citation{target}
\citation{pcidss}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.4}Usability for merchants}{10}}
\@writefile{toc}{\contentsline {section}{\numberline {4}Discussion}{10}}
\@writefile{toc}{\contentsline {subsection}{\numberline {4.1}Security risks}{10}}
\citation{munichicecream}
\@writefile{toc}{\contentsline {subsection}{\numberline {4.2}Failure modes}{11}}
\@writefile{toc}{\contentsline {subsection}{\numberline {4.3}Comparison}{11}}
\citation{diaspora2011}
\bibstyle{abbrv}
\bibdata{ui,btc,taler,rfc}
\@writefile{toc}{\contentsline {section}{\numberline {5}Conclusion}{12}}
\@writefile{lol}{\contentsline {lstlisting}{figs/taler\textendash presence.js}{13}}
\@writefile{lof}{\contentsline {figure}{\numberline {9}{\ignorespaces Sample code to detect the Taler wallet. Allowing the Web site to detect the presence of the wallet leaks one bit of information about the user. The above logic also works if the wallet is installed while the page is open.\relax }}{13}}
\newlabel{listing:presence}{{9}{13}}
\@writefile{lol}{\contentsline {lstlisting}{figs/taler\textendash contract.js}{14}}
\@writefile{lof}{\contentsline {figure}{\numberline {10}{\ignorespaces Sample code to pass a contract to the Taler wallet. Here, the contract is fetched on-demand from the server. The {\tt  taler\_pay()} function needs to be invoked when the user triggers the checkout.\relax }}{14}}
\newlabel{listing:contract}{{10}{14}}
\@writefile{lof}{\contentsline {figure}{\numberline {11}{\ignorespaces Both the customer's client and the merchant's server execute sensitive cryptographic operations in a secured background/backend that is protected against direct access. Interactions with the Taler exchange from the wallet background to withdraw coins and the Taler backend (Figure\nobreakspace  {}4\hbox {}) to deposit coins are not shown. Existing system security mechanisms are used to isolate the cryptographic components (boxes) from the complex rendering logic (circles), hence the communication is restricted to JavaScript signals or HTTP(S) respectively.\relax }}{14}}
\newlabel{fig:frobearch}{{11}{14}}