We propose and investigate a credential system employing on-line electronic wallets. More specifically, we start out with a generalization of the architecture first developed in the seminal European research project CAFE . Our new model enables you to leave most of the content of your electronic wallet in the security of your residential (or trusted third party) electronic keeper while travelling with your favorite mobile gadgets. For instance, mobile handsets with both short range Bluetooth and cellular GPRS communications provide a sufficient communication platform for this electronic wallet system. On the other hand, this new model opens up to new attack types that must be carefully analyzed, and security protocols must be developed and adapted. The proposed approach is fundamentally distinct from existing remote wallet proposals, in that it protects important user requirements by taking a multiparty security approach using a fully decentralized architecture. Technically, the user may remain in control of the input/output and usage of his credentials. At the same time, the model provides a solution to the pressing practical problem of the multitude of special-branded cards users have to carry and manage. Legacy systems, such as debit and credit magnetic stripe and chip cards, are easily included within our architecture with only minor enhancement . Our aim is to show how to achieve payment mobility, loss-tolerance, and independence of both terminals and payment service providers while maintaining secure access to payment authorization credentials.
Researchers: Stig F. Mjølsnes, Aslak Bakke Buan, Vegard Steinsholt, Raul Hernandez, Marius Gjerde, Sjur Bakka, Øyvind Schøyen Aasbrenn.