Merx: Secure and Privacy Preserving Delegated Payments

  • Christopher Soghoian
  • Imad Aad
Conference paper

DOI: 10.1007/978-3-642-00587-9_14

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5471)
Cite this paper as:
Soghoian C., Aad I. (2009) Merx: Secure and Privacy Preserving Delegated Payments. In: Chen L., Mitchell C.J., Martin A. (eds) Trusted Computing. Trust 2009. Lecture Notes in Computer Science, vol 5471. Springer, Berlin, Heidelberg

Abstract

In this paper we present Merx, a secure payment system that enables a user to delegate a transaction to a third party while protecting the user’s privacy from a variety of threats. We assume that the user does not trust the delegated person nor the merchant and wishes to minimize the information transmitted to the user’s bank. Our system protects the user from fraud perpetrated by the delegated party or by the merchant. The scheme has a number of other applications such as delegating the withdrawal of cash from Automated Teller Machines ATM and allowing companies to restrict an employee’s expenses during business trips. Merx is designed to be used with mobile phones and mobile computing devices, especially in situations where end-users do not have access to the Internet. We evaluate the performance of the proposed mechanism and show that it requires negligible overhead and can be gradually deployed as it is able to piggyback on existing payment-network infrastructures.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Christopher Soghoian
    • 1
  • Imad Aad
    • 2
  1. 1.Berkman Center for Internet and SocietyHarvard UniversityUSA
  2. 2.DOCOMO Euro-LabsGermany

Personalised recommendations