Anonymous and Fair Micropayment Scheme with Protection against Coupon Theft

Introduction

The field of electronic commerce (e-commerce) evolves day by day introducing new applications and services. One of these applications is the payment of small amounts of money to purchase low cost services or goods. This kind of payments is called micropayment and they have unique functional and security requirements inside the field of electronic payments. Here, a micropayment should offer advantages in contrast with other payment methods that tend to be costly because they are mainly designed for managing larger amounts of money. Therefore, micropayments can easily be applied to the intangible selling of goods such as information (newspapers, product reviews, location-based services, etc.), virtual gifts or electronic data (music, videos, etc). All of these examples involve low-value transactions, so the operational cost has to be as low as possible in order to be profitable for merchants and customers.

On one hand, security properties are a primary concern for the development of micropayment systems to avoid financial risks for merchants and also to ensure privacy for customers. On the other hand, efficiency and the cost for individual transactions are critical factors for the development of these systems. However, efficiency and security are usually opposed, so micropayments must provide a trade-off between these requirements:

• •

  Contribution. In Isern-Deyà et al. (2011) we proposed a novel, efficient and secure micropayment scheme to pay low value items assuring privacy for customers. In this paper we propose an improved version of the protocol. The system uses anonymous and untraceable coins which are used in a fair exchange between customers and merchants to pay the desired good or service. The system detects and avoids double-spending and overspending, protects from forgeability and moreover allows customers to request a secure refund for partially used or unused coins. Moreover, now the customers cannot use the refund subprotocol to fraudulently refund a single spent coupon. We have added a new resolution subprotocol that allows the merchant to deposit the received coupons even when the customers are trying to cheat, avoiding the loss of money, including very small amounts;

• •

  Organization. The work is organized as follows. First we briefly describe the features and security requirements of micropayments. Next section surveys the related work. Following section summarizes the cryptographic background used in our scheme. Then we define the micropayment protocol. In the following section we present a security overview of the protocol. Finally, the work includes the conclusions and future works.

Micropayments Schemes Overview

In this section we list the involved parties and the common protocols in the micropayment model (Papaefstathiou et al., 2004; Poutanen et al., 1998; Schmidt et al., 1999). Moreover, we also enumerate and define the security requirements and functional features of an ideal micropayment system (Lipton et al., 1998; Papaefstathiou et al., 2004; Poutanen et al., 1998; Schmidt et al., 1999).