1 / 38

Annual Workshop February 5th, 2014

Annual Workshop February 5th, 2014. COSIC. inShopnito. A privacy -preserving mobile shopping assistant. Customer Loyalty Programs (CLP). Goal : to retain existing customers and attract new ones. Customers receive benefits

lethia
Download Presentation

Annual Workshop February 5th, 2014

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Annual Workshop February 5th, 2014 COSIC

  2. inShopnito A privacy-preserving mobile shopping assistant

  3. Customer Loyalty Programs (CLP) • Goal: to retain existing customers and attract new ones. • Customers receive benefits • Very popular, adopted by many different providers: retailers, airlines, restaurants, gas stations, etc.

  4. CLPs’ Shortcomings • Customers’ privacy concerns • CLPs collect too much personal information • Physical loyalty cards are not scalable • Too may cards, easily lost or stolen • Physical loyalty cards are not extensible • No support for more advanced services

  5. CLPs and Smartphones • Smartphones are an attractive platform for CLPs • Very popular, multiple capabilities and extensibility • Several Smartphone-based solutions are already available • Loyalty card managers, mobile wallets, shopping assistants • Still, privacy concerns are no being addressed

  6. inShopnito • More advancedANDprivacy-friendly CLP based on smartphones • Loyalty points and voucher transactions can be anonymous and unlinkable • Customer controlled data • Secure storage • Advanced services • Shopping assistant • Product recommendations

  7. inShopnito Benefits To Customers: • Better privacy guarantees • Customer-controlled information • Monetization of privacy • Loyalty card dematerialization • Enhanced shopping experience • Better protection of loyalty information To Providers: • Competitive advantage: privacy • Competitive advantage: advanced services • Lower infrastructure costs • Better quality, less sensitive data • Improved resilience against attacks

  8. Architecture CUSTOMER RETAILER PriMan Recommendation system Credential mgt Profile mgt Credential Issuance and Verification Loyalty points mgt DB DB Loyalty points and Vouchers issuance and verification Voucher mgt Secure Storage inShopnito app InShopnito server

  9. Privacy PreservingRecommendations UGent - WiCa Kris Vanhecke, Toon De Pessemier and Luc Martens Ugent-WiCa

  10. Privacy Preserving Recommendations • Recommender systems overview • Right suggestion at the right time to the right person to improve the user experience, to boost sales,... • Learn customer preferences by collecting and linking • Customer behavior data (shopping basket contents) • Product metadata (category, ingredients) • Customer metadata (age, gender, family situation) • Contextual information (seasonal) • Computationally demanding, typically performed on a powerful backend with permanent access to all user data

  11. Privacy Preserving Recommendations • Recommender challenges in MobCom • Useful suggestions in transparent, privacy-friendly way • Shopping sessions are unlinkable • Full shopping history is only available on the mobile device • Always a cold start problem, some algorithms are not suitable • Recommendations based on the current shopping basket contents • Learn customer preferences on mobile device • Shopping history across multiple retailers • Limited computational power, battery • Optionally disclose preferences to retailer at the start of the shopping session to kickstart recommender system

  12. Privacy Preserving Recommendations • Implementation details • Basic use cases: • Products you may like based on your basket and/or preferences • Products similar to the product you just scanned • Higher value use cases not limited to products: • Vouchers or coupons for products that may interest you • Draw attention to current promotions for products you may like • Suggest recipes and the products required to prepare them • Insight: customer can see and modify their preferences • Promise better recommendations if the customerdiscloses their preferences

  13. Secure Storage Module MSEC Faysal Boukayoua – KU Leuven

  14. Motivation: threats Theft Malware

  15. Motivation: Androidshortcomings • Filesystem encryption: notby default • No application-level secure storage • Heterogeneityacross: • API access: libraries, middleware, Androidversions • secure storage mediums: • software-based • device-backed • tamperproof hardware

  16. Implementation • App-level access tosensitive data • Pluralism of secure storage technologies • API uniformity • AndroidKeyChain • Tamperproofmodule • User authentication

  17. Discussion: alternatives • Less complex setup • Application support required • Typically in-house corporate app • Centralised policy administration • No changes toclientapps • Suitablefor 3rd party apps Client app 2 Client app 1 App 2 App 1 Dedicatedapp

  18. Privacy-friendly loyalty scheme SecAnon-DistriNet MilicaMilutinovic – KU Leuven

  19. inShopnito loyalty points • Held by the user • Signed structure • Link with credential • Value • Expiration information • Unlinkable gathering and spending • Commitment • Value • Expiration

  20. Obtaining points • Commitment • Value • Expiration

  21. Obtaining points • Commitment • Value • Expiration

  22. Obtaining points: Underlying Operations

  23. Redeeming points Proof • Commitment • Value • Expiration

  24. Benefits • Chosen level of anonymity • Privacy-friendly points use • Assurance for the provider • Linked with the user • No double spending • Controlled sharing

  25. Anonymous eVouchers ESAT-COSIC COSIC StefaanSeys – KU Leuven

  26. eVoucher life cycle 1 Issuer 3 X 4 2 User 2 User 1 Retailer

  27. Specific Voucher Threats • Changing monetary value • Duplicating or cloning • Counterfeiting (fake vouchers) • Double-spending • Privacy leaks

  28. Initialisation • Issuer has 2 keys, for: • Secure communications with the SE • Signing vouchers • User’s SE has: • Issuer cert for communications • Secret key and cert. to proof • That the issuer is talking to an SE • The identity of the user Issuer User Retailer

  29. Voucher Issuing TCP User Verify ID userand presence of SE Generate and Sign Vouchers Establish secure tunnel to the SE Issuer Vouchers • Verify vouchers Voucher:

  30. User-to-user payment User selects vouchers Mark them as “dirty” Mark as “spent” (delete them) NFC TCP Establish secure tunnel between SEs Verify vouchers Send ACK User User vouchers

  31. Merchant redeems money User selects vouchers Mark them as “dirty” Mark as “spent” (delete them) TCP Issuer Establish secure tunnel between SE and Issuer Verify vouchers Send ACK vouchers Retailer

  32. Privacy • The user is identified during issuing (the user needs to proof he is entitled to a voucher) • The Issuer signs the voucher • The Issuer verifies this voucher when it is redeemed by the merchant • So why can he not link the Serial Nrs and track the user?

  33. Privacy • The answer: fancy crypto (partially blinded signatures) • During the voucher issuing, the user generates and ‘hides’ or blinds the serial number and sends it to the issuer • The issuer generates the other values and signs everything • Finally, the user unblinds the serial number to obtain a valid voucher

  34. inShopnito Demonstrator

  35. Starting a Shopping Session Customer Retailer 1 Server auth. DB DB 2 User auth. + revealed data 3 Customized offers, info. 4 3 Shopping profile inShopnito app inShopnito server

  36. Shopping with inShopnito Customer Retailer 1 Context info. Scan items 2 DB DB 3 Update profile 3 3 New customized offers, info. 4 Shopping profile inShopnito app inShopnito server

  37. Checking Out Customer Retailer Compute amount due 1 Update DB 4 (Anonymous) payment + Loyalty Points + Vouchers DB 2 DB Issue loyalty points 3 3 Shopping profile Delete shopping profile 5 inShopnito app inShopnito server

  38. Questions?

More Related