Annual Workshop February 5th, 2014
description
Transcript of Annual Workshop February 5th, 2014
Annual WorkshopFebruary 5th, 2014
COSIC
inShopnito
A privacy-preserving mobile shopping assistant
3
Customer Loyalty Programs (CLP)
• Goal: to retain existing customers and attract new ones.
• Customers receive benefits• Very popular, adopted by many different
providers: retailers, airlines, restaurants, gas stations, etc.
4
CLPs’ Shortcomings
• Customers’ privacy concerns– CLPs collect too much personal information
• Physical loyalty cards are not scalable– Too may cards, easily lost or stolen
• Physical loyalty cards are not extensible– No support for more
advanced services
5
CLPs and Smartphones
• Smartphones are an attractive platform for CLPs– Very popular, multiple capabilities and
extensibility
• Several Smartphone-based solutions are already available– Loyalty card managers, mobile
wallets, shopping assistants
• Still, privacy concerns are no being addressed
6
inShopnito
• More advanced AND privacy-friendly CLP based on smartphones
• Loyalty points and voucher transactions can be anonymous and unlinkable
• Customer controlled data• Secure storage• Advanced services
– Shopping assistant – Product recommendations
7
inShopnito Benefits
To Providers:• Competitive advantage:
privacy• Competitive advantage:
advanced services• Lower infrastructure costs• Better quality, less
sensitive data• Improved resilience
against attacks
To Customers:• Better privacy guarantees• Customer-controlled
information• Monetization of privacy• Loyalty card
dematerialization• Enhanced shopping
experience• Better protection of loyalty
information
8
Architecture
Credential mgt
Loyalty points mgt
CUSTOMER RETAILER
DB DB
Credential Issuance and Verification
Loyalty points and Vouchers issuance
and verificationinShopnito appInShopnito server
Profile mgt
Secure StorageVoucher mgt
Recommendation system
PriMan
Privacy PreservingRecommendations
UGent - WiCa
Kris Vanhecke, Toon De Pessemier and Luc MartensUgent-WiCa
10
Privacy Preserving Recommendations
• Recommender systems overview
– Right suggestion at the right time to the right person to improve the user experience, to boost sales,...
– Learn customer preferences by collecting and linking
• Customer behavior data (shopping basket contents)
• Product metadata (category, ingredients)
• Customer metadata (age, gender, family situation)
• Contextual information (seasonal)
– Computationally demanding, typically performed on a powerful backend with permanent access to all user data
11
Privacy Preserving Recommendations
• Recommender challenges in MobCom
– Useful suggestions in transparent, privacy-friendly way
– Shopping sessions are unlinkable
• Full shopping history is only available on the mobile device
• Always a cold start problem, some algorithms are not suitable
• Recommendations based on the current shopping basket contents
– Learn customer preferences on mobile device
• Shopping history across multiple retailers
• Limited computational power, battery
• Optionally disclose preferences to retailer at the start of the shopping session to kickstart recommender system
12
Privacy Preserving Recommendations
• Implementation details
– Basic use cases:
• Products you may like based on your basket and/or preferences
• Products similar to the product you just scanned
– Higher value use cases not limited to products:
• Vouchers or coupons for products that may interest you
• Draw attention to current promotions for products you may like
• Suggest recipes and the products required to prepare them
– Insight: customer can see and modify their preferences
– Promise better recommendations if the customerdiscloses their preferences
Secure Storage Module
MSEC
13
Faysal Boukayoua – KU Leuven
14
Motivation: threats
Theft Malware
15
Motivation: Android shortcomings
• Filesystem encryption: not by default
• No application-level secure storage
• Heterogeneity across:– API access: libraries,
middleware, Android versions– secure storage mediums:
• software-based• device-backed• tamperproof hardware
16
Implementation
• App-level access to sensitive data
• Pluralism of secure storage technologies
• API uniformity– Android KeyChain– Tamperproof module
• User authentication
17
Discussion: alternatives
• Less complex setup• Application support required• Typically in-house corporate app
• Centralised policy administration• No changes to client apps• Suitable for 3rd party apps
App 1 App 2 Dedicated app
Client app 1
Client app 2
Privacy-friendly loyalty scheme
SecAnon-DistriNet
Milica Milutinovic – KU Leuven
19
inShopnito loyalty points
• Held by the user
• Signed structure
– Link with credential
– Value
– Expiration information
• Unlinkable gathering and spending
- Commitment- Value- Expiration
20
Obtaining points
- Commitment- Value- Expiration
21
- Commitment- Value- Expiration
Obtaining points
22
Obtaining points: Underlying Operations
23
- Commitment- Value- Expiration
Redeeming points
Proof
24
Benefits
• Chosen level of anonymity
• Privacy-friendly points use
• Assurance for the provider
– Linked with the user
– No double spending
– Controlled sharing
Anonymous eVouchers
ESAT-COSIC
Stefaan Seys – KU Leuven COSIC
User 1User 2Retailer
Issuer1
2
3
4
eVoucher life cycle
X
Specific Voucher Threats
• Changing monetary value• Duplicating or cloning• Counterfeiting (fake vouchers)• Double-spending• Privacy leaks
Initialisation
• Issuer has 2 keys, for:– Secure communications with the
SE– Signing vouchers
• User’s SE has:– Issuer cert for communications– Secret key and cert. to proof
• That the issuer is talking to an SE• The identity of the user
Issuer
UserRetailer
Voucher Issuing
Verify ID userand presence of SE
Generate and Sign Vouchers
Issuer
User
Vouchers
Verify vouchers
TCP
Serial Nr Expiration date
Value Status RSA signature (128 bytes)Voucher:
Establish secure tunnel to the SE
User-to-user payment
User selects vouchers Mark them as “dirty”
Mark as “spent”(delete them)
User
NFC
User
vouchers
Establish secure tunnel between SEs
Verify vouchers
Send ACK
TCP
Merchant redeems money
User selects vouchers Mark them as “dirty”
Mark as “spent”(delete them)
vouchers
Establish secure tunnel between SE and Issuer
Verify vouchers
Send ACK
TCP
IssuerRetailer
32
Privacy
• The user is identified during issuing (the user needs to proof he is entitled to a voucher)
• The Issuer signs the voucher
• The Issuer verifies this voucher when it is redeemed by the merchant
• So why can he not link the Serial Nrs and track the user?
Serial Nr Expiration date
Value Status RSA signature (128 bytes)
33
Privacy
• The answer: fancy crypto (partially blinded signatures)
• During the voucher issuing, the user generates and ‘hides’ or blinds the serial number and sends it to the issuer
• The issuer generates the other values and signs everything
• Finally, the user unblinds the serial number to obtain a valid voucher
Serial Nr Expiration date
Value Status RSA signature (128 bytes)
inShopnito Demonstrator
35
Starting a Shopping Session
inShopnito serverinShopnito app
Server auth.
Shopping profile
DB
User auth. + revealed data
1
2
3
3Customized offers, info.4
DB
Customer Retailer
36
Shopping with inShopnito
inShopnito serverinShopnito app
Update profile
Shopping profile
DB
3
3
3New customized offers, info.4
DB
Customer Retailer
Context info.1
Scan items2
37
Checking Out
inShopnito serverinShopnito app
Shopping profile
DB
3
DB
Customer Retailer
1
(Anonymous) payment +Loyalty Points + Vouchers2
Compute amount due
Issue loyalty points3
4 Update DB
5 Delete shopping profile
Questions?
38