Tokenisation Blacklisting Using Linkable Group Signatures

Assad Umar, Iakovos Gurulian, Keith Mayes, Konstantinos Markantonakis

Research output: Chapter in Book/Report/Conference proceedingConference contribution

346 Downloads (Pure)


Payment cards make use of a Primary Account Number (PAN) that is normally used by merchants to uniquely identify users, and if necessary to deny users service by blacklisting. However, tokenisation is a technique whereby the PAN is replaced by a temporary equivalent, for use in mobile devices that emulate payment cards, but with reduced attack resistance. This paper outlines how tokenised payments contradict the process of blacklisting in open transport systems. We propose the use of a linkable group signature to link different transactions by a user regardless of the variable token. This allows the transport operator to check if a user’s signature is linked to a previous dishonest transaction in the blacklist, while still maintaining the anonymity of the user.
Original languageEnglish
Title of host publicationSecurity and Privacy in Communication Networks
Subtitle of host publication12th EAI International Conference on Security and Privacy in Communication Networks
Number of pages17
ISBN (Electronic)978-3-319-59608-2
Publication statusE-pub ahead of print - 14 Jun 2017

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
ISSN (Print)1867-8211


  • Tokenisation
  • Digital Signatures
  • Blacklisting
  • Mobile Payments
  • Transport Ticketing

Cite this