Tokenisation Blacklisting Using Linkable Group Signatures

Assad Umar; Iakovos Gurulian; Keith Mayes; Konstantinos Markantonakis

doi:10.1007/978-3-319-59608-2_10

Tokenisation Blacklisting Using Linkable Group Signatures

Assad Umar, Iakovos Gurulian, Keith Mayes, Konstantinos Markantonakis

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

346 Downloads (Pure)

Abstract

Payment cards make use of a Primary Account Number (PAN) that is normally used by merchants to uniquely identify users, and if necessary to deny users service by blacklisting. However, tokenisation is a technique whereby the PAN is replaced by a temporary equivalent, for use in mobile devices that emulate payment cards, but with reduced attack resistance. This paper outlines how tokenised payments contradict the process of blacklisting in open transport systems. We propose the use of a linkable group signature to link different transactions by a user regardless of the variable token. This allows the transport operator to check if a user’s signature is linked to a previous dishonest transaction in the blacklist, while still maintaining the anonymity of the user.

Original language	English
Title of host publication	Security and Privacy in Communication Networks
Subtitle of host publication	12th EAI International Conference on Security and Privacy in Communication Networks
Pages	182-198
Number of pages	17
ISBN (Electronic)	978-3-319-59608-2
DOIs	https://doi.org/10.1007/978-3-319-59608-2_10
Publication status	E-pub ahead of print - 14 Jun 2017

Publication series

Name	Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
ISSN (Print)	1867-8211

Keywords

Tokenisation
Digital Signatures
Blacklisting
Mobile Payments
Transport Ticketing

Access to Document

10.1007/978-3-319-59608-2_10

Accepted ManuscriptAccepted author manuscript, 302 KB

Cite this

Umar, A., Gurulian, I., Mayes, K., & Markantonakis, K. (2017). Tokenisation Blacklisting Using Linkable Group Signatures. In Security and Privacy in Communication Networks: 12th EAI International Conference on Security and Privacy in Communication Networks (pp. 182-198). (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering). Advance online publication. https://doi.org/10.1007/978-3-319-59608-2_10

Umar, Assad ; Gurulian, Iakovos ; Mayes, Keith et al. / Tokenisation Blacklisting Using Linkable Group Signatures. Security and Privacy in Communication Networks: 12th EAI International Conference on Security and Privacy in Communication Networks. 2017. pp. 182-198 (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering).

@inproceedings{631ca529cf954c89a49b0d3a7e69beb8,

title = "Tokenisation Blacklisting Using Linkable Group Signatures",

abstract = "Payment cards make use of a Primary Account Number (PAN) that is normally used by merchants to uniquely identify users, and if necessary to deny users service by blacklisting. However, tokenisation is a technique whereby the PAN is replaced by a temporary equivalent, for use in mobile devices that emulate payment cards, but with reduced attack resistance. This paper outlines how tokenised payments contradict the process of blacklisting in open transport systems. We propose the use of a linkable group signature to link different transactions by a user regardless of the variable token. This allows the transport operator to check if a user{\textquoteright}s signature is linked to a previous dishonest transaction in the blacklist, while still maintaining the anonymity of the user.",

keywords = "Tokenisation , Digital Signatures , Blacklisting , Mobile Payments, Transport Ticketing",

author = "Assad Umar and Iakovos Gurulian and Keith Mayes and Konstantinos Markantonakis",

year = "2017",

month = jun,

day = "14",

doi = "10.1007/978-3-319-59608-2_10",

language = "English",

isbn = "978-3-319-59607-5",

series = "Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",

pages = "182--198",

booktitle = "Security and Privacy in Communication Networks",

}

Umar, A, Gurulian, I, Mayes, K & Markantonakis, K 2017, Tokenisation Blacklisting Using Linkable Group Signatures. in Security and Privacy in Communication Networks: 12th EAI International Conference on Security and Privacy in Communication Networks. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, pp. 182-198. https://doi.org/10.1007/978-3-319-59608-2_10

Tokenisation Blacklisting Using Linkable Group Signatures. / Umar, Assad; Gurulian, Iakovos; Mayes, Keith et al.
Security and Privacy in Communication Networks: 12th EAI International Conference on Security and Privacy in Communication Networks. 2017. p. 182-198 (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Tokenisation Blacklisting Using Linkable Group Signatures

AU - Umar, Assad

AU - Gurulian, Iakovos

AU - Mayes, Keith

AU - Markantonakis, Konstantinos

PY - 2017/6/14

Y1 - 2017/6/14

N2 - Payment cards make use of a Primary Account Number (PAN) that is normally used by merchants to uniquely identify users, and if necessary to deny users service by blacklisting. However, tokenisation is a technique whereby the PAN is replaced by a temporary equivalent, for use in mobile devices that emulate payment cards, but with reduced attack resistance. This paper outlines how tokenised payments contradict the process of blacklisting in open transport systems. We propose the use of a linkable group signature to link different transactions by a user regardless of the variable token. This allows the transport operator to check if a user’s signature is linked to a previous dishonest transaction in the blacklist, while still maintaining the anonymity of the user.

AB - Payment cards make use of a Primary Account Number (PAN) that is normally used by merchants to uniquely identify users, and if necessary to deny users service by blacklisting. However, tokenisation is a technique whereby the PAN is replaced by a temporary equivalent, for use in mobile devices that emulate payment cards, but with reduced attack resistance. This paper outlines how tokenised payments contradict the process of blacklisting in open transport systems. We propose the use of a linkable group signature to link different transactions by a user regardless of the variable token. This allows the transport operator to check if a user’s signature is linked to a previous dishonest transaction in the blacklist, while still maintaining the anonymity of the user.

KW - Tokenisation

KW - Digital Signatures

KW - Blacklisting

KW - Mobile Payments

KW - Transport Ticketing

U2 - 10.1007/978-3-319-59608-2_10

DO - 10.1007/978-3-319-59608-2_10

M3 - Conference contribution

SN - 978-3-319-59607-5

T3 - Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

SP - 182

EP - 198

BT - Security and Privacy in Communication Networks

ER -

Umar A, Gurulian I, Mayes K , Markantonakis K. Tokenisation Blacklisting Using Linkable Group Signatures. In Security and Privacy in Communication Networks: 12th EAI International Conference on Security and Privacy in Communication Networks. 2017. p. 182-198. (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering). Epub 2017 Jun 14. doi: 10.1007/978-3-319-59608-2_10