Privacy-preserving webshopping with attributes

Online shopping is one of the most important applications on the Internet and it is one that has been steadily growing over the last decade. With increasing numbers of online shopping transactions there are also raising concerns over privacy and protection of the customer data collected by the webshops. This is why, we need privacy-preserving technologies for online shopping, in the interest of both users and businesses. To design shopping transactions where privacy is one of the main design considerations, we propose to use attributes. Attributes are pieces of data about an entity that are authenticated by some party. Attribute-based technologies go back more than a decade and they have mainly been used for access control, identity management and encryption. In this paper, however, we demonstrate that they can naturally be employed for various transactions in electronic commerce. In particular, we propose a cryptographic webshopping scheme based on attribute-based credentials. It preserves the functional and security properties required in practice for webshopping, while providing much more privacy for the purchasers. Privacy in this context is defined in terms of data minimization and unlinkability: Purchasers reveal exactly as much information as required in each transaction while leaving no traces that can be linked to their other transactions. In our scheme, a webshop does not learn a purchaser's identity, her financial information (e.g. credit card number or account number) or shipping details (e.g. house address). A bank that processes the payment does not learn the relationship between webshops and purchasers.