Privacy-Preserving Payment Splitting

by   Saba Eskandarian, et al.

Widely used payment splitting apps allow members of a group to keep track of debts between members by sending charges for expenses paid by one member on behalf of others. While offering a great deal of convenience, these apps gain access to sensitive data on users' financial transactions. In this paper, we present a payment splitting app that hides all transaction data within a group from the service provider, provides privacy protections between users in a group, and provides integrity against malicious users or even a malicious server. The core protocol proceeds in a series of rounds in which users either submit real data or cover traffic, and the server blindly updates balances, informs users of charges, and computes integrity checks on user-submitted data. Our protocol requires no cryptographic operations on the server, and after a group's initial setup, the only cryptographic tool users need is AES. We implement the payment splitting protocol as an Android app and the accompanying server. We find that, for realistic group sizes, it requires fewer than 50 milliseconds per round of computation on a user's phone and the server requires fewer than 300 microseconds per round for each group, meaning that our protocol enjoys excellent performance and scalability properties.



There are no comments yet.


page 1

page 2

page 3

page 4


Real-time Analysis of Privacy-(un)aware IoT Applications

Users trust IoT apps to control and automate their smart devices. These ...

Less is More: A privacy-respecting Android malware classifier using Federated Learning

Android remains an attractive target for malware authors and as such, th...

Privacy Preserving Face Retrieval in the Cloud for Mobile Users

Recently, cloud storage and processing have been widely adopted. Mobile ...

Information Theoretic Secure Aggregation with User Dropouts

In the robust secure aggregation problem, a server wishes to learn and o...

AnFlo: Detecting Anomalous Sensitive Information Flows in Android Apps

Smartphone apps usually have access to sensitive user data such as conta...

Enabling Efficient Privacy-Assured Outlier Detection over Encrypted Incremental Datasets

Outlier detection is widely used in practice to track the anomaly on inc...

Express: Lowering the Cost of Metadata-hiding Communication with Cryptographic Privacy

Existing systems for metadata-hiding messaging that provide cryptographi...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.