Privacy-Preserving Payment Splitting

by   Saba Eskandarian, et al.

Widely used payment splitting apps allow members of a group to keep track of debts between members by sending charges for expenses paid by one member on behalf of others. While offering a great deal of convenience, these apps gain access to sensitive data on users' financial transactions. In this paper, we present a payment splitting app that hides all transaction data within a group from the service provider, provides privacy protections between users in a group, and provides integrity against malicious users or even a malicious server. The core protocol proceeds in a series of rounds in which users either submit real data or cover traffic, and the server blindly updates balances, informs users of charges, and computes integrity checks on user-submitted data. Our protocol requires no cryptographic operations on the server, and after a group's initial setup, the only cryptographic tool users need is AES. We implement the payment splitting protocol as an Android app and the accompanying server. We find that, for realistic group sizes, it requires fewer than 50 milliseconds per round of computation on a user's phone and the server requires fewer than 300 microseconds per round for each group, meaning that our protocol enjoys excellent performance and scalability properties.


page 1

page 2

page 3

page 4


SPOT: Secure and Privacy-preserving prOximiTy protocol for e-healthcare systems

This paper introduces SPOT, a Secure and Privacy-preserving prOximity ba...

Real-time Analysis of Privacy-(un)aware IoT Applications

Users trust IoT apps to control and automate their smart devices. These ...

Less is More: A privacy-respecting Android malware classifier using Federated Learning

Android remains an attractive target for malware authors and as such, th...

Privacy Preserving Face Retrieval in the Cloud for Mobile Users

Recently, cloud storage and processing have been widely adopted. Mobile ...

Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps

Video conferencing apps (VCAs) make it possible for previously private s...

Enabling Efficient Privacy-Assured Outlier Detection over Encrypted Incremental Datasets

Outlier detection is widely used in practice to track the anomaly on inc...

Verifiable and Provably Secure Machine Unlearning

Machine unlearning aims to remove points from the training dataset of a ...

Please sign up or login with your details

Forgot password? Click here to reset