With Alipay being increasingly accepted in retail stores in US and Europe,
+ European banks continue to lose market share to big technology
+ providers.
+ With GNU Taler, we could establish an open standard with a level
+ playing field preserving the independence of national economies
+ by establishing a commons that protects critical infrastructure
+ from domination by a handful of global players.
+
A major data breach of Indian banks forced these institutions to warn 3.2 million
+ customers that their accounts might have been compromised and that they need
+ to obtain new bank cards and PIN numbers.
+ With GNU Taler, banks can implement privacy by design and minimize data collection,
+ minimizing the impact of security breaches and satisfying GDPR regulations in Europe.
+
Security researchers found evidence of adversaries targeting online shops offering credit cards
+ to steal and resell credit card credentials.
+ With GNU Taler, shops would never receive sensitive personal information such as credit cards,
+ thus hacked online shops would not create such hassles for consumers.
+
Banks are naturally unhappy about shouldering the cost for fraud, and use
+ various tricks to impose the costs on their customers without providing
+ adequate help to minimize fraud.
+ With GNU Taler, cryptography ensures that identity theft and many related
+ types of fraud are no longer possible, allowing banks to offer customers
+ a payment experience where neither side needs to worry about fraud.
+
With ApplePay starting in France, pressure on
+ European banks increase as they are set to
+ lose market share to big technology providers.
+ With GNU Taler, we could establish an open standard with a level
+ playing field preserving the independence of national economies
+ by establishing a commons that protects critical infrastructure
+ from domination by a handful of global players.
+
Security researchers found serious security flaws in the German "electronic cash" system
+ which enable criminals to withdraw funds from merchant accounts based on the information printed
+ on receipts and other information obtained from public sources or point-of-sales terminals purchased
+ online.
+ The German "electronic cash" system is based on the "Poseidon" protocol, for
+ which there is no publicly accessible specification or reference implementation. This has allowed
+ such major security holes to persist for decades.
+
"Suppose you were an advisor to the head of the KGB,
+ the Soviet Secret Police. Suppose you are given the
+ assignment of designing a system for the surveillance of all
+ citizens and visitors within the boundaries of the USSR. The
+ system is not to be too obtrusive or obvious. What would be
+ your decision?"
+ The think tank RAND essentially answered this question with
+ a blueprint for modern payment systems. Taler offers an
+ escape from the financial panopticon.
+
Apple Pay may be easy to use, but the simplistic
+ user identification creates opportunities for fraud,
+ resulting in much higher fraud rates than even with traditional
+ credit card systems.
+ Taler does not require user identification, enabling
+ ease of use while also being effective against fraud.
+
The Visa and MasterCard duopoly has eliminated competition among
+ banks, setting fees that take away a significant share of profits from
+ small merchants.
+ Taler is an open standard with free software
+ implementations, so merchants do not have to fear a lack of competition.
+
Merchants taking credit card data from customers now have to additionally
+ fear banks suing them for losses. It is not suggested that the merchant
+ in question was not in compliance with PCI DSS security audit procedures.
+ With Taler, merchants never handle sensitive personal credit data, and
+ thus neither customers, exchanges nor governments would even have standing to
+ sue merchants in court. Thus, if a merchant system were to be compromised,
+ the damage would be limited to the merchant's own operations.
+
Following Visa and MasterCard's move to biometrics, PayPal
+ now supports authenticating purchases with fingerprint
+ recognition.
+ Hence, police can now forcefully take user's fingerprints and
+ access their mobile computers and possibly empty their electronic wallets
+ in addition to their physical wallets.
+ For Taler, we advise users to protect their digital wallets using
+ passphrases.
+
Yasser Ali reports a now patched vulnerability in PayPal that would
+ have allowed him to reset other user's passwords and take over their
+ accounts. This is unlikely to be the last vulnerability found in
+ account-based payment systems.
+ In Taler, customers do not have accounts with usernames, passwords
+ or associated e-mail addresses. Instead, Taler uses reserves which
+ are represented by a private key on the owner's computer. Users
+ create a reserve by depositing currency at a Taler exchange, and can then
+ withdraw digital coins from that reserve using the respective private
+ key. There is no limit on the number of reserves a user can have, and
+ even hacking the Taler exchange would not provide an adversary with access to
+ user's reserves (as the Taler exchange does not have the private keys).
+ Stealing in Taler requires breaking into each customer's computer to
+ extract the reserve keys or the coins from the digital wallet.
+
Visa and MasterCard are planning to "simplify hated verification
+ systems" by moving from passwords to security codes on mobiles
+ and biometrics. Continuing their flawed insistence on verifying identity,
+ Visa and MasterCard will thus build a very personal picture of their
+ customers, from shopping habbits down to their cardiac rhythm.
+ Taler does not require a customer's identity to verify a payment, as the
+ payment system cryptographically verifies the coins. Thus, Taler does
+ not have to intrude into any personal detail of a citizen's life, and
+ certainly not their private medical data.
+
Despite the EU allowing the NSA access to financial transaction data to
+ track terrorists and organized crime, the NSA saw it necessary to
+ target international payment processors including SWIFT and Visa.
+ As terrorism and organized crime are covered by legal means, industrial
+ espionage to improve the US economy is the only remaining US national
+ interest within the NSA's mandate that would explain this illegal activity.
+ With Taler, exchanges will only learn the value of a merchant's transactions,
+ not who paid or for what (governments may learn what was sold). Thus,
+ the Taler exchange is a significantly less interesting target for industrial
+ espionage.
+