Security researchers found serious security flaws in the German "electronic cash" system
which enable criminals to withdraw funds from merchant accounts based on the information printed
on receipts and other information obtained from public sources or point-of-sales terminals purchased
online.
The German "electronic cash" system is based on the "Poseidon" protocol, for
which there is no publicly accessible specification or reference implementation. This has allowed
such major security holes to persist for decades.
"Suppose you were an advisor to the head of the KGB,
the Soviet Secret Police. Suppose you are given the
assignment of designing a system for the surveillance of all
citizens and visitors within the boundaries of the USSR. The
system is not to be too obtrusive or obvious. What would be
your decision?"
The think tank RAND essentially answered this question with
a blueprint for modern payment systems. Taler offers an
escape from the financial panopticon.
Apple Pay may be easy to use, but the simplistic
user identification creates opportunities for fraud,
resulting in much higher fraud rates than even with traditional
credit card systems.
Taler does not require user identification, enabling
ease of use while also being effective against fraud.
The Visa and MasterCard duopoly has eliminated competition among
banks, setting fees that take away a significant share of profits from
small merchants.
Taler is an open standard with free software
implementations, so merchants do not have to fear a lack of competition.
Merchants taking credit card data from customers now have to additionally
fear banks suing them for losses. It is not suggested that the merchant
in question was not in compliance with PCI DSS security audit procedures.
With Taler, merchants never handle sensitive personal credit data, and
thus neither customers, mints nor governments would even have standing to
sue merchants in court. Thus, if a merchant system were to be compromised,
the damage would be limited to the merchant's own operations.
Following Visa and MasterCard's move to biometrics, PayPal
now supports authenticating purchases with fingerprint
recognition.
Hence, police can now forcefully take user's fingerprints and
access their mobile computers and possibly empty their electronic wallets
in addition to their physical wallets.
For Taler, we advise users to protect their digital wallets using
passphrases.
Yasser Ali reports a now patched vulnerability in PayPal that would
have allowed him to reset other user's passwords and take over their
accounts. This is unlikely to be the last vulnerability found in
account-based payment systems.
In Taler, customers do not have accounts with usernames, passwords
or associated e-mail addresses. Instead, Taler uses reserves which
are represented by a private key on the owner's computer. Users
create a reserve by depositing currency at a Taler mint, and can then
withdraw digital coins from that reserve using the respective private
key. There is no limit on the number of reserves a user can have, and
even hacking the Taler mint would not provide an adversary with access to
user's reserves (as the Taler mint does not have the private keys).
Stealing in Taler requires breaking into each customer's computer to
extract the reserve keys or the coins from the digital wallet.
Visa and MasterCard are planning to "simplify hated verification
systems" by moving from passwords to security codes on mobiles
and biometrics. Continuing their flawed insistence on verifying identity,
Visa and MasterCard will thus build a very personal picture of their
customers, from shopping habbits down to their cardiac rhythm.
Taler does not require a customer's identity to verify a payment, as the
payment system cryptographically verifies the coins. Thus, Taler does
not have to intrude into any personal detail of a citizen's life, and
certainly not their private medical data.
Despite the EU allowing the NSA access to financial transaction data to
track terrorists and organized crime, the NSA saw it necessary to
target international payment processors including SWIFT and Visa.
As terrorism and organized crime are covered by legal means, industrial
espionage to improve the US economy is the only remaining US national
interest within the NSA's mandate that would explain this illegal activity.
With Taler, mints will only learn the value of a merchant's transactions,
not who paid or for what (governments may learn what was sold). Thus,
the Taler mint is a significantly less interesting target for industrial
espionage.