1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
|
{% extends "common/base.j2" %}
{% block body_content %}
<script>
function expand(n) {
var x = document.getElementById(n);
console.log(x);
x.setAttribute("style", "");
}
</script>
<style>
h2 {
margin-top: 1em;
}
</style>
<div class="container">
<div class="row">
<div class="col">
<h1>GNU Taler: Design Principles</h1>
</div>
</div>
<p>When designing GNU Taler, we had the following design principles in mind:</p>
<div class="row">
<div class="col-lg-6">
<h2>1. Free Software implementation</h2>
<p>
GNU Taler must be <a href="https://www.gnu.org/philosophy/free-sw.html">Free Software</a>.
For merchants, our Free Software
reference implementation prevents vendor lock-in. As
the software of the payment provider itself is free, countries can
deploy the payment system without compromising sovereignty.
</p>
<p>
Customers benefit from Free Software
as the wallet software can be made to run on a variety of platforms, and
the absence of user-hostile features such as tracking or telemetry can easily be
assured.
</p>
</div>
<div class="col-lg-6">
<p>IMAGE.</p>
</div>
</div>
<div class="row">
<div class="col-lg-6">
IMAGE.
</div>
<div class="col-lg-6">
<h2>2. Protect the privacy of buyers</h2>
<p>
Privacy should be guaranteed via technical measures, as opposed to mere
policies. Especially with micropayments for online content, a disproportion-
ate amount of rather private data about buyers would be revealed, if the
payment system does not have privacy protections.
</p>
<p>
In legislations with data protection regulations (such as the recently introduced GDPR in Europe),
merchants benefit from this as well, as
no data breach of customers can happen if this information is, by design,
not collected in the first place. Obviously some private data, such as the
shipping address for a physical delivery, must still be collected according to
business needs.
</p>
</div>
</div>
<div class="row">
<div class="col-lg-6">
<h2>3. Enable the state to tax income and crack down on illegal business activities</h2>
<p>
As a payment system must still be legal to operate and use, it must comply
with these requirements. Furthermore, we consider levying of taxes as
beneficial to society.
</p>
</div>
<div class="col-lg-6">
IMAGE.
</div>
</div>
<div class="row">
<div class="col-lg-6">
IMAGE.
</div>
<div class="col-lg-6">
<h2>4. Prevent payment fraud</h2>
<p>
This imposes requirements on the security of the system, as well as on the
general design, as payment fraud can also happen through misleading user
interface design or the lack of cryptographic evidence for certain processes.
</p>
</div>
</div>
<div class="row">
<div class="col-lg-6">
<h2>5. Only disclose the minimal amount of information necessary</h2>
<p>
The reason behind this goal is similar to (2). The privacy of buyers is given
priority, but other parties such as merchants still benefit from it, for example,
by keeping details about the merchant’s financials hidden from competitors.
</p>
</div>
<div class="col-lg-6">
IMAGE.
</div>
</div>
<div class="row">
<div class="col-lg-6">
IMAGE.
</div>
<div class="col-lg-6">
<h2>6. Be usable</h2>
<p>
Specifically it must be usable for non-expert customers. Usability also
applies to the integration with merchants, and informs choices about the
architecture, such as encapsulating procedures that require cryptographic
operations into an isolated component with a simple API.
</p>
</div>
</div>
<div class="row">
<div class="col-lg-6">
<h2>7. Be efficient</h2>
<p>
Approaches such as proof-of-work are ruled out by this requirement. Effi-
ciency is necessary for GNU Taler to be used for micropayments.
</p>
</div>
<div class="col-lg-6">
IMAGE.
</div>
</div>
<div class="row">
<div class="col-lg-6">
IMAGE.
</div>
<div class="col-lg-6">
<h2>8. Avoid single points of failure</a></h2>
<p>
While the design we present later is rather centralized, avoiding single
points of failure is still a goal. This manifests in architectural choices such
as the isolation of certain components, and auditing procedures.
</p>
</div>
</div>
<div class="row">
<div class="col-lg-6">
<h2>9. Foster competition</h2>
<p>
It must be relatively easy for competitors to join the systems. While the
barriers for this in traditional financial systems are rather high, the technical
burden for new competitors to join must be minimized. Another design
choice that supports this is to split the whole system into smaller compo-
nents that can be operated, developed and improved upon independently,
instead of having one completely monolithic system.
</p>
</div>
<div class="col-lg-6">
IMAGE.
</div>
</div>
</div>
{% endblock body_content %}
|
