Digital Cash: Secure wallets for online and offline payments

Slide 1

Slide 1 text

Digital Cash Secure wallets for online and offline payments Lars Hupel Java Card Forum Webinar 2024-12-09

Slide 2

Slide 2 text

No content

Slide 3

Slide 3 text

Digital Cash • What is it? • How do wallets work? • Where is it used? • How can I pay?

Slide 4

Slide 4 text

Central Bank Digital Currency CBDC Banknotes Bank deposits and e-money Issued by the central bank Digital money

Slide 5

Slide 5 text

The move towards CBDC is gaining momentum 94% of central banks worldwide are actively engaged in CBDC work are developing proof-of- concept technology 54% 31% are deploying pilot projects Source: Bank for International Settlements, 2023-24

Slide 6

Slide 6 text

More than 13 million adults in the EU face financial exclusion More than 13 million adults in the EU face financial exclusion

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

No content

Slide 10

Slide 10 text

Modelling digital cash after physical cash Feel of paper Watermark Hologram Private/public keypair

Slide 11

Slide 11 text

Wallet form factors

Slide 12

Slide 12 text

Now, where is my money? Custodial wallet Bearer wallet

Slide 13

Slide 13 text

No content

Slide 14

Slide 14 text

Hardware wallet requirements Secure Element (eSE/eSIM/SIM/ external) NFC Bluetooth (LE) Companion app

Slide 15

Slide 15 text

A simple payment Date: 2024-11-06 Time: 10:15 CET Payer: 014ca3 Payee: me Amount: 20 € Token transported via E2E-encrypted channel (SCP) Public Key: 0xCAFE Amount: 20 € Public key (without metadata) for integrity check Date: 2024-11-06 Time: 10:15 CET Payer: me Payee: 023ab5 Amount: 20 € Metadata kept in both wallets; shared on demand Wallet ID = pseudonym; KYC managed by intermediary

Slide 16

Slide 16 text

No content

Slide 17

Slide 17 text

Payer identity Payee identity Authenticity Ownership

Slide 18

Slide 18 text

Security requirements of (digital) money Payer identity Authenticity Ownership Non-repudiation No double spending No tracing Payee identity

Slide 19

Slide 19 text

A security architecture with three lines of defence Strong hardware security Secure payment protocols & channels Central Bank as the final authority 50€

Slide 20

Slide 20 text

Designs that create confidence

Slide 21

Slide 21 text

Reference projects

Slide 22

Slide 22 text

Mobile app integration

Slide 23

Slide 23 text

No content

Slide 24

Slide 24 text

No content

Slide 25

Slide 25 text

How would payments work in practice?

Slide 26

Slide 26 text

2021

Slide 27

Slide 27 text

No content

Slide 28

Slide 28 text

No content

Slide 29

Slide 29 text

“The EMV applications on the smart cards were not appropriate for storing offline balances … Therefore, we developed a new application that could store offline balances on the smart cards. This new application was not based on EMV standards so we also needed to deploy a new kernel …”

Slide 30

Slide 30 text

Application selection (Offline) CBDC registered with dedicated AID Prioritization handled by terminal or customer device

Slide 31

Slide 31 text

Traditional user journey Issuing bank Acquiring bank Card network Terminal Customer 1. Present device 2. App. Selection 3. Online payment 4. Clearing and settlement

Slide 32

Slide 32 text

Offline user journey Issuing bank Acquiring bank Terminal Customer 1. Present device 2. App. Selection 4. Redemption/reconciliation 3. Funds transfer 0. Top-up

Slide 33

Slide 33 text

Application Selection Offline transfer of funds Reconciliation

Slide 34

Slide 34 text

No content

Slide 35

Slide 35 text

TC 68/SC 2/WG 13 ISO/CD 13133 BSI TR-03179-2

Slide 36

Slide 36 text

Questions? Answers! Lars Hupel https://lars.hupel.info lars.hupel@gi-de.com