8 research outputs found
Fast Privacy-Preserving Punch Cards
Get PDFLoyalty programs in the form of punch cards that can be redeemed for benefits
have long been a ubiquitous element of the consumer landscape. However, their
increasingly popular digital equivalents, while providing more convenience and
better bookkeeping, pose a considerable privacy risk. This paper introduces a
privacy-preserving punch card protocol that allows firms to digitize their
loyalty programs without forcing customers to submit to corporate surveillance.
We also present a number of extensions that allow our scheme to provide other
privacy-preserving customer loyalty features.
Compared to the best prior work, we achieve a reduction in the
computation and a reduction in the communication required to perform
a "hole punch," a reduction in the communication required to redeem
a punch card, and a reduction in the computation time required to
redeem a card. Much of our performance improvement can be attributed to
removing the reliance on pairings or range proofs present in prior work, which
has only addressed this problem in the context of more general loyalty systems.
By tailoring our scheme to punch cards and related loyalty systems, we
demonstrate that we can reduce communication and computation costs by orders of
magnitude
Cryptographic protocols for privacy-aware and secure e-commerce
Get PDFAquesta tesi tracta sobre la investigaci贸 i el desenvolupament de tecnologies de millora de la privadesa per a proporcionar als consumidors de serveis de comer莽 electr貌nic el control sobre quanta informaci贸 privada volen compartir amb els prove茂dors de serveis. Fem servir tecnologies existents, aix铆 com tecnologies desenvolupades durant aquesta tesi, per a protegir als usuaris de la recoleci贸 excessiva de dades per part dels prove茂dors de serveis en aplicacions espec铆fiques. En particular, fem servir un nou esquema de signatura digital amb llindar din脿mic i basat en la identitat per a implementar un mecanisme d'acreditaci贸 de la mida d'un grup d'usuaris, que nom茅s revela el nombre d'integrants del grup, per a implementar descomptes de grup. A continuaci贸, fem servir una nova construcci贸 basada en signatures cegues, proves de coneixement nul i t猫cniques de generalitzaci贸 per implementar un sistema de descomptes de fidelitat que protegeix la privadesa dels consumidors. Per 煤ltim, fem servir protocols de computaci贸 multipart per a implementar dos mecanismes d'autenticaci贸 impl铆cita que no revelen informaci贸 privada de l'usuari al prove茂dor de serveis.Esta tesis trata sobre la investigaci贸n y desarrollo de tecnolog铆as de mejora de la privacidad para proporcionar a los consumidores de servicios de comercio electr贸nico el control sobre cuanta informaci贸n privada quieren compartir con los proveedores de servicio. Utilizamos tecnolog铆as existentes y desarrolladas en esta tesis para proteger a los usuarios de la recolecci贸n excesiva de datos por parte de los proveedores de servicio en aplicaciones especf铆ficas. En particular, utilizamos un nuevo esquema de firma digital basado en la identidad y con umbral din谩mico para implementar un sistema de acreditaci贸n del tama帽o de un grupo, que no desvela ninguna informaci贸n de los miembros del grupo excepto el n煤mero de integrantes, para construir un sistema de descuentos de grupo. A continuaci贸n, utilizamos una nueva construcci贸n basada en firmas ciegas, pruebas de conocimiento nulo y t茅cnicas de generalizaci贸n para implementar un sistema de descuentos de fidelidad que protege la privacidad de los consumidores. Por 煤ltimo, hacemos uso de protocolos de computaci贸n multiparte para implementar dos mecanismos de autenticaci贸n impl铆cita que no revelan informaci贸n privada del usuario al proveedor de servicios.This thesis is about the research and development of privacy enhancing techniques to empower consumers of electronic commerce services with the control on how much private information they want to share with the service providers. We make use of known and newly developed technologies to protect users against excessive data collection by service providers in specific applications. Namely, we use a novel identity-based dynamic threshold signature scheme and a novel key management scheme to implement a group size accreditation mechanism, that does not reveal anything about group members but the size of the group, to support group discounts. Next, we use a novel construction based on blind signatures, zero-knowledge proofs and generalization techniques to implement a privacy-preserving loyalty programs construction. Finally, we use multiparty computation protocols to implement implicit authentication mechanisms that do not disclose private information about the users to the service providers
Privacy-respecting Reward Generation and Accumulation for Participatory Sensing Applications
Get PDFParticipatory or crowd-sensing applications process sensory data contributed by users and transform them to simple visualizations (such as for example noise or pollution levels) that help create an accurate representation of the surrounding environment. Although contributed data is of great interest to individuals, the involvement of citizens and community groups, however, is still limited. Hence, incentivizing users to increase participation seems crucial for the success of participatory sensing.
In this paper, we develop a privacy-preserving rewarding scheme which allows campaign administrators to reward users for the data they contribute. Our system of anonymous tokens allow users to enjoy the benefits of participation while at the same time ensuring their anonymity. Moreover, rewards can be accumulated together thus further increasing the level of privacy offered by the system. Our proposal is coupled with a security analysis showing the privacy-preserving character of the system along with an efficiency analysis demonstrating the feasibility of our approach in realistic deployment settings
Anonymous Point Collection - Improved Models and Security Definitions
Get PDFThis work is a comprehensive, formal treatment of anonymous point collection. The proposed definition does not only provide a strong notion of security and privacy, but also covers features which are important for practical use. An efficient realization is presented and proven to fulfill the proposed definition. The resulting building block is the first one that allows for anonymous two-way transactions, has semi-offline capabilities, yields constant storage size, and is provably secure
Los programas de fidelizaci贸n online: un estudio desde la perspectiva del engagement marketing y las comunidades de marca
Get PDFLa retenci贸n de clientes se ha convertido en uno de los mayores retos a los que se enfrentan las empresas en la actualidad. Dentro de la estrategia de retenci贸n se incluyen los programas de fidelizaci贸n, los cuales adoptan formas muy diversas y han sido objeto de una implantaci贸n masiva por parte de organizaciones pertenecientes a diferentes sectores. Pero en los 煤ltimos tiempos, como ha sucedido con buena parte de las estrategias de marketing, las empresas han hecho uso de Internet para desarrollar sus programas de fidelizaci贸n. En este sentido, Internet cuenta con una serie de peculiaridades como medio de comunicaci贸n que han sido aprovechadas por las empresas para desarrollar sus programas de fidelizaci贸n online (en adelante, PFO). Entre ellas, cabe destacar la posibilidad de suministrar una gran cantidad de informaci贸n y contenidos en sus p谩ginas web, de personalizar el env铆o de la informaci贸n a trav茅s del email marketing y de permitir la interactividad con los usuarios, adem谩s de poder estar permanentemente conectados gracias a las nuevas tecnolog铆as m贸viles. Con respecto a la interactividad, las redes sociales (Facebook, Twitter, etc.) no s贸lo permiten una comunicaci贸n bidireccional entre la empresa y los usuarios sino que tambi茅n posibilitan a estos 煤ltimos, en nuestro caso los miembros de los PFO, a poder interactuar entre ellos, gener谩ndose as铆 comunicaci贸n multidireccional. Por ello, en vista del gran potencial de generaci贸n de interactividad que presentan las redes sociales para las marcas patrocinadoras de PFO, 茅stas est谩n apostando por la creaci贸n de perfiles (principalmente, en Facebook) en los que publican posts con informaci贸n sobre el programa y cuestiones que pueden resultar de inter茅s para los miembros, ofreciendo adem谩s a trav茅s de ellos la posibilidad de que se relacionen. Y en cuanto a la conectividad total de los usuarios, la nueva generaci贸n de smartphones y tablets permiten a las personas interactuar con las marcas en cualquier momento y lugar, y adem谩s, disfrutar de ventajas tales como estar informado al momento de todas las noticias y novedades relativas al programa, acceder a juegos online o poder acumular puntos mediante el escaneo de c贸digos QR (Quick Response), entre otras posibilidades.Departamento de Organizaci贸n de Empresas y Comercializaci贸n e Investigaci贸n de MercadosDoctorado en Econom铆a de la Empres
Unlinkable Updatable Hiding Databases and Privacy-Preserving Loyalty Programs
Get PDFLoyalty programs allow vendors to profile buyers based on their purchase histories, which can reveal privacy sensitive information. Existing privacy friendly loyalty programs force buyers to choose whether their purchases are linkable. Moreover, vendors receive more purchase data than required for the sake of profiling. We propose a privacy-preserving loyalty program where purchases are always unlinkable, yet a vendor can profile a buyer based on her purchase history, which remains hidden from the vendor. Our protocol is based on a new building block, an unlinkable updatable hiding database (HD), which we define and construct. HD allows the vendor to initialize and update databases stored by buyers that contain their purchase histories and their accumulated loyalty points. Updates are unlinkable and, at each update, the database is hidden from the vendor. Buyers can neither modify the database nor use old versions of it. Our construction for HD is practical for large databases
Implementations for Unlinkable Updatable Hiding Databases and Privacy-Preserving Loyalty Programs
Get PDFLoyalty programs allow vendors to profile buyers based on their purchase histories, which can reveal privacy sensitive information. Existing privacy-friendly loyalty programs force buyers to choose whether their purchases are linkable. Moreover, vendors receive more purchase data than required for the sake of profiling. We propose a privacy-preserving loyalty program where purchases are always unlinkable, yet a vendor can profile a buyer based on her purchase history, which remains hidden from the vendor. Our protocol is based on a new building block, an unlinkable updatable hiding database (HD), which we define and construct. HD allows the vendor to initialize and update databases stored by buyers that contain their purchase histories and their accumulated loyalty points. Updates are unlinkable and, at each update, the database is hidden from the vendor. Buyers can neither modify the database nor use old versions of it. Our construction for HD is practical for large databases
