A Privacy-Preserving Electronic Payment System for DRM
This addresses privacy concerns for consumers in online DRM-based transactions, though it is incremental as it builds on existing anonymization techniques.
The paper tackles the problem of customer privacy leakage during online payments in DRM systems, where even anonymized purchases can reveal preferences through price information. Their solution uses unlinkable one-unit payment steps to ensure anonymity, allowing customers to acquire licenses without revealing identity or content details, and includes a dispute resolution mechanism.
One of major considerations in an online business is customer privacy. Consumers are not interested in being monitored and identified by sellers. Some solutions are proposed to hide selection of the customer but in the payment phase, there will be a leakage of information as online shopper can infer some information about customer's preference due to the price, which is paid by customer. This is a big threat to customer privacy. Our solution to this problem consists of a number of one-unit payment steps that cannot be linked to each other or to customer's identity. At the end of purchase, content provider will receive appropriate amount of money while customer will acquire a valid license anonymously. Content provider will not be able to gain any information about the customer or the content that is purchased. In addition, a dispute resolution scheme is presented for cases of conflict between customer and content provider. A series of analyses on the security, complexity and DRM requirements are presented which indicate security and practicality of our scheme.