{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,30]],"date-time":"2026-03-30T15:57:24Z","timestamp":1774886244234,"version":"3.50.1"},"reference-count":46,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2025,2,22]],"date-time":"2025-02-22T00:00:00Z","timestamp":1740182400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2025,5,31]]},"abstract":"<jats:p>Current mobile payment schemes gather detailed information about purchases customers make. This data can then be used to infer a customer\u2019s spending behaviour, potentially violating their privacy. To tackle this problem, we propose an untraceable mobile payment scheme that strikes a better balance, preserving user privacy while allowing the Third-Party Service Provider (TPSP) to collect necessary information such as card details and transaction amount for regulatory compliance. Our scheme offers untraceability for legitimate users from malicious adversaries and curious TPSPs using cryptographic primitives such as partially blind signatures, zero-knowledge proofs, and identity-based signatures. It also guarantees that only authorised TPSPs can issue valid payment tokens, and even with limited data, the TPSP can still prevent dishonest customers\/merchants from double-spending a payment token. We also propose a comprehensive evaluation framework to assess the untraceable payment schemes against seven key criteria such as untraceability, exculpability\u2014merchant double-spending, exculpability\u2014customer double-spending, unforgeability, confidentiality, message authenticity, efficiency, and regulatory compliance. We rigorously benchmark the security and privacy of our proposed payment scheme against this framework and other established schemes. Furthermore, we formally verify these properties using complexity-based analysis and Proverif modelling.<\/jats:p>","DOI":"10.1145\/3706421","type":"journal-article","created":{"date-parts":[[2024,11,30]],"date-time":"2024-11-30T10:20:09Z","timestamp":1732962009000},"page":"1-29","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["A Trustworthy and Untraceable Centralised Payment Protocol for Mobile Payment"],"prefix":"10.1145","volume":"28","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8771-4193","authenticated-orcid":false,"given":"Jeyamohan","family":"Neera","sequence":"first","affiliation":[{"name":"Department of Computer and Information Sciences, Northumbria University, Newcastle upon Tyne, United Kingdom of Great Britain and Northern Ireland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9267-355X","authenticated-orcid":false,"given":"Xiaomin","family":"Chen","sequence":"additional","affiliation":[{"name":"Department of Computer and Information Sciences, University of Reading, Reading, United Kingdom of Great Britain and Northern Ireland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9500-3970","authenticated-orcid":false,"given":"Nauman","family":"Aslam","sequence":"additional","affiliation":[{"name":"Department of Computer and Information Sciences, Northumbria University, Newcastle upon Tyne, United Kingdom of Great Britain and Northern Ireland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1109-8715","authenticated-orcid":false,"given":"Biju","family":"Issac","sequence":"additional","affiliation":[{"name":"Department of Computer and Information Sciences, Northumbria University, Newcastle upon Tyne, United Kingdom of Great Britain and Northern Ireland"}]}],"member":"320","published-online":{"date-parts":[[2025,2,22]]},"reference":[{"key":"e_1_3_1_2_2","doi-asserted-by":"publisher","DOI":"10.5555\/646765.704138"},{"issue":"42","key":"e_1_3_1_3_2","first-page":"28","article-title":"The dark side of Bitcoin.","author":"Allman Kate","year":"2018","unstructured":"Kate Allman. 2018. The dark side of Bitcoin. Law Societ. J.42 (2018), 28\u201329.","journal-title":"Law Societ. J."},{"key":"e_1_3_1_4_2","doi-asserted-by":"publisher","DOI":"10.5555\/1770231.1770270"},{"issue":"3","key":"e_1_3_1_5_2","first-page":"637","article-title":"Secure untraceable off-line electronic cash system","volume":"20","author":"Baseri Yaser","year":"2013","unstructured":"Yaser Baseri, Benyamin Takhtaei, and Javad Mohajeri. 2013. Secure untraceable off-line electronic cash system. Scient. Iran. 20, 3 (2013), 637\u2013646.","journal-title":"Scient. Iran."},{"key":"e_1_3_1_6_2","doi-asserted-by":"publisher","DOI":"10.1007\/11426639_18"},{"key":"e_1_3_1_7_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-28628-8_4"},{"key":"e_1_3_1_8_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10660-018-9302-2"},{"key":"e_1_3_1_9_2","first-page":"1","volume-title":"International Conference on System Science and Engineering (ICSSE\u201918)","author":"Chang Ya-Fen","year":"2018","unstructured":"Ya-Fen Chang, Wei-Liang Tai, Yao-Ching Liu, and Huan-Wen Chen. 2018. Vulnerability of Baseri et\u00a0al.\u2019s untraceable offline electronic cash system. In International Conference on System Science and Engineering (ICSSE\u201918). IEEE, 1\u20135."},{"key":"e_1_3_1_10_2","first-page":"385","volume-title":"8th International Conference on Parallel and Distributed Systems (ICPADS\u201901)","author":"Chien Hung-Yu","year":"2001","unstructured":"Hung-Yu Chien, Jinn-Ke Jan, and Yuh-Min Tseng. 2001. RSA-based partially blind signature with low computation. In 8th International Conference on Parallel and Distributed Systems (ICPADS\u201901). IEEE, 385\u2013389."},{"key":"e_1_3_1_11_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1983.1056650"},{"key":"e_1_3_1_12_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jfineco.2019.03.004"},{"key":"e_1_3_1_13_2","doi-asserted-by":"publisher","DOI":"10.1093\/rfs\/hhz015"},{"key":"e_1_3_1_14_2","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616577"},{"key":"e_1_3_1_15_2","doi-asserted-by":"publisher","DOI":"10.1145\/3335741.3335750"},{"key":"e_1_3_1_16_2","doi-asserted-by":"publisher","DOI":"10.1093\/ietfec\/e90-a.5.980"},{"key":"e_1_3_1_17_2","doi-asserted-by":"publisher","DOI":"10.1007\/s12652-021-03672-1"},{"key":"e_1_3_1_18_2","first-page":"129","volume-title":"24th USENIX Security Symposium (USENIX Security\u201915)","author":"Heilman Ethan","year":"2015","unstructured":"Ethan Heilman, Alison Kendler, Aviv Zohar, and Sharon Goldberg. 2015. Eclipse attacks on Bitcoin\u2019s peer-to-peer network. In 24th USENIX Security Symposium (USENIX Security\u201915). 129\u2013144."},{"key":"e_1_3_1_19_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2008.01.013"},{"key":"e_1_3_1_20_2","doi-asserted-by":"publisher","DOI":"10.1007\/s13369-016-2115-5"},{"key":"e_1_3_1_21_2","first-page":"29","volume-title":"1st International Conference on Advancements in Interdisciplinary Research (AIR\u201922)","author":"Jha Ravi Shankar","year":"2023","unstructured":"Ravi Shankar Jha, Saleh Umar, Tokpe Kossi, and Ouattara Mohamad Lamine. 2023. Token bases valid and secure payment system using SHA-256. In 1st International Conference on Advancements in Interdisciplinary Research (AIR\u201922). Springer, 29\u201338."},{"key":"e_1_3_1_22_2","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382292"},{"key":"e_1_3_1_23_2","doi-asserted-by":"publisher","DOI":"10.1108\/IJBM-04-2019-0155"},{"key":"e_1_3_1_24_2","doi-asserted-by":"publisher","DOI":"10.3390\/jrfm11040063"},{"key":"e_1_3_1_25_2","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2020.2992148"},{"issue":"6","key":"e_1_3_1_26_2","first-page":"36","article-title":"An efficient ID-based partially blind signature scheme and application in electronic-cash payment system","volume":"2","author":"Kumar Mahender","year":"2016","unstructured":"Mahender Kumar and C. P. Katti. 2016. An efficient ID-based partially blind signature scheme and application in electronic-cash payment system. Accent. Trans. Inf. Secur 2, 6 (2016), 36\u201342.","journal-title":"Accent. Trans. Inf. Secur"},{"key":"e_1_3_1_27_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.hcc.2021.100031"},{"key":"e_1_3_1_28_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.hcc.2021.100031"},{"issue":"5","key":"e_1_3_1_29_2","first-page":"2628","article-title":"An offline electronic payment system based on an untraceable blind signature scheme","volume":"11","author":"Kutubi Md Abdullah Al Rahat","year":"2017","unstructured":"Md Abdullah Al Rahat Kutubi, Kazi Md Rokibul Alam, Rafaf Tahsin, G. G. Ali, Peter Han Joo Chong, and Yasuhiko Morimoto. 2017. An offline electronic payment system based on an untraceable blind signature scheme. KSII Trans. Internet Inf. Syst. 11, 5 (2017), 2628\u20132645.","journal-title":"KSII Trans. Internet Inf. Syst."},{"key":"e_1_3_1_30_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-024-00816-0"},{"key":"e_1_3_1_31_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.2969565"},{"key":"e_1_3_1_32_2","doi-asserted-by":"publisher","DOI":"10.5555\/2633692.2633712"},{"key":"e_1_3_1_33_2","volume-title":"Handbook of Applied Cryptography","author":"Menezes Alfred J.","year":"2018","unstructured":"Alfred J. Menezes, Paul C. Van Oorschot, and Scott A. Vanstone. 2018. Handbook of Applied Cryptography. CRC Press."},{"key":"e_1_3_1_34_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.34"},{"key":"e_1_3_1_35_2","first-page":"21260","article-title":"Bitcoin: A peer-to-peer electronic cash system","author":"Nakamoto Satoshi","year":"2008","unstructured":"Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. Decentraliz. Bus. Rev. (2008), 21260. https:\/\/static.upbitcare.com\/931b8bfc-f0e0-4588-be6e-b98a27991df1.pdf","journal-title":"Decentraliz. Bus. Rev."},{"key":"e_1_3_1_36_2","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom.2012.28"},{"key":"e_1_3_1_37_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.elerap.2015.11.004"},{"issue":"2","key":"e_1_3_1_38_2","first-page":"115","article-title":"GOOD, bad and dark Bitcoin: A systematic literature review","volume":"3","author":"Rahardja Untung","year":"2021","unstructured":"Untung Rahardja, Qurotul Aini, Eka Purnama Harahap, and Raihan Raihan. 2021. GOOD, bad and dark Bitcoin: A systematic literature review. Aptisi Trans. Technopren. 3, 2 (2021), 115\u2013119.","journal-title":"Aptisi Trans. Technopren."},{"key":"e_1_3_1_39_2","doi-asserted-by":"publisher","DOI":"10.1109\/UIC-ATC.2017.8397623"},{"key":"e_1_3_1_40_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSEC.2016.7859939"},{"key":"e_1_3_1_41_2","unstructured":"Statista. 2023. Mobile Commerce Retail Sales Worldwide from 2021 to 2026. Retrieved from https:\/\/www.statista.com\/statistics\/379046\/worldwide-retail-e-commerce-sales-mobile\/"},{"key":"e_1_3_1_42_2","unstructured":"Tidio. 2023. Mobile Commerce Statistics: Trends Growth Predictions. Retrieved from https:\/\/www.tidio.com\/blog\/mobile-commerce-statistics\/"},{"key":"e_1_3_1_43_2","doi-asserted-by":"publisher","DOI":"10.3390\/sym10120685"},{"issue":"4","key":"e_1_3_1_44_2","first-page":"708","article-title":"Two birds with one stone: Two-factor authentication with security beyond conventional bound","volume":"15","author":"Wang Ding","year":"2016","unstructured":"Ding Wang and Ping Wang. 2016. Two birds with one stone: Two-factor authentication with security beyond conventional bound. IEEE Trans. Depend. Secure Comput. 15, 4 (2016), 708\u2013722.","journal-title":"IEEE Trans. Depend. Secure Comput."},{"key":"e_1_3_1_45_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACSC.2001.906642"},{"key":"e_1_3_1_46_2","doi-asserted-by":"publisher","DOI":"10.5555\/1760479.1760514"},{"key":"e_1_3_1_47_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2018.10.012"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3706421","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3706421","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:18:04Z","timestamp":1750295884000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3706421"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,2,22]]},"references-count":46,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2025,5,31]]}},"alternative-id":["10.1145\/3706421"],"URL":"https:\/\/doi.org\/10.1145\/3706421","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,2,22]]},"assertion":[{"value":"2024-05-24","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-11-20","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-02-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}