Secure Payment Networks PDF Lecture Notes 2024

Summary

This lecture document covers various aspects of secure payment networks. It details the structure of financial institutions, payment schemes, authentication methods, and financial transactions. The document also examines the role of distributed ledger technology in the context of secure financial transactions.

Full Transcript

Secure Payment Networks
- Networks for Monetary Transactions -

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
1
 Contents Lecture 2024
Introduction
Structure of Financial Institutes
Architecture of payment schemes and stakeholders for Monetory
Transaction Solutions
Secure Authentication methods
– Multi Factor Authentication
– Biometrics
– Encryption/PKI/Digital Signature
Networks attacks
Examples for payment applications
Securing protocols for transactions
Secure Server and Cloud Solutions
Distributed Ledger Technology - Solutions for Financial Transactions
Crypto currency vs. regulated Financial Transactions
Standardisation and Certification

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
2
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
3
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
4
 Central Bank Money vs. Bank Money

CBDC

Connected Central Bank
Banknote Sovereignity

Banknote
International Sourcing

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
5
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
6
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
7
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
8
Example Architecture

Source: O Reilly

9
Example Architecture

Source: https://hazelcast.com/use-cases/payment-processing

10
Example Architecture

Source: https://hazelcast.com/use-cases/payment-processing

Confidential! 11
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
12
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
13
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
14
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
15
Secure Payment Networks
Authentication

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
1
 Contents Lecture 2024
Introduction, Organization of the lecture
Structure of Banks and Saving Banks
Structure of Networks and Payment Schemes and
Stakeholders
Secure Authentication methods
– Multi Factor Authentication
– Biometrics
– Encryption/PKI/Digital Signature

– Verification

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
2
 Definition

Verification
Authentication is the process of determining the identity of a person or an
object. Verification, on the other hand, focuses on confirming that something
is true.

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
3
 Many techniques such as multi-factor
authentication, re-use tokens such as
FIDO, and links to Credential Service
Providers (CSPs) providing federation
are additional security controls that
can be implemented to offset the risk
or pre-compromised usernames and
passwords. CSPs have an ability to
validate a contextual identity not just a
single authentication.

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
4
Authentication requirements
Authentication based on a username and password combination is the most common
form of authentication. As the level of security increases within an application then
simple usernames and passwords are no longer acceptable as passwords are often
considered pre-breached.

These are important requirements because they help to fulfill many compliance
requirements including PCI DSS 3.2, NIST 800-53, NIST 800-63.
A breakdown of authentication requirements, the list can include:

1. Password Requirements
2. General Authenticator Requirements
3. Authenticator Lifecycle Requirements
4. Credential Storage Requirements
5. Credential Recovery Requirements
6. Look-up Secret Verifiers
7. Out of Band Verifiers
8. Single or Multi-Factor One-Time Verifiers
9. Cryptographic Software and Devices Verifiers
10. Service Authentication

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
5
 Root Authentication
Root Authentication means the base of Authentication:

1. Birth document
2. ID Documents
3. …

Root Authentication channels:

1. Presence
2. Online

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
6
 EU ID Wallet: application fields

Attribute
VC
VC
Industry 4.0
Evidence
VC

User Social Security
Different sets of attributes can
support different authentication
processes.
VC

Payment network

Source: Infineon

2022-03-31 7
 Multi Factor Authenication
MFA with One Time Password

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
8
 Multi Factor Authenication
Two Channel Communication

Source: https://www.researchgate.net/figure/Authentication-protocol-using-OTP_fig2_254179

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
9
 Multi Factor Authenication
Two Channel Communication
Two channel authentication is a mode of authentication to ensure the
validity of the client metadata provided by sending and receiving OTP
from one channel to the application and receiving from another
channel

Source: https://www.researchgate.net/figure/Authentication-protocol-using-OTP_fig2_254179

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
10
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
11
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
12
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
13
 Payment Service Directive (PSD 2)

Source: https://www.eba.europa.eu/publications-and-media/press-releases/eba-clarifies-application-strong-customer-authentication
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
14
10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
15
 eIDAS

The eIDAS Regulation:
Ensures that people and businesses can use their own national electronic identification schemes (eIDs)
to access public services in other EU eID are available.

Creates an European internal market for eTS - namely electronic signatures, electronic seals, time
stamp, electronic delivery service and website authentication - by ensuring that they will work across
borders and have the same legal status as traditional paper based processes. Only by providing certainty
on the legal validity of all these services, businesses and citizens will use the digital interactions as their
natural way of interaction.

The eIDAS regulation brings benefits to European businesses, citizens and
government services. Consult the infographics below to explore how eIDAS can benefit
you.

Source: https://www.docusign.de/eidas
https://ec.europa.eu/digital-single-market/en/news/webinar-benefits-eid-
and-trust-services-professional-services-sector

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
16
 Verification
Online Offline
Video Ident

DSGV (GDPR…General Data Protection
Regulation)

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
17
 PKI Introduction
Elements of PKI
A typical PKI consists of hardware, software, policies and standards to manage the creation, administration,
distribution and revocation of keys and digital certificates.
Digital certificates are at the heart of PKI as they affirm the identity of the certificate subject and bind that identity
to the public key contained in the certificate.

A typical PKI includes the following key elements:
A trusted party, called a certificate authority (CA), acts as the root of trust and provides services that authenticate
the identity of individuals, computers and other entities
A registration authority, often called a subordinate CA, certified by a root CA to issue certificates for specific uses
permitted by the root
A certificate database, which stores certificate requests and issues and revokes certificates
A certificate store, which resides on a local computer as a place to store issued certificates and private keys
A CA issues digital certificates to entities and individuals after verifying their identity. It signs these certificates
using its private key; its public key is made available to all interested parties in a self-signed CA certificate. CAs use
this trusted root certificate to create a "chain of trust" -- many root certificates are embedded in Web browsers so
they have built-in trust of those CAs. Web servers, email clients, smartphones and many other types of hardware
and software also support PKI and contain trusted root certificates from the major CAs.
Along with an entity’s or individual’s public key, digital certificates contain information about the algorithm used to
create the signature, the person or entity identified, the digital signature of the CA that verified the subject data
and issued the certificate, the purpose of the public key encryption, signature and certificate signing, as well as a
date range during which the certificate can be considered valid.

Source: G&D, Veridos, techtarget.com, https://www.youtube.com/watch?v=EizeExsarH8

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
18
 PKI stakeholder

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
19
 Key Handling
Key Usage
PKI and CA keys and certificates can be used in many applications, including IPsec and other VPN protocols, web based security protocols like Secure
Sockets Layer (SSL), Transaction Layer Security (TLS) and Secure HTTP, as well as Secure Shell, PGP, etc. In some of these applications, multiple key
pairs may be issued. One key set might be used for authentication and encryption, while another key set might be used for digital signatures. This
enables us to have the first key pair escrowed and backed up without compromising the privacy of the owners digital signature, and therefore avoid
misuse.
Key Expiration
At some time keys will expire. The lifetime of the key is defined at the time of the key creation, using valid from and valid to fields. Once the key
expires, it must be removed from the system and destroyed. Then, the new key should be created for the owner. Expired keys are not added to the
CRL.
Key Revocation
During the lifetime of the key, there may be situations in which we will have to revoke the key. Key revocation takes place in situations in which
owner information changes, like domain name, company name, etc. Also, revocation can occur in case of key theft, if the key has been compromised,
or in case of acceptable use policy violation.
Once the key is revoked, it is listed in the Certificate Revocation List (CRL) and the Online Certificate Status Protocol (OCSP) server is updated. This
way clients can query OCSP server to find the status of the certificate. Status of the certificate can be valid, suspended, and revoked. A suspended
certificate is one which is still valid, but is temporarily removed from valid use. Suspended certificate can be reactivated again.
Renewing Keys
We can renew a certificate before it expires. We use our current key and sign the request for the new key. This way we don’t have to go trough the
process of proving our identity, and the new key can be issued very quickly.
Key Update is a related process to renewing, in which a new key is generated by modifying the old key that is still valid.
Destroying Keys
Key destruction takes place when key is no longer useful. When a key is to be destroyed, we need to notify the CA so that they can update their CRL
and OCSP servers.
Deregistration
Deregistration means that all information for the owner of the key gets invalid and is to be removed from the server. This happens, for example,
when the company who owns the key stops existing. Deregistration is different from revocations because in revocation, only the key gets revoked,
while the owner information remains valid. In deregistration all information of the owner is deleted from the CA database.

Source: http://www.utilizewindows.com/key-management-principles/

https://www.lrz.de/services/pki/einf/ (Encryption Systems)

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
20
 Digital Signature
Private companies and governments agencies all around the word
make huge investments for the automation of their processes and
in the management of the electronic documentation.
The main requirement in the management of digital documentation
is its equivalence, from a legal perspective, to paperwork, affixing a
signature on a digital document is the fundamental principle on
which are based the main processes of authorization and validation,
apart from the specific area of applica on.
Main benefits for the introduction of digital signing processes are
cost reduction and complete automation of documental workflow,
including authorization and validation phases.
In essence, digital signatures allow you to replace the approval
process on paper, slow and expensive, with a fully digital system,
faster and cheaper.

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
21
Digital Signature process

Source: researchgate.net

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
22
 Digital Signature Process
A Digital signature is a one-way hash, of the original data, that has been encrypted with the signer’s private key. A
digital signature process is composed by the following steps:
The signer calculates the hash for the data he needs to sign. The message digest is a file size small (160-bit SHA-1
now deprecated, with 256-bit SHA-256) that contains some sort of control code that refers to the document. The
hash function is produced minimizing the likelihood to get the same value of the digest from different texts and is
also “one way” function: this means that from calculates hash it is impossible to get back the original text.
The signer, using his private key, encrypt the hash calculate.
Signer sends the original data and the digital signature to the receiver. The pair (document and signature) is a
signed document or a document to which was attached a signature. The document is in clear text but it has the
signature of the sender and can be sent so that it can be read by anyone but not altered since the digital signature
guarantees also integrity of the message.
For the verification, The receiving software first uses the signer’s public key to decrypt the hash, then it uses the
same hashing algorithm that generated the original hash to generate a new one-way hash of the same data. The
receiving software compares the new hash against the original hash. If the two hashes match, the data has not
changed since it was signed.
The authenticity of a document can be verified by anyone decrypting the signature of the document with the
sender’s public key, obtaining the fingerprint of the document, then comparing it with that obtained by applying
the hash function (which is known) to the document received which was attached the signature. If the two
fingerprints are equal, the authenticity and integrity of the document are demonstrated.
The signing and verification operations may be delegated to a schedule issued by the certification.
Thanks to the mechanism shown, the digital signature ensures non-repudiation: the signer of a document
transmitted cannot deny having sent it and the receiver can deny to have received it. In other words means that
the information cannot be ignored, as in the case of a conventional signature on a paper document in the
presence of witnesses.

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
23
 Examples
Resuming, digital signatures can reliably automate the signatures of authorization allowing the
elimination of paper, reducing costs and improving the speed of production processes.
By virtue of all these advantages, the digital signature can be particularly useful for:
Government agencies in regulated sectors with workflows subject to formal approval;
organizations must submit documents that need to be approved by various offices;
representatives of organizations that use, or services that require commercial building and the
provision of reports or contracts signed;
Away from executives such as a signature is required to activate the processes;
organizations which cooperate with external partners and require approval for workflows;
Web portals with external modules that require compilation and signing.
Note that the type of documents to which to apply the digital signature is particularly composite,
and includes:
– sales proposals, contracts with customers.
– purchase orders, contracts / agreements with partners.
– contracts, agreements, acts of the board.
– leases, contracts, expense reports and reimbursement approvals.
– Human Resources: Documentation of employment of employees, presence control cards.
– Life Sciences: Questions and proposals, QC records, standard operating procedures (SOPs), policies, work
instructions.
– Mechanical work: drawings, sketches, plans, instructions and relations of production.
health services: medical and patient consent forms, medical exams, prescriptions, laboratory reports.

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
24
Qualified Digital Signature
A qualified electronic signature is an electronic signature that is compliant to EU Regulation No 910/2014 (eIDAS Regulation) for
electronic transactions within the internal European market. It enables to verify the authorship of a declaration in electronic data
exchange over long periods of time. Qualified electronic signatures can be considered as digital equivalent to handwritten
signatures.(Dawn M. "Qualified Electronic Signatures For eIDAS". Cryptomathic. Retrieved 13 June 2016. Qualified Electronic
Signature". Bundesnetzagentur. Retrieved 13 June 2016)
What are the eSignatures Assurance Levels Under eIDAS?
Regulations such as eIDAS have developed their own eSignature classifications based on trust and assurance. These terms signify the level of assurance provided by different types of signatures
as specified by the goals of the regulation.
The following classifications are the terms presented by eIDAS with the goal of creating a common foundation and framework for secure electronic signatures to enhance trust and facilitate
interoperability and cross-border usage and acceptance.
eIDAS have also created an accreditation for delivering eSignatures with the highest level of assurance (qualified electronic signatures) and in doing so, they have changed the market for
eSignatures in Europe. Let’s look into how they have done this.
Basic Level Electronic Signatures
Advanced Electronic Signatures
Qualified Electronic Signatures
A qualified electronic signature is:
An advanced electronic signature that is created by a qualified signature creation device and which is based on a qualified certificate for electronic signatures.
First, let’s look at what a ‘qualified signature creation device’ is. According to eIDAS requirements,
The device must ensure:
The confidentiality of the electronic signature creation data
The electronic signature creation data used for electronic signature creation can practically only occur once
The electronic signature creation data used for signature creation cannot be derived and the signature is protected against forgery using current available technology
The electronic signature creation data used for signature creation can be reliably protected by the legitimate signatory against use by others
The device shall not alter the data to be signed or prevent such data from being presented to the signatory prior to signing
Generating or managing signatory data on behalf of the signatory may only be done by a qualified trust service provider
Without prejudice to point (d) of point 1, qualified trust service providers managing electronic signature creation data on behalf of the signatory may duplicate the electronic signature creation
data only for back-up purposes provided the following requirements are met:
The security of the duplicated datasets must be at the same level as for the original datasets
The number of duplicated datasets shall not exceed the minimum needed to ensure continuity of the service
It might seem a bit vague (probably because they are covering themselves so as to stay in line with technological standards in the future), but what the regulation is saying is that if you are using a
qualified electronic signature, you must be storing the creation and signature data on a highly reliable and assured device.
What hardware is reliable enough to do this? Our advice is to store this information in a HSM (Hardware Service Module) which can be stored in your organization in a secure place. For it to have
all the security features mentioned above, you would need the HSM to be in line with FIPS 140-2 Level 3 at minimum, which is a security standard created for cryptographic modules like a HSM.
The next part of the definition for qualified electronic signatures says that data on the device must be based on a ‘qualified certificate for electronic signatures’. As opposed to advanced
electronic signatures, which do not outright say you have to use a Digital Certificate, the definition for qualified says that a certificate is a must. A qualified certificate can only be purchased from
a Certificate Authority who is also ISO 15408 accredited as per the regulation.
EU Member states are required to recognize the validity of a qualified electronic signature that has been created using a qualified certificate from another member state.

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
25
Signature types

10/27/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
26
Authentication
Biometrics

1
 Definition Biometrics
Biometrics is the technical term for body measurements and calculations.

There are two types of biometrics: Physiological measurements They can be either morphological or
biological. Morphological identifiers mainly consist of fingerprints, the hand's shape, the finger, vein
pattern, the eye (iris and retina), and the face's shape.

It refers to metrics related to human characteristics. Biometrics authentication (or realistic authentication) is
used in computer science as a form of identification and access control. It is also used to identify individuals in
groups that are under surveillance.

Biometric identifiers are the distinctive, measurable characteristics used to label and describe individuals.
Biometric identifiers are often categorized as physiological versus behavioral characteristics. Physiological
characteristics are related to the shape of the body. Examples include, but are not limited to fingerprint, palm
veins, face recognition, DNA, palm print, hand geometry, iris recognition, retina and odour/scent. Behavioral
characteristics are related to the pattern of behavior of a person, including but not limited to typing rhythm,
gait, and voice. Some researchers have coined the term behaviometrics to describe the latter class of
biometrics.

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
2
Types of Biometrics

Top3 for Government

Source for Biometric Algorithm
https://www.hindawi.com/

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
3
Biometrics: Process phases
Enrollment

A major approach for fingerprint recognition today is to extract minutiae
from fingerprint images and to perform fingerprint matching based on the
Record of several images number of corresponding minutiae pairings. One of the most difficult
problems in fingerprint recognition has been that the recognition
Calculation of characteristics performance is significantly influenced by fingertip surface condition,
which may vary depending on environmental or personal causes.
Storage of characteristics in Addressing this problem, this paper presents a fingerprint recognition
algorithm using phase-based image matching. The use of phase
– Database components in 2D (two-dimensional) discrete Fourier transforms of
fingerprint images makes possible to achieve highly robust fingerprint
– On Token recognition for low-quality fingerprints. Experimental evaluation using a
set of fingerprint images captured from fingertips with difficult conditions
Source: https://www.okta.com/HS
(e.g., dry fingertips, rough fingertips, allergic-skin fingertips) demonstrates
an efficient recognition performance of the proposed algorithm compared
with a typical minutiae-based algorithm.

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
4
Biometrics: Image compression
Interoperability

The JPEG-2000 standard, known formally as ISO/IEC International Standard 15444. The concepts and methods
involved in JPEG-2000 image coding are outlined, concentrating on the JPEG-2000 baseline and the features that
distinguish JPEG-2000 from other image coding methods.
Source: Brislawn, C., Quirk, M.: Image compression with the JPEG-2000

The Federal Bureau of Investigation (FBI) has formulated national specifications for digitization and compression of
gray-scale fingerprint images. The compression algorithm [Fed93] for the digitized images is based on adaptive
uniform scalar quantization of a discrete wavelet transform subband decomposition, a family of techniques referred to
as wavelet/scalar quantization (WSQ) methods.

Grother, P., McCabe, M., Watson, C., Indovina, M., Salamon, W., Flanagan, P., Tabassi, E., Newton, E.,
Wilson, C.: MINEX: Performance and Interoperability of the INCITS 378 Fingerprint Template. NIST
MINEX Evaluation Report (2006)

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
5
Biometrics: Verification/Identification

Verification 1:1
Identification 1:n
Calculation of characteristics
Match of characteristics in
– Database
– On Token

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
6
Biometrics: Evaluation

False Acceptance Rate
False Rejection Rate
Equal Error Rate

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
7
Biometric Identification: Security levels

Hidden feature: Life-long biometric
3 DNA Fingerprint
Dedicated devices  Proliferation 
2 for inspection: Commodity
Iris; Face  Spoofable
Fingerprint,  Changes with time
1 Behavioral
Manual inspection  Inaccurate
or smartphone  Morphing risks
camera:  Agents get tired
Photo
identification

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
8
 Rapid DNA

 Restricted output only ID “Who is
who” not more => for Verification
 Processing time 90 min
 FAR/FRR “One of a trillion”
 Mobile Application

Source: Ande, Thermofischer

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
9
 Biometrics and AI

How does AI make biometric authentication more secure?

Several years ago, when biometric identity verification was still in its infancy, this technology was quite susceptible
to being tricked – in some cases, it was enough to hold a photo of the authorized person in front of the camera to
fool facial recognition (this is called a presentation attack). However, biometric methods are much more precise
today and therefore offer higher security as an authentication method than passwords and PINs. This is not least
due to the use of artificial intelligence. For example, if you want to unlock the smartphone with a fingerprint, the AI
compares the data that has just been collected with the stored reference data on the fingerprint of the same
person. Only when the data matches is the mobile phone unlocked. Machine learning algorithms recognize the
patterns in biometric data automatically and with high precision. In addition, AI systems learn from a growing
amount of data, continuously improving their ability to distinguish biometric data from counterfeits.

Source: https://www.onlinesicherheit.gv.at/Services/News/KI-Risiken-Biometrische-Authentifizierung.html

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
10
Biometrics: Evaluation, Certification

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
11
ABIS Bordercontrol Solution

Example of a border control solution
including VISA Application.

This version is with central database.
DLT solutions are in pilots for testing.

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
12
 ABIS Enrollment Station

 Mobile Enrollment Kit includes:
 PC
 Online Connection
 Camera
 Finger Scanner
 Optional Iris Scanner
 Printer

Mobile Verification device

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
13
 ABIS (Automated Biometric
Identification System)

 Duplication checks
 Finger Duplication
 Signature Duplication
 Picture Duplication

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
14
 Data privacy

Source; https://www.aosphere.com/aos/rulefinder-data-privacy-trial?

 EUROPEAN Regulation
 DSGVO
 In combination with biometric data

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
15
 Morphing, Antispoofing

Attacks:

- Morphing

- Anti-Spoofing

Source: Handbook of Biometric Anti-Spoofing
Editors (view affiliations) Sébastien Marcel Mark S. Nixon Julian Fierrez Nicholas Evans

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
16
Biometrics: Security Concept

Integration
Level of security

Organisation

Biometrics

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
17
Biometrics different views…

 Legal Aspects
 Privacy
 Data Storage
 Judicial Assessment
 Operator view
 Easy to use
 Reliability
 Administration costs
 Customer Acceptance

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
18
 Biometrics: Key Questions

Today 2020 2030

Biometrics - a current and future Technology?
Proliferation
Fraud detection
 Technological Potential
 New Approaches
Biometric Methods
Fingerprint
Vein Matching
Iris Recognition
Behavioral Analysis
 New Approaches like
In Motion Identification Utilization + Platforms
Smartcards
Mobile Applications
back-end Server
 Added Value
 Use Cases (e.g. Border Control)

Beyond Biometrics – Prospective Identification Concepts
 Our vision for the future
Authentication without password

****

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
20
Slide 20
 Biometrics
Use Case Secure Remote Identification

Traditional Video Ident

Time to
register and
open an
account

User
convenicence

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
21
 Use case
Border Control benefits from it
Twice as much

travel activity in the next 20 years

Faster

More convenient

More secure

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
22
June 6th, 2017
Biometrics on the Fly

…just walk through

Check via:

- Face recognition
- Secure UHF badge

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
23
 eIdentity potential
Economic value of digital identity is very high

$b p.a.
20
Undetermined
value of future
products and
15 services

10

5

SOURCE: AUSTRALIA POST – DIGITAL IDENTITY WHITE PAPER
0
Reduced Reduced Improveed Consumer Total
cost cost customer value 11 $b
to serve of fraud experience generated

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
24
June 6th, 2017
 Biometrics
 Process efficiency
 Reduction of Total costs of ownership
 Security
 Transparency
 Track and trace functionality

11/3/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
25
 Secure Smartphones Security
Mechanism, mobile Wallets and key
management

1
Why Security Mechanism…
Personal Data Id´s
Business Information
Transaction fraud
Value fraud – mobile payment

Update OS
Apps installations
Browser and websites
Open WLAN
Emails….Ransomware, Phishing
Lost Devices
Sources:
https://www.computerwissen.de/smartphone/pflege-wartung-sicherheit/mobile-secrurity/

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
2
 Banking Security Mechanism
lost phone…
To lock your smartphone in the event of loss, many of these apps simply require
you to send a predefined message with the correct command code to your own
cell phone number. This will delete your personal data on the device or make it
impossible to access it. It is also possible to have a smartphone or mobile-enabled
tablet located by the network operator using its IMEI number - a unique serial
number - under certain conditions. Make a note of this number beforehand.You
can find the IMEI of your device via the Settings app or by using the key code
*#06#. It can also be found on the packaging or on your provider's invoice. It
serves as proof of ownership in the event of theft.

Source: BSI

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
3
Example for offerings
Hardware Security
TEE
Software Security

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
4
Banking Security Mechanism…
Offering example:
We use several layers of proven security technologies and processes to provide
you with secure online access to your accounts and information. These are
continuously evaluated and updated by our experts to ensure that we protect you
and your information. These include:

Secure Socket Layer (SSL) Encryption
Authentication
Firewalls
Computer Anti-Virus Protection
Data Integrity
Ensuring Your Online Safety

Source: Royal Bank of Scotland
Other sources:
https://www.computerwissen.de/smartphone/pflege-wartung-sicherheit/mobile-secrurity/

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
5
Smartphone Security

Pre- and Post- security mechanism

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
6
Security Architectures –Secure Elements

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
7
Smartphone security

Source: Infineon

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
8
Sandbox priciple
In computer security, a sandbox is a security mechanism for separating running
programs, usually in an effort to mitigate system failures or software vulnerabilities from
spreading. It is often used to execute untested or untrusted programs or code, possibly
from unverified or untrusted third parties, suppliers, users or websites, without risking
harm to the host machine or operating system. A sandbox typically provides a tightly
controlled set of resources for guest programs to run in, such as storage and memory
scratch space. Network access, the ability to inspect the host system or read from input
devices are usually disallowed or heavily restricted.
In the sense of providing a highly controlled environment, sandboxes may be seen as a
specific example of virtualization.

A sandbox is an isolated testing environment that enables users to run programs or
execute files without affecting the application, system or platform on which they run....
Without sandboxing, an application or other system process could have unlimited
access to all the user data and system resources on a network.

Source: https://searchsecurity.techtarget.com/definition/sandbox; wikipedia, company
info

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
9
OS Virtualization

Source: Swathi V.N.V.L.S, Swathi A.; International Journal of Advance Research, Ideas and Innovations in Technology

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
10
Trusted Execution Environment (TEE)

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
11
Trusted Execution Environment (TEE)

NVM…Non Volatile Memory

Source: Trusttronic

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
12
 Example ARM Trustzone
Trustzone is system-wide approach to security with hardware-enforced isolation built into the CPU. It provides the perfect starting point for
establishing a device root of trust based on Platform Security Architecture (PSA) guidelines.

Source: ARM

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
13
Secure Display / Keypad

Secure in-
and output
or
Secure OS

New protocols
e.g. ISO/IEC 7816

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
14
 Secure eID card reader
Normal World - NWd Secure World - SWd Realization of the
eID Reader Application ARM TrustZone® with MobiCore® Comfort Reader
TLC API

Trustlet Connector
SmartCard API eID Reader Trustlet Comfort

TCI
(TLC)
ARM TrustZone® with G&D MobiCore
MC Trustlet API

MobiCore®

SmartCard API
High-Level Interface
necessary.
Similar to TR3119 eg. PACE,
NFC

and ISO/IEC 24727

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
15
Mobile Wallet
If you buy a physical/classical wallet, you buy an empty wallet
The classical wallet is a container for your cards, coins, banknotes, ID cards
etc.
You open it, you touch it, you put it into your pocket, you can loose it …

 A physical wallet is the base line of a mobile wallet

A mobile wallet is a graphical user interface on a mobile device and it‘s
empty at the beginning as well
A mobile wallet in the sense of G&D focuses on security relevant
applications
It offers the user the ability to manage those applications
It gives an overview of the user‘s electronical/financial belongings
It‘s an easy front end to online and physical use cases
The mobile wallet provides the same and more use cases a physical
wallet
And: You will never loose it.

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
16
Three Different Scenarios for Mobile Wallets
A B C

3rd 3rd 3rd
party party party … App X&Y
App1 App2 App3
… AppA AppB …

Mobile
Mobile Wallet / Browser
Wallet

Mobile Operating System
of Smart Phone

SCWS / BIP

SIM microSD embedded MobiCore …

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
17
Description of Scenarios A to C
Scenario A
– Generic model, open source approach
– User and provider centric
– Not spread in the market by today
– Examples: Venyon (Midlet), Toro, Halcom
Scenario B
– „Walled Garden“, one issuer who defines the APIs and makes
the selection of one or more applications, but on multi OS
– Operator centric
– Partly introduced in the market by today
– Examples: Telefonica, Vodafone 360, Visa
Scenario C
– One, classical and unique application
– Application and OEM centric
– Widely used in the market by today
– Examples: Bank of America, Paypal, Apple (iPhone & App-Store)

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
18
Simplified Framework of Mobile Wallets
Service Provider (SP) One
Interfaces
Individual

Customer
chooses
his device
Transaction
Interfaces
(SP - User)
One or multiple
Mobile Wallet(s)

… Management
Interfaces

Backend Secure Element(s)

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
19
 Mobile Wallet providers
mFoundry
Zenius
Toro
C-Sam
Firethorn
Halcom
Monitise
Sybase 365
Mobile Distillery (SW House)
Gemalto
Vivotech
First Data
Icon Mobile
Tic Mobile
Handpay (China Union Pay)
Star Money

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
20
 Wallet Applications
Loyalty

Payment Identity
Management

Mobile
Wallet
Physical Service
Access Discovery

Gaming Ticketing

Money
Transfer

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
21
 Key Management TEE
Component Overview
NWd SWd Device
Container

Services
C1 C2

Servic Servic Free
Clients Servic
Servic Servic
Servic Space

e

e
e e
ee ee

ic

ic
rv

rv
Se

Se
Service Manager

TZ Driver TZ Runtime Environment

NWd OS Monitor MTK

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
22
 Enabling & Activation
Enabling
Activation:
- Preparation of a container for third parties
Trust Zone Trust Zone
Trustlets
not functional
functional
Activation
Activation
ACTIVATED
ACTIVATED
Enabling:
- Initialization of Keys
SECURED
SECURED

- Configuration of the TZ
Runtime
TERMINATED
TERMINATED LOCKED

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
23
 Trustlet Life Cycle
Installation
INSTALLED

EXECUTABLE

SERVICE LOCKED
SPECIFIC

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
24
 Key Management Enabling 1.Step
P1

P1 P1

P1

P1

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
25
 Key Management Enabling 2.Step
Generate key pair
TrustZone [SerNO #] Bank branch P1
G&D Install TZ SW and certify PuK.DEV
SerNo (triggers device selection)
Integrity Flash Secure Flash PrK.AUT.DEV
TZ.Bootstrap_1 SerNo CGD.PuK.AUT.DEV =
PuK.Root.GD P1 Sign*[PrK.GuD.AUT.GD](PuK.AUT.DEV)
PuK.AUT.DEV PrK.AUT.DEV *= can be diversified by SerNo

ROM ROM Fuses 1.) Secure channel TZ generates key pair
by Bank’s comm. TZ receives G&D certificate
PuK.OEM.RT
PuK.OEM.SK.Fuse.DEV
channel
2.) G&D dev. auth.
P
TZ exports generated PuK.AUT
G&D signs to C.PuK.AUT
via K.Pers
(see below)
1
TZ receives certificate
TZ can now authenticate in unsafe environment
Receive G&D cert
TrustZone [SerNO #] Bank branch
The bank branch can assure the user’s “act of will” to
Integrity Flash Secure Flash install TZ software (coupled with an immediate charge)
TZ.Boot2 + TZ.SW CGD.PuK.AUT.DEV
PuK.Root.GD P1 TZ.Boot2 + TZ.SW
Open question: Shouldn’t we make it easier to join ?
Idea: Run example application … ?
CGD.PuK.AUT.DEV PrK.AUT.DEV
Confidentiality by
ROM ROM Fuses E[K.Pers]sym. CGD.PuK.AUT.DEV is the generic key to download
where K.Pers = further keys / containers / SW through G&D
PuK.OEM.RT
PuK.OEM.SK.Fuse.DEV
Hash(SK.Fuse.DEV)

After enabling, TZ can be activated and applications can be loaded

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
26
 Key Management Activation
P1

P1 P1

P1

P1

11/11/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
27
 Secure Payment Networks
Blockchain features

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
1
 Blockchain

… for Financial- and Government

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
2
Blockchain..a solution for a
non trusted environment with
no settlement

3
Distributed ledger..use case for the future

Smart contracts are contracts whose terms are recorded in a computer language instead of legal language.
Smart contracts can be automatically executed by a computing system, such as a suitable distributed ledger
system. The potential benefits of smart contracts include low contracting, enforcement, and compliance costs;
consequently it becomes economically viable to form contracts over numerous low-value transactions. The
potential risks include a reliance on the computing system that executes the contract. At this stage, the risks
and benefits are largely theoretical because the technology of smart contracts is still in its infancy, and some
time away from widespread deployment.

Source : https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/492972/gs-16-1-distributed-ledger-
technology.pdf

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
4
 Example System Architecture

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
5
 Example System Architecture

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
6
 Example Tech. Stack Native Apps.

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
7
 Example Etherium Blockchain

Ethereum has well established itself as one of the leading
cryptocurrencies out there.
The blockchain-based platform encompasses a range of features including
smart contracts, the Ethereum Virtual Machine (EVM) and Ether.

The main advantages are:
Speed through - Scalability
Multiapplication through easy Integration of
smart contracts
Security through Encryption methods

8
Hyperledger besu architecture

For the base, we use Hyperledger besu which is a Java-based Ethereum client that
implements Enterprise Ethereum Alliance (EEA) specifications. It can work on public or
private networks, as well as on several test nets. (Bogdanov, 2021)

It provides consensus algorithms well suited for use in blockchain consortia or other
private networks, such as Proof of Work and Proof of Authority. Furthermore, it
supplies peer-to-peer (P2P) networking and storage division to blockchain and world
state data. Additionally, you can create permissioned networks by specifying the nodes
and accounts for participation. Its design is enterprise-friendly for public and private
permissioned network use cases.

Hyperledger besu can be used to develop enterprise applications requiring secure,
high-performance transaction processing in a private network. It includes a command
line interface and JSON-RPC API for running, maintaining, debugging, and monitoring
nodes.
An API or an Application Programming Interface is made up of set of rules and protocols that
allow different software applications to communicate and interact with each other.

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
9
 Consistency and Integrity

The IBFT 2.0 protocol maintains the order of transactions, which guarantees data
The people are chosen at random, and therefore the risk of takeover by a
consistency and integrity. 51% attack is minimized.

It's a three-phase protocol, pre-prepare in which the proposer proposes a block, IBFT 2.0 ensures immediate finality, is robust in an eventually synchronous
network model, and features a dynamic validator set.
prepare, in which the validators agree on a block, and commit, in which validators
agree on a commit. The IBFT 2.0 protocol maintains the order of transactions, which guarantees
data consistency and integrity. The IBFT 2.0 protocol can guarantee

The IBFT algorithm proceeds in rounds with a new block created every T second, decentralization, provenance, privacy, fault tolerance, and immutable.
(Rodrigo D. Garcia, 2022)
where the block period T is a constant configuration parameter. In each round, one
of the validators is selected as the proposer. The proposer creates the new block Furthermore, to track transactions and ensure privacy and auditability, the
IBFT 2.0 protocol maintains a Chain of Custody (CoC). CoC must ensure that
and broadcasts it to all validators with a pre-prepared message. Upon receiving
evidence is not altered during the investigation, despite multiple entities
pre-prepare messages, validators enter the pre-prepared phase and broadcast owning them, to be admissible in a legal court. The CoC in IBFT 2.0 ensures:

prepare messages. This ensures that validators are aligned to the same round and  Integrity: the evidence has not been altered or corrupted during the
block. Upon receiving 2f +1 prepare messages, validators enter the prepared transfer.

phase and broadcast commit messages to inform other validators that they accept  Traceability: the evidence must be traced from the time of its
collection until it is destroyed.
the proposed block. Finally, upon receiving 2f + 1 commit messages, validators
 Authentication: all the entities interacting with evidence must provide
enter the committed phase and insert the block in the blockchain. (Silvia Bonomi,
an irrefutable sign as recognizable proof of their identity.
2018)
 Verifiability: the whole process must be verifiable by every entity
involved during the process.

 Security - Tampering proof: Changeovers of evidence cannot be
altered or corrupted. (Silvia Bonomi, 2018)

Due to this chain of custody, the blockchain stakeholders will be able to know
who used what and when.

10
Example Tokenization based on ERC20

11
Application Transaction Flow

12
Distributed ledger interoperability

The solution based on based on Hyperledger besu, which is built to be Ethereum compatible, it supports
Ethereum-based smart contracts. The smart contract functionality of Ethereum allows smart contracts to be
created on ERC-20, which is a standard that facilitates interoperability. Ethereum-based smart contracts
furthermore allow TWEXGOV Edition to connect and bridge to different networks. By incorporating these features
from Hyperledger besu CDBC solution offers a highly interoperable application that can easily be incorporated with
other networks and allow users to be connected to more and more networks using one application in the future.

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
13
Distributed ledger scalability

Using Hyperledger besu and IBFT 2.0 consensus protocol allows the application to be scaled
dynamically as transaction volumes can be increased using node configuration, node scaling, and
coordination techniques among other things. (Jungwon Seo, 2020) It also supports fast block times and
efficient and eco-friendly consensus algorithms like IBFT 2.0. (Besu, 2022) the solution.

Further ensures that continuous improvement is done in the
system to ensure that the CBDC system evolves with
technological advancements and changing user needs. Regular
upgrades, patches, and feature enhancements help maintain
scalability, security, and performance as the system matures.

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
14
Scalability through two-tier CBDC architecture

15
Distributed ledger configurability

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
16
Distributed ledger beyond blockchain

Highly centralised systems present a high costs single point of failure. They may be vulnerable to
cyber-attack and the data is often out of sync, out of date or simply inaccurate. In contrast,
distributed ledgers are inherently harder to attack because instead of a single database, there are
multiple shared copies of the same database, so a cyber-attack would have to attack all the copies
simultaneously to be successful.

Governments are starting to apply distributed ledger technologies to conduct their business. The
Estonian government has been experimenting with distributed ledger technology for a number of
years using a form of distributed ledger technology known as Keyless Signature Infrastructure (KSI).

But digital cryptocurrencies are of interest to central banks and government finance departments
around the world which are studying them with great interest. This is because the electronic
distribution of digital cash offers potential efficiencies and, unlike physical cash, it brings with it a
ledger of transactions that is absent from physical cash.
In the case of the digital world, there are two sets of rules or codes that control the operation of
digital technologies. The first is the classical set of rules provided by the legislative framework, the
code of law and regulation. The second is the set of rules that determine the operation of the
algorithms encoded by the software. This is the technical code, and there needs to be at least as
much focus on ensuring the rigour of the technical code as on legislative code.
Source: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/492972/gs-16-1-
distributed-ledger-technology.pdf

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
17
Tokenization

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
18
Example Next Gen Datacenter architecture
(Access, Track and Trace, …)

The GSH2 model
Status
Access to Datacenter up to national registers are
provided through API/middleware. In many cases a
use-case management tool is interacting with the DC plus DRC
central data.
DLT
Problems of the existing traditional system (central
datacenter):
 4-6- eye principle can be mis-used – no secured
tacking solution can be ensured.
 Access from non trusted parties is not possible
 No SSI functionality
Therefore the GSG2 is combining the advantages of
both solution (Datacenter/Blockchain) by using both
modules for different purposes.
Using Datacenter for storage and using
DLT/Blockchain for Access and Track and Trace.

Requests including
Track and Trace on blockchain.

No info without consent…
Smart contracts ensure security!
19
 Digital National-ID via DLT
Architecture

CITIZENS GOVERNMENT ENTERPRISE

ONLINE ELECTRONIC SERVICES

SCHOOL HEALTH POLICE BANK
DC plus DRC DC plus DRC
DLT DLT

Certificate eID SECURE LAYER MONITORING
Authority for ISO 27001 ISO 27001
SYSTEM
Electronic Digital
Signature

REGISTRY REGISTRY OF MED. CIVIL REGISTRY REGISTRY REGISTRY OF REGISTRY
OF JUSTICE INSTITUTIONS TOURISTS OF SOCIAL TRANSPORT OF BORDER
& SERVICES WELFARE CONTROL

CENTRALIZED DATABASES

20
Tokenization

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
21
Tokenization

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
22
Example CBDC „Dual – Connected Banknote“

The connected banknote is a customizable CBDC solution that bridges the physical and digital
worlds of a currency and complements cash. Transferring its value is transparent, secure, easy
to use, and fast.

A smart banknote solves three
issues of CBDC:

Offline availability
Limited anonymity
Psychological aspect of
possession of physical things

2 x 2D barcodes
Public Key
Privat Key
Additional security features

05.12.2023 confidential 23
Functions of the solution:

Creation of e-wallet
Installing mobile app
(Android/iOS)
Refilling ewallet
Transfer to other wallets
Transfer to physical cash
Execution of government
payments like Gov employee
payments

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
24
 Proof Of Concept: The Test Cases
(Whole Sales Scenario)

No Test Case
A1 Token Creation/Pre-Issuance, Issuance
A2 Audits
C4: Test Case Example
A3 Creation of a Private Bank as Client
A4 Transfer of tokens to the Private Bank

No Test Case A5 Token redemption

E1 The token is Returns to CB
Centr
al
Bank No Test Case
B1 Transfer funds to Another Bank
Commerc Commerc B2 Create custom fees per transaction
e Bank e Bank B3

Point User/
of Citizen
No Test Case Sale When it comes to sending money from one user to another, e.g.
No Test Case
D1 The point of sale receives the funds in e-currency from Carol who is a user of bank branch 2 sends money to Bob who is
C1 A user purchases a good online with his e-currency
test C1
C2 A user purchases a good at a PoS with his e-currency
a user of bank branch 1, then the benefit becomes evident:
D2 A user purchases something at a PoS with his e-currency
C3 A user creates his e-currency account at the bank
since both branch 1 and 2 maintain the system nodes with the
C4 User A sends money to user B
full transactions history synchronized in real time, the transfer
process for the bank’s accounting system becomes seamless,
real-time, and cost-effective.

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
25
 Proof Of Concept: The Test Cases
(Whole Sales Scenario) Example UML

1.User is willing to perform the deposit into the TokenD via web or mobile
application. It is possible to mark assets created in TokenD as depositable
using the details of an asset (details could be any JSON object, so you can pass
any additional data if needed). To start the deposit flow, a user sends a
request to PSIM.
1. PSIM sends a request to the payment system (in our case,
SafeCharge). Payment system (further referred to as "PS" or
"SafeCharge") generates a unique session ID for the deposit and
returns it back to PSIM. PSIM returns it back to the User.
2.Using their application, a user sends a request where they specify card
details to SafeCharge and receives their unique identifier.
3.User passes a unique identifier of the card, amount to deposit and additional
details to PSIM.
1. PSIM creates a request for the issuance to the TokenD Core. This
request contains the amount to be issued, account on which issuance
should be performed as well as all the required tasks that have to be
processed to have the issuance performed.
2. TokenD Core returns a unique identifier of the request.
3. PSIM passes all the data to PS. PS performs the transfer of funds from
the user’s credit card to the account of the issuer in PS.
4. PSIM approves the issuance request of the corresponding amount of
tokens to a user. For big amounts, it is recommended to request
manual verification by an admin. To do this, PSIM needs to remove
tasks that it is supposed to process and add a new one for an admin
(tasks to be processed are defined by the developers depending on
their needs). After the confirmation that the transfer is legitimate, an
admin removes these tasks and tokens are issued to the user account
5. User receives confirmation that the deposit is successful.

12/8/2024/Dr. Hermann
Sterzinger
Netzwerke für den Zahlungsverkehr
26
Digital Identity in Payment
 Example Bankable environmental Tokens

Datencenter Trading Platform
Entity trading
Ministry trading

Sample KPI definition DC plus DRC

Water DLT

collection AI analytics
Air Statistics
Analysis DC plus DRC

Soil Data processing
DLT

Parameter ISO 27001

Token mint, buy, sell
ISO 27001

On-chain:
Track and trace Token based loans
Access …
Recording

Bonus Payment

In collaboration with

28
 Achievements: Secure, Simple and Speed of
Transaction

Triple-S platform, based on DLT Solution has been tested and
proven. Main advantages:

- Allows to quickly create new business models and
processes
- Enables support of modern security techniques
- Reduces the risk inherent in software development from
scratch
- Allows you to launch an ecosystem within weeks.

DLT is a highly modular system built using the microservices architecture.
It can be divided into two parts:
- DLT-based logic (node) responsible for the key functionalities such as tokens management and distribution, rights
management.
- Auxiliary modules, which interconnect DLT with external systems and store user data.
- strictly confidential -
Terms to know…
AML Anti Money Laundering

API Application Programming Interface

CBDC Central Bank Digital Currency

CRM Customer Relationship Management

GDPR General Data Protection Regulation

ERP Enterprise Resource Planning

IP Identity Provider

KYC Know Your Customer

MVP Minimum Viable Product

PKI Public Key Infrastructure

PSIM Payment System Integration Mo