Suggestion: in-store-transactions

[sebastian]

I got a suggestion for a bitcoin in-store-transactions. The only changes that are required are support for smart cards in bitcoin client, and the possible to do PKCS#12 smart card cryptography and then send out the result of this on the bitcoin network.

This could work in this way:

You have 2 bitcoin adresses.
One, we can call "primary" and the second one "card" adress.

The "card" adress has its private and public keys stored on a smartcard, along with its wallet.dat (wallet.dat needs some compression/formatting to fit a smart card?).
The private key is stored on the smart card in a way that makes its extraction impossible, eg you can only "use" the key on the card, not see it or extract it.

The "card" adress also has everything, private, public and wallet backuped on the same PC as the "primary".

-----

What you do, is to send coins from your primary to your card adress, and then Bitcoin needs a function to transfer the actual coin files to the smart card.

You go to a store and should purchase a package of milk. Then you insert your bitcoin card into the store's reader that is connected to their cash system with a bitcoin client. If its PIN protected, you have to enter your PIN to unlock your smartcard.

Then the Store's bitcoin client calculates the signature on your coins using the smart card's PKCS#12 RSA functions, and then send out a transaction on the bitcoin network cointaining the purchase amount. The store waits until they get some confirmations, and then lets you leave with the milk.

The important is that the store cannot read or see the private key in any way, since then they would be able to "rob" you after you have left with your smartcard.


Blocking of a lost smartcard, is achieved by having the 2 adresses. Since you have a backup of the "card" wallet in your PC, the only thing that needs to be done, is to move all coins left (unspent) on the "card" adress to the "primary" adress, and then the card has 0 coins on it and is unuseable.


This would make a decentralized "card" system like mastercard/visa but completely decentralized.
To make this work, the bitcoin must support smart card readers, and have a possible to have API so when a smartcard is inserted you can do transactions from/to this smart card. The API could be used by everything, like "self checkout lanes", to vending machines, to stores who want to connect it with their regular cashregister system.
The bitcoin client could also have a interface to interact with a smart card and reader, so when you insert a smart card in a connected reader which contans a bitcoin wallet, there could be options to debit or credit the smart card. This would be good for small entities or indiviuals who want to do some affairs IRL with somone.


The good thing is that the system is robbery safe, not even the clerks cannot steal cash from the store since if the store does it right, they have a server in a unaccessible location which have all bitcoins. Since the bitcoin client in the cash computer only does a transaction from the "card" adress using the private key on the smart card, the only thing the clerk have "access" to is a specific smart card.
To prevent from night robberies, the store only needs to "truecrypt" the main server/wallet and a store manager has to enter the password everytime the store opens on the day.

[Mike Hearn]

This is a frequently raised topic so I put together a discussion of it on a wiki page:

https://en.bitcoin.it/wiki/In-store_Transactions

Put simply, smart cards are not a good fit for BitCoin. Smart phones are much closer to what we want and provide a different set of security tradeoffs that's more suitable.

[sebastian]

Mike: Why require EV certificates? They are VERY expensive, and pretty unavailable for those in countries that does not have any available EV certified CA since the EV certification requires in-person validation.

A simpler approach is then that the store have a sign or label at the cash register that contains something that you can verify on your phone, and that is not easly replaceable. That would prevent a corrupt clerk from stealing the store's money to their own wallet.

A simple approach could be a color image created from the bitcoin adress. The color image is posted at the cash register in a tamper resistant fashion, and you simple check that the image that comes up on your phone just looks like the image at the cash register.



But the problem is that not everyone has smartphones, and some stores might not want you to take in your smartphone. There must be a way to use bitcoins in-store without a smartphone. Something that is "natural" to take inside a store without any suspicios looks and such. A smartcard is like a debit card, so it must be sufficently secure.

For example, in *some* electronic stores in sweden, expensive electronics and such are forbidden to take inside if you dont have a receipt on the original purchase, else they have a lawful right to confiscate the phone in question and do a police report on shoplifting/theft (since you can't prove that the phone you have belongs to you and not the store).
I have to leave my phone in the locker outside the store for example, before going in.

For example, you could charge your bitcoin smartcard with a little amount, and then the clerk cannot
transact more than you have on your card loaded. I do it with my VISA card, just charge it a little so if someone skims the card or do malicious transactions
I will not lose more than I have on my card.

With bitcoin cards, you could even charge multiple cards, with different sums. So you could have a card with 500BTC, one card with 100BTC, one card with 50BTC
and one card with 25BTC and one 10BTC card. Then the clerk cannot do a malicious transaction on the card.

If you are gonna buy for lets say for 55 BTC, you just use your 100BTC card.

[Mike Hearn]

Mike: Why require EV certificates? They are VERY expensive, and pretty unavailable for those in countries that does not have any available EV certified CA since the EV certification requires in-person validation.

They wouldn't be required, it'd be nice to support them though.

That'd mainly be for online transactions that are sent to your phone for processing. Maybe I should remove that section given the page is about in-person transactions. Consider if you are shopping online from a computer with a virus on it. You can click on addresses or links to send the address to your phone, which then asks for confirmation. Your wallet is on your phone so the virus can't spend your coins directly. However it can rewrite addresses you see on the page to point at the hackers wallet instead of the merchants. If the addresses can be signed the virus can't do that without making the verified business name disappear.

A simple approach could be a color image created from the bitcoin adress. The color image is posted at the cash register in a tamper resistant fashion, and you simple check that the image that comes up on your phone just looks like the image at the cash register.

Yeah, like identicons.

But the problem is that not everyone has smartphones

They will do soon! Android alone is selling at the rate of several million phones a week, vs exactly zero for custom BitCoin card readers.

I have to leave my phone in the locker outside the store for example, before going in.

OK, but that sounds like a bizarre problem unique to Sweden or even that particular chain of stores. I mean most shops solve that problem with CCTV or anti-theft tags. I've never encountered stores that require you to place phones inside lockers before going in, it must be an absolute business killer.

Anyway, I think the key point here is that nobody today has BitCoin smartcards or readers and there's no way to solve that, short of a large business coming in and doing the necessary development work, selling the cards, building the readers etc. Not going to happen.

Smartphones are just as good, except they are already being deployed en-masse. Nobody has to do anything beyond writing some software.

[sebastian]

[mike]: That is in *addition* to CCTV and anti-theft tags. Just because the shoplifters become "smart" and "bypass/disable" such countermeasures.


What I talk about, when talking about smart cards, is that it could be a optional feature. So smart phones could be the "standard" way of doing it, but for some people the smart card might be the way to go.

Maybe even RFID/NFC cards, but they rarely support Public-key cryptography. Then the *store* only needs a phone belongning to the store to do the actual transaction.



I think we should NOT support EV certificates because of the "monopoly" situation that arises out of EV certificates. Also the problem is that EV certificates require a high level of business with a good credit score and such, you cannot get a EV certificate on a "single-indivual business", which is the smallest form of business you can start.

The problem is that people might start to un-trust businesses which does not have a EV if this possibly is arisen.


The possible to do transactions should be equal for everyone. A simpler approach could be a bitcoin format for DNS. So the shop in question just publishes in their DNS record, a TXT containing like "bitcoin=" and their bitcoin adress. To verify the store in question, you type in a verify field "www.shopname.com" and then *the phone* does a DNS lookup and if the verification pass, it will show "Bitcoin adress OK".

[Zerbie]

With a 10 minute block turn around plus time to confirm the transaction, direct BTC transfers are not very POS friendly.  Although I like your idea, to be realistic, a transaction needs to take place in under 30 seconds.  I've thought about this quite a bit and the only way I can think to make transactions this fast is to have a trusted third party (one that both your store and you trust) hold a small portion of your BTC for quick transactions.  When you go to purchase something, you use a card, phone, or whatever device to tell the third party to release funds to the seller, and the third party verifies the transfer.  Sort of like ClearCoin.

[Stephen Gornick]

I was hoping that bitcoin P2P or some type of third party bitcoin payment service (e.g., a MyBitcoin or something to that effect) would allow me to conduct cashless buying at a retailer yet still preserve my privacy -- something I don't get when paying with a credit or debit payment card.

Of course, I wasn't considering that technology will make it so that identifying me from my payment method will not be necessary to the retailer, as this demo shows:

"So as I approach the screen it recognizes my presence using anonymous video analytics.  The sign is intelligent enough to identify my height and my gender."

from:
http://www.practicalecommerce.com/articles/2648-Mobile-Devices-to-Alter-Retail-Landscape-3-Predictions

Of course, once we are comfortable with having a machine identify our gender and height, it is simply a checkbox somehwere that lets it go to the next level:
 "would you like to receive coupons for discounts and freebies? [allowing us to store your image to allow us to identify you on a future visit?]"