An efficient privacy-preserving pay-by-phone system for regulated parking areas
- PDF / 488,064 Bytes
- 13 Pages / 595.276 x 790.866 pts Page_size
- 5 Downloads / 181 Views
REGULAR CONTRIBUTION
An efficient privacy-preserving pay-by-phone system for regulated parking areas Ricard Borges1
· Francesc Sebé1,2
© Springer-Verlag GmbH, DE 2020
Abstract Traditional pay-and-display ticket machines are currently coexisting, but will probably be replaced in the near future, with pay-by-phone applications. Such applications facilitate the payment for parking in regulated areas. Companies providing this service collect and manage information about all the parking transactions performed by drivers. That information is very sensitive and can be used to generate reports on the parking history of drivers, posing a threat on their privacy. This paper proposes a pay-by-phone parking system in which the service provider is prevented from being able to track the parking transactions of drivers. The new proposal requires drivers to be connected only at the beginning of a parking transaction, or at the moment of indicating that a parking transaction took less time than expected. Prototype experiments have shown that the new proposal is much more efficient, in terms of computational cost, than the most complete previous existing system, while providing the same functionalities and higher security. Keywords Cryptography · Pay-by-phone parking · Privacy · Security
1 Introduction Traditionally, when parking in regulated areas, drivers had to purchase a ticket from a machine and display it on the dashboard of the car. Smartphones can currently run applications that allow these payments to be made much easier [1–4]. Upon parking, the driver introduces the license plate number of the car, the expected parking duration, and the parking area. A digital payment is then performed using a credit card or deducted from a pre-paid balance. These applications provide several advantages: they avoid the use of paper and eliminate the need to move to a pay station or carry coins. They also allow to extend the parking time without moving to the car, while some of them even refund the money corresponding to unused time if the car is removed before than expected.
B
Francesc Sebé [email protected] Ricard Borges [email protected]
1
Department of Mathematics, Universitat de Lleida, C. Jaume II, 69, 25001 Lleida, Spain
2
CyberCat: Center for Cybersecurity Research of Catalonia, Lleida, Spain
Parking officers patrol parking areas and inspect the cars. They carry a mobile device which queries an on-line server to check whether a payment for the inspected car has been made. Therefore, there exists a central server that stores data about all the parking transactions performed by drivers. A lot of sensitive information, like economic status, hobbies, political tendencies, or health problems can be inferred from such data. Legislation like the European GDPR [5] protects the citizens with regard to the processing of personal data collected by any organization. Although service providers are forced to comply with law, such regulations cannot prevent misuses conducted by criminals that have broken into system server
Data Loading...
