| Abstract [eng] |
Loyalty program is a marketing effort by the merchant to keep customers loyal to their stores. It tries to keep track of the purchasing-behavior of a customer by recording customer’s purchase information, including his credit card number, as akey identifier to the customer. While it may benefit the customer, the drawback is that the privacy of the customer is intruded. If the customer is using an anonymous payment system such as electronic cash / digital coins, his privacy is protected, but he will not get any benefit from the loyalty program which tries to record his payment information. This paper suggests several solutions to this problem. Among the solutions, we present the idea of blindly signed pseudo digital certificates, whichsatisfies our requirement for a loyalty program scheme with an anonymous payment system. We have shown in this paper that it is possible for the merchant to conduct a customer loyalty program although the customers are using an anonymous payment system. Several solutions exist, such as using cookies, least authentic type of digital certificates (pseudo digital certificates), linkable anonymous payment system, and blindly signed pseudo Digital certificates. Amongst those solutions, the blindly signed pseudo digital certificates satisfies all of our requirements and the most versatile. Three of the solutions basically relies on an additional ‘authentication token’, which might be considered ‘external’ or not inherent in the payment protocol. Despite several requirements which are not addressed, the solution to use linkable anonymous payments still make use the inherent design of the payment protocol itself. We also acknowledge several limitations. One of the most obvious limitation is that the merchants still do not have the ability to gather maximum information it can get, such as customer’s mailing address. Of course, the customers can fill those information, only if they are willing to do so and know the consequences. The second limitation is, especially with the blindly signed pseudo digital certificate, that these solution may require the customer to willingly join the loyalty program. From a practical point of view, probably the setup can be awkward for the customers, if not well designed. On the other hand, this limitation may also be an advantage, since law in several states. |
