您的浏览器禁用了JavaScript(一种计算机语言,用以实现您与网页的交互),请解除该禁用,或者联系我们。[BIS]:Project Polaris: handbook for offline payments with CBDC - 发现报告
回到首页AI搜索发现报告发现数据专题报告研选报告定制报告VIP权益
热门搜索:
新能源车AIGCChatgpt大模型新质生产力低空经济
当前位置:首页/其他报告/报告详情/

Project Polaris: handbook for offline payments with CBDC

2023-05-11BISL***
Project Polaris: handbook for offline payments with CBDC

ProjectPolaris Part1:AhandbookforofflinepaymentswithCBDC May2023 BBBBBBBBBBBBBBBBBIIIIIIISIIIIIIIIIISSSSSSSSSSSSSSSSIIIIIIIIIIIIIIIIIHHHHHHHHHHHHHHHHHRRRRRRRRRRRRRRRRReeeeeeeeeeeeeeeeestststststststststststststststststrrrrrrrrrrrrrrrrriiiiiiiiiiiiiiiiicccccccccccccccccttttttttttttttttteeeeeeeeeeeeeeeeeddddddddddddddddd Preface:Howtoreadthishandbook Forageneraloverview: Readthechaptersfortheexecutivesummary,introductionandofflinepaymentswithCBDC. Formoretechnicaldetails: ReadthechaptersforofflinepaymentsolutionsforCBDC,riskmanagementbydesign,privacybydesign,inclusionbydesignandresiliencebydesign. Forfurthertechnicalandoperationalquestionsandconsiderations: ReadAnnexA,whichprovidesasetofquestionsandconsiderationsthatcouldbeusefulwhenplanninganddesigningthetechnologyandoperationsforCBDCsystemsthatsupportofflinepayments. Forotherdetails: ReadAnnexB.whichcontainstheresultsoftheBISInnovationHubsurveyonofflineCBDCpayments,andAnnexC,whichcontainsashorthistoryonofflinepayments. Thishandbookwasdevelopedinpartnershipwith: Publicationdate:May2023 ©BankforInternationalSettlements2023.Allrightsreserved.Briefexcerptsmaybereproducedortranslatedprovidedthesourceisstated. Contents Acronyms,abbreviationsanddefinitions7 1.Executivesummary13 2.Introduction16 3.OfflinepaymentswithCBDC19 3.1ReasonsforofflinepaymentswithCBDC19 3.2Modesofofflinepayment22 3.3KeylessonsfromhistoryrelevanttoofflinepaymentswithCBDC26 4.OfflinepaymentsolutionsforCBDC28 4.1Logicalarchitectureforofflinepaymentsolutions28 4.2Tamper-resistantuserdevices30 4.2.1Secureelement(SE)-based31 4.2.2Trustedexecutionenvironment(TEE)-based32 4.2.3Securesoftware-based32 4.3Useronboarding33 4.4Provisioningandlifecyclemanagement34 4.4.1Secureprovisioningprocesses34 4.4.2Cryptographickeygenerationprocesses35 4.4.3Lifecyclemanagementactivities35 4.5Onlineandofflineledgers35 4.5.1Fullyofflinesolutions35 4.5.2Stagedofflineandintermittentlyofflinesolutions35 4.6Offlineriskmanagement37 4.6.1Riskparametermanagement37 4.6.2Transactionhistorymanagement37 4.6.3Limitingthelifetimeorusesofcryptographickeys38 4.6.4Blocklistmanagement38 4.7Purses38 4.8Valuetransferprotocol39 4.9Value-form40 4.10Onlineupdates41 4.11Valuetransfermechanism41 4.12Interoperability42 BBBBBBBBBBBBBBBBBIIIIIIISIIIIIIIIIISSSSSSSSSSSSSSSSIIIIIIIIIIIIIIIIIHHHHHHHHHHHHHHHHHRRRRRRRRRRRRRRRRReeeeeeeeeeeeeeeeestststststststststststststststststrrrrrrrrrrrrrrrrriiiiiiiiiiiiiiiiicccccccccccccccccttttttttttttttttteeeeeeeeeeeeeeeeeddddddddddddddddd 4.12.1Betweendifferentofflinesolutions 42 4.12.2Betweenonlineandofflinesolutions 43 5. Riskmanagementbydesign 45 5.1Keyassumptions 46 5.2Threatsandvulnerabilities 46 5.2.1 Counterfeitingviaphysicalbreaches 46 5.2.2 Counterfeitingviacryptographicprotocolanalysis(cryptanalysis) 47 5.2.3 Side-channelattacks 47 5.2.4 Fault-inducingattacks 47 5.2.5 Cryptographystrength,lifetimeandabilitytoupdate 48 5.2.6 Mastercryptographickeycompromise 48 5.2.7 Third-partydevicecompromise 48 5.3Risks 49 5.3.1 Deviceobsolescence 49 5.3.2 Double-spending 49 5.3.3 Fraud 49 5.3.4 Lostvalue 50 5.3.5 Third-partyvendorsandsupplychains 51 5.3.6 Lackofriskmanagementandbreachdetection 52 5.3.7 Complexityofthetechnologystack 52 5.3.8 Insiderthreats 52 5.4Riskmanagementmeasures52 5.5Technologyriskmanagement53 5.5.1Generalcriteria54 5.5.2Measurestomitigatetheriskofcounterfeiting55 5.5.3Measurestomitigateside-channelattacks56 5.5.4Measurestomitigatecrypto-durabilityandcrypto-agilityrisks56 5.5.5Measurestomitigaterisksofmastercryptographickeycompromise56 5.5.6Measurestomitigaterisksfromthird-partydevicecompromise57 5.5.7Measurestomitigaterisksfromobsolescence57 5.5.8Measurestomitigatedouble-spendingrisks58 5.5.9Measurestomitigatefraudrisks58 5.5.10Measurestomitigatethird-partyvendorandsupplychainrisks60 5.5.11Measurestomitigatelackofreal-timetransactionmonitoringandbreachdetection61 5.6Operationalriskmanagement63 5.7Reputationalriskmanagement64 6.Privacybydesign66 6.1Privacyprinciples66 6.2PrivacyconsiderationsforofflinepaymentswithCBDC67 7.Inclusionbydesign70 7.1Inclusionconsiderations70 7.2Supportingmultiplewaystopay73 8.Resiliencebydesign75 8.1Short-termresilience75 8.2Ongoingresilience75 8.3Civilcontingencyresilience76 8.4Resilienceconsiderations76 8.5Designconsiderationstoimproveresilience77 9.Conclusion79 10.References83 11.Acknowledgements86 AnnexA:Furtherquestionsandconsiderations91 Analysis,architectureanddesign91 Technology93 Security95 Operationsandsupport96 Policyandprocesses97 Procurement97 Userexperienceandpaymentacceptance98 AnnexB:BISsurveyofcentralbanksonofflinepaymentswithCBDC100 AnnexC:Ashorthistoryofofflinepayments110 BBBBBBBBBBBBBBBBBIIIIIIISIIIIIIIIIISSSSSSSSSSSSSSSSIIIIIIIIIIIIIIIIIHHHHHHHHHHHHHHHHHRRRRRRRRRRRRRRRRReeeeeeeeeeeeeeeeestststststststststststststststststrrrrrrrrrrrrrrrrriiiiiiiiiiiiiiiiicccccccccccccccccttttttttttttttttteeeeeeeeeeeeeeeeeddddddddddddddddd Acronyms,abbreviationsanddefinitions Acceptancedevice Anypoint-of-saledevice,digitalapplication,e-commercepl

点击免费查看完整报告

你可能感兴趣

hot

Build4Skills: Integrating Traineeships into ADB-Supported Infrastructure Projects—A Handbook for Project Processing Teams and Project Implementation Units

ADB2023-09-29
hot

Hilton Foundation Project to End Homelessness for People with Mental Illness in Los Angeles

城市研究所2008-04-28
hot

Polaris 项目 : 缩小 CBDC 网络威胁建模差距

BIS2023-07-07
hot

Payment Processing:Payments Market Share Handbook Seventh Edition

摩根大通2016-05-21
hot

Project Tourbillon : 势索 CBDC 的隐私、安全完整性和可 <unk> 发展 ( 英 )

信息技术
国际清算银行2023-11-01