Incentive systems (or loyalty programs) are systems where customers collect “bonus” points, for example 1 point for every Euro spent at the grocery store, or frequent flyer miles. Customers can then spend these points on rewards.
In practice, these systems are privacy nightmares. Stores can track each customer’s purchases whenever they present their customer loyalty card, which uniquely identifies the customer.
Our goal is design privacy-preserving incentive systems where customers do not reveal any identifying information about themselves, but can still partake in the incentive system.
The trick is to store the customer’s point count on the customer’s phone (instead of in a central database at the store). The point count is authenticated with a digital signature. We then use cryptographic protocols to allow the store to increment or decrement the authenticated point count without learning anything about the customer’s identity or even their current/future point count.
This can be achieved with techniques similar to anonymous credentials. However, an additional consideration is double-spending protection: we need to prevent customers from, say, using the signature S certifying 100 points to earn rewards costing 90 points, then discarding the remainder signature S’ on the updated point count of 10, and instead using the signature S to spend 100 points again. In this process, the customer would never actually “lose” points, being able to just use their maximum point count again and again.
Our goal is to create systems where double-spending can be prevented and detected in a way that still respects the privacy of honest customers. Such systems can also be used for other applications where double-spending is an issue, such as bus tickets, digital currencies, etc.