taler
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] Regulations for Taler


From: Jeff Burdges
Subject: Re: [Taler] Regulations for Taler
Date: Mon, 08 May 2017 18:48:37 +0200


On Mon, 2017-05-08 at 16:49 +0200, Dieter Vekeman wrote:

> One requirement which I think should have to be satisfied is something
> similar to Card Stop in case of loss, theft or misuse.

Taler is not compatible with credit cards.*  A Taler exchange must
operate using irreversible payments like ACH or SEPA, not credit card
payments.  ACH and SEPA are vastly cheaper than credit cards, so you
need them anyways.

> Not only preventing from spending the remaining coins but also
> refresh / refund the remaining value.
...
> From the videos / documentation I learned that loosing a Taler wallet
> is like loosing a physical wallet. But I don't think a regulator would
> accept that answer.

In Taler, you authenticate with your bank when you withdraw funds, so
the customer only risks the funds they withdrew into their browser.
It's like cash in this respect.**  

Ideally Taler withdraws should be constrained like ATM withdrawal, maybe
500 euros per day or whatever is typical for your country.  Aside from
limiting damages due to lost wallets, we need such limits to prevent
people from making anomalously large purchases in Taler.  Anomalously
large purchases cannot be anonymous, so they should go through some
unusual withdrawal process where your bank reminds you of the risks,
both of wallet loss and of deanonymization.  Or just use SEPA directly. 

> What would be some possible solutions or workarounds such that a user
> could recover from theft or loss?

A wallet backup does improve the situation over cash with respect to
loss.  If the customer's device is password protected, then wallet
backup help vs theft too.  If not, wallet backups conceivably permit
merchants who do not deliver goods immediately to voluntarily cancel
transactions and do refunds. 

Jeff

*  Anonymous or pseudonymous payment systems like ZCash or BitCoin are
similarly incompatible with credit cards. 

**  ZCash, BitCoin, etc. require that users manage their balance in
whatever wallet they expose to risky situations too, but they require
you keep a high security wallet elsewhere, so people fuck up.  In Taler,
there is no high security wallet to screw up because you leave that
money with your bank.

Attachment: signature.asc
Description: This is a digitally signed message part


reply via email to

[Prev in Thread] Current Thread [Next in Thread]