Peer-to-peer mobile digital payments can be made in the absence of a network as follows: the receiver of funds verifies the availability of on-device balance by examining the prior, authenticated, transaction records of the sender. A new transaction record including the transaction amount is created, made immutable and secure using cryptographic techniques, and is stored at both sender and receiver. When either sender or receiver regains network connectivity, the transaction is settled with the original provider of the on-device balance, e.g., a financial institution. The integrity of the records of offline transactions, e.g., made in the absence of a mobile network, is vital for offline payments to be secure and trustworthy. This disclosure describes techniques that, with minimal modifications to trusted applications (TAs) in a trusted execution environment (TEE) to securely verify transaction records and to harden them against malicious attacks.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.