Topic: Most suitable way to confirm transaction using cryptography? (Read 165 times)

This means that the data is yours, as everybody said before, it's a closed system that doesn't need cryptography.
And since you accept only fiat too, this becomes off-topic here.
Plus, there are no fake payments: there are people paying for what they get and people who steal (no matter if they steal 1 and pay for the rest and so on, that's just a distraction from the logic).
So you have to identify when a product that's not paid for leaves the shop. As simple as that.

For this you need RFID and uniquely identified items, not cryptography.
For this, when an item is scanned, you may mark it "scanned" and link it to the future invoice and when the invoice is paid, all the linked items you mark as "paid". An item is free to leave only if it's paid.
Simple logic. Where would cryptography help? Why do you want to add extra layers of complexity for something that can be done in a simple way?

And you said you want to avoid RFID. If you avoid that, you will want a way to find out a product has left the perimeter, sometimes being concealed between other products? How else could you do this???!? Cameras can partly help, maybe. Cryptography is .. not for this, it's completely useless in the equation.


There are already clothes shops where the RFID is embedded and you may not even find it easily.


Wow.

I think you are overthinking it. Here is a solution:

Every item has a RFID. An app on the customer's phone scans the item and pays for it. The payment is recorded in a database. When the customer walks out, the tag is scanned again and the database is queried  to determine if has been purchased. There is no need for a smart tag. The scanners do all the work. The tag doesn't have to be removed. In fact, you probably want to make it difficult to remove.

However, Amazon is already way ahead of you. They have stores where you just walk in, take what you want, and then leave. The store's cameras identify you and everything you take, and then charge your credit card.

Payments are not handled by the cashier, it is a system where the customer can pay via a QR code printed on the product which only allows the user to view the details of the product and pay for it.

Yes the payment is in FIAT

Fake payments/ Theft is basically a situation where the customer picks the product and walks away without paying for it, I am thinking about how can I possibly stop this using cryptography.

Only product details and a predefined payment button after the QR is scanned are what I intend to be public.

The main goal of this product is that the cashier should be the 2nd option for the customer.

RFID tags are kinda useful in this situation, but not exactly. I don't want some employees to remove the tag from products after the payment is made so that it could leave the store. If the payment is made for the product, then the product/tag should be smart enough to detect whether or not it was a successful transaction.

You should try to give it a good thinking and see what's the intended workflow and then also explain it to us.

I expected the payments are handled by the cashier with a software and device provided by a bank or payment processor and you probably integrate with that.
Do you want to handle payments yourself? Are they bitcoin payments? Are they also fiat payments too? What you mean by fake payments?
Do you expect your database (with products, prices, tags/barcodes/QR) be ... public/exposed?

I do not think you really need cryptography in a closed system such as yours. Maybe just one-way hash functions if you want to protect your data from hacking attempts. Cryptography is used in a decentralized system to protect against unauthorized modification of data and prevent double spending. It is a security mechanism that ensures the validity of information and transactions in the blockchain network.

If I understand your problem correctly, to verify the legitimacy of the payment, you can simply check your database to ensure that the transaction is recorded there. And since you are the only one authorized to confirm payments and write data to your database, you do not need cryptography.

Depends. What do you mean by a fake payment? If you're talking about possible double spends, all you would need to do is check via your database, and the blockchain. Then you'd verify that the transaction has confirmations, and depending on your threat level decide how many confirmations are needed for it to be considered a valid payment.

All you'd need to do is tie the barcode scanner into your system, and then record the data to the database, and then use that data, and compare it to the blockchain. Unless, I'm misunderstanding what you mean?

Using cryptography for confirmation of paid items is what I intend, as cryptography can be used to verify a legitimate payment & point out a fake one.

possible?

If each item (not item type!) has its own different bar code, then it's straightforward: each such bar code corresponds to an entry in the database and it's also scanned by the cashier.
It will reflect the price and it will also mark the barcode paid when the payment is done.

But simple barcodes may not offer enough numbers for this task, I would use bigger range, plus ordered numbers may give ideas to hackers. I'd advise at least GUID as QR code for the job, if the scanners can handle that.

I'm not sure where you need cryptography for this though, since it's your own database.

Suppose I went to a mall & got myself some t-shirts & tracks, I paid for them via the barcode attached individually on each clothing,

How can the store get to know that I have paid for them, if not then, How can I be caught by the store/system if I try to sneak out of the store?

I think he is talking about a payment gateway where the payment page includes a bar code I'm not sure if he talks about Bar code or QR code but I never heard any payment gateway generates Bar code most of them used a QR code.

Why not use a QR code instead of a Barcode? QR code is commonly used for payment.

If you didn't hear anything yet about the BTcpay server I suggest check this demo

- https://mainnet.demo.btcpayserver.org/apps/87kj5yKay8mB4UUZcJhZH5TqDKMD3CznjwLjiu1oYZXe/pos

The only difference they use a QR code but since it's open source you can try to fork it and change the source code of the QR code into a Barcode.

I'm not sure I understand what you want to do. Do you actually want to verify the validity of the transaction or secure items against theft? What are barcodes used for? Are they assigned to specific products? Are they unique?
Can you describe the specific usecase better?

Why not Bitcoin?

As far as the bar code, the data it contains could be unique to the transaction, so that it can't be used for any other transaction.

As for hardware, there are many kits that you can use, such as Raspberry Pi and Arduino.

You haven't described how your payment system works or your requirements so it is difficult to make suggestions.

You're reinventing vouchers from scratch?

This has likely already been done, I don't know if it's been done with cryptography but it could be. You'd just get someone to scan their vouchers with an app that can sign them when they want to spend them.

In your database you just have to store whatever is on the voucher and its identifier. If you want these vouchers to be non transferable, you could get the customer to scan their public key on the PoS system too and store that with the database information.

This can probably be done with PoS systems capable of scanning barcodes anyway - you might run low on people wanting to use the system for a while though.

Suppose I have to confirm a transaction [ not bitcoin or any other cryptocurrency ]. I have been building a project which has a barcode that when scanned allows the user to pay tokens. I have been looking for creative ways to secure the barcode to not leave specified premises without the payment confirmed.'

Note: USE OF IOT DEVICES ARE ALLOWED

However, are there any other creative ways to confirm the transaction?

IOT devices should be cheap enough for industrial use.

USE OF CRYPTOGRAPHY TO CONFIRM THE PAYMENT IS WHAT THE WHOLE CONCEPT IS ABOUT without getting the customer to steal the barcode out of the permitted premises range.

Help is appreciated. thanks