spacer back contents
spacer
Special Theme: INFORMATION SECURITY
ERCIM News No.49, April 2002
spacer

spacer

Secure Resale of Tangible and Digital Goods

by Harald Häuschen

A secure transfer system for reselling physical and digital goods is being developed at the University of Zurich. The project is unique in its approach of dealing with security issues to support resale transactions between users with or without electronic marketplaces.

Today more and more resale transactions involving both physical and digital products are taking place between consumers, as well as between businesses and business customers, through electronic marketplaces or directly between users. The problem for the purchaser in these situations is that he/she does not know:

  • whether the product exists
  • whether the product may legally be traded
  • whether the seller actually has all the necessary legal rights to the item offered for resale
  • whether the purchaser him/herself will actually acquire all the legal rights to the item once the resale has gone through
  • whether the holder can't sell the same product to several people.

Clarifying all of these points is not an easy exercise and most importantly, to date it has not been possible to automate this process. Trust, however, is important for e-commerce. Marketplaces need security support on all levels to increase trust for all transactions. To support secure resale transactions, we started a project in 2001 called eDOT (electronic document of ownership transfer system). The aim of this project is to build a system which allows a secure resale of tangible and digital goods. With help of this system, rights to physical and digital goods can be electronically documented, the product and its owner are clearly identifiable for all parties, the product and rights can be transferred without problems (ie, just for limited time period) and forgeries, as in the case of physical documents or products, are not possible. Moreover, the electronic document of ownership can be used at the same time for authentication and authorisation. The system is a single component, which can be used to extend existing marketplaces.

Until now, customer uncertainty and lack of confidence are undoubtedly significant in the context of resale. It is important that potential customers feel sure that a one-off product they buy will actually belong to them once payment has been made and will not be re-sold several times over by the seller. A potential customer also wishes to be sure that the tangible goods or digital product really exists and may in fact be traded. Therefore the system consists of two essential components: firstly, an electronic certificate of ownership which confirms that the product exists and that it is owned by the person currently in possession of this product, and secondly, a component whereby ownership rights may be transferred securely and unequivocally under certain specified conditions.

The 'ownership certificate' allows the description of goods and the allocation of them to an owner. The main task of the transfer component, as a trusted entity, is to ensure the secure transfer of ownership together with the settlement of the corresponding payments. Security is guaranteed at various levels. The system is protected against forgeries after the ownership certificate is created. There is no risk of losing ownership and the system is clear and transparent, ie, all activities can be checked and understood by those involved.

To validate our approach we made a first implementation for an agent-based marketplace. Agents, on behalf of their originator, take over the task of looking for specific items, negotiating with their seller and concluding a deal. However, agents are not just limited to purchasing goods on behalf of users, since they too can act as sellers in that they can offer for resale goods that they themselves have purchased. Our first implementation shows that the use of the ownership transfer system could solve all the security problems without significantly changing a marketplace.

The project represents an important step forward that will enable secure and efficient business transactions involving multi-stage (intermediate level) trading to take place alongside direct sales channels. Implementation is simplified because existing systems only need to be modified and not replaced. At the moment we are defining a new component to support resale via mobile phones.

Please contact:
Harald Häuschen, University of Zurich
Tel: +41 1 635 43 11
E-mail: haeusche@ifi.unizh.ch