nach oben

Erschienen in:

2023 | OriginalPaper | Buchkapitel

z-Commerce: Designing a Data-Minimizing One-Click Checkout Solution

verfasst von : Egor Ermolaev, Iván Abellán Álvarez, Johannes Sedlmeir, Gilbert Fridgen

Erschienen in: Design Science Research for a New Society: Society 5.0

Verlag: Springer Nature Switzerland

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

E-commerce has grown rapidly over the past years, with prevailing e-commerce platforms aggregating large amounts of customer data. This practice has several undesirable side effects, such as facilitating profiling that may lead to price discrimination and data feedback loops that can hamper competition. Moreover, data hoarding carries security risks through data breaches and undermines customers’ privacy expectations. On the other hand, convenience aspects and compliance regulation demand the processing and storage of user-related data. To address this tension field, we aim to conceptualize and iteratively refine a data-minimizinig e-commerce platform. Following a design science research approach, we identify design objectives and propose and implement a solution in which stakeholders receive only customer data that is indispensable for their part of the process. Our solution leverages digital identity wallets and general-purpose zero-knowledge proofs (zk-SNARKs). We aim to perform a criteria-based evaluation to assess our artifact’s feasibility and fitness from an interdisciplinary perspective. With our results, we hope to illustrate that combining state-of-the-art cryptographic techniques and an emerging digital identity paradigm allows reaching the user experience of incumbent e-commerce platforms while mitigating the undesirable socio-economic side effects of avoidable data disclosure.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nächstes Kapitel Enabling the Evaluation of Production Scheduling Algorithms in Complex Production Environments Using Individually Deployable Scheduling Services

Alashoor, T., Keil, M., Smith, H.J., McConnell, A.R.: Too tired and in too good of a mood to worry about privacy: explaining the privacy paradox through the lens of effort level in information processing. Inf. Syst. Res. (2022)

Allen, C.: The path to self-sovereign identity (2016). http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverereign-identity.html

Alt, R.: Electronic markets on business model development. Electron. Mark. 30(3), 405–411 (2020)CrossRef

Alt, R.: Electronic markets on platform transformation. Electron. Mark. 32(2), 401–409 (2022)CrossRef

Anke, J., Richter, D.: Digitale identitäten. HMD Praxis der Wirtschaftsinformatik (2023)

Babel, M., Sedlmeir, J.: Bringing data minimization to digital wallets at scale with general-purpose zero-knowledge proofs (2023). http://arxiv.org/abs/2301.00823

Baethge, C., Klier, J., Klier, M.: Social commerce - state-of-the-art and future research directions. Electron. Mark. 26(3), 269–290 (2016)CrossRef

Bella, G., Giustolisi, R., Riccobene, S.: Enforcing privacy in e-commerce by balancing anonymity and trust. Comput. Secur. 30(8), 705–718 (2011)CrossRef

Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Scalable, transparent, and post-quantum secure computational integrity (2018). https://eprint.iacr.org/2018/046

10.

Ben-Sasson, E., et al.: Zerocash: decentralized anonymous payments from Bitcoin. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 459–474 (2014)

11.

Bergemann, D., Brooks, B., Morris, S.: The limits of price discrimination. Am. Econ. Rev. 105(3), 921–57 (2015)CrossRef

12.

Braud, A., Fromentoux, G., Radier, B., Le Grand, O.: The road to European digital sovereignty with Gaia-X and IDSA. IEEE Network 35(2), 4–5 (2021)CrossRef

13.

Busch, C.: eidas 2.0: digital identity service in platform economy (2022). https://cerre.eu/wp-content/uploads/2022/10/CERRE_Digital-Identity_Issue-Paper_FINAL-2.pdf

14.

Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques, pp. 93–118 (2001)

15.

Camp, L.J., Osorio, C.A.: Privacy-enhancing technologies for internet commerce (2002). https://papers.ssrn.com/abstract=329282

16.

Chaum, D.: Security without identification: transaction systems to make Big Brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)CrossRef

17.

Dold, F.: The GNU Taler system: practical and provably secure electronic payments (2019). https://syntheses.univ-rennes1.fr/search-theses/notice.html?id=rennes1-ori-wf-1-12183 &printable=true

18.

European Central Bank: The revised payment services directive (PSD2) (2018). http://www.ecb.europa.eu/paym/intro/mip-online/2018/html/1803_revisedpsd.en.html

19.

European Comission: The digital services act: Ensuring a safe and accountable online environment (2022). https://ec.europa.eu/info/strategy/priorities-2019-2024/europe-fit-digital-age/digital-services-act-ensuring-safe-and-accountable-online-environment_en

20.

Fedorowicz, J., Gogan, J.L., Culnan, M.J.: Barriers to interorganizational information sharing in e-government: a stakeholder analysis. Inf. Soc. 26(5), 315–329 (2010)CrossRef

21.

Fienberg, S.E.: Privacy and confidentiality in an e-commerce world: data mining, data warehousing, matching and disclosure limitation. Stat. Sci. 21(2), 143–154 (2006)MathSciNetCrossRefMATH

22.

Garrido, G.M., Sedlmeir, J., Uludağ, Ö., Alaoui, I.S., Luckow, A., Matthes, F.: Revealing the landscape of privacy-enhancing technologies in the context of data markets for the IoT: a systematic literature review. J. Netw. Comput. Appl. 207, 103465 (2022)CrossRef

23.

Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186–208 (1989)MathSciNetCrossRefMATH

24.

Gregor, S., Hevner, A.R.: Positioning and presenting design science research for maximum impact. MIS Q. 37(2), 337–355 (2013)CrossRef

25.

Gregory, R.W., Henfridsson, O., Kaganer, E., Kyriakou, H.: The role of artificial intelligence and data network effects for creating user value. Acad. Manag. Rev. 46(3), 534–551 (2021)CrossRef

26.

Gross, J., Sedlmeir, J., Babel, M., Bechtel, A., Schellinger, B.: Designing a central bank digital currency with support for cash-like privacy (2021). https://papers.ssrn.com/abstract=3891121

27.

Groth, J.: On the size of pairing-based non-interactive arguments. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 305–326. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_11CrossRef

28.

Guggenberger, T., Neubauer, L., Stramm, J., Völter, F., Zwede, T.: Accept me as I am or see me go: a qualitative analysis of user acceptance of self-sovereign identity applications. In: Proceedings of the 56th Hawaii International Conference on System Sciences (2023)

29.

Hermes, S., Kaufmann-Ludwig, J., Schreieck, M.: A taxonomy of platform envelopment: revealing patterns and particularities. In: Proceedings of the 26th Americas Conference on Information Systems (2020)

30.

Hevner, A., March, S.T., Park, J., Ram, S., et al.: Design science research in information systems. MIS Q. 28(1), 75–105 (2004)CrossRef

31.

Jøsang, A., Fabre, J., Hay, B., Dalziel, J., Pope, S.: Trust requirements in identity management. In: Proceedings of the 44th Australasian Workshop on Grid Computing and e-Research, pp. 99–108 (2005)

32.

Jørgensen, K.P., Beck, R.: Universal wallets. Bus. Inf. Syst. Eng. 64(1), 115–125 (2022)CrossRef

33.

Kaye, J.: The tension between data sharing and the protection of privacy in genomics research. Annu. Rev. Genomics Hum. Genet. 13(1), 415–431 (2012)CrossRef

34.

Kayes, I., Iamnitchi, A.: Privacy and security in online social networks: a survey. Online Soc. Netw. Media 3–4 (2017)

35.

Keenan, M.: Global e-commerce: stats and trends to watch (2022). http://www.shopify.com/enterprise/global-ecommerce-statistics

36.

Khayretdinova, A., Kubach, M., Sellung, R., Roßnagel, H.: Conducting a usability evaluation of decentralized identity management solutions. In: Friedewald, M., Kreutzer, M., Hansen, M. (eds.) Selbstbestimmung, Privatheit und Datenschutz. D, pp. 389–406. Springer, Wiesbaden (2022). https://doi.org/10.1007/978-3-658-33306-5_19CrossRef

37.

Koutsos, V., Papadopoulos, D., Chatzopoulos, D., Tarkoma, S., Hui, P.: Agora: a privacy-aware data marketplace. IEEE Trans. Dependable Secure Comput. 19(6), 3728–3740 (2022)CrossRef

38.

Krombholz, K., Hobel, H., Huber, M., Weippl, E.: Advanced social engineering attacks. J. Inf. Secur. Appl. 22, 113–122 (2015)

39.

Kumar, V., Reinartz, W.: Customer privacy concerns and privacy protective responses. In: Customer Relationship Management. STBE, pp. 285–309. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-662-55381-7_14CrossRef

40.

Lee, C.: An analytical framework for evaluating e-commerce business models and strategies. Internet Res. 11(4), 349–359 (2001)CrossRef

41.

Maseeh, H.I., Jebarajakirthy, C., Pentecost, R., Arli, D., Weaven, S., Ashaduzzaman, M.: Privacy concerns in e-commerce: a multilevel meta-analysis. Psychol. Mark. 38(10), 1779–1798 (2021)CrossRef

42.

Mattke, J., Maier, C., Hund, A.: How an enterprise blockchain application in the U.S. pharmaceuticals supply chain is saving lives. MIS Q. Executive 18(4), 246–261 (2019)

43.

Morganti, E., Seidel, S., Blanquart, C., Dablanc, L., Lenz, B.: The impact of e-commerce on final deliveries: alternative parcel delivery services in France and Germany. Transp. Res. Procedia 4, 178–190 (2014)CrossRef

44.

Niu, C., Zheng, Z., Wu, F., Gao, X., Chen, G.: Achieving data truthfulness and privacy preservation in data markets’. IEEE Trans. Knowl. Data Eng. 31(1), 105–119 (2019)CrossRef

45.

Peffers, K., Tuunanen, T., Rothenberger, M.A., Chatterjee, S.: A design science research methodology for information systems research. J. Manag. Inf. Syst. 24(3), 45–77 (2007)CrossRef

46.

Platt, M., Bandara, R.J., Drăgnoiu, A.-E., Krishnamoorthy, S.: Information privacy in decentralized applications. In: Rehman, M.H., Svetinovic, D., Salah, K., Damiani, E. (eds.) Trust Models for Next-Generation Blockchain Ecosystems. EICC, pp. 85–104. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75107-4_4CrossRef

47.

Qin, Z.: Introduction to E-commerce. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-540-49645-8CrossRef

48.

Reuters, CNBC: Hackers raid eBay in historic breach, access 145M records (2014). http://www.cnbc.com/2014/05/22/hackers-raid-ebay-in-historic-breach-access-145-mln-records.html

49.

Rogaway, P.: The moral character of cryptographic work (2015). https://eprint.iacr.org/2015/1162

50.

Rosenberg, M., White, J., Garman, C., Miers, I.: zk-creds: flexible anonymous credentials from zkSNARKs and existing identity infrastructure (2022). https://eprint.iacr.org/2022/878

51.

Sartor, S., Sedlmeir, J., Rieger, A., Roth, T.: Love at first sight? A user experience study of self-sovereign identity wallets. In: Proceedings of 30th European Conference on Information Systems (2022)

52.

Schanzenbach, M., Grothoff, C., Wenger, H., Kaul, M.: Decentralized identities for self-sovereign end-users (DISSENS). In: Proceedings of Open Identity Summit, pp. 47–58 (2021)

53.

Schlatt, V., Sedlmeir, J., Feulner, S., Urbach, N.: Designing a framework for digital KYC processes built on blockchain-based self-sovereign identity. Inf. Manag. 59(7), 103553 (2022)CrossRef

54.

Sedlmeir, J., Huber, J., Barbereau, T., Weigl, L., Roth, T.: Transition pathways towards design principles of self-sovereign identity. In: Proceedings of the 43rd International Conference on Information Systems (2022)

55.

Sedlmeir, J., Lautenschlager, J., Fridgen, G., Urbach, N.: The transparency challenge of blockchain in organizations. Electron. Mark. 32, 1779–1794 (2022)CrossRef

56.

Stahl, F., Schomm, F., Vossen, G., Vomfell, L.: A classification framework for data marketplaces. Vietnam J. Comput. Sci. 3(3), 137–143 (2016)CrossRef

57.

Targett, D.: B2B or not B2B? Scenarios for the future of e-commerce. Eur. Bus. J. 13(1) (2001)

58.

Trautman, L.J.: E-commerce, cyber, and electronic payment system risks: lessons from PayPal (2016). https://papers.ssrn.com/abstract=2314119

59.

Ukil, A., Bandyopadhyay, S., Pal, A.: IoT-privacy: to be private or not to be private. In: Proceedings of the Conference on Computer Communications Workshops, pp. 123–124 (2014)

60.

W3C: Engineering privacy for verified credentials (2022). https://w3c-ccg.github.io/data-minimization/#selective-disclosure

61.

Weigl, L., Barbereau, T.J., Rieger, A., Fridgen, G.: The social construction of self-sovereign identity: an extended model of interpretive flexibility. In: Proceedings of the 55th Hawaii International Conference on System Sciences, pp. 2543–2552 (2022)

62.

Wolford, B.: What is GDPR, the EU’s new data protection law? (2018). https://gdpr.eu/what-is-gdpr/

63.

van der Wolk, A., Silva, K.: Insight: a slap on the wrist or show of force - GDPR fines reveal need for EU penalty guidelines (2019). https://news.bloomberglaw.com/privacy-and-data-security/insight-a-slap-on-the-wrist-or-show-of-force-gdpr-fines-reveal-need-for-eu-penalty-guidelines

64.

Wüst, K., Kostiainen, K., Delius, N., Capkun, S.: Platypus: a central bank digital currency with unlinkable transactions and privacy-preserving regulation. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 2947–2960 (2022)

65.

Zhuang, Y., Lederer, A.L.: An instrument for measuring the business benefits of e-commerce retailing. Int. J. Electron. Commer. 7(3), 65–99 (2003)CrossRef

66.

Zhou, L.: Product advertising recommendation in e-commerce based on deep learning and distributed expression. Electron. Commer. Res. 20(2), 321–342 (2020)CrossRef

67.

Zuboff, S.: Big other: surveillance capitalism and the prospects of an information civilization. J. Inf. Technol. 30(1), 75–89 (2015)CrossRef

Titel: z-Commerce: Designing a Data-Minimizing One-Click Checkout Solution
verfasst von: Egor Ermolaev
Iván Abellán Álvarez
Johannes Sedlmeir
Gilbert Fridgen
Verlag: Springer Nature Switzerland
Buch: Design Science Research for a New Society: Society 5.0
Print ISBN: 978-3-031-32807-7

Electronic ISBN: 978-3-031-32808-4

Copyright-Jahr: 2023
DOI: https://doi.org/10.1007/978-3-031-32808-4_1

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Die Gewinner und Laudatoren des Sustainability Award in Automotive 2024/© Uli Regenscheit | ATZlive, Search Icon, Banner Hanser, Suresh Vittal/© Alteryx, Additiv gefertigte Teile/© Marina_Skoropadskaya | Getty Images | iStock, Warnschild "Land unter"/© Bluedesign / Fotolia, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade, chassis.tech plus 2023/© [M] ATZlive / TÜV SÜD PRODUCT SERVICE GMBH, adäsion-Webinar-Matinee/© krystiannawrocki_ Getty Images

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.