Sweden’s central bank investigates offline CBDC payment challenges.
Sweden's central bank, the Riksbank, has released its final report on its digital krona pilot project. The report looks at the end-user experience and focuses on offline activities. There were mixed results.
The Riksbank released its fourth and final report on the e-krona on March 20. He explored a different model for offline retail transactions than he proposed in Phase 2 of the pilot. In that model, offline marketing data is captured by mobile phones.
The Riksbank is considering using a “shadow wallet” and payment card (stored value card) in the online system. Both elements have already been considered in the design of the system. The card acts as a payment instrument and tracks changes in account balances offline.
They investigated four use cases: funding and cashing the payment device, paying offline at the point of sale (POS), using offline connectivity, offline transfers between two cards, and placing limits on the balance and number of transactions on a card.
Mobile phones were used for communication between the card and the card and the POS. Because mobile phones are not considered a secure part of the transaction chain:
“User-to-user payments require multiple steps to be considered secure, which compromises user-friendliness. […] In this design, the probability of reducing the number of steps is considered to be small.
Another problem with Riksbank CBCC is the synchronization of payment cards. If the sync sequence is incorrect after a series of transactions, some shadow wallets may be left empty. Counters ensure offline payments sync in the correct order. They also prevent replay attacks where the same e-krona is used multiple times by the same party.
Related: Sweden's Riksbank report looks at possible cooperation with e-krona in retail payments
Limits are programmed into the card, which sets limits on the amount and number of offline transactions. This means that new cards must be issued when the limits change.
Digital certificates are used to ensure the security of instructions flowing between payment cards and an intermediary, which is R3's Corda platform. The certificates are self-signed, but a trusted and authenticated infrastructure is required before the system can be launched.
Sweden started researching e-krona in 2020. The Riksbank has promised to continue CBDC research, if a law is passed to introduce one.
Magazine: Are CBDCs kryptonite for crypto?
