Swedish central bank examines offline CBDC payment challenges

Avatar

The Riksbank, Sweden’s central bank, has released its final report on its digital krona pilot project. The report looks at the experience of end-users and focuses on offline functionality. There were mixed results.

The Riksbank released its fourth and last report on the e-krona on March 20. It examined a different model for offline retail transactions from the one it had proposed in Phase 2 of the pilot. In that model, offline transaction information was held on mobile phones.

The Riksbank is now considering the use of a “shadow wallet” in the online system and a payment card (stored-value card). Both elements were already foreseen in the system design. The card would act as the payment instrument and track the offline changes to account balances.

Overall design of the e-krona system. Source: Sveriges Riksbank

Four use cases were examined: funding and defunding the payment instrument, offline payment at a point of sale (POS) using near-field communication, offline transfers between two cards and imposing limitations on the balance and number of transactions on a card.

Mobile phones were used for communications between cards and between a card and a POS. Because mobile phones were not considered secure components in the chain of transactions:

“User-to-user payments require many steps to be considered secure, which compromises user-friendliness. […] The opportunity to reduce the number of steps is considered small in this design.”

Another problem facing the Riksbank CBDC is synchronizing payment cards. If the order of synchronization after a series of transactions is not right, some shadow wallets could be left illiquid. Counters would ensure offline payments are synchronized in the right order. They would also prevent replay attacks, in which the same e-krona is used by the same party in multiple times.

Related: Swedish Riksbank report looks at collaboration with potential e-krona in retail payments

Restrictions would be programmed into the card, setting limits on the size and number of offline transactions it could enable. That would mean that new cards would have to be issued when restrictions change.

Source: Sveriges Riksbank 

Digital certificates were used to guarantee the security of instructions flowing between payment cards and the intermediary, which is R3’s Corda platform. The certificates were self-signed but trusted and verified infrastructure would be needed before the system launched.

Sweden began researching an e-krona in 2020. The Riksbank promised to continue CBDC research, in case legislation is passed to introduce one.

Magazine: Are CBDCs kryptonite for crypto?