SnT Team Wins Hackathon with Secure Solution for Digital Payments

Congratulations to our researcher’s recent first place win in the PayID BlockSprint Hackathon! Dr. Wazen Shbair, Flaviene Scheidt de Cristo, and Lucian Andrei Trestioreanu came together, with the leadership of Professor Radu State, to propose a privacy solution for the new PayID system.

Photo left to right: Dr. Wazen Shbair, Lucian Andrei Trestioreanu, Flaviene Scheidt de Cristo, and Prof. Radu State

PayID is an up-and-coming open-source payment identifier that is changing the way developers implement payment systems in their digital architecture. The PayID BlockSprint Hackathon started on 25 September and lasted two weeks. It was organised by Ripple and UCL’s BlockSprint to push the development of PayID further.

Right from the start Dr. Shbair and the team knew they wanted to tackle the privacy flaws of the current PayID system. Their challenge was figuring out how to do so, and then creating a solution, all in just two weeks.

Before they began the PayID server was set-up in a way that made it possible for anonymous users to access the payment information of anyone using the service. This exposes the users of PayID to privacy concerns, as payment information includes an individual’s bank account details, bitcoin address, and/or XRPL address.

To address this our researchers set out to make it possible to encrypt the payment information of a PayID user, and only grant access to other users they had on a list of trusted individuals. To do this they used the Access Control List (ACL) feature and Decentralized Identity (DID). By combining these technologies they were able to create a system that would certify a user’s identity, and enable them to be granted access permissions to the payment information they need. Their solution is called PayIDSecure.

“We were looking for a novel and innovative solution that keeps the spirit of PayID ‘Make Money Move Like Email’. That meant avoiding an approach that put more burdens on the PayID users. We are proud that we managed to integrate the cutting-edge technology of Decentralized Identity of Hyperledger Indy in the PayID server successfully in two weeks,” said Dr. Shbair, Research Associate at SnT. “Now we have a full working prototype of the enhanced privacy preserving PayID server.”

100 people participated in the hackathon, and three projects received honorable mentions in addition to the traditional top three prizes. The first prize our team received was $15,000 in XRP (a digital currency).

“Privacy is a complex matter and it is easy to reflect that complexity when trying to protect it, but we wanted to stay true to PayID’s simple approach of moving money like email,”  said Dr. Shbair. “We really pushed ourselves to make a secure solution that fit the simplicity of the system itself.”

“We are proud and acknowledged to be part of the Ripple UBRI project,” said Prof. Radu State. “Being able to interact with engineers from Ripple is a privilege and life-changing experience.”