Offline CBDC 

Thales and Secretarium have been collaborating since 2022 on offline CBDC. This paper presents our technical approach.

Offline CBDC payments

Thales has decades of experience in smart payment cards, mobile payments and secure payment applications. They have developed technology that supports strong identity verification, payment data encryption and multiple authentication schemes – including biometrics.

Secretarium won the Monetary Authority of Singapore (MAS) Global CBDC Challenge in 2021 and is a global leader in digital cash solutions. Thales and Secretarium have been collaborating since 2022 and our solution is used in a number of projects with central banks all over the world.

CBDC scheme diagram

The Thales CBDC PoC leverages tamper proof hardware – the Secure Element – which is commonly used in smart cards. Secretarium has been providing the privacy-preserving Monitoring and Detection System, an advanced piece of engineering based on Confidential Computing to stop the circulation of potential counterfeited digital cash.

The PoC comprises the following elements:

  • Smart cards and smartphones. The solution supports multiple transact types: card to phone, phone to card or phone to phone.
  • A Digital Currency Provider (DCP) server. The DCP server manages loading (or unloading) digital currency into (from) the device and handling online transactions between devices. The DCP server interfaces with the CBDC core ledger via the Core Ledger Gateway and will typically be operated by the Central Bank or an accredited entity.
  • A Monitoring and Detection System. This component, based on Secretarium's confidential computing platform, stores and monitors the history of transactions that took place offline between devices. It provides key econometric indicators and, most importantly, detects issues such a loss of digital currencies or the fraudulent creation of digital currencies.
  • A directory of Secure Element identifiers.

Key design elements in the PoC include:

  • The use of tokens. The system uses UTXO cryptocurrency techniques by chaining offline payments. When paying offline, a new token is computed in the payer device using funds from one or several token(s) previously stored in this device (funding tokens). A similar UTXO token, for the remaining/unspent amount, is stored in the payer device.
  • Successful storage for credits and debits. Storage of the remaining amount token in the payer device causes the payer device to be debited – and the payee device to be credited. This transfer is final and irrevocable. There is no need for back-end settlement.
  • No more offline payments after the limit is reached. After this point, the device will have to perform an online transaction during which the complete token history is uploaded to the DCP server, erased from the device memory and replaced in the device by a single small new token of same value. This re-origination process is called a renewal.
  • Token histories are uploaded to the Monitoring and Detection System. This privacy-preserving system is used for IT and econometric monitoring purposes. It also detects fraud (double spends or fake funding tokens) and can recover lost funds due to offline transaction interruptions.

References

BANK OF ENGLAND

The Thales POC was chosen by the Bank of England for its evaluation of offline CBDC payments. In a four-month project, Thales delivered:

  • Workshops on the different aspects of the offline CBDC system.
  • Integration with a core ledger leveraging the Rosalind APIs jointly defined by the Bank of England and the Bank for International Settlement.
  • Provision of cards, phones and servers to test the POC.
  • A 50-page report on the project.

Thales is now helping the bank's CBDC Technology Forum to progress the design phase of the digital Pound.

RESERVE BANK OF AUSTRALIA (RBA)

RBA chose Thales as one of the partners for its pilot in two Australian universities (RMIT and Southern Cross). Students used smart cards to make contactless payments with digital Australian Dollars (eAUD) to merchants with CBDC-enabled smart phones. The eAUDs were minted by RBA on a core ledger and distributed to ANZ.

BANK FOR INTERNATIONAL SETTLEMENTS (BIS)

Thales collaborated with BIS on the banks' landmark Rosalind and Polaris API projects. We used the APIs to load and unload offline-capable devices with funds coming from a user wallet on the core ledger.

We participated in a deep dive workshop with BIS. Our contribution can be seen in the handbook for offline payments with CBDC as well as in the High-level design guide for offline payments published by BIS.

Get in touch

If you want to know more about our technology, please don't hesitate to schedule a free demo with our experts.

Book a demo

Read next

We actively engage in highly innovative projects. Please explore our latest publications featuring our technology.

Improving secure enclaves interoperability
Technology

Improving secure enclaves interoperability

With the Secretarium SDK v3, we have introduced a radical improvement in enclaves communication.

Honest Computing
Technology

Honest Computing

Systems that can't lie: Inside Secretarium's new "Honest Computing" technological solution.

Offline CBDC
Digital Asset

Offline CBDC

Thales and Secretarium have been collaborating since 2022 on offline CBDC. This paper presents our technical approach.

Fraud & Scam
Data Collaboration

Fraud & Scam

A collaborative approach to financial crime detection and prevention would significantly improve accuracy and efficiency.

Amlytic
Data Collaboration

Amlytic

Secretarium and FutureFlow have collaborated to demonstrate how graph network topologies and AI can reveal money laundering patterns.

Apple Intelligence
Technology

Apple Intelligence

Apple believes Private Cloud Compute is "nothing short of the world-leading security architecture for cloud AI compute at scale".

Secretarium announced by the MAS as part of winning solution for their global CBDC challenge
Digital Asset

Secretarium announced by the MAS as part of winning solution for their global CBDC challenge

We're thrilled that our privacy-preserving smart contract technology has been leveraged in a solution that won the global CBDC challenge organised by the Monetary Authority of Singapore.

Innovation Award wins for banking reference data applications
Technology

Innovation Award wins for banking reference data applications

Our KYC and AML apps enable secure peer-peer data collaboration. The DANIE group has been using our technology since 2019 to improve data quality.

Implementing performant scalable solutions in confidential computing
Technology

Implementing performant scalable solutions in confidential computing

Confidential computing (also known as Trusted Execution Environments or SGX enclaves) is a means to calculate secret information while maintaining confidence that malicious software installed on that machine cannot see or amend those calculations.

Subscribe to Secretarium insightsGet short, sweet and brief product updates, company news, and more.