Clandestine Addresses for Location Private Online Shopping

We all buy goods from various websites. Before the check out, there is one last step: providing address information.

The retailer has to know your address to ship the item to you. Well, not necessarily!

It is reasonable to argue that the shipping company (such as FedEx) should know your address (at some point in the process), but this is not true for the retailer. The retailer doesn’t need to know your address.

Data breaches are everywhere and one might result in that hackers in some part of the world learn your address as well as your other information. Since address is a physical variable, it is harder to change.

Even though there are no breaches and the seller’s cyber security is top-notch (!), there is the issue of misconduct on the seller’s side -using your information for other purposes.

How would one prevent this?

Well, encryption is one way to do it.

The idea is to encrypt the address with the public key of the shipping company. The token $T$ , a Clandestine Address, to share with the retailer is going to be:

$T = E_{pk}(address)$

where $pk$ is the public key of the shipping company, and $E$ is a secure encryption scheme.

This can be improved a bit more:

$T = E_{pk_0}(E_{pk_1}(E_{pk_2}(E_{pk_3}(apartment)||street)||city)||country)$ where $pk_i$ is the public key of a “regional” distributer and $||$ is concatenation.

This way, a distributer will only know the information that it needs. (Of course if the distributer can decrypt the apartment number, he already has knowledge of street, city and country since he will physically has to deliver the item.)

Share this:

Leave a comment Cancel reply