Delivering Offline Capability
The Bank for International Settlements (BIS) has published ‘A Handbook for Offline Payments with Central Bank Digital Currencies’ (CBDCs).
This is a comprehensive record of key decisions and options open to central banks if they want to set up their CBDC to allow the transfer of value between devices without connection to a ledger system. According to a BIS central bank survey, 49% of central banks saw this as vital for their CBDC and 49% as advantageous.
Offline options
There are three modes of offline payments and the decision which to use depends on the circumstances and goals of the central bank.
Fully offline. Final settlement occurs offline, and each party can spend the value transferred to them immediately and without time limit.
Intermittently offline. The offline parameters could limit the ability of purses to transact, and the purse may have to synchronise with the central system intermittently to continue to function.
Staged offline. Value is not settled until there is a connection to the ledger. Value cannot be spent until settlement has taken place.
The mode to be used is determined primarily by the policy objectives of the central bank including its risk tolerance and risk management approach, such as how to handle lost value and balancing between privacy and complying with Anti-money laundering (AML) and Countering Financing of Terrorism (CFT) regulations. If providing payment resilience is important, then an offline capability may be wanted.
If an offline capability is required, then the system will need to deliver an end user experience that is reliable, easy to use, convenient and widely accepted whether on- or offline.
Policy requirements supported by offline payments
Objectives listed include:
Financial inclusion
Universal access
Payment system resilience
Privacy
Supporting reasons for having an offline capability include:
Lack of developed communication infrastructure
The wish to have a near-cash alternative payment option (although it would not be fully anonymous)
Trust – to generate confidence and trust in online CBDCs, having an offline capability may build confidence
Lower transaction costs – if batched messaging takes place during off peak times, costs may be lower, although an offline capability comes at a cost including offline infrastructure, acquiring and distribution costs for user devices and merchant point of sale devices
Performance and scalability support of the general CBDC system. If CBDCs are widely used, it is possible that micro-transactions will proliferate, generating significantly more transactions than occur today. An alternative processing option may be useful
Civil contingency against extreme events including conflict and disaster
Digital person-to-person and person-to-business payments.
Lessons from history
Offline payment systems have been tried in the past, some successfully. The handbook reviews a number of lessons that are applicable for today.
Commercial model – a significant challenge about to create an attractive model for payers, payees and payment intermediaries so that they will provide and use the system
Security
-Needs tamper resistant purses and cryptographic protocols
- Today’s mobile devices protect the master cryptographic key less securely than the historic solutions
Risk – defence against double spending and counterfeiting of value
User experience – needs to be better than the alternatives, including cash.
Technology, security and operational design of the system
A glimpse of the complexity, which is covered in detail, is shown in the diagram of the architecture of an offline system.
The list of threats and vulnerabilities hints at the complexity of the required solutions. Conceptually counterfeiting via physical breaches or cryptographic protocol analysis is relatively straightforward to understand. The need to ensure the solutions are upgradeable and the requirement to ensure that third party devices don’t offer the criminal an entry point make sense.
Side-channel attacks occur when an attacker tries to access data inside a device by attacking it from the outside, by exploiting information leaked by the device. For example, an attacker could measure and perform signal analysis on the electromagnetic radiation emitted and recreate cryptographic keys and therefore potentially create counterfeit value.
Fault-inducing attacks are where there is an attack on a secure element to induce faults during cryptographic processing by placing it under stress through some external method, eg. heat or radiation. Cryptanalysts may then be able to deduce key values by comparing outputs.
Solutions need to be found for device obsolescence, double-spending, fraud, lost value, third party vendors and supply chain risks, the complexity of the technology stack, the ability to identify breaches and defence against insider threats.
Final word
Decisions made about the technology, security and operations of an offline capability need to be made at the start of any CBDC project, given the complexity and implications that this has for the CBDC. Tamper resistance solutions can be delivered through the hardware, software or hybrid options. These need to work with existing technology and infrastructure, but also need to be capable of being upgraded to meet future changes.
This handbook gives detailed information about the policy, technology, risk and security options and the decisions and trade-offs required.

Subscriber content
Read the full article
Full access to Cash & Payment News articles, newsletters and archives.