Send in your ideas. Deadline October 1, 2024
Source code :
Documentation :
Vendor stores
Nix Flake
Stay up to date
RSS or Atom feed
More info available :
Theme fund: NGI0 PET
Start: 2019-08
End: 2022-10

GNU Taler

Advanced electronic payment system for privacy-preserving payments

GNU Taler is an advanced electronic payment system for privacy-preserving payments. Unusual for such a system, the entire Taler system is ethical, free/libre software, so there are no dependencies on third parties and no black boxes. Taler can support digital payments in any currency - existing or new, mainstream or private. Unique to the GNU Taler system is that it provides anonymity for customers, while delivering various anti-fraud measures necessary to curb abuse.

If you are a central bank, you can use Taler to provision a CBDC. If you are a regular bank or payment provider, you can use it as a mature digital payment method instead of various proprietary solutions which are opaque and come with many restrictions and high costs. The technology behind Taler fully supports local or community currencies too. Taler was designed to meet all the usual regulations for electronic money issuers, and supports regulations like PCI-DSS and GDPR out of the box. The work done within this grant delivered a key regulatory requirement, an independent audit of the payment service operator (the "exchange"). With the third party security audit of the GNU Taler codebase completed, banks and payment providers can now switch to this new system with confidence. GNU Taler finally brings us a transparent, trustworthy and truly private payment ecosystem that operates independent from vendors.

Why does this actually matter to end users?

Digital payments over the last few years have become so user-friendly and commonplace that people pull up their phone to pay for their groceries or send their friends a payment request for the drinks they had last night. But the difference with actual cash money is fundamental: while banks tend to do a good job to keep the users money safe and make sure transactions go where they are supposed to, payment systems based on remote accounts are not very robust or private. Instead of directly transferring value locally in a confidential setting, everything you do with a bank account has to go through a vast payment system that never forgets. When your bank has to deal with a nasty cyber attack, when their internet connections are down (because of some disaster or just system overload because of holiday shopping), or in case a bank simply goes bankrupt - which does happen once in a while - not a single payment can be made by anyone. This is the difference between withdrawing cash from an ATM (which work most of the time but sometime are out of service, and of course always at an inconvenient time) and the certainty of having actual cash folded in your wallet. There are other liabilities: when mobile phone vendors that integrate payment systems suddenly block your account because you trigger some algorithm, you are locked out as well. Both bottlenecks point to a structural point of failure.

Logging every payment you make without the ability to shield the payment history off is also very invasive to ones privacy. In fact the lack of privacy of current solutions is something that can physically harm those that actually need such privacy - like a whistleblower or journalist that cannot park her car or pay for a tea near a rendez-vous point without leaving a harsh digital trail that may have dire consequences. Some things you exchange money for are just private matters, and paying with your bank account isn't private at all. Banks do their best to make sure that their site or payment app is safe - but they are not the only organisation to see. What happens if you naively share the bank data with an online service provider through the so called Payment Services Directive, to get a mortgage advice? And what happens with data that is sent via the vendor of your mobile phone (which likely operates in a different jurisdiction)?

Society deserves a full-fledged transparent electronic payment system that lets users do their finances privately and safely. Taler offers a mature way to pay online and with devices just as we've always done in the real world: with money that you carry with you (and only you have access to) and can use to pay for whatever you want, anonymously. It is produced by the free (as in freedom) software community GNU, as an ethical and highly secure alternative to proprietary systems. Users exchange their existing money into a digital representation that goes in their electronic wallet. Subsequently, GNU Taler lets you pay just as easy and anonymously as you were to pay with cash. Unlike with vendor solutions like Apple Pay, Google Pay or Alipay, there is no vendor looking over your shoulder with every payment you make.

Because Taler comes with all the source code, you can customise how to protect user wallets and reach a level of security these themselves feel comfortable with - rather than a one size fits all. This can help to tackle fraud. Unlike credit cards you cannot have people abuse credentials once you make a payment. By design it also prevents money laundering and tax evasion. Whether you are a central bank looking for CBDC, a regular bank looking for a vendor neutral payment system that brings you more control or a payment provider that wants a secure foundation - Taler has you covered.

Run by Taler Systems SA

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.