Cryptography researchers have developed a way to encrypt data so that ride-sharing companies cannot see where their riders have been.
Sign in or buy a plan to view this innovation
While ride-hailing services such as Uber and Lyft are hailed as a boon for millions of riders worldwide, they are also heavily criticized for their vast collection of data on customers; data which allows them, at least in theory, to follow their customers’ every move. A team of cryptography researchers at the Swiss Federal Polytechnic Institute in Lausanne and Lausanne University, have now developed a prototype software, called ORide. They claim this will allow people to participate in ride-sharing but without sharing their location data.
In a paper presented at the 2017 USENIX Security Symposium in Vancouver, BC, Canada, the researchers explained the cryptography behind ORide. The key is “somewhat-homomorphic encryption”, a system that allows computations to be performed on data even while it is encrypted. The result is that the digital “conversation” between driver and rider can be encrypted, while at the same time allowing unencrypted contact between the ride-hailing service, the driver and the passenger. Still in the development stage, ORide allows data about the rider’s location to be hidden from the ride-sharing service, while still enabling all the other features of the service, such as billing, to operate as normal.
The ORide system continues to store the identities, allowing both the rider and the driver to rate one another or to recover items the rider left behind in the taxi, however ORide cannot connect them to a particular place or route.
Although implementing ORide would involve some sacrifices in efficiency and convenience, for example, in slowing down pick-up times, it does demonstrate a ride-hailing service protecting privacy as possible. The call for more data protection has led to the development of apps that offer secure information storage and biometrically-secure personal organizers, what other types of information might require systems that enable greater privacy?