1. Introduction
Online ride-hailing services have become a part of people’s daily lives due to their convenient reservation, reasonable prices, and technical support, meeting the needs of fast, safe, and flexible travel in modern urban life [
1]. However, with the growing user base, the privacy and security issues caused by the collection and sharing of user data, such as travel history, precise location, and personal information, exposed by ride-hailing services during their usage, have become increasingly prominent [
2]. For instance, in October 2016, Uber faced two major security incidents. First, the company was accused of both collecting a vast amount of user data, including names, usernames, emails, access devices, etc., and of allowing all employees unfettered access to ride data, leading to severe privacy violations [
3]. Almost simultaneously, a severe hacker attack led to the leakage of personal information, such as names, emails, phone numbers, etc., of 57 million Uber users worldwide [
4]. These serious privacy issues have spurred numerous solutions to protect user privacy, which can be categorized into three types: obfuscating key information, decentralized storage, and digital identity. Obfuscating key information is a data desensitization technique that reduces the risk of privacy leakage by hiding, modifying, or generalizing detailed data. When applied to protect location information, this technique typically employs various methods, such as hiding specific locations within larger geographical areas, adding random noise, reducing precision, or using pseudonymization techniques. These methods effectively protect location privacy while maintaining a certain degree of data usability. Chow et al. [
5] proposed a spatial cloaking technique based on a Trusted Third Party (TTP) to obfuscate user location information. Hengartner [
6] proposed obfuscating user location by combining Private Information Retrieval (PIR) and trusted computing. However, obfuscating key information only safeguards location privacy, while service providers possess users’ true identities, potentially leading to severe privacy breaches. Decentralized storage leverages distributed computing technology to enhance data security. As demonstrated in [
7], the traditional ride-hailing system characterized by centralized data storage inherently faces vulnerabilities to data manipulation and single-point intrusion due to its storage of various pieces of sensitive information and personal data of users. In contrast, decentralized storage mitigates the risks associated with data centralization in the ride-hailing system. Renu et al. [
8] proposed a privacy protection scheme for ride-hailing services based on decentralized storage and smart contracts. Similarly, Fadhil et al. [
9] introduced a solution that safeguards passenger privacy through blockchain smart contracts and spatial cloaking techniques. Nonetheless, such decentralized storage still encounters the challenge of service providers excessively accumulating user identity information; thereby, users still face the risk of privacy leakage. Digital identity represents a mapping of individuals’ real identities in digital space. With the rise of blockchain technology, this mapping process has been endowed with unprecedented security, transparency, and decentralization. In ride-hailing services, digital identity can be used for secure user verification and privacy-preserving transactions. The schemes [
10,
11,
12] have formulated innovative digital identity solutions, harnessing the unique strengths of blockchain technology, which not only safeguard the security of user identity privacy but also offer reliable identity verification. The utilization of digital identity allows for precise control over data, effectively averting the leakage of superfluous details unrelated to the required identity verification, thus compensating for the privacy leakage risks caused by the lack of identity information protection in the previous two types of solution. Consequently, digital identities have garnered widespread adoption in the realm of ride-hailing privacy protection.
Recent studies [
13,
14,
15,
16] indicate that the use of digital identities has spawned a variety of privacy protection schemes. Sánchez et al. [
17] proposed a decentralized Peer-to-Peer (P2P) ride-sharing system, utilizing anonymous node ID to conceal users’ true identities. However, this system requires drivers and passengers to reveal their real identities to each other. Kang et al. [
18] introduced a privacy-preserving scheme based on pseudonyms, which protected vehicle owners’ privacy when broadcasting information by employing pseudonym changes and secure pseudonym management protocols. Pham et al. [
19] proposed a ride-hailing service system called PrivateRide, which used blind signatures and anonymous credentials as digital identities to safeguard passenger privacy. Hong et al. [
20] proposed OCHJRNChain, a blockchain-based secure data-sharing framework, which employed zero-knowledge proof technology to allow passengers to prove their identity effectively and securely without revealing any additional personal information. This framework also incorporated blockchain and homomorphic encryption technologies to create a system that protected passenger privacy. However, regrettably, the schemes proposed by Pham et al. and Hong et al. do not provide drivers with the same level of privacy protection as passengers and fail to address the challenges posed by drivers’ information to passenger privacy. Shen et al. [
21] introduced a ride-hailing privacy protection scheme without the need for a trusted third party. This scheme used public keys as user identity identifiers and combined Public Key Encryption with Equality Test (PKEET) and blockchain smart contract technologies to achieve ride-hailing matching. Although this highly encrypted method enhanced user privacy protection, it made it difficult to trace the identities and vague location information of drivers and passengers in emergency situations. Pham et al. [
22] proposed a ride-hailing system based on homomorphic encryption technology, which used digital certificates and anonymous credentials to protect user identity information, allowing service providers to match drivers and passengers without directly accessing their private information. However, service providers can map credentials to identities and track users through random IDs, posing a certain degree of threat to user privacy. Decentralized identities have been widely applied in privacy protection strategies due to their ability to grant individuals autonomous control over their data management. Maram et al. [
23] proposed CANDID, a decentralized authentication platform independent of TTP. Kang et al. [
24] presented an identity management system that combined the Cheon–Kim–Kim–Song (CKKS) fully homomorphic encryption (FHE) scheme to ensure user privacy protection. Javed et al. [
25] introduced a blockchain-based decentralized identity management system called Health-ID, aiming to securely identify and authenticate users’ identities. Stockburger et al. [
26] proposed a decentralized identity management system based on Self-Sovereign Identity (SSI) for the public transportation sector to protect passenger privacy. It is noteworthy that the existing online ride-hailing privacy protection scheme faces a primary issue: the direct association of digital identities with users’ real identities within the ride-hailing platforms. This direct linkage results in key service information and user privacy data remaining connected within the platforms, thereby leaving users still vulnerable to the risk of privacy breaches.
This paper proposes a novel privacy-preserving scheme for ride-hailing services, utilizing decentralized identities, fuzzy location matching technology, and ciphertext-policy attribute-based hybrid encryption algorithm to solve the privacy leakage problem caused by the association between service information and privacy data. The scheme improves upon decentralized identities by reconstructing the issuance process of Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) within the decentralized identity system. In the initial phase of this scheme, government authorities provide these credentials to users after stringent identity verification, which are then used for authentication on the ride-hailing platform, both separating the identity registration service from the platform and enhancing the credibility of identity information. The matching technology effectively leverages POI data from drivers and passengers to identify drivers who are near the passenger, without requiring precise location information. Additionally, during the process of encrypting data, the scheme sets access policies based on driver attributes to restrict access to location data, thereby safeguarding privacy. The scheme ensures that users’ authentic identity information is not associated with the ride information within the platform, and it establishes additional regulatory authorities to address emergent hazards in the ride-hailing service, which achieves a complete decoupling of the ride-hailing’s key services while reinforcing the regulatory mechanism, effectively protecting users’ privacy data.
The remainder of this paper is organized as follows:
Section 2 introduces related preparatory work on privacy protection.
Section 3 describes the system model and design goals.
Section 4 presents the creation process of decentralized identities and their application to ride-hailing platform authentication.
Section 5 details the ride-matching scheme of the ride-hailing platform.
Section 6 provides a performance analysis of the proposed scheme.
Section 7 discusses and analyzes key issues related to user privacy, enterprise risk management, and regulatory considerations. Finally,
Section 8 concludes the paper.
7. Analysis and Discussion
This scheme achieves the decoupling of key services in ride-hailing, enabling users to utilize decentralized identities for authentication on ride-hailing platforms while enjoying the services without providing precise location information to the platform. This approach prevents the association of identity data with location-based trip data within the platform, thereby maximizing user privacy protection.
The process involves multiple stakeholders, including government departments, drivers, passengers, ride-hailing platforms, and regulatory agencies. Each party plays a crucial role in the ride-hailing ecosystem, taking on specific responsibilities and challenges. The following paragraphs will systematically analyze key issues related to user privacy, enterprise risk management, and regulatory considerations.
In this scheme, users assume two main roles. First, as holders of decentralized identities, users are empowered through DID systems by gaining greater control over their personal information. As identity holders, they can selectively disclose data and adjust privacy settings to meet their individual needs. Although users may have limited direct influence over the design and implementation of the service, the transparency of privacy settings and the level of control provided offer them significant autonomy. Additionally, users will receive clear guidance on privacy protection to ensure they can understand and choose the options that best suit their needs. Second, as users of ride-hailing platforms, especially passengers, they can designate vague locations and vehicle preferences through an intuitive interface. When combined with the on-demand matching method of this solution, it not only safeguards their privacy but also grants them appropriate choices and control.
Adopting the DID framework requires ride-hailing service providers to establish robust Enterprise Risk Management (ERM) strategies. ERM enables these companies to systematically identify, assess, and mitigate risks related to data privacy, technology, compliance, and third-party interactions. Moreover, the platform must ensure that its system complies with relevant legal regulations, such as the GDPR and CCPA. While decentralized technology inherently reduces some risks by minimizing centralized data storage, it also introduces new challenges, such as unauthorized access and data breaches. To address these issues, companies must implement comprehensive strategies, including data encryption, zero-knowledge proofs, and continuous risk monitoring. A dedicated risk management team plays a crucial role in ensuring these strategies are effectively executed, maintaining platform stability, and preserving user trust.
The transition to a decentralized identity system also presents significant regulatory challenges. Government and regulatory agencies must address the complexities of accountability and data traceability in decentralized networks. Ensuring data security and audit feasibility requires clear guidelines and effective traceability mechanisms. Additionally, the intersection of technology within ride-hailing services and real-world safety demands regulatory oversight to protect both drivers and passengers. This includes establishing crime prevention measures, ensuring swift responses to emergencies, and preventing the misuse of technology. Regulatory authorities are responsible for defining and monitoring the platform’s obligations to safeguard user safety and information protection, thereby creating a secure and reliable environment for all stakeholders.