New study outlines privacy solution for retail CBDCs

New research shows that retail central bank digital currencies (CBDCs) can be designed to protect user privacy, one of the biggest concerns surrounding the future of digital money.

Professor Iwa Salami of the University of East London and Professor William Buchanan of Edinburgh Napier University, have examined how privacy risks in state-backed retail digital currencies can be reduced through careful system design and legal safeguards.

Retail CBDCs, often described as digital versions of cash issued by central banks, have been widely explored by governments around the world. However, concerns about surveillance and loss of anonymity have slowed their adoption.

The UK, for example, is currently taking a cautious approach. The Bank of England and HM Treasury are jointly developing a potential “digital pound”, but no decision has yet been made to launch one while they investigate legal, economic and privacy questions.

The new published research argues that the risks are real but solvable.

The paper highlights a key solution: the use of advanced cryptographic tools, particularly “zero-knowledge proofs”. In simple terms, this technology allows a payment to be verified without revealing who made it or what it was for.

The researchers also point to a practical system design in which private companies such as banks and fintech firms act as intermediaries. These firms handle customer identities, while the central bank operates the underlying system without direct access to personal data. Additional safeguards, such as limited anonymity for small payments and legal protections on data use, can further strengthen privacy.

Professor Iwa Salami, from the Centre of Fintech at the Royal Docks School of Business and Law, said:

“Retail digital currencies issued by central banks have the potential to transform how we pay and interact with money.

“But their success depends on public trust. Our research shows that it is entirely possible to build a system where transactions are secure and verifiable, without turning money into a tool for surveillance. The real impact of this work is to demonstrate that privacy and financial innovation do not have to be in conflict.”

The paper concludes that the future of retail CBDCs will depend not only on technology, but on policy choices. Decisions about who controls data, how systems are governed, and what legal protections are in place will determine whether digital currencies enhance or undermine financial privacy.