Smart spaces are populated by users having evolving preferences that, directly or indirectly, reflect their spatial, temporal, financial and interaction patterns of service usage. These data, if disclosed, could draw a detailed picture of users’ life in public spaces. Protection of privacy-sensitive data is especially significant in scenarios employing negotiations where many non-trusted service providers, service consumers and payment processes are involved. For such scenarios an architecture and a protocol for secure and privacy-preserving smart space usage have been developed. The presented approach relies on a trusted party operating as a public service in the ‘security infrastructure as a service’ model. The solution is designed to minimize the risk of users privacy violation from the side of service providers and attackers impersonating regular users, as well as the risk of violating privacy of users’ payment patterns from the side of payment authorities. All parties benefit from fast and secure micropayments allowing for pay-per-use model implementation, which fulfils the non-invasiveness requirement of ubiquitous services. The presented use case scenario illustrates the possible application of this approach, and adversary model explains its privacy attributes.