Honestly, there are others here that could more accurately answer this question when it comes to the detail of mechanics and security etc.
But in basic terms, what is happening when you make a payment is you are taking a DBC that you own, and you are saying to the mint “please use this to create a fresh DBC, but with the my friend as the owner, not me”.
Now there is this fresh, reissued DBC which belongs to your friend, and can only be spent by them. You could literally pass this DBC to them for them to hold, or send it as an email on the clearnet, or for the sake of speed and convenience, we can put it on the Network in a way it can be immediately found by your friend: dropped right in their “Safe”. So they see their balance go up the next time they open their app of choice.
And of course, this transaction can’t be seen be deduced by anyone else, it’s effectively private thanks to the mechanisms described in the OP… each transaction having a one-time key, using fixed denominations etc. etc.
Ownerless DBCs are another thing. That’d be where you get a mint to reissue a DBC but without any owner at all, so anyone can claim it as theirs; like a bank note. Obviously it’s not quite the same, as they are ease to duplicate unlike a banknote, but they’d still be useful and usable in cashlike ways.
For example, I am going shopping, and I know I’ll not have my phone with me at the time, and I’m also not sure who I’ll be paying either. So I create an ownerless DBC, and print it out.
I find a shop with goods I like, and hand over my DBC to the cashier. They are online, and can scan the QR code on the DBC, check that it hasn’t been spent, and deposit it, i.e. they get the mint to re-issue it with the shop as the owner.
If I was due change, the mint could issue a new DBC (or several) which could be ownerless and just printed on my receipt, or if I wanted, I could give the cashier my SafeID, or an network address/key, to send the change too, and I’d see it in my Safe the next time I got connected and opened my app.
This is what you’ll have heard referred to as a ‘half-offline’ transaction.
Does that make sense? I may have fuzzed some of the detail ofc, I’ll let the devs chip in some if I have.