8/3/2019 Digital Commerce Solutions
1/15
The second generation of digital commerce solutions
Steve Mott
BetterBuyDesign, 1386 Long Ridge Road, Stamford, CT 06903, USA
Abstract
Since early 1995, when the invocation of the World Wide Web (WWW) rst triggered mass adoption of the Internetfor public access to digital communications and exchanges across the globe, purveyors of a safe and sound technology
infrastructure have scrambled to oer the ``ultimate'' solution for digital commerce. To get the mass market on the
Web, the reasoning went, a special security infrastructure would need to be put into place transforming the wild-and-
wooly Internet into a network with end-to-end protections. Many dierent approaches to this quest have been taken in
the ensuing four years, but none have emerged as a clear front-runner for widespread implementation and market
dominance. Now, as eCommerce is booming and the Net is revolutionizing industry after industry, it is obvious that
the world did not wait for a specialized technology infrastructure after all, and eBusiness is clearly mushrooming o
what was already in place. And it is becoming clearer with each passing day that a new generation of digital commerce
solutions is beginning to emerge, with new priorities (e.g., privacy) and higher value-added requirements (e.g.,
smartcard integration, biometrics, etc.). Sorting out the winners and losers in this second generation will be harder still,
since one of the prerequisites is that all the technology will ultimately become transparent to the user! 2000 Elsevier
Science B.V. All rights reserved.
Keywords: Security; Privacy; Public key infrastructure; SET; Smartcards; Biometrics; Credit cards; Debit cards; Digital commerce;
Digital certicates; Online retailing; Internet; Authentication; Verication; Transaction integrity
1. A brief history of the rst generation of digital
commerce solutions
The overarching premise of the ``need'' for a
specialized solution to support commerce con-
ducted via the Internet was the expectation that its
basic lack of security would expose millions of
consumers and merchants to substantial risk of
fraud and compromise. Secure Socket Layer (SSL,
originally oered to the Net by Netscape, and now
re-introduced by the Internet Engineering Task
Force as Transport Layer Security, or TLS) of-
fered the ability to protect information while in the
various communications ``channels'' that make up
the Net. That provided substantive condentiality
for Net users, but in 1995 and 1996, exposure of
the ``ends'' of SSL ``pipes'' namely at a merchant
or ISP server-resulted in some highly visible com-
promises of highly sensitive information like credit
card numbers. Tens of thousands of credit card
numbers at a time, in some cases, were compro-
mised.
Sensing an opportunity to extend their credit
card franchise further, the payment card associa-
tions rushed to provide bank-oriented ``solutions.''
First up was Visa, in a partnership with Microsoft,
with a protocol specication called Secure Trans-
Computer Networks 32 (2000) 669683
www.elsevier.com/locate/comnet
E-mail address: [email protected] (S. Mott).
1389-1286/00/$ - see front matter
2000 Elsevier Science B.V. All rights reserved.PII: S 1 3 8 9 - 1 2 8 6 ( 0 0 ) 0 0 0 2 4 - 4
8/3/2019 Digital Commerce Solutions
2/15
action Technology (STT), in mid-1995. Pushed to
the sidelines by this preemptive move, MasterCard
agreed to team with everybody-who-was-afraid-of-
Microsoft (e.g., IBM, GTE, Netscape, etc.) for a
rival protocol Secure Electronic Payment Pro-
tocol (SEPP). The payment card schemes were
quickly pulled back into collaboration by their
big-bank members toward the end of the year
(something the US Department of Justice looked
askance at), resulting in a draft specication of the
Secure Electronic Transaction (SET) protocol in
early 1996.
While to-date adoption of SET as THE digital
commerce solution has been very limited (except
for some European countries (namely France,
Scandinavia, Netherlands, Switzerland) and Asia(especially Singapore, Taiwan and Japan)), the
components of the SET ``solution'' oered up to
the Internet marketplace provide very vivid proof-
points of why this initial generation of oerings
did not scale. Among the more obvious discon-
nects were:
A rather heavy-handed imposition of Public Key
Infrastructure (PKI). PKI calls for the use of
public (from the same authorizing entity) keys
that can encrypt sensitive information, which
can in turn, only be unscrambled and read byprivate keys (which come from the same mathe-
matical basis). While extensively embraced by
the intelligence community, PKI has struggled
with broader market acceptance for years. Rela-
tively few ``commerce'' applications of PKI are
extant (see Fig. 1), although PKI has made stea-
dy inroads in corporate network security uses
especially securing remote access users over cor-
porate Virtual Private Networks (VPNs). More-
over, SET proposed a monopoly for the RSA
``brand'' of data encryption in its initial imple-
mentation a business decision that strained
credulity when faster, better, cheaper alterna-
tives (such as elliptic curve cryptosystems) were
already available. Vendors objected, but count-
ed on the banking industry to make markets
for this relatively arcane infrastructure imposi-
tion. To-date, their investments and faith
have been little rewarded. A very complex (and expensive) invocation of dig-
ital identifying certicates. So remote parties
could know each other online, the notion of dig-
ital identiers, or digital certicates, came
about. These IDs would be granted by ``trusted
institutions'' utilizing Certicate Authorities,
and maintained and revoked by Registration
Authorities and other complex and expensive se-
cure server-based systems. The problem was,
too many parties wanted to be CAs, too much
time and eort and expense was needed to pro-cess IDs that were essentially static rather than
dynamic, and few considered the customer ser-
vice implications. Most banks wanted to be a
Fig. 1. Principal uses of public key infrastructure through 1999.
670 S. Mott / Computer Networks 32 (2000) 669683
8/3/2019 Digital Commerce Solutions
3/15
CA because trust was their business; few wanted
to bear the hassle and expense of full deploy-
ment. Worse, after being tantalized by low-cost
pilot-system oerings by vendors, implementers
discovered that these initial oerings rarely
scaled to production-system capabilities without
costs exceeding $100 per user! (Whether this ini-
tial round of pricing reected the true costs of
the vendor, or their need to justify their Initial
Public Oering (IPO) valuations, is another
question.)
An assumption that consumers would load ponder-
ous security technology onto their PCs. Deploy-
ment of this grand security design came to be
premised on so-called digital ``wallets'', resem-
bling the physical-world function of account pay-ment and ID cards in one handy location. But
consumers did not take to the idea of 5MB, sin-
gle-purpose chunks of new software, and banks
were slow to see the promise of getting ``wallet-
share'' on consumer PCs. PC and software ven-
dors have recognized the enormous marketing
potential of presence at the ``point-of-virtual-
sale'', however, and many of these functions are
now resident in the ``bloatware'' all of us are
now using on our PCs. Quietly and subtly, this
marketplace moved on without the banks. A premise that consumers cared most about secu-
rity in the rst place. The prophets of doom for
Net security horrors clung tightly to survey af-
ter survey showing that ``consumers'' were
avoiding shopping over the Internet because of
security concerns. In 1998, surveys began to
show privacy surfacing as the major issue,
eclipsing security. And late last year, a new sur-
vey showed that the initial wave of digital com-
merce was becoming as much or more
concerned about low prices, convenience and
service merchandising issues as security
(see Fig. 2), began to take center stage. This
was fueled by new developments from PC and
software vendors, as well as a raft of new tech-
nologies that promised advances in monitoring
and proling real-time consumer behavior in or-
der to better target sales pitches. Security did
not sell in this rst generation of digital com-merce, but maybe consumer-protection will.
Pretty Good Privacy (PGP) became widely ac-
cepted as the standard for protecting e-mail
and text transmissions, and privacy start-ups
and solutions abound.
A belief that the Internet community would wait
for a bank-oriented solution. Many still believe
that consumers will not move en masse to the
digital marketplace without trusted brands
guaranteeing the experience. This may not mat-
ter in the short term, as todays digerati have the
wealth and impulses to produce a trillion dollars
or more in commerce (according to a recent
Forrester Research projection) [1]. Financial in-
Fig. 2. Improvements required by online shoppers in order to increase use.
S. Mott / Computer Networks 32 (2000) 669683 671
8/3/2019 Digital Commerce Solutions
4/15
stitutions certainly retain for now the going-
in position as front-runners in trust (see Fig. 3
and Table 1). But will they capitalize on this he-
reditary advantage? So far, the evidence seems
to indicate the contrary.
Moreover, the initial wave of eCommerce was
characterized by concentrations of business in
relatively few sites some 75% of trac (eyeballs)
and more than 80% of transactions occur on about
20 major eCommerce sites/portals. Those venues
(Amazon, Yahoo!, AOL, ebay, etc.) created their
own levels of ``trust'', and won voluminous ad-
herents. ALL of them weighed in favor of building
on existing infrastructure albeit as it evolved and
improved rather than creating something new.
2. The ``real'' security risk
So, were all our concerns about Internet secu-
rity risks just media hype? Wishful anticipation by
security vendors and the banking industry? Not
Fig. 3. Proportion of people who professed trust for various institutions.
Table 1
eCommerce challenges for banks
eCommerce trend Evidence Implication
Financial activities are moving online
faster than most industries
Full-service brokers are playing catch-up to
rst-mover discount traders
Loss of market position and mind-share
for most desirable customer base
Merchants are up-in-arms over highcredit card charges and fraud liability
Anti-banking merchant associations arisingin several countries to protest
By-pass solutions by new providers arebeing vigorously pursued
Key new Net-based industries (digital
content, gaming, etc.) exploding
Traditional four-party credit card transac-
tion too costly and slow to accommodate
New, non-bank payment solutions are
springing up everywhere
Desire for online banking and bill
payments continues to rise
Bank-based solutions are slow to appear,
and experi-ences are disappointing
Intuit, computing rms, utilities and oth-
ers jumping into market
B2B commerce is burgeoning every-
where: 10 consumer commerce
Online-community oerings handle more of
transaction exchange/ow
Slow reaction and paucity of ecient
solutions threaten to leave banks behind
672 S. Mott / Computer Networks 32 (2000) 669683
8/3/2019 Digital Commerce Solutions
5/15
really. It turns out that there is a rising tide of
security issues, and the criminal element is, indeed,
nding its way to the Net. As of mid-1999, there
were serious and representative signs of trouble
ahead:
Whose site is it, anyway? In mid-1998, using a
website replication program, fraudsters dupli-
cated a Dutch online banking site. Then they si-
phoned o one in every 50 transactions from the
ISP server head. Then they sent an applet back
to the browser of the consumer, changing the
URL ever so slightly. When the online banking
customer re-dialed what they assumed was the
real site, they got the bogus site instead. The
fraudsters got the account information, and
indeed committed many acts of fraud. This in-cident was quickly and resolutely hushed up
once it was exposed, but the banking communi-
ty had its ultimate proof-point: Serious verica-
tion of remote parties will ultimately be
necessary, invading consumers not just mer-
chants!
Major online retailers got hit last shopping sea-
son. An informal survey by Visa of 10 of the
top 20 ``e-tail'' sites in the 1998 holiday shop-
ping season indicated that half had chargeback
rates between 5% and 10% an unsustainablelevel if prots are ever to be expected. Visa also
reported in early 1999 that HALF of their
chargebacks (when the credit card holder rejects
a transaction which must be investigated before
the merchant may be paid) in Europe overall
were from Net transactions [2]. Under existing
credit card rules (except for SET transactions),
the merchant gets stuck with the fraud, meaning
their bottom-lines suer greatly.
One in 15 Net consumers has been victimized. A
Lou Harris/National Consumer League poll in
mid-1999 estimated that six million consumers
(7% of the online population) had been victim-
ized by fraud or unauthorized use of sensitive
data. ``This survey shows that Web-era consum-
ers are every bit as vulnerable as those who were
around before the Internet changed the way that
more of us do things,'' said National Consumer
League President Linda Golodner. While the
Web can empower consumers with information,
it also leaves the unwary exposed to new varia-
tions on old fraud and abuse schemes. This poll
indicated that more than 70% of consumers
still are not comfortable giving out credit card,
other nancial, or personal information over
the Net!
Net-centric merchants get hit harder. Smaller
merchants particularly those new to credit
card processing and remote transactions are
by all reports getting hit harder by fraud and
chargebacks than the major e-tailers. Digital
content providers are getting hit much worse;
Bank of America, which hosts many of them
from their California base, has indicated that
2040% fraud rates are not uncommon (not to
mention the unauthorized duplication and pro-
mulgation of contraband copies of the digitalmaterial). Many of these companies are not
big enough or rich enough to fund the invest-
ments in existing payment- and product-protec-
tion infrastructure. They, too, are looking for
faster, better and cheaper solutions.
We do not hear about the scary incursions com-
panies do. The FBI/Computer Industry Security
annual survey of corporate network security in-
cursions (in 1998) indicated that some $200 mil-
lion in actual damages from a dozen dierent
types of abuse (breaks, theft, unauthorized use,etc. see Table 2) were reported. Many experts
believe that the internal or related costs (e.g.,
loss of business or contracts) for xing such in-
cursions can be 10 times that amount. NetCom-
merce magazine estimated that Net fraud costs
overall could be as high as $7 billion! (Even
so, numerous surveys show that fewer than
40% of Fortune 2000 companies spent more
than $1 million on network security last year;
no wonder security industry vendors are frus-
trated.)
It would seem, then, that the security time-
bomb is still ticking. Moreover, it is entirely likely
that the really dangerous consumer incursions
(where entire sites are compromised, with thou-
sands or tens of thousands of accounts revealed)
are no longer being revealed to the public. What
we do see, though, is the same criminal element
that thrives on mail-order/telephone-order (MO/
TO) transactions mostly use of stolen credit
cards and information is rapidly migrating to the
S. Mott / Computer Networks 32 (2000) 669683 673
8/3/2019 Digital Commerce Solutions
6/15
Net. On the Net, merchants for the most part
particularly new, small, Net-only e-tailers have
NOT yet invested in the types of protections (such
as fraud monitoring, address-verication, negative
le lookups, etc.) that direct-marketers have pio-
neered and perfected over the past dozen years.
3. What we have learned
It would appear, then, from this brief history of
eCommerce and the attendant update on the real
security threat, that we have learned a few im-
portant lessons that point to what is likely to come
in the next generation of digital commerce solu-
tions.
Security does not sell. Mass consumers still can
be herded by media alarms, but the digerati have
moved on to other concerns. Online early adopt-
ers learned quickly that one of the advantages of
lowly old credit cards was they protect consum-
ers quite well in remote transaction environ-
ments. Thus, telling them to be concerned
about the potential fraud losses merchant banks
would incur was hardly a compelling argument.
Why worry? So the online security industry is
scrambling to hide the security, or disguise it un-
der the mask of privacy toggles and/or third-
party, hosted interactions.
Credit cards get the party started, but will not
make it last. Similarly, it was almost exhilarat-
ingly easy to trigger digital commerce by using
credit cards. Consumers were protected, and
merchants were guaranteed of getting paid (al-
beit, net of fraud and other chargebacks). Now
the costs of using old, expensive banking and
payment card networks, and rising fees being
charged on those outdated networks seem to
be driving merchants into rebellion. Further,
key Net products especially digital content
and Business to Business (B2B) require moreexible and cost-eective modes of payment.
The party has hit a lull, while many, many pay-
ment wannabes vie to don the lampshade.
Dicult, expensive bank-centric approaches do
not pay o. The Net remains unabashedly and
determinedly about getting things free and easy.
Bank-centric solutions that require everyone to
do things slower, less eciently and on dramat-
ically more costly terms defy digital logic. Banks
seemingly continue to have a standing invitation
to join the party, but few have responded to an
expectant market. In the lurch, a host of alterna-
tive solutions have emerged, making more agile
and customer-friendly use of technologies that
should be bank sweet-spots. Worse, Net-infra-
structure technology providers have pretty
much moved on to greener pastures. Critical-
mass adoption once thought to be dictated
by banks and other nancial institutions is al-
ready occurring through more opportunistic
sources.
Table 2
Costs of computer crime
Categorya Incidents Low cost High cost Average Amount
Info theft 20 $300 $25 million $1.68 million $33.45 million
Laptop theft 162 $1 K $500 K $32 K $5.25 million
Sabotage 25 $400 $500 K $86 K $2.14 million
Eavesdropping 10 $1 K $200 K $56 K $562 K
Wiretapping 5 $30 K $100 K $49 K $245 K
Invasion 19 $500 $1 million $86 K $1.64 million
Abuse 67 $500 $1 million $36 K $3.72 million
Financial fraud 29 $1 K $2 million $388 K $11.24 million
Denial of serv. 36 $200 $1 million $77 K $2.79 million
Virus 143 $50 $2 million $55 K $7.87 million
Unauth. access 18 $1 K $50 million $2.81 million $50.56 million
Telco fraud 32 $500 $15 million $539 K $17.26 million
Totals 566 $136.82 million
a
Source: CSI/FBI 1998 Computer Crime Survey.
674 S. Mott / Computer Networks 32 (2000) 669683
8/3/2019 Digital Commerce Solutions
7/15
It is the convenience, not the technology, stupid!
While there is certainly some small portion of
the current infrastructure marketplace that
gravitates to all new technology and techniques
(after all, SOMEBODY must be using all those
functions in bloatware PC applications), the dig-
ital marketplace has proved time and again that
it will move forcefully and relentlessly to the
simplest, easiest and cheapest solution (witness
online trading). The rst generation of digital
signatures and certicates has come and gone
from the consumer perception; it was just too
hard, and the benets too uncertain. The one
real opportunity left for technology providers
is to provide real, substantive and sustainable
value but each and every time, in the nameof utility and convenience. Thats what sells on
the Net.
And it is not just about payments. Perhaps the
biggest detour in the path toward a produc-
tion-system digital commerce infrastructure has
been up until now a single-minded and my-
opic focus on handling payments. Everyones fo-
cus started out on how to get paid, while the
Net continues on its monolithic path toward
making things free (or at least cheaper). What
was lost in this focus on payments was whetherany tangible value to either buyers or sellers was
being created in the course of processing online
payments. Up until now, digital commerce has
fed o advertising revenues the sugar-daddy
for all information and entertainment services
to-date. More recently, digital commerce inno-
vators have been charging to ``relationship-cre-
ation and value-fees'', whereby online
consumers are willing to pay for the added con-
venience and utility they get from a gratifying
online relationship. But ghting over the ``vigo-
rish'' or cut in per-transaction costs has alienat-
ed both buyers and sellers, making it bad
business, in addition to being misguided. Whats
largely been missing, until very recently, has
been top-drawer customer service, ecient ful-
llment, pain-free loyalty programs, construc-
tive online notications and ordering advice,
provision of international orders, streamlined
navigation, and cross-selling that is useful rather
than invasive. Online consumers the buyers
repeatedly demonstrate (with their clicking pref-
erences) that they take payments for granted
and look for value elsewhere.
4. Tools for a new generation
It is perhaps ironic, then, that we nd ourselves
at the dawning of a new millennium with most or
all of the requisite technology at our hands to meet
the needs of a safe and sound digital commerce
ecosystem but perhaps not the business acumen
or market consensus to deploy it sensibly and cost-
eectively. This may have as much to do with the
unusual vagaries of the investment environment
for Internet stocks as anything else. Very smallcompanies have very large ambitions these days,
and few seem to have the perspicacity or the in-
vestor exibility to put coherent, inexpensive so-
lutions together. One fairly well-known example
should illustrate the point.
A major US-based brokerage and mutual funds
company recently was convinced by technologists
and eCommerce gurus on sta that ``wallet-share''
might be eectively combined with improved (and
more cost-eective) customer service by means of
smartcard-based remote access to accounts.Twelve million customers could securely access
intimate account information, switch assets from
fund to fund, and conduct trading online all
from their PCs (and potentially other devices)
from home or work! The target solution was a
strong smartcard housing industrial-strength PKI
and digital IDs, tied into a corporate host system,
which could manage the various deployment
functions on an integrated basis with the legacy
systems.
An RFI was issued, and the leading PKI pro-
vider came back with a bid in excess of $1 billion,
or $85 per account. The client was said to be
aghast! A supplementary RFI was tendered, for an
alternative conguration that did not utilize digital
IDs or require CAs, but the vendors apparently
got greedy as well, and bid more than $40 per user.
Meanwhile, the client, who was expecting a $1015
deployment cost, shelved the project.
Nothing about this landmark-to-be project was
especially dicult technically. Nor by anyones
S. Mott / Computer Networks 32 (2000) 669683 675
8/3/2019 Digital Commerce Solutions
8/15
reckoning are the actual deployment costs for
projects of this type anywhere near the levels that
were bid by the vendors. Did the vendors get
greedy, sensing a showcase, critical-mass deploy-
ment that could make their business model/case
overnight? And were the vendors guilty of believ-
ing their own investor hype on the bounties
available in the market for this technology, miss-
ing the chance to price ``ahead-of-the-curve'' to
``land the big one''? One can only assume so, and
regret that a breakthrough opportunity was lost
at least for awhile for the industry overall. But
we can speculate from this example, and others
like it being played out around the world, that
tools are in place to build-out the requisite infra-
structures, once the technology providers get theirbusiness models straightened out.
We can, in fact, point to a number of promising
implementations of digital commerce infrastruc-
tures working their ways into the marketplace. We
will examine several of these later in this article.
All of these implementations satisfy three primary
conditions for handling remote interactions in a
safe and sound fashion:
1. making sure the parties to the interaction are
who they say they are;
2. assuring the interaction was completed underterms they agreed to; and
3. conducting the interaction under appropriate
and understood levels of privacy and protec-
tion.
The rst of these conditions concerns the pri-
mary task of authentication (see Fig. 4). We now
have a number of ways to determine the buyer and
seller (and third parties) online identities, as well as
complementary methods to verify these identities.
4.1. Authentication
The most common approach for online au-
thentication is, of course, PKI. PKI is now ex-
tensively used in corporate networks and e-mail
systems, exchanging a digital ID (something you
have) between the communicating parties. For a
variety of reasons, this is better than relying upon
online exchanges of PINs or passwords (something
you know) which could be intercepted and mis-
used and thus provide little in the way of veri-
cation for remote transactions.
So-called software tokens, however, have theirown vulnerabilities. Take for example, the instance
of laptop theft, where the laptop has no or limited
access protection. The online-literate thief could
simply dialup Internet merchants, exchange the
resident digital IDs, change the shipping address
(rarely questioned by merchants in this initial
generation of online commerce) and consummate
the transaction (using wallet information in the
PC, the credit card number registered in the site, or
just a stolen credit card number).
In some ways, this virtual ID is stronger thanthe commensurate physical ID, because the digital
ID the digital certicate in an increasing number
of places conveys the support of the ``trusted
authority'' (the CA) who issues and maintains the
certicates. And, few if any PKI/CA systems
utilize ecient (much less interchangeable) real-
time checks on the validity of certicates. So the
Fig. 4. Authentication hierarchy.
676 S. Mott / Computer Networks 32 (2000) 669683
8/3/2019 Digital Commerce Solutions
9/15
thief (or the deadbeat user/buyer) might enjoy
buying privileges conveyed by the CA/issuer that
he/she would not get in the real world! Moreover,
existing credit card rules ordain that the merchant
is responsible for all identication and verication
for remote transactions (with the recent exception
for SET transactions); repudiation by the buyer
(``I didnt do it'', ``It wasnt me,'' etc.) is already
half of all chargebacks in the US in direct mar-
keting transactions, and an even bigger and
growing problem for Internet transactions [3].
The trick in authentication is to have at least
two factors involved in identication and veri-
cation. A digital ID in software might be checked
by a merchant, who also asks for a registration
password (a la Amazon.com) for a transaction tobe processed. However, frequent shoppers may
utilize the ``toggles'' oered to bypass the pass-
word conrmation for each transaction entry
(Amazon calls it ``one-click'' purchasing). If I leave
that toggle on, my kids (or anyone with access to
my computer) could shop indiscriminately and at
will (until the conrming email or monthly credit
card statement came in!). In fact, without some
iron-clad verication of who ``I'' am (biomet-
rics), anyone who has compromised my computer
(password protection is woeful generally onPCs) possesses a very good compromise of my
identity!
Maybe the software token could be replaced
with or supplemented by a hardware token-gen-
erating mechanism (e.g., a smartcard, or some-
thing you have). Suppose the smartcard reader had
a secure PINpad that required the holder of the
smartcard to verify (through issuer-conrmed en-
try of PIN numbers) something you know. Have
we bought more authentication? Well, the user/
buyer now has to have a smartcard reader (no
problem in monolithically oriented national in-
frastructures, such as in Europe and some Asian
countries). And he/she has to have a valid smart-
card. The smartcard has to be checked with the
issuer of the card (via the passing of a cryptogram
specically tailored to the issuer). And the correct
PIN has to be entered by the user/buyer, and
conrmed by the issuer. Sounds pretty good? It
should France, UK, Germany, Netherlands,
South Africa and other nations are well on the way
to building out national infrastructures that do
essentially this combination of authentication
factors.
But is this enough assurance for authentication?
Many security specialists believe that cyber-crimi-
nals will eventually exploit the very power of dig-
ital networking technology to disarm the
protections it puts up against them. In eect, we
can expect an endless cycle of chasing, not unlike
Wile E. Coyote trying to trap the Roadrunner,
with the ``good guys'' trying to stay out in front of
the cyber-criminals so long as we are working
with software and hardware solutions to authen-
tication. To move beyond the ``chase'', we are now
looking at a third level of authentication bio-
metrics for the ``ultimate'' solution.Biometrics are simply something you are. It
could be your ngerprint, the geometry of your
hand or face, a digitized imprint of your iris even
your DNA. Capturing a digital rendering of
something unique about your body and comparing
it to a locally or remotely accessed stored repre-
sentation of the same enrollment data oers a
third, and dramatically more accurate means of
remote (or local) authentication. As with other
forms of digital identiers, verication via bio-
metrics needs to be real-time (not stored data) toensure true identities. Already being utilized in
dozens of pilot tests around the world in com-
bination with something you know, and/or some-
thing you have something you are promises to be
a major leap forward in the next generation of
digital commerce.
4.2. Transaction integrity
Associated with identication, verication and
authentication is the integrity of the remote
transaction itself. This involves both the integrity
of data that the buyer was charged for exactly
what he/she ordered at exactly the prices and other
terms oered at the point of remote sale and
assurances that the transaction and payment were
authorized (typically by the credit card company).
Fortunately in this rst generation of digital
commerce, existing mechanisms provided by credit
cards oer extensive coverage for buyer repudia-
tion of the transaction (``I didnt get it,'' ``It wasnt
S. Mott / Computer Networks 32 (2000) 669683 677
8/3/2019 Digital Commerce Solutions
10/15
as described'', ``That wasnt the price'', ``I got
charged incorrectly'', etc.).
But this is also a large and growing problem for
Internet transactions. In their haste to build mind-
share and market-share, Internet retailers are
handling the mounting numbers of rejected pur-
chases as a transitory cost of doing business
eventually, they will need to police these transac-
tions, and develop ways with card issuers to
manage buyers to accept responsibility for their
purchases (just as in the instances of identity re-
pudiations).
One transitional solution widely utilized is to
email the specics of a transaction back to the
user/buyer upon conrmation of the shipment
(which triggers the credit card billing). But thebuyer can deny receiving the e-mail, or receiving it
in time to raise an issue with the transaction. SET,
where it is used, oers integrity and authorization
checks within the live message exchange. Some
online merchants even take the tack of having the
buyer conrm (real-time) the specics of the
transaction before the transaction is consummat-
ed, permitting the creation of a journal record that
can be used by the merchant to reject the eventual
chargeback.
From a hardware perspective, smartcard de-ployment also oers a nuance that may be of great
use in the next generation of digital commerce: the
secure PINpad smartcard readers can also be
equipped with an LCD display that reiterates the
amount being charged to the buyer during a re-
mote transaction. The buyer then conrms the
amount (which implies quantity purchased and
other data) online, and receives re-conrmation
back on what was charged to his/her account
thus gaining protection for both integrity and au-
thorization.
Clearly, something like the above variations
also needs to be a part of a production-level, in-
dustrial-strength digital commerce solution (along
with the means to secure the computer!).
4.3. Condentiality
More and more, privacy protections are be-
coming a critical component of eective digital
commerce solutions. Condentiality about who
purchased what where and when has enormous
import for protecting both buyers and sellers.
From exposing the online behavior of politicians,
celebrities and the like, to providing taxation au-
thorities with detailed private information, to
putting the average consumer at the mercy of di-
rect marketers, digital commerce is fraught with
new and powerful threats to all involved.
In the physical world, particularly in the OECD
countries, buyers and sellers tended to be insulated
from direct exposure to each other by relatively
benign intermediaries, such as content providers
(TV, newpapers, magazines) and advertisers.
``Caveat Emptor'' prevailed, but in reality, buyers
encountered very predicable and tractable experi-
ences by responding to ads and informing them-selves in this paradigm.
In a virtual world, there are many dierent
venues for consummating transactions, and while
buyers and sellers in theory come together in cy-
berspace, in reality new technology-based partici-
pants (searching engines, directories, bots, agents,
etc.) join content providers and advertisers in
matching buyers and sellers, and an entirely new
layer of intermediaries (auction venues, buyer-
bidding sites such as priceline.com, micropay-
ments engines, and privacy/personalization mech-anisms) are also involved in brokering
transactions. Example: there are a dozen and a
half new start-ups in mid-1999 alone oering pri-
vacy protection toggles (and their ip-side per-
sonalization engines). Some of these are
manifested as digital wallets; some as client-side
software; some are part of hardware-token con-
gurations (e.g., Wave Systems, smartcards, etc.;
some are third-party hosted applications for web-
site navigation.
While obviously complicating the interaction of
transaction parties, and increasing contention for
who will share what portion of the transactions
fees, or ``vig'', these mechanisms create obvious
consumer confusion over whos doing what with
their condential information. In particular, most
of the so-called privacy-protection solutions are
actually designed to capture detailed information
about the buyer, the online conguration, and the
transaction in the event the consumer wants to
provide this information in stages, over time
678 S. Mott / Computer Networks 32 (2000) 669683
8/3/2019 Digital Commerce Solutions
11/15
with websites he/she trusts. Moreover, substantial
investments are being made in advertising and
transaction monitoring/reporting engines (Engage/
Accipitor, AOL/Enliven, DoubleClick, etc.) that
gather information about transactions in unprec-
edented detail real-time! This, in turn, is now
permitting transaction-intermediation players
(priceline, CyBuy, etc.) to oer virtually real-time
pricing and supply (trade-ups, cross-sells, add-ons,
etc.) using intimate knowledge about both buyers
and sellers in aggregate, cross-sectioned, or on an
individual basis!
An extension to the privacy and personalization
tradeo will be the ability to accommodate buyers
and sellers across any network, via any device,
navigating through any system anytime, any-where, and virtually anyway they choose to come
together to consummate transactions. Communi-
cations protocols will continue to evolve quickly to
support these new purchasing activities, putting
pressure on client, host, and networks systems to
accommodate them. Moreover, the exploding
volume of online transactions will force many in-
novations in mechanisms, protocols and languages
to interface with key legacy systems (billing, or-
dering, inventory, distribution, shipping, taxation,
exporting, etc.) not only to achieve the ecien-cies of online automation, but to support the sheer
magnitude of digital commerce from a fulllment
perspective.
5. A new generation of digital commerce is already
upon us
Thus, it is now possible to speculate that many
of the features and functions that have been ex-
perimented with in the initial generation of digital
commerce just passing will be concatenated into a
combination of clienthost-network capabilities
delivered as transparently as possible to Internet
buyers and sellers. Surely, these capabilities will
include not only the core functions of security and
privacy, but will also extend out to other requisite
components. These include digital rights and user
management (crucial for digital content) on a dis-
tributed basis; multiple payment (debit, stored
value, micropayment, and other ways to pay be-
sides credit cards) and order mode handling; device
integration (whether for smartcards, biometrics or
other supplementary hardware-based systems); and
communications command and control (ranging
from handling personalization to navigating mul-
tiple networks, consumer devices and system-spe-
cic and/or online community protocols.
Importantly, a host of incipient technology de-
ployments have arisen in 1999 to point the way
forward manifesting some of the lessons learned
and principles established in the rst generation of
digital commerce. Although there are too many to
even mention here, a number of key implementa-
tions warrant scrutiny.
5.1. E-wallets
In late 1998, a bit of market fanfare arose as
Excite, AOL, Microsoft (and even SET purveyors)
announced the pending availability of electronic
wallets that would house credit card data, regis-
tration information, shipping and billing address-
es, and security components all in one easy-to-
use piece of client software. For various reasons
largely having to do with size, cumbersome ac-
quisition, installation and use, and incompatibility
this initial generation of digital wallets enjoyedone nal ourish in the 1999 holiday shopping
season. With Microsofts wallet now rened and
standard, joined in the marketplace by well--
nanced start-ups such as Brodia and lo and be-
hold! a major banks oering (Citibanks
``ClickCiti''), more than few million consumers are
expected to enjoy signicant convenience (and
safety) during the New Millennium shopping
surge. Whether they enjoy privacy as they spend as
well could not be determined yet.
5.2. Barclays Bank9s Endorse system
Whether banks prove to be ``roadkill'' in the
pursuit of electronic commerce remains to be seen,
but some banks have gured out meaningful ways
to blend technology solutions with real needs in
the marketplace. Barclays Banks Endorse system
solves a key business problem, while ensuring that
trusted institutions like banks have an important
role in digital commerce [4].
S. Mott / Computer Networks 32 (2000) 669683 679
8/3/2019 Digital Commerce Solutions
12/15
In UK, the taxation authorities decided that
new, entrepreneurial businesses should register,
report, and be taxed online in order to promote
eciencies on both sides. Endorse requires the
business principal to visit a Barclays branch, reg-
ister for a smartcard and a digital ID, then activate
the account with the government. The principal
accesses the requisite government agencies online,
utilizing a smartcard reader hooked to their PC.
From that point on interactions between the
business and the government agencies is conducted
online, including paying taxes. Barclays guaran-
tees the security and integrity of the system, and
gets fees for doing so.
This application has real promise in B2B com-
munities, as well as any related applications thatmust handle both documentation and payments
securely and conveniently online.
5.3. Identrus
Barclays is one of eight major founding banks
(others are Citibank, Chase, Bankers Trust,
BankAmerica, Deutsche Bank, ABM-Amro, and
Hypovereinsbank) and dozens of other supporting
banks to create a trusted hierarchy of digital IDs
that are transferable (and compatible) among B2Bcustomers of each bank across borders for pro-
curement, exchange of bidding and ordering doc-
umentation and other business uses. Buyers and
sellers access the system via smartcards, and ex-
change high-level PKI IDs [5].
In eect, some of the worlds largest trusted -
nancial institutions are succumbing to common
business requirements in order to ensure they are
wired into B2B digital commerce, which is mush-
rooming. The projected 150 member banks even-
tually housed in the Identrus hierarchy will
constitute a comfortable majority of global busi-
ness assets under bank management. By so doing,
Identrus when fully implemented could consti-
tute the critical mass necessary to dictate the di-
rection and infrastructure play-out for this sector.
5.4. E-cheque
Another system aimed at B2B, but with pow-
erful implications for Business-to-Consumer (B2C)
and Consumer-to-Consumer (C2C) markets, is the
Financial Services Technology Consortiums (a
group of 140 members, including many banks) e-
cheque program. E-cheque assumes that a buying
entity pretty well knows the other entities they do
business with. As a buying community, they reg-
ister for smartcards, which are linked to their
Demand Deposit Accounts. When a purchase
takes place, the buyer logs into the network with
his/her smartcard, exchanges a digital ID, then
consummates the purchase.
The actual exchange of funds occurs totally
electronically, as an electronic Automated Clear-
ing House (ACH) transfer between the two
checking accounts. Documentation of the trans-
action is journaled, stored, and accessed in simpleways. Purchase consummation is virtually instan-
taneous, at a cost of pennies versus a few per-
centage points for a credit or purchasing card
transaction. It is not hard to imagine that large
communities of users even consumers trading
Beanie Babies toys and Pokemon cards on ebay
could enroll and participate in a friendly, ecient
system such as e-cheque. (The e-cheque program is
now being managed by CommerceNet [6].)
5.5. Cyber-COMM
We previously mentioned the Cyber-COMM
program for France [7]. Cyber-COMM is a fusion
of 1998s rival eorts between a few French banks
and Visa (the ecomm project) and Cartes Banc-
aires/Europay (the chipSET program). Those
programs attempted to harness SETs high-secu-
rity approach with national infrastructure needs
for smartcard origination of payments. In eect,
the buyer logs on with a smartcard, gets identied
and veried with a PIN check, then consummates
the online transaction checking the amount be-
ing charged on the smartcard readers LCD dis-
play (see Fig. 5) The rest of the transaction is being
handled via SET-protocol handshaking between
the merchant, acquiring bank, and issuing bank.
All parties have digital IDs, but the buyers
smartcard ID is considered both stronger and
faster for online transactions.
Imposition of the Cyber-COMM solution re-
quires a monolithic infrastructure build-out
680 S. Mott / Computer Networks 32 (2000) 669683
8/3/2019 Digital Commerce Solutions
13/15
(smartcards, IDs, readers, SET IDs, SET wallets,
servers, gateways and certicate management sys-
tems, etc.). But France has already proved its
willingness to leap to production-system infra-structure solutions in the past (Minitel in the
1970s, then adding smartcard chips to 28 million
magnetic stripe payment cards in the 1980s). An-
ticipating gradual acceptance and incorporation of
SET around the world, French banking strategists
are envisioning that their country will be the rst
entire nation wired to a secure, global eCommerce
environment. With millions of French already
enabled by this solution, it is hard to discount its
future role and importance.
5.6. B2B communities
Amidst all this activity, but acknowledging the
general slowness in promulgation of solutions by
trusted nancial institutions, B2B communities are
rapidly evolving their intranet/extranet congura-
tions to accommodate more and more components
of online commerce. Typically, these implementa-
tions are characterized by standard PKI/software
certicate exchanges. Some experimentation is
taking place with smartcards, although the prev-
alent ``hardware'' token tends to be random
number generating cards (such as the SecurID
from Security Dynamics) that match up numericalsequences between remote access users and cor-
porate servers across a corporate network.
Newly emerged enterprise portals are acceler-
ating this trend, expanding extranets into a more
interactive and capable mode. Similarly, enterprise
CAs are proliferating and being tested. Further,
vertical market communities are moving into
higher value-added applications, such as real-time
trading, RFP issuance and bidding, and online
exchange of data and documentation. The real
question is: What kind of participating entity ful-
lls the central role of service provider for B2B
community transactions? Many such communities
are nding adequate, non-bank providers can ll
these roles. Are B2B Collectives prepared to move
into their own risk management roles next?
5.7. SEMPER
Looking well beyond the payment aspect of an
online transaction, the European Community pi-
Fig. 5. Cyber-COMM's hardware/software hybrid.
S. Mott / Computer Networks 32 (2000) 669683 681
8/3/2019 Digital Commerce Solutions
14/15
oneered a project involving more than two dozen
organizations, led by IBM, to develop a speci-
cation for handling all of the important compo-
nents of a purchase from the parameters of the
business application being navigated to the con-
tract, risk and insurance terms related to doing the
transaction remotely. As with many other second-
generation systems, secure access is supported by
smartcard interfaces and PKI, with software ap-
plications and plug-ins for each party to the
transaction. A variety of payment options are
supported as well. And, potentially important is-
sues such as revocation, time-stamps, and autho-
rization periods are dealt with.
The theory behind the Secure Electronic Mar-
ketplace for Europe (SEMPER) initiative [8] is thatwhile immediate B2C digital commerce can be
supported for simple transactions piggy-backing
on the credit card global acceptance and settlement
mechanisms, downstream B2B and government
interactions will require a lot more tooling and
capabilities. Demand for automating all the intri-
cacies of complex transactions while still accom-
modating the multitude of nuances of doing these
transactions on a remote basis will grow rapidly
beyond todays infrastructure support, so some-
body needs to do the plumbing to handle this re-quirement for greater sophistication. (Other
initiatives, such as the Open Trading Protocol for
B2C, and Open for Buying on the Internet for B2B,
are attempts to do pretty much the same thing.) In
eect, SEMPER was the rst philosophical man-
date to move to a production-level generation of
comprehensive digital commerce infrastructure
that supports the totality of business needs.
6. Where we go from here
From this small, but intriguing sampling of
next-generation infrastructure solutions, it is easy
to see the common threads that are emerging in the
new generation of digital commerce solutions:
use of hardware tokens, and ultimately biomet-
rics, for better authentication;
incorporation of more sophisticated capabilities
to handle bespoken applications as completely
as possible, in remote environments;
access to and use of lowest cost network cong-
urations possible;
use of major, trusted parties to stand behind the
transactions (often, but not necessarily banks);
movement beyond credit cards to handle broad-
er payment-mode needs of buyers and sellers;
ability to accommodate all the components (se-
curity, privacy, rights management, payment
and ordering options, device integration, and
proling/communications protocols) of an in-
dustrial-strength infrastructure in a transparent,
logical and cost-eective way.
Some recent initiatives focusing on the more
private and inexpensive debit card may oer
some early indications of where the next genera-
tion of eCommerce is heading. In Netherlands,national acquirer Interpay has Web-enabled a
Maestro debit card with SET handshaking and a
smartcard identier to demonstrate the viability of
this concept [9]. The US super-regional ATM
network NYCE is planning a mid-2000 introduc-
tion of its Web-enabled debit card. ATM network
rival Star Systems is teaming with Citibank for a
smartcard-based version of the same thing. Innia
holdings, a UK start-up, has introduced Innia, a
Web-enabled debit card linked to an e-cash ac-
count, facilitating low-cost person-to-person valuetransfers. And priceline.com is utilizing debit cards
for authorization of pickups for products and
services bought online and redeemed at bricks-
and-mortar stores. As faster, better, cheaper, cert-
less and more exible substitutes for credit cards,
the worlds fast-growing hoard of debit cards now
appear to be early favorites in the next leg of the
race to be the preferred payment system for digital
commerce.
Before major organizations will be willing to
invest large amounts for production systems,
however, they are likely to need some clarity in
seeing where things are heading. It is dicult to
target Return on Investments (ROIs) when the
landscape appears to be shifting constantly. One
source of clarity could well be eorts by super-
organizations (such as the EC, the US govern-
ment, the IETF, W3C, etc.) to standardize the
standards. Across various market segments and
payment modes, multiple standards organizations
weigh in frequently in conict and usually in-
682 S. Mott / Computer Networks 32 (2000) 669683
8/3/2019 Digital Commerce Solutions
15/15
compatible with each other. Typical for an initial
generation for any automation solution, these
disparate eorts must begin to fuse and function in
the interests of the marketplace for the next gen-
eration infrastructure to truly take hold.
Ultimately, digital commerce is going to be
about creating intimate relationships between
buyers and sellers on a robustly remote basis.
Organizations and their customers will go through
a process akin to the human ``mating ritual'',
where the ``buyer and seller'' identify and qualify
each other, experiment in increasingly intimate
interactions that build trust and co-dependence,
then immerse themselves in a two-way, balanced
and transaction-rich relationship that provides
enormous eciencies and gratication to bothparties. And that means doing things digitally
much, much better than can be done in the phys-
ical world today above all, learning to ``lock the
house'' when it comes to securing the access de-
vice!
The infrastructure of the future that supports
these meta-relationships will indeed prove to be
the sustainable solution for production-strength
eCommerce. Getting there will be chaotic, head-
long-rush kind of experience. But we are clearly
making progress, now that we have learnedsomething about how this new marketplace works.
If we have learned our lessons well, the rewards at
the end of this infrastructure revolution will be so
compelling that we will probably forget about the
hardships and heartaches we have suered in get-
ting there this rst go-round. In digital commerce,
the reward is the reward, not the journey.
References
[1] Forrester Research Reports, various, 1999.
[2] VISA International, CNET, 12 May 1999.
[3] MasterCard International, Merchant/Acquirer presenta-
tion, various venues, 1998.
[4] Steve Collins, Barclays Bank, CardTech/SecurTech, Chi-
cago, May 1999.
[5] Guy Tallent, Identrus, CardTech/SecurTech, Chicago,May 1999.
[6] CommerceNet website, ``BUZZ'' Newsletter, 1999.
[7] Claude Meggle, Cyber-COMM, Presentation at CardTech/
SecurTech, Chicago, May 1999.
[8] Michael Waidner, Open issues in secure electronic com-
merce, IBM Zurich Research Laboratory, October 1998.
[9] Richard Rolfe, Debit cards on the Internet, European Card
Review (September/October) 1999.
Steve Mott is currently serving asPresident of Priceline WebHouse Club,an aliate of priceline.com. Steve isalso CEO of BetterBuyDesign.com, avirtual investment and consultingcompany specializing in brokeringhigh technology ideas for the NewEconomy. Steve and a syndicatedgroup of consultants provide adviceand development expertise to e-busi-ness clients ranging from small start-up rms to VCs to large global con-cerns. Named by Inter@active Weekmagazine one of ``Top 25 Unsung
Heroes of the Internet'' (12/97) and by Business2.0 one of ``Top25 Most Intriguing Minds for the New Economy'' (7/98), Ste-ve's speciality is helping design and implement electroniccommerce initiatives that utilize emerging digital transactionsystems for the next century subjects about which he fre-quently speaks and writes. Steve was formerly SVP-ElectronicCommerce/New Ventures for MasterCard International, wherehe led eorts to deploy business-responsive security systems andintegrate smartcard use for both B2B and B2C Internet com-merce. In prior assignments, Steve managed three advancedtechnology software development companies, headed MCI In-ternational's data communication sales, marketing and productdevelopment eorts, conducted strategic planning for McGraw-Hill and was an Information Industry consultant at McKinsey.Steve is a graduate of U.C. Berkeley and Harvard BusinessSchool, a White House Fellow appointee, and a former Marine.
S. Mott / Computer Networks 32 (2000) 669683 683