1996-09-20 - [NEWS] Crypto-relevant wire clippings

Header Data

From: dlv@bwalk.dm.com (Dr.Dimitri Vulis KOTM)
To: cypherpunks@toad.com
Message Hash: fc4c78c890384db2561a3fe7e36f3c859ae95d94e7292d2a70c20778cf0322b9
Message ID: <3R7JuD3w165w@bwalk.dm.com>
Reply To: N/A
UTC Datetime: 1996-09-20 19:29:24 UTC
Raw Date: Sat, 21 Sep 1996 03:29:24 +0800

Raw message

From: dlv@bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sat, 21 Sep 1996 03:29:24 +0800
To: cypherpunks@toad.com
Subject: [NEWS] Crypto-relevant wire clippings
Message-ID: <3R7JuD3w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


News Release (Environics): Monday, September 16, 1996

Smart Card Forum Draws 500 Industry & Government Leaders

SAN FRANCISCO-- The Smart Card Forum today announced that more than 500
industry and government leaders met at its Annual Meeting in San
Francisco to review the progress of smart card technology and to lay the
foundation for the accelerating pace of its adoption during 1997.

Representatives from a "who's who" of government and corporate America
gained first-hand information and senior-level perspectives that will
help them make strategic decisions around the use of smart cards in
emerging markets such as payment, network security, relationship
banking, remote data access, and cellular phone security. The way in
which the combination of PC and smart card technologies will accelerate
the deployment of new applications providing a greater security and
portability on the Internet was an area of particular interest.

"As these exciting new applications are created and gain momentum during
the next five years," says Jean McKenna, Forum President, "the smart
card becomes a logical vehicle for distributed information management,
identification, security and payment." According to McKenna, who also is
V.P. Payment Technologies, Visa International, "The impact will be
revolutionary, widespread and positive -- especially for consumers."

Speakers on the theme: The History of Money - The Future of Payments:
Past, Present and Future Perspectives on How Commerce is Enabled,
included:

-- Martin Mayer, author of The Bankers and numerous financial and
business books and Guest Scholar at The Brookings Institution in
Washington, D.C.;

-- Peter Hill, Executive Vice President, Visa International; and

-- Michel Ugon, Vice President, R&D, Bull CP8, and early developer of
the microprocessor smart card.

1996 will be looked at as the year when stored value applications on
smart cards started serious deployment in North America. The 1996 Annual
Meeting reflected the crest of this wave with presentations today on
four leading stored value card implementations.

The speakers were:

-- Cynthia Bengier, Vice President, Wells Fargo, for Mondex
International;

-- Edgar Brown, Vice President, First Union National Bank, for Visa
Cash; -- Michael Bradley, Project Manager, Bank of Montreal, for Proton;
and

-- Lin D. Ison, Executive Manager, Smart Card Systems, Commonwealth Bank
of Australia, for MasterCard Cash.

The next wave in smart technology

The next wave coming that will capture more and more energy of the Forum
and its members is the Internet. The combination of PCs and smart cards
will promote the development of new applications that tie security and
portability together.

"The emergence of 'virtual' merchants and the expansion of mechanized
payment options promises to offer consumers, merchants, and financial
institutions a broad set of new opportunities," says Roger Bertman, Vice
President and General Manager, Internet Commerce, VeriFone.

"In particular, the Internet will offer a whole new world of selling and
buying, and the mechanization of what has been cash will provide a basis
for expanded purchasing options. The smart card will clearly be the
'glue' that will enable the disparate worlds of physical and 'virtual'
merchants and a broad spectrum of payment methods to be brought together
in order to tap these opportunities."

Interoperability was among the pivotal issues addressed by Gerald Smith,
Manager, Smart Consumer Services, IBM. "As smart card implementations
evolve from single to multiple-applications and from single to
multiple-issuer services, the subject of interoperability is gaining
increased scrutiny," says Smith.

To achieve critical mass, interoperability between cards and reading
devices is required. Panelists addressing the future directions and
strategies of payment included:

-- Janet Hartung, SVP, Wells Fargo;

-- Marlee Laks, Technology Leader, American Express;

-- Tim Steward, EVP, Mondex International;

-- John Tunstall, VP, MasterCard International;

-- Bette Wasserman, VP, Bank of America; and

-- Gaylen Howe, Visa International.

John D. Wright, Senior Counsel, Wells Fargo, and John Burke, Partner,
Foley, Hoag & Eliot LLP, moderated a panel discussion of key legal,
public policy and private issues presented by a multi-application smart
card, including Regulation E, FDIC insurance and relevant state laws.
Consumer and merchant research shows smart card potential

A new Forum study made public at the meeting indicates that merchants
are quickly focusing on the many other benefits smart cards offer,
beyond the stored value application, and they see different benefits to
be derived from the technology. These benefits include customer
information, offering loyalty or "frequent shopper" programs, electronic
ticketing and couponing and stored value for self-service purchases.

A second important finding of the study is that a surprisingly low level
of customer base penetration is required for many merchants to realize
the benefits of smart cards.

Grocery stores, convenience stores, movie theaters and gasoline
retailers indicated that a mere two to 10 percent of consumers -- an
extremely low threshold of marketplace demand -- is required for them to
realize the benefits of smart card implementation.

"A smart card, as opposed to a magnetic stripe card, has the capability
of storing information, monetary value, processing transactions
off-line, and enhancing a consumer's security and privacy," McKenna
says. "Merchants are quickly focusing on the many benefits smart cards
can offer both them and consumers."

Consumers also favor multi-application smart cards -- 61 percent
responded positively in Forum research. They prefer multi-application
smart cards in order to carry and access information needed in an
emergency and to reduce the number of cards carried, paper records kept
and forms to be filled out.

The Smart Card Forum

The Smart Card Forum is a non-profit, multi-industry membership
organization promoting the widespread acceptance of multiple application
smart card technology in North America. Its primary mission is to bring
together in an open forum, leaders from both the private and public
sectors to address topics associated with the development and evolution
of smart card technology applications.

The Forum was established in September 1993 and currently has more than
225 corporate and government members including: Chase Manhattan,
Citibank, Bellcore, MCI, MasterCard, Visa, IBM, Microsoft, Mobil Oil,
Schlumberger, Gemplus, Delta Airlines, U.S. Postal Service, the Federal
Reserve, U.S. Department of Treasury and U.S. Department of Defense.



Associated Press: September Wednesday, September 18, 1996

As Electronic Cash Emerges In U.S., Regulation In Question

By Guy Dixon

NEW YORK-- As microchip-embedded smart cards hit the market, U.S. banks
and credit-card companies are hedging their bets.

They don't want regulations that prevent new applications for smart-card
technology - from simple cashless purchases to potential uses like bank
or credit-card fund transfers, all with a single card.

But they also quietly welcome rules that could boost their market share
over other companies issuing competing smart cards.

The main issue is whether the U.S. Federal Reserve Board will require
smart-card issuers to provide receipts for all sorts of electronic cash
transactions, a move that could play to the strength of the credit card
issuers that now dominate electronic transactions by applying rules they
must follow already for conventional credit and debit cards.

Established card companies which have dominated the U.S. credit-card
market since the 1960s are hoping government policy on electronic cash
will follow the lines of current bank and credit card regulation.

To address some of these concerns, the U.S. Treasury will host a
conference on September 19-20 in Washington, D.C. on the role of
government in electronic money and banking. Scheduled speakers include
Treasury Secretary Robert Rubin, Federal Reserve Board Chairman Alan
Greenspan, and Citicorp Chairman and CEO John Reed.

So far, the Fed is taking a wait-and-see approach on emerging electronic
money. 'The general consensus is that we don't want to over-regulate and
stifle innovation,' said Washington Fed spokesman Joe Coyne.

Yet as new digital cash products hit the market, many say regulators
will have to adapt existing rules to the emerging electronic cash
market.

Banks, in particular, worry that if regulation is too lax, all sorts of
non-financial companies could flood the market with alternative cash
forms. They worry about being driven out of the electronic market by
competition, said Gerald O'Driscoll, vice-president and director of
policy analysis at Citicorp.

Analysts point out that regional and long-distance phone companies,
along with other large and trusted companies, could easily market their
own smart cards to customers, such as a smart-card version of AT&T
Corp.'s Universal card. Indeed, AT&T is collaborating with National
Westminster Bank PLC to develop smart cards in the U.S.

The problem with any new regulation is that no one knows what type of
smart cards the market will embrace.

Smart cards are currently being test-marketed primarily as stored-value
cards, holding a limited cash amount that a cardholder can use for
purchases until the card runs out.

Yet with a smart card's microchip able to hold up to 80 times more
information than the magnetic strips on conventional credit cards, many
in the industry see the distinctions between bank cards, credit cards
and store-value cards blurring to the point where a single smart card
could do the work of all three.

European credit cards already commonly come equipped with microchips,
allowing merchants to verify a payment at the point of purchase. And
stored-valued telecom cards with tiny chips are everywhere.

'In the end, it comes down to which features people will pay for,' said
Lawrence White, economist and electronic commerce analyst at the
University of Georgia. 'And that is the danger of regulation jumping the
gun.'

Visa USA's test run of smart cards in Atlanta during the Olympic Games
featured cards that used only a fraction of a microchip's potential. The
cards stored amounts of up to $100 which cardholders could then draw on
for purchases.

Some Atlanta banks, such as First Union, went one step further, issuing
cards whose value could be reloaded.

In another promotional blitz, participants at Vancouver's international
AIDS conference this summer could buy VISA Cash cards for use at
conference venues. Later this year, VISA plans another trial run of
stored-value smart cards in Manhattan's Upper West Side with MasterCard,
Citibank and Chase Manhattan.

These smart cards, typically sold in $10, $20, $50 and $100
denominations, differ from debit cards, such as checking cards which
already are being distributed widely by many banks in the United States
and Canada.

When a debit card is inserted into a merchant's card reader, the amount
of the purchase is deducted from the buyer's bank account. Because there
is a transfer of funds, the merchant's card-reading device has to be
connected to a bank or credit card company by phone lines.

Smart cards, however, can transfer a certain amount of funds from the
card itself to a card-reading device usually without having to go
on-line.

Not all smart cards are alike. A leading competitor to VISA Cash and
MasterCard's smart cards is National Westminster Bank's Mondex card, now
being test-marketed in the U.K. and soon in Canada.

Mondex cards are stored-value cards, with the added feature that the
funds can be transferred electronically to another Mondex card, allowing
a card-owner to give money to someone else in the same way one can with
cash, said Fred Billings, a Mondex developer at the Royal Bank of
Canada.

AT&T is currently in an alliance with NatWest to develop the Mondex card
in the U.S., said Mitch Montagna, spokesman for AT&T Universal Card
Services.

VISA's technology, on the other hand, is geared more toward the
company's long-term approach of sticking to established credit-card
billing and account practices, a traditional market niche VISA want to
hold on to with affliated banks, said VISA USA Executive Vice-President
Rosalind Fisher.

'We are riding that horse right now, but we'll have to see which system
the market takes to,' Fisher said.

But some digital cash developers continue to worry that any regulatory
move, once it comes, may be the wrong one for their product.

Much of the debate hinges on Regulation E of the 1976 Electronic Funds
Transfer Act, say analysts.

Reg E requires issuers of ATM and other electronic fund transfer cards
to provide receipts and account statements to cardholders. It also
requires issuers to assume certain liabilities if funds are
electronically lost or stolen.

Stored-value smart cards are seen as largely exempt from this
regulation, at least for the time being.

The Fed is still weighing the impact of cards in denominations of $100
or less. But the industry is going on the assumption that stored-value
cards of $100 and under will not require receipts or credit statements,
said VISA USA's Fisher.



WNET's Future of Money: September 16, 1996


Viewpoints

Is Cyberspace Safe for Financial Transactions Today?

YES.

William M. Randle, Senior Vice President and Director of Marketing,
Huntington Bancshares, Inc.

Some cyberspac transactions can be made very secure with technology in
use today.

But... The security currently in place is not ready to safeguard fast,
simple, low-cost transactions that would allow customers to order items
and authorize direct bank payment to the merchant. That would require
the financial information pathways between banks to be protected by
public-private key encryption, such as RSA encryption, invulnerable to
unauthorized persons. And the value of encryption depends on a reliable
authentication procedure, assuring that both senders and receivers of
financial information are who they say they are.

A variety of solutions to protect every stage of cyberspace transactions
have been proposed.

I am most impressed with the system in use at Security First National
Bank,

the first Web-only bank, as well as at Huntington National Bank; it has
been approved by the government for secure electronic banking
transactions, and has been proven over time. The system server, the
Hewlett-Packard Virtual Vault, has been used by the Department of
Defense for a number of years, and the banking software was developed by
5 Paces Technology in Atlanta.

The problem of authentication is harder to solve. Real-time settlement
of third-party transactions will require all insured financial services
institutions to agree on a central trusted authority to provide for the
safety and soundness of the future electronic payment system and insure
privacy of information for all involved.

Not only must the authentication procedure be reliable---it must also be
perceived as reliable, and implicitly trusted by buyers and sellers, if
electronic commerce is to grow to its full potential.

Currently, the banking industry is engaged in a collaborative effort to
evaluate the technology that exists today, with a view toward the
creation of such an authority.

As the group most knowledgeable and experienced in handling money safely
and efficiently, and which has long held the public trust in financial
matters, it is to be hoped that they succeed. When they do, the answer
to the question "is cyberspace safe for financial transactions today?"
can be answered with an unqualified Yes."

NO.

Colin Crook, Senior Technology Officer, Citibank.

The fact is that secure financial transactions cannot be assured today
in the new and dramatically changing landscape of cyberspace.

Market participants need to improve security and learn more about doing
business in the electronic marketplace before providing assurance to
their customers that they can safely do business there.

Companies must be honest with their customers, making them aware of the
risks of doing business in cyberspace and providing assurance that the
enterprise values the customer's security and privacy.

Today we are witnessing a series of experiments in electronic commerce,
experiments conducted by all sorts of companies. These opportunities for
learning-- on the part of both market participants and customers--will
lead to further improved products and to levels of security that
approach, or even surpass, the levels present today outside of
cyberspace.

The experiments are challenging the capabilities of both the technology
and the enterprise itself, and the willingness of the customer to accept
new and often novel ways of doing business.

Customers value this kind of experimentation and innovation; however,
where the customer's money is concerned, we at Citibank have learned
that trust is paramount! In this context, managing the balance of the
level of security with the factors of customer convenience and business
opportunity becomes the focus in moving forward.

Companies must manage risk so as not to compromise customer trust.

Because some companies-- mostly non-traditional providers of financial
services-- have released products very quickly, a major concern is that
ill-conceived or hasty experiments may cause damage to the reputation of
the entire marketplace.

Because absolute security is impossible, an overriding consideration for
security and customer trust must dominate the experiments- -which
Citibank and other institutions with long histories of customer
relationships emphasize in their approaches to cyberspace transactions.

Customers already understand and accept the risks associated with credit
cards and other financial instruments.

Customers in cyberspace should be aware of the experimental nature of
this new business environment and use caution before taking on the risks
contained within it.

As Senior Vice President and Director of Marketing and Strategic
Planning at Huntington Bancshares Inc., William M. Randle has developed
direct service channels, including Huntington Access, which uses
teleconferencing and other electronic channels in the world's first
complete virtual branch offices. On June 2 of this year, Huntington
launched a Web-based bank.

Colin Crook is Senior Technology Officer, Citibank. He is responsible
for establishing technology policy and standards, introducing new
technology, evaluating the quality and direction of system efforts, and
introducing technology policy within the corporation.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





Thread