Potential ITU Work Items in Electronic Commerce Mostafa Hashem Sherif AT&T* (These are personal opinions and do not engage AT&T ) M. H. Sherif ITU Mediacom 2004- 24 April 2001 1 Overview • Review of ITU Core Competencies • Areas of Electronic Commerce to be discussed – Business to Business – Business to Consumer (4 applications) – Person to Person • Summary of Suggested ITU Work Items M. H. Sherif ITU Mediacom 2004- 24 April 2001 2 Starting Position • Electronic commerce covers dematerialized relations among economic agents • No single standards organization can resolve all the problems facing electronic commerce • ITU efforts build on and complement on-going work in other standard organizations • ITU successes have been in the area of telecommunications infrastructure M. H. Sherif ITU Mediacom 2004- 24 April 2001 3 ITU Core Competencies • Interoperability of transmission and switching equipment world-wide • Simple terminal interface for technologically unsophisticated users • Operations, administration and settlement across operators • Quality of service and performance management including accounting and billing M. H. Sherif ITU Mediacom 2004- 24 April 2001 4 Business to Business Electronic Commerce (example: Automotive Network Exchange (ANX)) Trading Partner (TP) Trading Partner (TP) Access Network Access Network Certified Service Provider (CSP) Certified Service Provider (CSP) ATM Bac kbone Certification Authority for TPs AN XO Certification Authority for CSPs M. H. Sherif ITU Mediacom 2004- 24 April 2001 ANX Overseer 5 Problems Uncovered • Incompatibility of certificates • Encryption is costly for SME • Distributed management of a VPN is difficult – configuration management – performance management – fault management and trouble ticketing • User cannot easily collect information on performance M. H. Sherif ITU Mediacom 2004- 24 April 2001 6 Analysis in Terms of the Emerging Model for Telecommunications Services Content Manager (Retailer, broker, etc..) End-user or Customer Content Provider Service Provider Network Provider 1 Network Provider 2 Infrastructure Provider (s) M. H. Sherif ITU Mediacom 2004- 24 April 2001 7 Distributed Management in a Virtual Private Network Performance data archiver 1 Performance data archiver 2 Network Provider 1 Network Provider 2 Network Provider 3 Performance data collector (Customer site 1) (X.160, X.161, X.162) are for a network run by a single operator M. H. Sherif Performance data archiver 3 Performance data collector (Customer site 3) Performance data collector (Customer site 2) ITU Mediacom 2004- 24 April 2001 8 Extending the Information Boundaries Across Administrative Domains • Existing: – Exchange of trouble tickets using X.790, X.791(EURESCOM projects for private lines) – Accounting Data Interchange Format (IETF/ETSI TIPHON) • Needed: – Networks using frame relay, ATM to transport IP traffic – DWDM and optical networks M. H. Sherif ITU Mediacom 2004- 24 April 2001 9 Some Issues for Business to Consumer Electronic Commerce • User interfaces and their ergonomics • Ease and uniformity of transactions on a world-wide • • • • • (as for telephone calls) Accuracy of microbilling and capability to verify and contest the billing accuracy Multiple channels to merchant sites (text, audio, image, etc.) Payment in the buyer's currency Identification with biometrics Use of telephone cards (ubiquity, accuracy) M. H. Sherif ITU Mediacom 2004- 24 April 2001 10 Application 1: The Minitel Model and its Reincarnations • Network of users and merchants federated by the • • • • • operator or network provider (intermediary) Each operator identifies and authenticates its subscribers and federated merchants or content providers Operator may also collect the payment and payback the suppliers after getting its commission NTT DoCoMo with i-Mode for mobile networks Telia for wireline operations ISP's are also getting involved M. H. Sherif ITU Mediacom 2004- 24 April 2001 11 Evaluation • Advantages – ease of identification and authentication – useful for small amounts – no need to introduce new means of payment • Disadvantages – proprietary protocols (merchants and buyers must have the same operator) – limited to a single currency M. H. Sherif ITU Mediacom 2004- 24 April 2001 12 Possible ITU Work Items for Application 1 • Ensure world-wide usage by removing currency dependency – use of "minutes on the network" as an exchange currency for micropayments – Latch on settlement agreement among telephone operators – Each operator identifies and authenticates their subscribers – this would be also a cost-effective solution (banks do not have a network going to individual homes to offer an economical solution) M. H. Sherif ITU Mediacom 2004- 24 April 2001 13 Application 2: Pre-paid telephone cards • Prepaid telephone card are widely used • Many operators with non compatible cards • Accuracy of accounting is questionable for small operators • This may be a hindrance to the use of the "minutes on the network" as a universal microcurrency • ITU work items may address some of the issues M. H. Sherif ITU Mediacom 2004- 24 April 2001 14 ITU Work Items for Application 2 • • • • Multi-application cards can also include telephone cards payment Two competing operating systems – Multos ( Mondex and MasterCard) – JavaSoft (Sun et Visa) Which one is more suitable for micropayment applications for telephone and the Internet? ITU Recommendations may be needed M. H. Sherif applicationapplication 1 2 ...... application n virtual machine Integrated Circuit Card Operating System Integrated Circuit Card ITU Mediacom 2004- 24 April 2001 15 Application 3: Biometric Identification • Acquired characteristics – Handwritten signature (500-1000 octets) – Voice print (1000-2000 octets): Bacob with technology from Keyware Technologies (http://www.keywareusa.com) – Keystroke dynamics • Innate characteristics – Photo image (100-800 octets) – Fingerprint (500-1000 octets) – Iris scan (256 octets) – Retina (35 octets) – Shape of the hand (9 octets) M. H. Sherif ITU Mediacom 2004- 24 April 2001 16 Biometric Revenues* • Total revenue: – $58.4 K in 99/est. $110 K in 00 – $ 7K in 99 /est. $14K in 00 for financial applications • Techniques – digital finger prints 34% – hand geometry 26% – face recognition 15% (check cashing/gambling casinos) – iris/retinal recognition 11% – speaker recognition 11% – signature recognition 3% * excluding automatic systems for finger prints used by governments - Source International Biometric Group M. H. Sherif ITU Mediacom 2004- 24 April 2001 17 Possible ITU Work items for Application 3 • Criteria for evaluation of vocal identification systems (performance with call quality, resistance to attacks, etc.) • Reference data for algorithm development • Standard format for file storage, etc. • Other players – Association for Biometrics (http://www.afb.org.uk) – IBIA (International Biometric Industry Association) (http://www.ibia.org) – Bundesamt für Sicherheit in der Informationtechnik (BSI – Federal Information Security Agency) (http://www.bsi.bund.de) M. H. Sherif ITU Mediacom 2004- 24 April 2001 18 Application 4: Multimedia connection of a User to a Call Center • Voice and data interactions are simultaneously needed: – Complex transactions – Verification of user's identity before payment approval • PSTN will be used for voice calls for sometime • Needed: – a way to multiplex voice and data calls on the same subscriber line (on xDSL) – a method to account for possible ways for connecting the PSTN to IP networks (see TIPHON project of ETSI) M. H. Sherif ITU Mediacom 2004- 24 April 2001 19 Person-to-Person Payments • Internet auctions revealed the need for a trusted third party for one-line transactions among complete strangers • Examples: PayPal.com , eMoneyMail • Systems require subscription to open accounts • Telephone companies are well positioned to extend the service to – multiple countries – a more open network (e.g., multiple operators) • ITU Recommendations are needed for architecture and performance characterization M. H. Sherif ITU Mediacom 2004- 24 April 2001 20 Summary of Suggested ITU Work Items • Business to Business – Exchange of performance and fault management information across administrative domains • Business to Consumer – Universal method for micropayments latching to telephony settlements – Telephone cards: accuracy and interoperability – Identification with speech – Traffic Multiplexing • Person to Person – Focus on on-line auctions M. H. Sherif ITU Mediacom 2004- 24 April 2001 21