cypherpunks-legacy
Threads by month
- ----- 2024 -----
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
July 2018
- 1371 participants
- 9656 discussions
*** September Project Update ***
After a busy summer season of meetings and project development, a number of
FSTC projects are poised to launch, as well as a strong pipeline in
development. Our Standing Committees (SCOMs), especially those in Business
Continuity, Security, and Check Imaging and Truncation, continue to broaden
their participation, and build upon a foundation of dialog and action that
leads to FSTC projects. In the past few weeks, we issued two new calls for
participation: e-Authentication Proof-of-Concept, and Business Continuity
Compliance and Status Reporting. See http://fstc.org/projects/new.cfm .
In addition, we have recently completed projects in Image Quality and
Usability Assurance Phase I, Technology Recovery Best Practices, and
Survivability of Check Security Features. Details on these recent projects
can be found at: http://fstc.org/projects/past.cfm .
FSTC provides an action-oriented, collaborative forum for our members to
address shared business opportunities and challenges through technology
projects and knowledge-sharing. We view our projects as our core activity,
and one of the key benefits of FSTC membership is eligibility to participate
in these projects. In our efforts to keep our members and friends
up-to-date on the latest developments in these active and developing
initiatives, we provide our colleagues this periodic project update As
always, please contact me or Zach Tumin, FSTC Executive Director, for more
information. Or visit our website at http://fstc.org.
Active Projects:
1. Counter-Phishing Phase I
Projects in Formation:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8)
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8)
Projects in Development:
1. Image Quality and Usability Assurance Phase II
2. Survivability of Check Security Features Phase II
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services
4. Transformation to Open Mission Critical Systems
5. Minimum Essential Finance (MEF)
______________
ACTIVE PROJECTS:
1. Counter-Phishing Phase I (launched July 2004, expected to complete in
December)
http://fstc.org/projects/counter-phishing-phase-1/
FSTC has launched a phased initiative to address the problem of phishing and
related threats in financial services, as it affects the relationship
between customer and firm. In collaboration with other industry groups,
FSTC will focus on defining the unique technical and operating requirements
of financial institutions (FIs) for counter-phishing measures; investigating
counter-phishing technical solutions, proving and piloting solution sets
enabled by technology to determine their fit against FI criteria and
requirements; and clarifying the infrastructure fit, requirements, and
impact of these technologies when deployed in concert with customer
education, enforcement, and other industry initiatives. The benefits to
participants are: industry-vetted due diligence and scaling of the current
problem and its future evolution; insight into peer institution strategies
and assessments; and definition of an industry response that may be best
undertaken with collaboration between key industry segments.
12 financial institutions and over 15 technology companies are participating
in the 5-month first phase. This project originates from the Security SCOM:
co-chaired by Mike McCormick of Wells Fargo, and Mike Versace of NEC.
Please contact FSTC Managing Executive Gene Neyer for more information
(gene.neyer(a)fstc.org) (http://fstc.org/advisory/security.cfm)
______________
PROJECTS IN FORMATION:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#eauth
This 5-month project will assess the viability of the potential business
opportunity that exists for financial institutions to leverage their online
customer relationships and provide an authentication service to government
agencies, and to integrate these services into financial institutions'
online applications. FSTC, jointly with the GSA's E-Authentication
Initiative Project Management Office (EAI PMO), propose to launch a
three-track project to ascertain the business model, legal framework, and
technical viability of using institutions' identity credentials to permit
consumers and businesses to access secure online government applications.
The GSA is funding the business track of the initiative. There is no cost to
financial institutions, and a $5,000 fee for associate and advisory members.
In addition, a resource commitment is required for all participants, as
outlined in the prospectus. Participation commitments are requested by Sept
24th, and the target kickoff is the week of October 4th.
______________
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#compliance
The FSTC Business Continuity Standing Committee proposes an initiative to
assist the financial industry in coming to a common understanding on the
meaning of continuity regulation, prioritization of compliance related
activities, and creating efficiencies in documenting regulatory compliance
status. To establish a clear understanding of the regulatory environment, a
list of continuity related guidance will be pulled together along with the
name of the agency responsible. Each regulation will be reviewed and a
clearly worded summary of the continuity requirements will be developed.
Where possible the regulatory agencies will be contacted for clarification
on specific points. Common themes and requirements will be documented and
prioritized.
>From the continuity regulation summary, a questionnaire will be developed
which will allow a FI to provide or collect continuity compliance status.
The project will focus on providing straight forward interpretations of what
is needed for an FI to comply with current regulations.
This project is sponsored by the Business Continuity SCOM, co-chaired by Tom
Hirsch of US Bank, and Damian Walch of IBM. Please contact FSTC Managing
Executive Charles Wallen for more information (charles.wallen(a)fstc.org)
______________
PROJECTS IN DEVELOPMENT:
1. Image Quality and Usability Assurance: Phase II (proposal being
finalized)
http://fstc.org/projects/new.cfm#iqa2
In Phase I, more than 20 companies, representing 2/3 of US check volume,
most major vendors, and key industry associations, undertook a 90-day effort
to assess the impact of poor quality check images, and defined 16 technical
metrics and 4 usability levels that can be used to measure image quality and
usability in a standard and interoperable way. The findings of the Phase I
project team justified further development, to test these metrics in a
real-world scenario, on millions of images, to determine the quantitative
thresholds for the 16 metrics that will define a minimum baseline "standard"
for acceptable quality images for the industry.
The business objectives are to maximize efficiencies, cost savings, and
ensure strong adoption of image exchange. The project will undertake a
robust, "real-world" analysis and test to provide actionable specifications
and direction to the industry to allow financial institutions, technology
vendors, standards organizations, and other key partners to collectively
implement baseline image quality and usability through industry
collaboration under the FSTC umbrella.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) co-chaired by Katrina
Brown, Wells Fargo; Glen Ulrich, US Bank; and Ian Goodall, NCR. A call for
participation is expected during the month of September.
______________
2. Survivability of Check Security Features Phase II
As a follow-on to the recently completed Phase I
(http://fstc.org/projects/csf/) this initiative will seek to develop
interoperability specifications for automated security feature verification
engines. As a growing number of vendors offer security features targeted at
surviving the imaging process, institutions face a growing number of
proprietary verification engines that must be installed and configured to
validate these features during processing. The objective of this initiative
is to make is less expensive and easier to manage the implementation of
these security feature verification products.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) More information on this
project will be published in the next month or so.
______________
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services (on hold)
http://fstc.org/projects/new.cfm#tsi
As a potential Phase II following the previous Web Services for Corporate
Cash Management effort, a core group of FSTC institutions and technology
companies have defined key business objectives and deliverables for a
discovery phase, and subsequent pilot-level project utilizing Web Services
in the Treasury Services / Cash Management area. The project, as it
currently stands, will seek to further develop the Phase I set of web
services and associated definitions to create new and open-standards-based
connectivity options between banks, and between banks and their customers.
The business goals are to enable standards-based "plug-and-play" integration
capabilities between institutions and customer platforms, whether ERP,
Treasury Work Station (TWS), or desktop.
A core group of financial institutions and technology companies has
committed to launching this initiative in the second half of 2004. This
project is considered on-hold until later this year.
______________
4. Transformation to Open Mission Critical Systems
The transformation of systems from higher cost or proprietary delivery to
open systems is one of the most hotly debated and discussed topics in
financial services IT. While there is great promise in the flexibility and
efficiencies gained, there is also risk and cost. An FSTC project will soon
form up to determine answers to such key questions as, "Are those
transformations viable?" and "What are the costs and processes by which a
successful transformation program will be run?" The vision of this
initiative is to bring together financial institutions to investigate the
needs, processes, best practices, technology issues, risk factors,
organizational issues and lessons-learned for transformation projects which
move core business processes from legacy IT assets to open systems. We will
provide additional details shortly. If you are interested in joining an
interest group around this topic, please contact us.
______________
5. Minimum Essential Finance (MEF)
In its early stages, FSTC and its members are in dialog with numerous
government and industry organizations to explore interest in an initiative
to identify the minimum essential elements of our financial system, and to
develop a plan and process to ensure that it remains operational in the
event of a disruption to normal operations. A workshop is currently being
planned for this fall for multiple public and private sector organizations
to develop this concept further. If you are interested in joining this
dialog, please contact Zach Tumin at zachary.tumin(a)fstc.org .
______________
##
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://ls.fstc.org/subscriber>
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
*** September Project Update ***
After a busy summer season of meetings and project development, a number of
FSTC projects are poised to launch, as well as a strong pipeline in
development. Our Standing Committees (SCOMs), especially those in Business
Continuity, Security, and Check Imaging and Truncation, continue to broaden
their participation, and build upon a foundation of dialog and action that
leads to FSTC projects. In the past few weeks, we issued two new calls for
participation: e-Authentication Proof-of-Concept, and Business Continuity
Compliance and Status Reporting. See http://fstc.org/projects/new.cfm .
In addition, we have recently completed projects in Image Quality and
Usability Assurance Phase I, Technology Recovery Best Practices, and
Survivability of Check Security Features. Details on these recent projects
can be found at: http://fstc.org/projects/past.cfm .
FSTC provides an action-oriented, collaborative forum for our members to
address shared business opportunities and challenges through technology
projects and knowledge-sharing. We view our projects as our core activity,
and one of the key benefits of FSTC membership is eligibility to participate
in these projects. In our efforts to keep our members and friends
up-to-date on the latest developments in these active and developing
initiatives, we provide our colleagues this periodic project update As
always, please contact me or Zach Tumin, FSTC Executive Director, for more
information. Or visit our website at http://fstc.org.
Active Projects:
1. Counter-Phishing Phase I
Projects in Formation:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8)
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8)
Projects in Development:
1. Image Quality and Usability Assurance Phase II
2. Survivability of Check Security Features Phase II
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services
4. Transformation to Open Mission Critical Systems
5. Minimum Essential Finance (MEF)
______________
ACTIVE PROJECTS:
1. Counter-Phishing Phase I (launched July 2004, expected to complete in
December)
http://fstc.org/projects/counter-phishing-phase-1/
FSTC has launched a phased initiative to address the problem of phishing and
related threats in financial services, as it affects the relationship
between customer and firm. In collaboration with other industry groups,
FSTC will focus on defining the unique technical and operating requirements
of financial institutions (FIs) for counter-phishing measures; investigating
counter-phishing technical solutions, proving and piloting solution sets
enabled by technology to determine their fit against FI criteria and
requirements; and clarifying the infrastructure fit, requirements, and
impact of these technologies when deployed in concert with customer
education, enforcement, and other industry initiatives. The benefits to
participants are: industry-vetted due diligence and scaling of the current
problem and its future evolution; insight into peer institution strategies
and assessments; and definition of an industry response that may be best
undertaken with collaboration between key industry segments.
12 financial institutions and over 15 technology companies are participating
in the 5-month first phase. This project originates from the Security SCOM:
co-chaired by Mike McCormick of Wells Fargo, and Mike Versace of NEC.
Please contact FSTC Managing Executive Gene Neyer for more information
(gene.neyer(a)fstc.org) (http://fstc.org/advisory/security.cfm)
______________
PROJECTS IN FORMATION:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#eauth
This 5-month project will assess the viability of the potential business
opportunity that exists for financial institutions to leverage their online
customer relationships and provide an authentication service to government
agencies, and to integrate these services into financial institutions'
online applications. FSTC, jointly with the GSA's E-Authentication
Initiative Project Management Office (EAI PMO), propose to launch a
three-track project to ascertain the business model, legal framework, and
technical viability of using institutions' identity credentials to permit
consumers and businesses to access secure online government applications.
The GSA is funding the business track of the initiative. There is no cost to
financial institutions, and a $5,000 fee for associate and advisory members.
In addition, a resource commitment is required for all participants, as
outlined in the prospectus. Participation commitments are requested by Sept
24th, and the target kickoff is the week of October 4th.
______________
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#compliance
The FSTC Business Continuity Standing Committee proposes an initiative to
assist the financial industry in coming to a common understanding on the
meaning of continuity regulation, prioritization of compliance related
activities, and creating efficiencies in documenting regulatory compliance
status. To establish a clear understanding of the regulatory environment, a
list of continuity related guidance will be pulled together along with the
name of the agency responsible. Each regulation will be reviewed and a
clearly worded summary of the continuity requirements will be developed.
Where possible the regulatory agencies will be contacted for clarification
on specific points. Common themes and requirements will be documented and
prioritized.
>From the continuity regulation summary, a questionnaire will be developed
which will allow a FI to provide or collect continuity compliance status.
The project will focus on providing straight forward interpretations of what
is needed for an FI to comply with current regulations.
This project is sponsored by the Business Continuity SCOM, co-chaired by Tom
Hirsch of US Bank, and Damian Walch of IBM. Please contact FSTC Managing
Executive Charles Wallen for more information (charles.wallen(a)fstc.org)
______________
PROJECTS IN DEVELOPMENT:
1. Image Quality and Usability Assurance: Phase II (proposal being
finalized)
http://fstc.org/projects/new.cfm#iqa2
In Phase I, more than 20 companies, representing 2/3 of US check volume,
most major vendors, and key industry associations, undertook a 90-day effort
to assess the impact of poor quality check images, and defined 16 technical
metrics and 4 usability levels that can be used to measure image quality and
usability in a standard and interoperable way. The findings of the Phase I
project team justified further development, to test these metrics in a
real-world scenario, on millions of images, to determine the quantitative
thresholds for the 16 metrics that will define a minimum baseline "standard"
for acceptable quality images for the industry.
The business objectives are to maximize efficiencies, cost savings, and
ensure strong adoption of image exchange. The project will undertake a
robust, "real-world" analysis and test to provide actionable specifications
and direction to the industry to allow financial institutions, technology
vendors, standards organizations, and other key partners to collectively
implement baseline image quality and usability through industry
collaboration under the FSTC umbrella.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) co-chaired by Katrina
Brown, Wells Fargo; Glen Ulrich, US Bank; and Ian Goodall, NCR. A call for
participation is expected during the month of September.
______________
2. Survivability of Check Security Features Phase II
As a follow-on to the recently completed Phase I
(http://fstc.org/projects/csf/) this initiative will seek to develop
interoperability specifications for automated security feature verification
engines. As a growing number of vendors offer security features targeted at
surviving the imaging process, institutions face a growing number of
proprietary verification engines that must be installed and configured to
validate these features during processing. The objective of this initiative
is to make is less expensive and easier to manage the implementation of
these security feature verification products.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) More information on this
project will be published in the next month or so.
______________
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services (on hold)
http://fstc.org/projects/new.cfm#tsi
As a potential Phase II following the previous Web Services for Corporate
Cash Management effort, a core group of FSTC institutions and technology
companies have defined key business objectives and deliverables for a
discovery phase, and subsequent pilot-level project utilizing Web Services
in the Treasury Services / Cash Management area. The project, as it
currently stands, will seek to further develop the Phase I set of web
services and associated definitions to create new and open-standards-based
connectivity options between banks, and between banks and their customers.
The business goals are to enable standards-based "plug-and-play" integration
capabilities between institutions and customer platforms, whether ERP,
Treasury Work Station (TWS), or desktop.
A core group of financial institutions and technology companies has
committed to launching this initiative in the second half of 2004. This
project is considered on-hold until later this year.
______________
4. Transformation to Open Mission Critical Systems
The transformation of systems from higher cost or proprietary delivery to
open systems is one of the most hotly debated and discussed topics in
financial services IT. While there is great promise in the flexibility and
efficiencies gained, there is also risk and cost. An FSTC project will soon
form up to determine answers to such key questions as, "Are those
transformations viable?" and "What are the costs and processes by which a
successful transformation program will be run?" The vision of this
initiative is to bring together financial institutions to investigate the
needs, processes, best practices, technology issues, risk factors,
organizational issues and lessons-learned for transformation projects which
move core business processes from legacy IT assets to open systems. We will
provide additional details shortly. If you are interested in joining an
interest group around this topic, please contact us.
______________
5. Minimum Essential Finance (MEF)
In its early stages, FSTC and its members are in dialog with numerous
government and industry organizations to explore interest in an initiative
to identify the minimum essential elements of our financial system, and to
develop a plan and process to ensure that it remains operational in the
event of a disruption to normal operations. A workshop is currently being
planned for this fall for multiple public and private sector organizations
to develop this concept further. If you are interested in joining this
dialog, please contact Zach Tumin at zachary.tumin(a)fstc.org .
______________
##
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://ls.fstc.org/subscriber>
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
*** September Project Update ***
After a busy summer season of meetings and project development, a number of
FSTC projects are poised to launch, as well as a strong pipeline in
development. Our Standing Committees (SCOMs), especially those in Business
Continuity, Security, and Check Imaging and Truncation, continue to broaden
their participation, and build upon a foundation of dialog and action that
leads to FSTC projects. In the past few weeks, we issued two new calls for
participation: e-Authentication Proof-of-Concept, and Business Continuity
Compliance and Status Reporting. See http://fstc.org/projects/new.cfm .
In addition, we have recently completed projects in Image Quality and
Usability Assurance Phase I, Technology Recovery Best Practices, and
Survivability of Check Security Features. Details on these recent projects
can be found at: http://fstc.org/projects/past.cfm .
FSTC provides an action-oriented, collaborative forum for our members to
address shared business opportunities and challenges through technology
projects and knowledge-sharing. We view our projects as our core activity,
and one of the key benefits of FSTC membership is eligibility to participate
in these projects. In our efforts to keep our members and friends
up-to-date on the latest developments in these active and developing
initiatives, we provide our colleagues this periodic project update As
always, please contact me or Zach Tumin, FSTC Executive Director, for more
information. Or visit our website at http://fstc.org.
Active Projects:
1. Counter-Phishing Phase I
Projects in Formation:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8)
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8)
Projects in Development:
1. Image Quality and Usability Assurance Phase II
2. Survivability of Check Security Features Phase II
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services
4. Transformation to Open Mission Critical Systems
5. Minimum Essential Finance (MEF)
______________
ACTIVE PROJECTS:
1. Counter-Phishing Phase I (launched July 2004, expected to complete in
December)
http://fstc.org/projects/counter-phishing-phase-1/
FSTC has launched a phased initiative to address the problem of phishing and
related threats in financial services, as it affects the relationship
between customer and firm. In collaboration with other industry groups,
FSTC will focus on defining the unique technical and operating requirements
of financial institutions (FIs) for counter-phishing measures; investigating
counter-phishing technical solutions, proving and piloting solution sets
enabled by technology to determine their fit against FI criteria and
requirements; and clarifying the infrastructure fit, requirements, and
impact of these technologies when deployed in concert with customer
education, enforcement, and other industry initiatives. The benefits to
participants are: industry-vetted due diligence and scaling of the current
problem and its future evolution; insight into peer institution strategies
and assessments; and definition of an industry response that may be best
undertaken with collaboration between key industry segments.
12 financial institutions and over 15 technology companies are participating
in the 5-month first phase. This project originates from the Security SCOM:
co-chaired by Mike McCormick of Wells Fargo, and Mike Versace of NEC.
Please contact FSTC Managing Executive Gene Neyer for more information
(gene.neyer(a)fstc.org) (http://fstc.org/advisory/security.cfm)
______________
PROJECTS IN FORMATION:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#eauth
This 5-month project will assess the viability of the potential business
opportunity that exists for financial institutions to leverage their online
customer relationships and provide an authentication service to government
agencies, and to integrate these services into financial institutions'
online applications. FSTC, jointly with the GSA's E-Authentication
Initiative Project Management Office (EAI PMO), propose to launch a
three-track project to ascertain the business model, legal framework, and
technical viability of using institutions' identity credentials to permit
consumers and businesses to access secure online government applications.
The GSA is funding the business track of the initiative. There is no cost to
financial institutions, and a $5,000 fee for associate and advisory members.
In addition, a resource commitment is required for all participants, as
outlined in the prospectus. Participation commitments are requested by Sept
24th, and the target kickoff is the week of October 4th.
______________
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#compliance
The FSTC Business Continuity Standing Committee proposes an initiative to
assist the financial industry in coming to a common understanding on the
meaning of continuity regulation, prioritization of compliance related
activities, and creating efficiencies in documenting regulatory compliance
status. To establish a clear understanding of the regulatory environment, a
list of continuity related guidance will be pulled together along with the
name of the agency responsible. Each regulation will be reviewed and a
clearly worded summary of the continuity requirements will be developed.
Where possible the regulatory agencies will be contacted for clarification
on specific points. Common themes and requirements will be documented and
prioritized.
>From the continuity regulation summary, a questionnaire will be developed
which will allow a FI to provide or collect continuity compliance status.
The project will focus on providing straight forward interpretations of what
is needed for an FI to comply with current regulations.
This project is sponsored by the Business Continuity SCOM, co-chaired by Tom
Hirsch of US Bank, and Damian Walch of IBM. Please contact FSTC Managing
Executive Charles Wallen for more information (charles.wallen(a)fstc.org)
______________
PROJECTS IN DEVELOPMENT:
1. Image Quality and Usability Assurance: Phase II (proposal being
finalized)
http://fstc.org/projects/new.cfm#iqa2
In Phase I, more than 20 companies, representing 2/3 of US check volume,
most major vendors, and key industry associations, undertook a 90-day effort
to assess the impact of poor quality check images, and defined 16 technical
metrics and 4 usability levels that can be used to measure image quality and
usability in a standard and interoperable way. The findings of the Phase I
project team justified further development, to test these metrics in a
real-world scenario, on millions of images, to determine the quantitative
thresholds for the 16 metrics that will define a minimum baseline "standard"
for acceptable quality images for the industry.
The business objectives are to maximize efficiencies, cost savings, and
ensure strong adoption of image exchange. The project will undertake a
robust, "real-world" analysis and test to provide actionable specifications
and direction to the industry to allow financial institutions, technology
vendors, standards organizations, and other key partners to collectively
implement baseline image quality and usability through industry
collaboration under the FSTC umbrella.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) co-chaired by Katrina
Brown, Wells Fargo; Glen Ulrich, US Bank; and Ian Goodall, NCR. A call for
participation is expected during the month of September.
______________
2. Survivability of Check Security Features Phase II
As a follow-on to the recently completed Phase I
(http://fstc.org/projects/csf/) this initiative will seek to develop
interoperability specifications for automated security feature verification
engines. As a growing number of vendors offer security features targeted at
surviving the imaging process, institutions face a growing number of
proprietary verification engines that must be installed and configured to
validate these features during processing. The objective of this initiative
is to make is less expensive and easier to manage the implementation of
these security feature verification products.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) More information on this
project will be published in the next month or so.
______________
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services (on hold)
http://fstc.org/projects/new.cfm#tsi
As a potential Phase II following the previous Web Services for Corporate
Cash Management effort, a core group of FSTC institutions and technology
companies have defined key business objectives and deliverables for a
discovery phase, and subsequent pilot-level project utilizing Web Services
in the Treasury Services / Cash Management area. The project, as it
currently stands, will seek to further develop the Phase I set of web
services and associated definitions to create new and open-standards-based
connectivity options between banks, and between banks and their customers.
The business goals are to enable standards-based "plug-and-play" integration
capabilities between institutions and customer platforms, whether ERP,
Treasury Work Station (TWS), or desktop.
A core group of financial institutions and technology companies has
committed to launching this initiative in the second half of 2004. This
project is considered on-hold until later this year.
______________
4. Transformation to Open Mission Critical Systems
The transformation of systems from higher cost or proprietary delivery to
open systems is one of the most hotly debated and discussed topics in
financial services IT. While there is great promise in the flexibility and
efficiencies gained, there is also risk and cost. An FSTC project will soon
form up to determine answers to such key questions as, "Are those
transformations viable?" and "What are the costs and processes by which a
successful transformation program will be run?" The vision of this
initiative is to bring together financial institutions to investigate the
needs, processes, best practices, technology issues, risk factors,
organizational issues and lessons-learned for transformation projects which
move core business processes from legacy IT assets to open systems. We will
provide additional details shortly. If you are interested in joining an
interest group around this topic, please contact us.
______________
5. Minimum Essential Finance (MEF)
In its early stages, FSTC and its members are in dialog with numerous
government and industry organizations to explore interest in an initiative
to identify the minimum essential elements of our financial system, and to
develop a plan and process to ensure that it remains operational in the
event of a disruption to normal operations. A workshop is currently being
planned for this fall for multiple public and private sector organizations
to develop this concept further. If you are interested in joining this
dialog, please contact Zach Tumin at zachary.tumin(a)fstc.org .
______________
##
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://ls.fstc.org/subscriber>
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
*** September Project Update ***
After a busy summer season of meetings and project development, a number of
FSTC projects are poised to launch, as well as a strong pipeline in
development. Our Standing Committees (SCOMs), especially those in Business
Continuity, Security, and Check Imaging and Truncation, continue to broaden
their participation, and build upon a foundation of dialog and action that
leads to FSTC projects. In the past few weeks, we issued two new calls for
participation: e-Authentication Proof-of-Concept, and Business Continuity
Compliance and Status Reporting. See http://fstc.org/projects/new.cfm .
In addition, we have recently completed projects in Image Quality and
Usability Assurance Phase I, Technology Recovery Best Practices, and
Survivability of Check Security Features. Details on these recent projects
can be found at: http://fstc.org/projects/past.cfm .
FSTC provides an action-oriented, collaborative forum for our members to
address shared business opportunities and challenges through technology
projects and knowledge-sharing. We view our projects as our core activity,
and one of the key benefits of FSTC membership is eligibility to participate
in these projects. In our efforts to keep our members and friends
up-to-date on the latest developments in these active and developing
initiatives, we provide our colleagues this periodic project update As
always, please contact me or Zach Tumin, FSTC Executive Director, for more
information. Or visit our website at http://fstc.org.
Active Projects:
1. Counter-Phishing Phase I
Projects in Formation:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8)
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8)
Projects in Development:
1. Image Quality and Usability Assurance Phase II
2. Survivability of Check Security Features Phase II
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services
4. Transformation to Open Mission Critical Systems
5. Minimum Essential Finance (MEF)
______________
ACTIVE PROJECTS:
1. Counter-Phishing Phase I (launched July 2004, expected to complete in
December)
http://fstc.org/projects/counter-phishing-phase-1/
FSTC has launched a phased initiative to address the problem of phishing and
related threats in financial services, as it affects the relationship
between customer and firm. In collaboration with other industry groups,
FSTC will focus on defining the unique technical and operating requirements
of financial institutions (FIs) for counter-phishing measures; investigating
counter-phishing technical solutions, proving and piloting solution sets
enabled by technology to determine their fit against FI criteria and
requirements; and clarifying the infrastructure fit, requirements, and
impact of these technologies when deployed in concert with customer
education, enforcement, and other industry initiatives. The benefits to
participants are: industry-vetted due diligence and scaling of the current
problem and its future evolution; insight into peer institution strategies
and assessments; and definition of an industry response that may be best
undertaken with collaboration between key industry segments.
12 financial institutions and over 15 technology companies are participating
in the 5-month first phase. This project originates from the Security SCOM:
co-chaired by Mike McCormick of Wells Fargo, and Mike Versace of NEC.
Please contact FSTC Managing Executive Gene Neyer for more information
(gene.neyer(a)fstc.org) (http://fstc.org/advisory/security.cfm)
______________
PROJECTS IN FORMATION:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#eauth
This 5-month project will assess the viability of the potential business
opportunity that exists for financial institutions to leverage their online
customer relationships and provide an authentication service to government
agencies, and to integrate these services into financial institutions'
online applications. FSTC, jointly with the GSA's E-Authentication
Initiative Project Management Office (EAI PMO), propose to launch a
three-track project to ascertain the business model, legal framework, and
technical viability of using institutions' identity credentials to permit
consumers and businesses to access secure online government applications.
The GSA is funding the business track of the initiative. There is no cost to
financial institutions, and a $5,000 fee for associate and advisory members.
In addition, a resource commitment is required for all participants, as
outlined in the prospectus. Participation commitments are requested by Sept
24th, and the target kickoff is the week of October 4th.
______________
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#compliance
The FSTC Business Continuity Standing Committee proposes an initiative to
assist the financial industry in coming to a common understanding on the
meaning of continuity regulation, prioritization of compliance related
activities, and creating efficiencies in documenting regulatory compliance
status. To establish a clear understanding of the regulatory environment, a
list of continuity related guidance will be pulled together along with the
name of the agency responsible. Each regulation will be reviewed and a
clearly worded summary of the continuity requirements will be developed.
Where possible the regulatory agencies will be contacted for clarification
on specific points. Common themes and requirements will be documented and
prioritized.
>From the continuity regulation summary, a questionnaire will be developed
which will allow a FI to provide or collect continuity compliance status.
The project will focus on providing straight forward interpretations of what
is needed for an FI to comply with current regulations.
This project is sponsored by the Business Continuity SCOM, co-chaired by Tom
Hirsch of US Bank, and Damian Walch of IBM. Please contact FSTC Managing
Executive Charles Wallen for more information (charles.wallen(a)fstc.org)
______________
PROJECTS IN DEVELOPMENT:
1. Image Quality and Usability Assurance: Phase II (proposal being
finalized)
http://fstc.org/projects/new.cfm#iqa2
In Phase I, more than 20 companies, representing 2/3 of US check volume,
most major vendors, and key industry associations, undertook a 90-day effort
to assess the impact of poor quality check images, and defined 16 technical
metrics and 4 usability levels that can be used to measure image quality and
usability in a standard and interoperable way. The findings of the Phase I
project team justified further development, to test these metrics in a
real-world scenario, on millions of images, to determine the quantitative
thresholds for the 16 metrics that will define a minimum baseline "standard"
for acceptable quality images for the industry.
The business objectives are to maximize efficiencies, cost savings, and
ensure strong adoption of image exchange. The project will undertake a
robust, "real-world" analysis and test to provide actionable specifications
and direction to the industry to allow financial institutions, technology
vendors, standards organizations, and other key partners to collectively
implement baseline image quality and usability through industry
collaboration under the FSTC umbrella.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) co-chaired by Katrina
Brown, Wells Fargo; Glen Ulrich, US Bank; and Ian Goodall, NCR. A call for
participation is expected during the month of September.
______________
2. Survivability of Check Security Features Phase II
As a follow-on to the recently completed Phase I
(http://fstc.org/projects/csf/) this initiative will seek to develop
interoperability specifications for automated security feature verification
engines. As a growing number of vendors offer security features targeted at
surviving the imaging process, institutions face a growing number of
proprietary verification engines that must be installed and configured to
validate these features during processing. The objective of this initiative
is to make is less expensive and easier to manage the implementation of
these security feature verification products.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) More information on this
project will be published in the next month or so.
______________
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services (on hold)
http://fstc.org/projects/new.cfm#tsi
As a potential Phase II following the previous Web Services for Corporate
Cash Management effort, a core group of FSTC institutions and technology
companies have defined key business objectives and deliverables for a
discovery phase, and subsequent pilot-level project utilizing Web Services
in the Treasury Services / Cash Management area. The project, as it
currently stands, will seek to further develop the Phase I set of web
services and associated definitions to create new and open-standards-based
connectivity options between banks, and between banks and their customers.
The business goals are to enable standards-based "plug-and-play" integration
capabilities between institutions and customer platforms, whether ERP,
Treasury Work Station (TWS), or desktop.
A core group of financial institutions and technology companies has
committed to launching this initiative in the second half of 2004. This
project is considered on-hold until later this year.
______________
4. Transformation to Open Mission Critical Systems
The transformation of systems from higher cost or proprietary delivery to
open systems is one of the most hotly debated and discussed topics in
financial services IT. While there is great promise in the flexibility and
efficiencies gained, there is also risk and cost. An FSTC project will soon
form up to determine answers to such key questions as, "Are those
transformations viable?" and "What are the costs and processes by which a
successful transformation program will be run?" The vision of this
initiative is to bring together financial institutions to investigate the
needs, processes, best practices, technology issues, risk factors,
organizational issues and lessons-learned for transformation projects which
move core business processes from legacy IT assets to open systems. We will
provide additional details shortly. If you are interested in joining an
interest group around this topic, please contact us.
______________
5. Minimum Essential Finance (MEF)
In its early stages, FSTC and its members are in dialog with numerous
government and industry organizations to explore interest in an initiative
to identify the minimum essential elements of our financial system, and to
develop a plan and process to ensure that it remains operational in the
event of a disruption to normal operations. A workshop is currently being
planned for this fall for multiple public and private sector organizations
to develop this concept further. If you are interested in joining this
dialog, please contact Zach Tumin at zachary.tumin(a)fstc.org .
______________
##
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://ls.fstc.org/subscriber>
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
*** September Project Update ***
After a busy summer season of meetings and project development, a number of
FSTC projects are poised to launch, as well as a strong pipeline in
development. Our Standing Committees (SCOMs), especially those in Business
Continuity, Security, and Check Imaging and Truncation, continue to broaden
their participation, and build upon a foundation of dialog and action that
leads to FSTC projects. In the past few weeks, we issued two new calls for
participation: e-Authentication Proof-of-Concept, and Business Continuity
Compliance and Status Reporting. See http://fstc.org/projects/new.cfm .
In addition, we have recently completed projects in Image Quality and
Usability Assurance Phase I, Technology Recovery Best Practices, and
Survivability of Check Security Features. Details on these recent projects
can be found at: http://fstc.org/projects/past.cfm .
FSTC provides an action-oriented, collaborative forum for our members to
address shared business opportunities and challenges through technology
projects and knowledge-sharing. We view our projects as our core activity,
and one of the key benefits of FSTC membership is eligibility to participate
in these projects. In our efforts to keep our members and friends
up-to-date on the latest developments in these active and developing
initiatives, we provide our colleagues this periodic project update As
always, please contact me or Zach Tumin, FSTC Executive Director, for more
information. Or visit our website at http://fstc.org.
Active Projects:
1. Counter-Phishing Phase I
Projects in Formation:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8)
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8)
Projects in Development:
1. Image Quality and Usability Assurance Phase II
2. Survivability of Check Security Features Phase II
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services
4. Transformation to Open Mission Critical Systems
5. Minimum Essential Finance (MEF)
______________
ACTIVE PROJECTS:
1. Counter-Phishing Phase I (launched July 2004, expected to complete in
December)
http://fstc.org/projects/counter-phishing-phase-1/
FSTC has launched a phased initiative to address the problem of phishing and
related threats in financial services, as it affects the relationship
between customer and firm. In collaboration with other industry groups,
FSTC will focus on defining the unique technical and operating requirements
of financial institutions (FIs) for counter-phishing measures; investigating
counter-phishing technical solutions, proving and piloting solution sets
enabled by technology to determine their fit against FI criteria and
requirements; and clarifying the infrastructure fit, requirements, and
impact of these technologies when deployed in concert with customer
education, enforcement, and other industry initiatives. The benefits to
participants are: industry-vetted due diligence and scaling of the current
problem and its future evolution; insight into peer institution strategies
and assessments; and definition of an industry response that may be best
undertaken with collaboration between key industry segments.
12 financial institutions and over 15 technology companies are participating
in the 5-month first phase. This project originates from the Security SCOM:
co-chaired by Mike McCormick of Wells Fargo, and Mike Versace of NEC.
Please contact FSTC Managing Executive Gene Neyer for more information
(gene.neyer(a)fstc.org) (http://fstc.org/advisory/security.cfm)
______________
PROJECTS IN FORMATION:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#eauth
This 5-month project will assess the viability of the potential business
opportunity that exists for financial institutions to leverage their online
customer relationships and provide an authentication service to government
agencies, and to integrate these services into financial institutions'
online applications. FSTC, jointly with the GSA's E-Authentication
Initiative Project Management Office (EAI PMO), propose to launch a
three-track project to ascertain the business model, legal framework, and
technical viability of using institutions' identity credentials to permit
consumers and businesses to access secure online government applications.
The GSA is funding the business track of the initiative. There is no cost to
financial institutions, and a $5,000 fee for associate and advisory members.
In addition, a resource commitment is required for all participants, as
outlined in the prospectus. Participation commitments are requested by Sept
24th, and the target kickoff is the week of October 4th.
______________
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#compliance
The FSTC Business Continuity Standing Committee proposes an initiative to
assist the financial industry in coming to a common understanding on the
meaning of continuity regulation, prioritization of compliance related
activities, and creating efficiencies in documenting regulatory compliance
status. To establish a clear understanding of the regulatory environment, a
list of continuity related guidance will be pulled together along with the
name of the agency responsible. Each regulation will be reviewed and a
clearly worded summary of the continuity requirements will be developed.
Where possible the regulatory agencies will be contacted for clarification
on specific points. Common themes and requirements will be documented and
prioritized.
>From the continuity regulation summary, a questionnaire will be developed
which will allow a FI to provide or collect continuity compliance status.
The project will focus on providing straight forward interpretations of what
is needed for an FI to comply with current regulations.
This project is sponsored by the Business Continuity SCOM, co-chaired by Tom
Hirsch of US Bank, and Damian Walch of IBM. Please contact FSTC Managing
Executive Charles Wallen for more information (charles.wallen(a)fstc.org)
______________
PROJECTS IN DEVELOPMENT:
1. Image Quality and Usability Assurance: Phase II (proposal being
finalized)
http://fstc.org/projects/new.cfm#iqa2
In Phase I, more than 20 companies, representing 2/3 of US check volume,
most major vendors, and key industry associations, undertook a 90-day effort
to assess the impact of poor quality check images, and defined 16 technical
metrics and 4 usability levels that can be used to measure image quality and
usability in a standard and interoperable way. The findings of the Phase I
project team justified further development, to test these metrics in a
real-world scenario, on millions of images, to determine the quantitative
thresholds for the 16 metrics that will define a minimum baseline "standard"
for acceptable quality images for the industry.
The business objectives are to maximize efficiencies, cost savings, and
ensure strong adoption of image exchange. The project will undertake a
robust, "real-world" analysis and test to provide actionable specifications
and direction to the industry to allow financial institutions, technology
vendors, standards organizations, and other key partners to collectively
implement baseline image quality and usability through industry
collaboration under the FSTC umbrella.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) co-chaired by Katrina
Brown, Wells Fargo; Glen Ulrich, US Bank; and Ian Goodall, NCR. A call for
participation is expected during the month of September.
______________
2. Survivability of Check Security Features Phase II
As a follow-on to the recently completed Phase I
(http://fstc.org/projects/csf/) this initiative will seek to develop
interoperability specifications for automated security feature verification
engines. As a growing number of vendors offer security features targeted at
surviving the imaging process, institutions face a growing number of
proprietary verification engines that must be installed and configured to
validate these features during processing. The objective of this initiative
is to make is less expensive and easier to manage the implementation of
these security feature verification products.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) More information on this
project will be published in the next month or so.
______________
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services (on hold)
http://fstc.org/projects/new.cfm#tsi
As a potential Phase II following the previous Web Services for Corporate
Cash Management effort, a core group of FSTC institutions and technology
companies have defined key business objectives and deliverables for a
discovery phase, and subsequent pilot-level project utilizing Web Services
in the Treasury Services / Cash Management area. The project, as it
currently stands, will seek to further develop the Phase I set of web
services and associated definitions to create new and open-standards-based
connectivity options between banks, and between banks and their customers.
The business goals are to enable standards-based "plug-and-play" integration
capabilities between institutions and customer platforms, whether ERP,
Treasury Work Station (TWS), or desktop.
A core group of financial institutions and technology companies has
committed to launching this initiative in the second half of 2004. This
project is considered on-hold until later this year.
______________
4. Transformation to Open Mission Critical Systems
The transformation of systems from higher cost or proprietary delivery to
open systems is one of the most hotly debated and discussed topics in
financial services IT. While there is great promise in the flexibility and
efficiencies gained, there is also risk and cost. An FSTC project will soon
form up to determine answers to such key questions as, "Are those
transformations viable?" and "What are the costs and processes by which a
successful transformation program will be run?" The vision of this
initiative is to bring together financial institutions to investigate the
needs, processes, best practices, technology issues, risk factors,
organizational issues and lessons-learned for transformation projects which
move core business processes from legacy IT assets to open systems. We will
provide additional details shortly. If you are interested in joining an
interest group around this topic, please contact us.
______________
5. Minimum Essential Finance (MEF)
In its early stages, FSTC and its members are in dialog with numerous
government and industry organizations to explore interest in an initiative
to identify the minimum essential elements of our financial system, and to
develop a plan and process to ensure that it remains operational in the
event of a disruption to normal operations. A workshop is currently being
planned for this fall for multiple public and private sector organizations
to develop this concept further. If you are interested in joining this
dialog, please contact Zach Tumin at zachary.tumin(a)fstc.org .
______________
##
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://ls.fstc.org/subscriber>
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
*** September Project Update ***
After a busy summer season of meetings and project development, a number of
FSTC projects are poised to launch, as well as a strong pipeline in
development. Our Standing Committees (SCOMs), especially those in Business
Continuity, Security, and Check Imaging and Truncation, continue to broaden
their participation, and build upon a foundation of dialog and action that
leads to FSTC projects. In the past few weeks, we issued two new calls for
participation: e-Authentication Proof-of-Concept, and Business Continuity
Compliance and Status Reporting. See http://fstc.org/projects/new.cfm .
In addition, we have recently completed projects in Image Quality and
Usability Assurance Phase I, Technology Recovery Best Practices, and
Survivability of Check Security Features. Details on these recent projects
can be found at: http://fstc.org/projects/past.cfm .
FSTC provides an action-oriented, collaborative forum for our members to
address shared business opportunities and challenges through technology
projects and knowledge-sharing. We view our projects as our core activity,
and one of the key benefits of FSTC membership is eligibility to participate
in these projects. In our efforts to keep our members and friends
up-to-date on the latest developments in these active and developing
initiatives, we provide our colleagues this periodic project update As
always, please contact me or Zach Tumin, FSTC Executive Director, for more
information. Or visit our website at http://fstc.org.
Active Projects:
1. Counter-Phishing Phase I
Projects in Formation:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8)
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8)
Projects in Development:
1. Image Quality and Usability Assurance Phase II
2. Survivability of Check Security Features Phase II
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services
4. Transformation to Open Mission Critical Systems
5. Minimum Essential Finance (MEF)
______________
ACTIVE PROJECTS:
1. Counter-Phishing Phase I (launched July 2004, expected to complete in
December)
http://fstc.org/projects/counter-phishing-phase-1/
FSTC has launched a phased initiative to address the problem of phishing and
related threats in financial services, as it affects the relationship
between customer and firm. In collaboration with other industry groups,
FSTC will focus on defining the unique technical and operating requirements
of financial institutions (FIs) for counter-phishing measures; investigating
counter-phishing technical solutions, proving and piloting solution sets
enabled by technology to determine their fit against FI criteria and
requirements; and clarifying the infrastructure fit, requirements, and
impact of these technologies when deployed in concert with customer
education, enforcement, and other industry initiatives. The benefits to
participants are: industry-vetted due diligence and scaling of the current
problem and its future evolution; insight into peer institution strategies
and assessments; and definition of an industry response that may be best
undertaken with collaboration between key industry segments.
12 financial institutions and over 15 technology companies are participating
in the 5-month first phase. This project originates from the Security SCOM:
co-chaired by Mike McCormick of Wells Fargo, and Mike Versace of NEC.
Please contact FSTC Managing Executive Gene Neyer for more information
(gene.neyer(a)fstc.org) (http://fstc.org/advisory/security.cfm)
______________
PROJECTS IN FORMATION:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#eauth
This 5-month project will assess the viability of the potential business
opportunity that exists for financial institutions to leverage their online
customer relationships and provide an authentication service to government
agencies, and to integrate these services into financial institutions'
online applications. FSTC, jointly with the GSA's E-Authentication
Initiative Project Management Office (EAI PMO), propose to launch a
three-track project to ascertain the business model, legal framework, and
technical viability of using institutions' identity credentials to permit
consumers and businesses to access secure online government applications.
The GSA is funding the business track of the initiative. There is no cost to
financial institutions, and a $5,000 fee for associate and advisory members.
In addition, a resource commitment is required for all participants, as
outlined in the prospectus. Participation commitments are requested by Sept
24th, and the target kickoff is the week of October 4th.
______________
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#compliance
The FSTC Business Continuity Standing Committee proposes an initiative to
assist the financial industry in coming to a common understanding on the
meaning of continuity regulation, prioritization of compliance related
activities, and creating efficiencies in documenting regulatory compliance
status. To establish a clear understanding of the regulatory environment, a
list of continuity related guidance will be pulled together along with the
name of the agency responsible. Each regulation will be reviewed and a
clearly worded summary of the continuity requirements will be developed.
Where possible the regulatory agencies will be contacted for clarification
on specific points. Common themes and requirements will be documented and
prioritized.
>From the continuity regulation summary, a questionnaire will be developed
which will allow a FI to provide or collect continuity compliance status.
The project will focus on providing straight forward interpretations of what
is needed for an FI to comply with current regulations.
This project is sponsored by the Business Continuity SCOM, co-chaired by Tom
Hirsch of US Bank, and Damian Walch of IBM. Please contact FSTC Managing
Executive Charles Wallen for more information (charles.wallen(a)fstc.org)
______________
PROJECTS IN DEVELOPMENT:
1. Image Quality and Usability Assurance: Phase II (proposal being
finalized)
http://fstc.org/projects/new.cfm#iqa2
In Phase I, more than 20 companies, representing 2/3 of US check volume,
most major vendors, and key industry associations, undertook a 90-day effort
to assess the impact of poor quality check images, and defined 16 technical
metrics and 4 usability levels that can be used to measure image quality and
usability in a standard and interoperable way. The findings of the Phase I
project team justified further development, to test these metrics in a
real-world scenario, on millions of images, to determine the quantitative
thresholds for the 16 metrics that will define a minimum baseline "standard"
for acceptable quality images for the industry.
The business objectives are to maximize efficiencies, cost savings, and
ensure strong adoption of image exchange. The project will undertake a
robust, "real-world" analysis and test to provide actionable specifications
and direction to the industry to allow financial institutions, technology
vendors, standards organizations, and other key partners to collectively
implement baseline image quality and usability through industry
collaboration under the FSTC umbrella.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) co-chaired by Katrina
Brown, Wells Fargo; Glen Ulrich, US Bank; and Ian Goodall, NCR. A call for
participation is expected during the month of September.
______________
2. Survivability of Check Security Features Phase II
As a follow-on to the recently completed Phase I
(http://fstc.org/projects/csf/) this initiative will seek to develop
interoperability specifications for automated security feature verification
engines. As a growing number of vendors offer security features targeted at
surviving the imaging process, institutions face a growing number of
proprietary verification engines that must be installed and configured to
validate these features during processing. The objective of this initiative
is to make is less expensive and easier to manage the implementation of
these security feature verification products.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) More information on this
project will be published in the next month or so.
______________
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services (on hold)
http://fstc.org/projects/new.cfm#tsi
As a potential Phase II following the previous Web Services for Corporate
Cash Management effort, a core group of FSTC institutions and technology
companies have defined key business objectives and deliverables for a
discovery phase, and subsequent pilot-level project utilizing Web Services
in the Treasury Services / Cash Management area. The project, as it
currently stands, will seek to further develop the Phase I set of web
services and associated definitions to create new and open-standards-based
connectivity options between banks, and between banks and their customers.
The business goals are to enable standards-based "plug-and-play" integration
capabilities between institutions and customer platforms, whether ERP,
Treasury Work Station (TWS), or desktop.
A core group of financial institutions and technology companies has
committed to launching this initiative in the second half of 2004. This
project is considered on-hold until later this year.
______________
4. Transformation to Open Mission Critical Systems
The transformation of systems from higher cost or proprietary delivery to
open systems is one of the most hotly debated and discussed topics in
financial services IT. While there is great promise in the flexibility and
efficiencies gained, there is also risk and cost. An FSTC project will soon
form up to determine answers to such key questions as, "Are those
transformations viable?" and "What are the costs and processes by which a
successful transformation program will be run?" The vision of this
initiative is to bring together financial institutions to investigate the
needs, processes, best practices, technology issues, risk factors,
organizational issues and lessons-learned for transformation projects which
move core business processes from legacy IT assets to open systems. We will
provide additional details shortly. If you are interested in joining an
interest group around this topic, please contact us.
______________
5. Minimum Essential Finance (MEF)
In its early stages, FSTC and its members are in dialog with numerous
government and industry organizations to explore interest in an initiative
to identify the minimum essential elements of our financial system, and to
develop a plan and process to ensure that it remains operational in the
event of a disruption to normal operations. A workshop is currently being
planned for this fall for multiple public and private sector organizations
to develop this concept further. If you are interested in joining this
dialog, please contact Zach Tumin at zachary.tumin(a)fstc.org .
______________
##
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://ls.fstc.org/subscriber>
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
*** September Project Update ***
After a busy summer season of meetings and project development, a number of
FSTC projects are poised to launch, as well as a strong pipeline in
development. Our Standing Committees (SCOMs), especially those in Business
Continuity, Security, and Check Imaging and Truncation, continue to broaden
their participation, and build upon a foundation of dialog and action that
leads to FSTC projects. In the past few weeks, we issued two new calls for
participation: e-Authentication Proof-of-Concept, and Business Continuity
Compliance and Status Reporting. See http://fstc.org/projects/new.cfm .
In addition, we have recently completed projects in Image Quality and
Usability Assurance Phase I, Technology Recovery Best Practices, and
Survivability of Check Security Features. Details on these recent projects
can be found at: http://fstc.org/projects/past.cfm .
FSTC provides an action-oriented, collaborative forum for our members to
address shared business opportunities and challenges through technology
projects and knowledge-sharing. We view our projects as our core activity,
and one of the key benefits of FSTC membership is eligibility to participate
in these projects. In our efforts to keep our members and friends
up-to-date on the latest developments in these active and developing
initiatives, we provide our colleagues this periodic project update As
always, please contact me or Zach Tumin, FSTC Executive Director, for more
information. Or visit our website at http://fstc.org.
Active Projects:
1. Counter-Phishing Phase I
Projects in Formation:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8)
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8)
Projects in Development:
1. Image Quality and Usability Assurance Phase II
2. Survivability of Check Security Features Phase II
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services
4. Transformation to Open Mission Critical Systems
5. Minimum Essential Finance (MEF)
______________
ACTIVE PROJECTS:
1. Counter-Phishing Phase I (launched July 2004, expected to complete in
December)
http://fstc.org/projects/counter-phishing-phase-1/
FSTC has launched a phased initiative to address the problem of phishing and
related threats in financial services, as it affects the relationship
between customer and firm. In collaboration with other industry groups,
FSTC will focus on defining the unique technical and operating requirements
of financial institutions (FIs) for counter-phishing measures; investigating
counter-phishing technical solutions, proving and piloting solution sets
enabled by technology to determine their fit against FI criteria and
requirements; and clarifying the infrastructure fit, requirements, and
impact of these technologies when deployed in concert with customer
education, enforcement, and other industry initiatives. The benefits to
participants are: industry-vetted due diligence and scaling of the current
problem and its future evolution; insight into peer institution strategies
and assessments; and definition of an industry response that may be best
undertaken with collaboration between key industry segments.
12 financial institutions and over 15 technology companies are participating
in the 5-month first phase. This project originates from the Security SCOM:
co-chaired by Mike McCormick of Wells Fargo, and Mike Versace of NEC.
Please contact FSTC Managing Executive Gene Neyer for more information
(gene.neyer(a)fstc.org) (http://fstc.org/advisory/security.cfm)
______________
PROJECTS IN FORMATION:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#eauth
This 5-month project will assess the viability of the potential business
opportunity that exists for financial institutions to leverage their online
customer relationships and provide an authentication service to government
agencies, and to integrate these services into financial institutions'
online applications. FSTC, jointly with the GSA's E-Authentication
Initiative Project Management Office (EAI PMO), propose to launch a
three-track project to ascertain the business model, legal framework, and
technical viability of using institutions' identity credentials to permit
consumers and businesses to access secure online government applications.
The GSA is funding the business track of the initiative. There is no cost to
financial institutions, and a $5,000 fee for associate and advisory members.
In addition, a resource commitment is required for all participants, as
outlined in the prospectus. Participation commitments are requested by Sept
24th, and the target kickoff is the week of October 4th.
______________
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#compliance
The FSTC Business Continuity Standing Committee proposes an initiative to
assist the financial industry in coming to a common understanding on the
meaning of continuity regulation, prioritization of compliance related
activities, and creating efficiencies in documenting regulatory compliance
status. To establish a clear understanding of the regulatory environment, a
list of continuity related guidance will be pulled together along with the
name of the agency responsible. Each regulation will be reviewed and a
clearly worded summary of the continuity requirements will be developed.
Where possible the regulatory agencies will be contacted for clarification
on specific points. Common themes and requirements will be documented and
prioritized.
>From the continuity regulation summary, a questionnaire will be developed
which will allow a FI to provide or collect continuity compliance status.
The project will focus on providing straight forward interpretations of what
is needed for an FI to comply with current regulations.
This project is sponsored by the Business Continuity SCOM, co-chaired by Tom
Hirsch of US Bank, and Damian Walch of IBM. Please contact FSTC Managing
Executive Charles Wallen for more information (charles.wallen(a)fstc.org)
______________
PROJECTS IN DEVELOPMENT:
1. Image Quality and Usability Assurance: Phase II (proposal being
finalized)
http://fstc.org/projects/new.cfm#iqa2
In Phase I, more than 20 companies, representing 2/3 of US check volume,
most major vendors, and key industry associations, undertook a 90-day effort
to assess the impact of poor quality check images, and defined 16 technical
metrics and 4 usability levels that can be used to measure image quality and
usability in a standard and interoperable way. The findings of the Phase I
project team justified further development, to test these metrics in a
real-world scenario, on millions of images, to determine the quantitative
thresholds for the 16 metrics that will define a minimum baseline "standard"
for acceptable quality images for the industry.
The business objectives are to maximize efficiencies, cost savings, and
ensure strong adoption of image exchange. The project will undertake a
robust, "real-world" analysis and test to provide actionable specifications
and direction to the industry to allow financial institutions, technology
vendors, standards organizations, and other key partners to collectively
implement baseline image quality and usability through industry
collaboration under the FSTC umbrella.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) co-chaired by Katrina
Brown, Wells Fargo; Glen Ulrich, US Bank; and Ian Goodall, NCR. A call for
participation is expected during the month of September.
______________
2. Survivability of Check Security Features Phase II
As a follow-on to the recently completed Phase I
(http://fstc.org/projects/csf/) this initiative will seek to develop
interoperability specifications for automated security feature verification
engines. As a growing number of vendors offer security features targeted at
surviving the imaging process, institutions face a growing number of
proprietary verification engines that must be installed and configured to
validate these features during processing. The objective of this initiative
is to make is less expensive and easier to manage the implementation of
these security feature verification products.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) More information on this
project will be published in the next month or so.
______________
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services (on hold)
http://fstc.org/projects/new.cfm#tsi
As a potential Phase II following the previous Web Services for Corporate
Cash Management effort, a core group of FSTC institutions and technology
companies have defined key business objectives and deliverables for a
discovery phase, and subsequent pilot-level project utilizing Web Services
in the Treasury Services / Cash Management area. The project, as it
currently stands, will seek to further develop the Phase I set of web
services and associated definitions to create new and open-standards-based
connectivity options between banks, and between banks and their customers.
The business goals are to enable standards-based "plug-and-play" integration
capabilities between institutions and customer platforms, whether ERP,
Treasury Work Station (TWS), or desktop.
A core group of financial institutions and technology companies has
committed to launching this initiative in the second half of 2004. This
project is considered on-hold until later this year.
______________
4. Transformation to Open Mission Critical Systems
The transformation of systems from higher cost or proprietary delivery to
open systems is one of the most hotly debated and discussed topics in
financial services IT. While there is great promise in the flexibility and
efficiencies gained, there is also risk and cost. An FSTC project will soon
form up to determine answers to such key questions as, "Are those
transformations viable?" and "What are the costs and processes by which a
successful transformation program will be run?" The vision of this
initiative is to bring together financial institutions to investigate the
needs, processes, best practices, technology issues, risk factors,
organizational issues and lessons-learned for transformation projects which
move core business processes from legacy IT assets to open systems. We will
provide additional details shortly. If you are interested in joining an
interest group around this topic, please contact us.
______________
5. Minimum Essential Finance (MEF)
In its early stages, FSTC and its members are in dialog with numerous
government and industry organizations to explore interest in an initiative
to identify the minimum essential elements of our financial system, and to
develop a plan and process to ensure that it remains operational in the
event of a disruption to normal operations. A workshop is currently being
planned for this fall for multiple public and private sector organizations
to develop this concept further. If you are interested in joining this
dialog, please contact Zach Tumin at zachary.tumin(a)fstc.org .
______________
##
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://ls.fstc.org/subscriber>
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
*** September Project Update ***
After a busy summer season of meetings and project development, a number of
FSTC projects are poised to launch, as well as a strong pipeline in
development. Our Standing Committees (SCOMs), especially those in Business
Continuity, Security, and Check Imaging and Truncation, continue to broaden
their participation, and build upon a foundation of dialog and action that
leads to FSTC projects. In the past few weeks, we issued two new calls for
participation: e-Authentication Proof-of-Concept, and Business Continuity
Compliance and Status Reporting. See http://fstc.org/projects/new.cfm .
In addition, we have recently completed projects in Image Quality and
Usability Assurance Phase I, Technology Recovery Best Practices, and
Survivability of Check Security Features. Details on these recent projects
can be found at: http://fstc.org/projects/past.cfm .
FSTC provides an action-oriented, collaborative forum for our members to
address shared business opportunities and challenges through technology
projects and knowledge-sharing. We view our projects as our core activity,
and one of the key benefits of FSTC membership is eligibility to participate
in these projects. In our efforts to keep our members and friends
up-to-date on the latest developments in these active and developing
initiatives, we provide our colleagues this periodic project update As
always, please contact me or Zach Tumin, FSTC Executive Director, for more
information. Or visit our website at http://fstc.org.
Active Projects:
1. Counter-Phishing Phase I
Projects in Formation:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8)
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8)
Projects in Development:
1. Image Quality and Usability Assurance Phase II
2. Survivability of Check Security Features Phase II
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services
4. Transformation to Open Mission Critical Systems
5. Minimum Essential Finance (MEF)
______________
ACTIVE PROJECTS:
1. Counter-Phishing Phase I (launched July 2004, expected to complete in
December)
http://fstc.org/projects/counter-phishing-phase-1/
FSTC has launched a phased initiative to address the problem of phishing and
related threats in financial services, as it affects the relationship
between customer and firm. In collaboration with other industry groups,
FSTC will focus on defining the unique technical and operating requirements
of financial institutions (FIs) for counter-phishing measures; investigating
counter-phishing technical solutions, proving and piloting solution sets
enabled by technology to determine their fit against FI criteria and
requirements; and clarifying the infrastructure fit, requirements, and
impact of these technologies when deployed in concert with customer
education, enforcement, and other industry initiatives. The benefits to
participants are: industry-vetted due diligence and scaling of the current
problem and its future evolution; insight into peer institution strategies
and assessments; and definition of an industry response that may be best
undertaken with collaboration between key industry segments.
12 financial institutions and over 15 technology companies are participating
in the 5-month first phase. This project originates from the Security SCOM:
co-chaired by Mike McCormick of Wells Fargo, and Mike Versace of NEC.
Please contact FSTC Managing Executive Gene Neyer for more information
(gene.neyer(a)fstc.org) (http://fstc.org/advisory/security.cfm)
______________
PROJECTS IN FORMATION:
1. e-Authentication: Business and Technology Proof-of-Concept (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#eauth
This 5-month project will assess the viability of the potential business
opportunity that exists for financial institutions to leverage their online
customer relationships and provide an authentication service to government
agencies, and to integrate these services into financial institutions'
online applications. FSTC, jointly with the GSA's E-Authentication
Initiative Project Management Office (EAI PMO), propose to launch a
three-track project to ascertain the business model, legal framework, and
technical viability of using institutions' identity credentials to permit
consumers and businesses to access secure online government applications.
The GSA is funding the business track of the initiative. There is no cost to
financial institutions, and a $5,000 fee for associate and advisory members.
In addition, a resource commitment is required for all participants, as
outlined in the prospectus. Participation commitments are requested by Sept
24th, and the target kickoff is the week of October 4th.
______________
2. Business Continuity: Compliance and Status Reporting (call for
participation issued 9/8/04)
http://fstc.org/projects/new.cfm#compliance
The FSTC Business Continuity Standing Committee proposes an initiative to
assist the financial industry in coming to a common understanding on the
meaning of continuity regulation, prioritization of compliance related
activities, and creating efficiencies in documenting regulatory compliance
status. To establish a clear understanding of the regulatory environment, a
list of continuity related guidance will be pulled together along with the
name of the agency responsible. Each regulation will be reviewed and a
clearly worded summary of the continuity requirements will be developed.
Where possible the regulatory agencies will be contacted for clarification
on specific points. Common themes and requirements will be documented and
prioritized.
>From the continuity regulation summary, a questionnaire will be developed
which will allow a FI to provide or collect continuity compliance status.
The project will focus on providing straight forward interpretations of what
is needed for an FI to comply with current regulations.
This project is sponsored by the Business Continuity SCOM, co-chaired by Tom
Hirsch of US Bank, and Damian Walch of IBM. Please contact FSTC Managing
Executive Charles Wallen for more information (charles.wallen(a)fstc.org)
______________
PROJECTS IN DEVELOPMENT:
1. Image Quality and Usability Assurance: Phase II (proposal being
finalized)
http://fstc.org/projects/new.cfm#iqa2
In Phase I, more than 20 companies, representing 2/3 of US check volume,
most major vendors, and key industry associations, undertook a 90-day effort
to assess the impact of poor quality check images, and defined 16 technical
metrics and 4 usability levels that can be used to measure image quality and
usability in a standard and interoperable way. The findings of the Phase I
project team justified further development, to test these metrics in a
real-world scenario, on millions of images, to determine the quantitative
thresholds for the 16 metrics that will define a minimum baseline "standard"
for acceptable quality images for the industry.
The business objectives are to maximize efficiencies, cost savings, and
ensure strong adoption of image exchange. The project will undertake a
robust, "real-world" analysis and test to provide actionable specifications
and direction to the industry to allow financial institutions, technology
vendors, standards organizations, and other key partners to collectively
implement baseline image quality and usability through industry
collaboration under the FSTC umbrella.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) co-chaired by Katrina
Brown, Wells Fargo; Glen Ulrich, US Bank; and Ian Goodall, NCR. A call for
participation is expected during the month of September.
______________
2. Survivability of Check Security Features Phase II
As a follow-on to the recently completed Phase I
(http://fstc.org/projects/csf/) this initiative will seek to develop
interoperability specifications for automated security feature verification
engines. As a growing number of vendors offer security features targeted at
surviving the imaging process, institutions face a growing number of
proprietary verification engines that must be installed and configured to
validate these features during processing. The objective of this initiative
is to make is less expensive and easier to manage the implementation of
these security feature verification products.
This project originates from the Check Truncation SIG
(http://fstc.org/advisory/check-truncation.cfm) More information on this
project will be published in the next month or so.
______________
3. Treasury Services Integration: Data Exchange and Customer Connectivity
through Web Services (on hold)
http://fstc.org/projects/new.cfm#tsi
As a potential Phase II following the previous Web Services for Corporate
Cash Management effort, a core group of FSTC institutions and technology
companies have defined key business objectives and deliverables for a
discovery phase, and subsequent pilot-level project utilizing Web Services
in the Treasury Services / Cash Management area. The project, as it
currently stands, will seek to further develop the Phase I set of web
services and associated definitions to create new and open-standards-based
connectivity options between banks, and between banks and their customers.
The business goals are to enable standards-based "plug-and-play" integration
capabilities between institutions and customer platforms, whether ERP,
Treasury Work Station (TWS), or desktop.
A core group of financial institutions and technology companies has
committed to launching this initiative in the second half of 2004. This
project is considered on-hold until later this year.
______________
4. Transformation to Open Mission Critical Systems
The transformation of systems from higher cost or proprietary delivery to
open systems is one of the most hotly debated and discussed topics in
financial services IT. While there is great promise in the flexibility and
efficiencies gained, there is also risk and cost. An FSTC project will soon
form up to determine answers to such key questions as, "Are those
transformations viable?" and "What are the costs and processes by which a
successful transformation program will be run?" The vision of this
initiative is to bring together financial institutions to investigate the
needs, processes, best practices, technology issues, risk factors,
organizational issues and lessons-learned for transformation projects which
move core business processes from legacy IT assets to open systems. We will
provide additional details shortly. If you are interested in joining an
interest group around this topic, please contact us.
______________
5. Minimum Essential Finance (MEF)
In its early stages, FSTC and its members are in dialog with numerous
government and industry organizations to explore interest in an initiative
to identify the minimum essential elements of our financial system, and to
develop a plan and process to ensure that it remains operational in the
event of a disruption to normal operations. A workshop is currently being
planned for this fall for multiple public and private sector organizations
to develop this concept further. If you are interested in joining this
dialog, please contact Zach Tumin at zachary.tumin(a)fstc.org .
______________
##
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://ls.fstc.org/subscriber>
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
06 Jul '18
http://www.wired.com/news/politics/0,1283,42894,00.html
Cypherpunk Judge Warns Media
by Declan McCullagh (declan(a)wired.com)
8:00 a.m. Apr. 6, 2001 PDT
TACOMA, Washington -- A federal judge has threatened media outlets
with contempt charges if they quote from public documents on a court
website, prompting outcries from journalist groups.
U.S. District Judge Jack Tanner warned Thursday that anyone who
published the name of a juror in the criminal trial of U.S. v. James
Dalton Bell would go to jail. The list of jurors is available on the
Pacer website provided by the federal court system.
"No one in the print media, electronic media, no member of the
prosecution, no witness for the prosecution, nor the defense lawyers,
are to print, under any circumstances, the names of these jurors...
under penalty of contempt," Tanner said.
Gregg Leslie, the legal defense director for the Virginia-based
Reporters Committee for Freedom of the Press, said: "The sweeping
nature of such an order is not just unconstitutional, but truly
outrageous. Its absurdity is compounded by the fact that it presumes
toreach parties not subject to the court's jurisdiction."
"Unfortunately, many judges seem to think that the old,
well-established standards barring prior restraints on publication of
truthful, lawfully obtained information don't apply to electronic
records or other court information," Leslie said. "They do."
Tanner is an unpredictable 82-year old jurist known to use his
contempt powers broadly.
In a prior trial involving Bell's defense lawyer, Robert Leen, Tanner
briefly held Leen in contempt after his client's son acted up in
court.
Tanner also sealed the entire case file, including traditionally
public documents such as the charges against the defendant, until the
jury reaches a verdict. The trial is expected to conclude Friday or
Monday.
[...]
----- End forwarded message -----
1
0
------ Forwarded Message
From: Muheed Jeeran <muhidanj(a)YAHOO.COM>
Reply-To: The Biometric Consortium's Discussion List
<BIOMETRICS(a)PEACH.EASE.LSOFT.COM>
Date: Mon, 7 Feb 2005 12:52:13 -0800
To: <BIOMETRICS(a)PEACH.EASE.LSOFT.COM>
Subject: Subject: Hacking Fingerprint Readers
Hello all
I have report of fake the fingerprint reader. Is this technique is fooling
the most of the fingerprint readers currently? Or are they any improvement
to block this impostor attempt?
I think it is better to talk about this matter, cause the biometrics
becoming a major security barrier to most of the governments currently,
especially on national security. If we cannot cope to block this kind of
attempt, I think our biometric industry will have to face a major blow;
Cause public is still not much interest to keep their feet on our security
measure. Our responsibility is to keep this Industry stable by developing
this technology by looking at the criminals move on break this security
barrier.
Muheed Jeeran
Bsc Hons Computing
Subject: Hacking Fingerprint Readers
Last year in the June issue of CRYPTO-GRAM you made a reference to our
article "Don't get your fingers burned". In the article we describe two
methods to duplicate fingerprints. One method assumes co-operation
(somebody "lends" his finger to make a duplicate), while in the other method
a lifted latent fingerprint is duplicated by means of a photo/chemical
process. With these dummy fingerprints we have been able to fool all
fingerprint sensors we have tested in our lab and on exhibitions (about 20
different brands). I started with these
experiments in the early nineties, so more than 10 years ago.
Last week we were invited by the BBC to come to London for in interview
about duplicating fingerprints. The reason was that the British
Administration intends to add biometrics to the new British identity card,
one of the options is fingerprint biometrics. The programme,
"Kenyon Confronts" has aired on Wednesday October 29th and is (for a short
period of time) available for on-line viewing at the BBC site.
Since my first experiments were dated ten years back, I decided to redo my
experiments. I knew it would be easier to duplicate fingerprints with all
the materials and equipment available today, but the results even amazed me.
To give you an idea, ten years ago to make a duplicate of a fingerprint with
co-operation took me 2 to 3 hours and for an optimum result I used materials
used by dental technicians. Nowadays I use materials you can buy in a
do-it-yourself shop and the total material costs are about $10 (enough for
about 20 dummy fingers).
The time it takes to make a perfect duplicate is about 15 minutes (with
special material it can be reduced to less than 10 minutes). To make a
duplicate of a lifted fingerprint took me several days in 1992 and I had to
do a lot of experiments to find the right process/technique. Now it takes
me half an hour and the material costs are $20 (also sufficient for about 20
duplicates), the only equipment you need is a digital camera and an UV lamp.
Not only do I now make the duplicates in a fraction of the time, but also
the quality is better.
The reason for writing you all this is the following. Although, most of the
fingerprint manufacturers still ignore that there is a problem or claim to
have solved it, some are willing to admit, but use the argument that it is
very difficult and expensive to duplicate fingerprints and that it can only
be done by highly skilled professionals. In the first place I think this is
not a very strong argument, second I admit I am a professional, but now the
average do-it-yourself is able to achieve perfect results and requires only
limited means and skills.
So it is our opinion, that as long as the manufacturers of fingerprint
equipment do not solve the live detection problem (i.e. detect the
difference between a live finger and a dummy), biometric fingerprint sensors
should not be used in combination with identity cards, or in
medium to high security applications. In fact, we even believe that
identity cards with fingerprint biometrics are in fact weaker than cards
without it. The following two examples may illustrate this statement.
1. Suppose, because of the fingerprint check, there is no longer visual
identification by an official or a controller. When the fingerprint matches
with the template in the card then access is granted if it is a valid card
(not on the blacklist). In that case someone who's own card is on the
blacklist, can buy a valid identity card with matching dummy fingerprint
(only 15 minutes work) and still get access without anyone noticing this.
2. Another example: Suppose there still is visual identification and only
in case of doubt--the look-alike problem with identity cardsthe fingerprint
will be checked. When the photo on the identity card and the person do not
really match and the official asks for fingerprint verification, most likely
the positive result of the fingerprint scan will prevail. That is, the "OK"
from the technical fingerprint system will remove any (legitimate) doubt.
It is our opinion that especially the combination of identity cards and
biometric fingerprint sensors results in risks of which not many people are
aware.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-------------------------------------------------------------------
The preceding was forwarded by the Biometric Consortium's Electronic
Discussion Group. Any opinions expressed here do not necessarily
reflect those of the Biometric Consortium. Further distribution
is prohibited.
LISTSERV members may access the BIOMETRICS mailing list archives or change
their subscription settings (including removing your name from the list)
at: http://peach.ease.lsoft.com/archives/biometrics.html.
Also, you may revove your name from the list by sending the command
"SIGNOFF BIOMETRICS" to <LISTSERV(a)PEACH.EASE.LSOFT.COM>. Please do not
send the "SIGNOFF BIOMETRICS" command to the BIOMETRICS list.
You may update your membership information (new e-mail address etc.) by
sending a message to <bailey(a)biometrics.org> providing the updated
information. Please do not send membership information change requests
to the BIOMETRICS list.
Problems and questions regarding this list should be sent to
BIOMETRICS-request(a)PEACH.EASE.LSOFT.COM.
-------------------------------------------------------------------
------ End of Forwarded Message
-------------------------------------
You are subscribed as eugen(a)leitl.org
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net
[demime 1.01d removed an attachment of type application/pgp-signature]
1
0