News Release (Environics): Monday, September 16, 1996 Smart Card Forum Draws 500 Industry & Government Leaders SAN FRANCISCO-- The Smart Card Forum today announced that more than 500 industry and government leaders met at its Annual Meeting in San Francisco to review the progress of smart card technology and to lay the foundation for the accelerating pace of its adoption during 1997. Representatives from a "who's who" of government and corporate America gained first-hand information and senior-level perspectives that will help them make strategic decisions around the use of smart cards in emerging markets such as payment, network security, relationship banking, remote data access, and cellular phone security. The way in which the combination of PC and smart card technologies will accelerate the deployment of new applications providing a greater security and portability on the Internet was an area of particular interest. "As these exciting new applications are created and gain momentum during the next five years," says Jean McKenna, Forum President, "the smart card becomes a logical vehicle for distributed information management, identification, security and payment." According to McKenna, who also is V.P. Payment Technologies, Visa International, "The impact will be revolutionary, widespread and positive -- especially for consumers." Speakers on the theme: The History of Money - The Future of Payments: Past, Present and Future Perspectives on How Commerce is Enabled, included: -- Martin Mayer, author of The Bankers and numerous financial and business books and Guest Scholar at The Brookings Institution in Washington, D.C.; -- Peter Hill, Executive Vice President, Visa International; and -- Michel Ugon, Vice President, R&D, Bull CP8, and early developer of the microprocessor smart card. 1996 will be looked at as the year when stored value applications on smart cards started serious deployment in North America. The 1996 Annual Meeting reflected the crest of this wave with presentations today on four leading stored value card implementations. The speakers were: -- Cynthia Bengier, Vice President, Wells Fargo, for Mondex International; -- Edgar Brown, Vice President, First Union National Bank, for Visa Cash; -- Michael Bradley, Project Manager, Bank of Montreal, for Proton; and -- Lin D. Ison, Executive Manager, Smart Card Systems, Commonwealth Bank of Australia, for MasterCard Cash. The next wave in smart technology The next wave coming that will capture more and more energy of the Forum and its members is the Internet. The combination of PCs and smart cards will promote the development of new applications that tie security and portability together. "The emergence of 'virtual' merchants and the expansion of mechanized payment options promises to offer consumers, merchants, and financial institutions a broad set of new opportunities," says Roger Bertman, Vice President and General Manager, Internet Commerce, VeriFone. "In particular, the Internet will offer a whole new world of selling and buying, and the mechanization of what has been cash will provide a basis for expanded purchasing options. The smart card will clearly be the 'glue' that will enable the disparate worlds of physical and 'virtual' merchants and a broad spectrum of payment methods to be brought together in order to tap these opportunities." Interoperability was among the pivotal issues addressed by Gerald Smith, Manager, Smart Consumer Services, IBM. "As smart card implementations evolve from single to multiple-applications and from single to multiple-issuer services, the subject of interoperability is gaining increased scrutiny," says Smith. To achieve critical mass, interoperability between cards and reading devices is required. Panelists addressing the future directions and strategies of payment included: -- Janet Hartung, SVP, Wells Fargo; -- Marlee Laks, Technology Leader, American Express; -- Tim Steward, EVP, Mondex International; -- John Tunstall, VP, MasterCard International; -- Bette Wasserman, VP, Bank of America; and -- Gaylen Howe, Visa International. John D. Wright, Senior Counsel, Wells Fargo, and John Burke, Partner, Foley, Hoag & Eliot LLP, moderated a panel discussion of key legal, public policy and private issues presented by a multi-application smart card, including Regulation E, FDIC insurance and relevant state laws. Consumer and merchant research shows smart card potential A new Forum study made public at the meeting indicates that merchants are quickly focusing on the many other benefits smart cards offer, beyond the stored value application, and they see different benefits to be derived from the technology. These benefits include customer information, offering loyalty or "frequent shopper" programs, electronic ticketing and couponing and stored value for self-service purchases. A second important finding of the study is that a surprisingly low level of customer base penetration is required for many merchants to realize the benefits of smart cards. Grocery stores, convenience stores, movie theaters and gasoline retailers indicated that a mere two to 10 percent of consumers -- an extremely low threshold of marketplace demand -- is required for them to realize the benefits of smart card implementation. "A smart card, as opposed to a magnetic stripe card, has the capability of storing information, monetary value, processing transactions off-line, and enhancing a consumer's security and privacy," McKenna says. "Merchants are quickly focusing on the many benefits smart cards can offer both them and consumers." Consumers also favor multi-application smart cards -- 61 percent responded positively in Forum research. They prefer multi-application smart cards in order to carry and access information needed in an emergency and to reduce the number of cards carried, paper records kept and forms to be filled out. The Smart Card Forum The Smart Card Forum is a non-profit, multi-industry membership organization promoting the widespread acceptance of multiple application smart card technology in North America. Its primary mission is to bring together in an open forum, leaders from both the private and public sectors to address topics associated with the development and evolution of smart card technology applications. The Forum was established in September 1993 and currently has more than 225 corporate and government members including: Chase Manhattan, Citibank, Bellcore, MCI, MasterCard, Visa, IBM, Microsoft, Mobil Oil, Schlumberger, Gemplus, Delta Airlines, U.S. Postal Service, the Federal Reserve, U.S. Department of Treasury and U.S. Department of Defense. Associated Press: September Wednesday, September 18, 1996 As Electronic Cash Emerges In U.S., Regulation In Question By Guy Dixon NEW YORK-- As microchip-embedded smart cards hit the market, U.S. banks and credit-card companies are hedging their bets. They don't want regulations that prevent new applications for smart-card technology - from simple cashless purchases to potential uses like bank or credit-card fund transfers, all with a single card. But they also quietly welcome rules that could boost their market share over other companies issuing competing smart cards. The main issue is whether the U.S. Federal Reserve Board will require smart-card issuers to provide receipts for all sorts of electronic cash transactions, a move that could play to the strength of the credit card issuers that now dominate electronic transactions by applying rules they must follow already for conventional credit and debit cards. Established card companies which have dominated the U.S. credit-card market since the 1960s are hoping government policy on electronic cash will follow the lines of current bank and credit card regulation. To address some of these concerns, the U.S. Treasury will host a conference on September 19-20 in Washington, D.C. on the role of government in electronic money and banking. Scheduled speakers include Treasury Secretary Robert Rubin, Federal Reserve Board Chairman Alan Greenspan, and Citicorp Chairman and CEO John Reed. So far, the Fed is taking a wait-and-see approach on emerging electronic money. 'The general consensus is that we don't want to over-regulate and stifle innovation,' said Washington Fed spokesman Joe Coyne. Yet as new digital cash products hit the market, many say regulators will have to adapt existing rules to the emerging electronic cash market. Banks, in particular, worry that if regulation is too lax, all sorts of non-financial companies could flood the market with alternative cash forms. They worry about being driven out of the electronic market by competition, said Gerald O'Driscoll, vice-president and director of policy analysis at Citicorp. Analysts point out that regional and long-distance phone companies, along with other large and trusted companies, could easily market their own smart cards to customers, such as a smart-card version of AT&T Corp.'s Universal card. Indeed, AT&T is collaborating with National Westminster Bank PLC to develop smart cards in the U.S. The problem with any new regulation is that no one knows what type of smart cards the market will embrace. Smart cards are currently being test-marketed primarily as stored-value cards, holding a limited cash amount that a cardholder can use for purchases until the card runs out. Yet with a smart card's microchip able to hold up to 80 times more information than the magnetic strips on conventional credit cards, many in the industry see the distinctions between bank cards, credit cards and store-value cards blurring to the point where a single smart card could do the work of all three. European credit cards already commonly come equipped with microchips, allowing merchants to verify a payment at the point of purchase. And stored-valued telecom cards with tiny chips are everywhere. 'In the end, it comes down to which features people will pay for,' said Lawrence White, economist and electronic commerce analyst at the University of Georgia. 'And that is the danger of regulation jumping the gun.' Visa USA's test run of smart cards in Atlanta during the Olympic Games featured cards that used only a fraction of a microchip's potential. The cards stored amounts of up to $100 which cardholders could then draw on for purchases. Some Atlanta banks, such as First Union, went one step further, issuing cards whose value could be reloaded. In another promotional blitz, participants at Vancouver's international AIDS conference this summer could buy VISA Cash cards for use at conference venues. Later this year, VISA plans another trial run of stored-value smart cards in Manhattan's Upper West Side with MasterCard, Citibank and Chase Manhattan. These smart cards, typically sold in $10, $20, $50 and $100 denominations, differ from debit cards, such as checking cards which already are being distributed widely by many banks in the United States and Canada. When a debit card is inserted into a merchant's card reader, the amount of the purchase is deducted from the buyer's bank account. Because there is a transfer of funds, the merchant's card-reading device has to be connected to a bank or credit card company by phone lines. Smart cards, however, can transfer a certain amount of funds from the card itself to a card-reading device usually without having to go on-line. Not all smart cards are alike. A leading competitor to VISA Cash and MasterCard's smart cards is National Westminster Bank's Mondex card, now being test-marketed in the U.K. and soon in Canada. Mondex cards are stored-value cards, with the added feature that the funds can be transferred electronically to another Mondex card, allowing a card-owner to give money to someone else in the same way one can with cash, said Fred Billings, a Mondex developer at the Royal Bank of Canada. AT&T is currently in an alliance with NatWest to develop the Mondex card in the U.S., said Mitch Montagna, spokesman for AT&T Universal Card Services. VISA's technology, on the other hand, is geared more toward the company's long-term approach of sticking to established credit-card billing and account practices, a traditional market niche VISA want to hold on to with affliated banks, said VISA USA Executive Vice-President Rosalind Fisher. 'We are riding that horse right now, but we'll have to see which system the market takes to,' Fisher said. But some digital cash developers continue to worry that any regulatory move, once it comes, may be the wrong one for their product. Much of the debate hinges on Regulation E of the 1976 Electronic Funds Transfer Act, say analysts. Reg E requires issuers of ATM and other electronic fund transfer cards to provide receipts and account statements to cardholders. It also requires issuers to assume certain liabilities if funds are electronically lost or stolen. Stored-value smart cards are seen as largely exempt from this regulation, at least for the time being. The Fed is still weighing the impact of cards in denominations of $100 or less. But the industry is going on the assumption that stored-value cards of $100 and under will not require receipts or credit statements, said VISA USA's Fisher. WNET's Future of Money: September 16, 1996 Viewpoints Is Cyberspace Safe for Financial Transactions Today? YES. William M. Randle, Senior Vice President and Director of Marketing, Huntington Bancshares, Inc. Some cyberspac transactions can be made very secure with technology in use today. But... The security currently in place is not ready to safeguard fast, simple, low-cost transactions that would allow customers to order items and authorize direct bank payment to the merchant. That would require the financial information pathways between banks to be protected by public-private key encryption, such as RSA encryption, invulnerable to unauthorized persons. And the value of encryption depends on a reliable authentication procedure, assuring that both senders and receivers of financial information are who they say they are. A variety of solutions to protect every stage of cyberspace transactions have been proposed. I am most impressed with the system in use at Security First National Bank, the first Web-only bank, as well as at Huntington National Bank; it has been approved by the government for secure electronic banking transactions, and has been proven over time. The system server, the Hewlett-Packard Virtual Vault, has been used by the Department of Defense for a number of years, and the banking software was developed by 5 Paces Technology in Atlanta. The problem of authentication is harder to solve. Real-time settlement of third-party transactions will require all insured financial services institutions to agree on a central trusted authority to provide for the safety and soundness of the future electronic payment system and insure privacy of information for all involved. Not only must the authentication procedure be reliable---it must also be perceived as reliable, and implicitly trusted by buyers and sellers, if electronic commerce is to grow to its full potential. Currently, the banking industry is engaged in a collaborative effort to evaluate the technology that exists today, with a view toward the creation of such an authority. As the group most knowledgeable and experienced in handling money safely and efficiently, and which has long held the public trust in financial matters, it is to be hoped that they succeed. When they do, the answer to the question "is cyberspace safe for financial transactions today?" can be answered with an unqualified Yes." NO. Colin Crook, Senior Technology Officer, Citibank. The fact is that secure financial transactions cannot be assured today in the new and dramatically changing landscape of cyberspace. Market participants need to improve security and learn more about doing business in the electronic marketplace before providing assurance to their customers that they can safely do business there. Companies must be honest with their customers, making them aware of the risks of doing business in cyberspace and providing assurance that the enterprise values the customer's security and privacy. Today we are witnessing a series of experiments in electronic commerce, experiments conducted by all sorts of companies. These opportunities for learning-- on the part of both market participants and customers--will lead to further improved products and to levels of security that approach, or even surpass, the levels present today outside of cyberspace. The experiments are challenging the capabilities of both the technology and the enterprise itself, and the willingness of the customer to accept new and often novel ways of doing business. Customers value this kind of experimentation and innovation; however, where the customer's money is concerned, we at Citibank have learned that trust is paramount! In this context, managing the balance of the level of security with the factors of customer convenience and business opportunity becomes the focus in moving forward. Companies must manage risk so as not to compromise customer trust. Because some companies-- mostly non-traditional providers of financial services-- have released products very quickly, a major concern is that ill-conceived or hasty experiments may cause damage to the reputation of the entire marketplace. Because absolute security is impossible, an overriding consideration for security and customer trust must dominate the experiments- -which Citibank and other institutions with long histories of customer relationships emphasize in their approaches to cyberspace transactions. Customers already understand and accept the risks associated with credit cards and other financial instruments. Customers in cyberspace should be aware of the experimental nature of this new business environment and use caution before taking on the risks contained within it. As Senior Vice President and Director of Marketing and Strategic Planning at Huntington Bancshares Inc., William M. Randle has developed direct service channels, including Huntington Access, which uses teleconferencing and other electronic channels in the world's first complete virtual branch offices. On June 2 of this year, Huntington launched a Web-based bank. Colin Crook is Senior Technology Officer, Citibank. He is responsible for establishing technology policy and standards, introducing new technology, evaluating the quality and direction of system efforts, and introducing technology policy within the corporation. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps