Pay Sys Proceedings

Proceedings from the Workshop on
Promoting the Use of

Electronic Payments:
Assessing the Business,

Technological, and
Legal Infrastructures
CO-SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND INSTITUTE FOR SCIENCE, LAW, AND TECHNOLOGY OF THE ILLINOIS INSTITUTE
OF TECHNOLOGY. CHICAGO, ILLINOIS. OCTOBER 78, 1999
Workshop Planning
Organizing Committee
Henry H. Perrittt, Jr., Dean, Vice President, and Professor of Law, Chicago-Kent College
of Law, Illinois Institute of Technology (Chair)
Richard Warner, Associate Professor of Law and Director, Building Businesses on the Web
Program, Chicago-Kent College of Law, Illinois Institute of Technology
David R. Allardice, Senior Vice President and Detroit Branch Manager, Federal Reserve
Bank of Chicago
Bob Chakravorti, Senior Economist, Emerging Payment Studies Group, Federal Reserve
Bank of Chicago
William C. Conrad, First Vice President, Federal Reserve Bank of Chicago
Elizabeth A. Knospe, Asst. Vice President and Asst. General Counsel, Federal Reserve
Bank of Chicago
Brian Mantel, Program Manager, Emerging Payment Studies Group, Federal Reserve Bank
of Chicago (Secretary)
Numerous individuals contributed to developing this workshop. We would like to thank

several individuals in particular for their support and ideas:
Pat Barron, Amelia Boss, Roger Ferguson, Gerald Fox, Emery Kobor, Jennifer Hatcher,
Henry Judy, Jim Luisi, Debbie ODell, Rich Oliver, Erick Peterson, Janet Smith, Jacki Snyder,
Diogio Teixera, and Michael Versace.
Workshop Support Team

> 2
May Chirand, Ping Homeric, Tasha Kincade, Hala Leddy, Helen Lee, Sara Martinez (Coordinator),
Leonardo Mayer, Loretta Novak, Jeff Paek, Todd Pedwell, Alpa Shah, Joanna Skirucha,
Elizabeth Taylor, Barbara Van Brussel, and Nancy Wolff.
Citing Speaker Presentations

Before citing speaker presentations extensively, please contact the individual to gain authorization
in advance.
Sponsors Web Site Addresses

www.frbchi.org
www.kentlaw.edu
Proceeding from
the Workshop on


Technological, and
Introduction
When the Federal Reserve Bank of Chicago and the Chicago-Kent College of Law of the
Illinois Institute of Technology announced the workshop, Promoting the Use of Electronic
Payments, we decided upon just one objective. That objective was to consider what was
needed from the business, technological, and legal infrastructures to further the development
and use of electronic payments.
The workshops agenda was developed in consultation with a group of industry and academic
experts and took a fact-based approach, leveraging both analytical research and the experiences
of payments experts. The workshop began by considering the lessons learned from recent
pilots, end users needs, and the business case for providers. Based on these opening panels,
participants then considered whether specific technical, legal, and/or business practices stood
in the way of the migration to the use of electronic payments.
As a testimonial to the importance of the subject, over twenty-five key industry leaders worked
with other panel members to prepare for the workshop. The speakers agreed to participate in
a highly interactive format where panels built on what was discussed earlier in the workshop.
When evaluating the workshop, participants noted the value of this interactive format, speakers knowledge, and the breadth of workshop participants backgrounds and perspectives as
being critical to the workshops success.
Several results or findings emerged. First, workshop panelists outlined the beginning of a model
for thinking about payment system issues more precisely and more comprehensively. This
model proved helpful throughout the workshop in thinking about business cases for specific
payment instruments as well as in understanding when and where technology and the law
could or should influence payment systems. This model includes considering the precise
nature of the:
> 3
(1)
Participants involved in the payment transaction (e.g., consumers, businesses,

government, payment providers, other third parties, etc.),
(2)
Networks which link participants (e.g., physical network, proprietary electronic

network, open electronic network, virtual private electronic network, etc.), and
(3)
Attributes associated with payments which include authorization, clearing,

settlement, security, risk management, rights, warranties, obligations, disclosures, incentives, order fulfillment, customer service, and recourse.
Second, workshop discussions suggested that the industrys most critical future challenges
in terms of advancement of electronic bill presentment and payment, smart cards, e-cash,
online security, et cetera, center around defining business cases amidst significant uncertainty
more so than in addressing specific technology or legal obstacles. In this vein, it is important
to note that different participants took away different lessons from the workshop. As a result,
this workshop served as one forum for different participants to learn more about the challenges
and the languages of the payment provider, end user, technology, legal, and governmental
communities.
Third, the workshop raised a number of specific questions, summarized in the last panel, that
industry leaders may want to consider going forward. These questions related to the standards
and law needed to support online commerce, access to networks, models of collaboration
among providers and end users, investments in market research, and accountability for public
education. The workshop also reinforced the important role of public entities in collaborating
with market participants rather than determining market outcomes.
While no summary document can adequately communicate what was learned at a workshop,
this document is provided as one more data point for the individuals and organizations that
are doing critical work in the area. We think forums like this one, that bridge the public and
private sectors, will become increasingly important in the years to come as the pace of
change increases. On behalf of the organizing committee, I would like to again thank each
speaker, moderator, and workshop participant for their insights, candor, and involvement.
David R. Allardice, Ph.D.

Federal Reserve Bank of Chicago
> 4
Proceeding from
the Workshop on


Technological, and
Table of Contents (Day 1)

I.
Welcome . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Michael H. Moskow, President, Federal Reserve Bank of Chicago
II.
Workshop overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Henry H. Perritt, Jr., Dean, Chicago-Kent College of Law,
Illinois Institute of Technology (Moderator)
Catherine Allen, Chief Executive Officer, BITS
Patrick K. Barron, First Vice President, Federal Reserve Bank of Atlanta
Thomas P. Vartanian, Partner, Fried, Frank, Harris, Shriver & Jacobson
III.
Lessons learned from past payment experiences . . . . . . . . . . . . . . . . . . . . . . . . 20

Christopher Dallas-Feeney, Partner, Booz Allen & Hamilton (Moderator)
Jean Woodworth, President, Payment Technologies, Inc.*
Catherine Johnston, President, Advanced Card Technology Association-Canada
Gary Grippo, Program Manager, U.S. Department of the Treasury
IV.
End user expectations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

William C. Conrad, First Vice President, Federal Reserve Bank of Chicago (Moderator)
Richard I. Kolsky, President, Kolsky & Co.
George R. Hood, Director of Electronic Banking Operations, Wegmans Food Markets, Inc.
Jim Constantine, Senior Assistant Treasurer, Sears, Roebuck & Co.
Laurie Mitchell, Manager, Banking and Cash Management, General Motors
Acceptance Corporation
Eddie Zeitler, Senior Vice President, Charles Schwab & Co.
V.
The payment provider perspective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Gerald R. Fox, Editor, Payment Systems World Wide (Moderator)
David Weisman, Group Research Director, Forrester Research*
Steven Ollenburg, President, Principal Bank, Principal Financial Services Group
*Comments were not available at the time of publication.
> 5
Table of Contents (Day 2)

VI.
Opening remarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Roger W. Ferguson, Jr., Vice Chair, Board of Governors of the Federal Reserve System
VII.
Technology's role in payments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

David Medeiros, Group Director, The Tower Group (Moderator)
Dan Schutzer, Vice President and Director of External Standards, Citigroup
Guy S. Tallent, Chief Executive Officer, Identrus
Craig Macdonald, President and Research Director, World Research Advisory*
VIII.
The law's role in payments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Stewart A. Baker, Partner, Steptoe and Johnson (Moderator)
David Goldstone, Attorney, Office of Computer Crimes, Department of Justice
Thomas J. Smedinghoff, Partner, Baker and McKenzie
Amelia H. Boss, Professor of Law, Temple University
Margaret G. Stewart, Professor of Law, Chicago Kent College of Law,
Illinois Institute of Technology
IX.
Janet Smith, Executive Vice President, Wachovia

Richard R. Oliver, Senior Vice President, Federal Reserve Bank of Atlanta
Henry H. Perritt, Jr., Dean, Chicago-Kent College of Law,
Illinois Institute of Technology (Moderator & Discussant)
> 6
Proceeding from
the Workshop on
Where to go from here?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
X.
Speaker biographies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
XI.
Workshop participants. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109


Technological, and
I. Welcome
Michael H. Moskow, President, Federal Reserve Bank of Chicago
Welcome on behalf of Hank Perritt, Dean of the Illinois Institute of Technologys ChicagoKent College of Law, my colleagues in the Federal Reserve System, industry leaders from
local banks, members from several leading trade associations, and consultants, all of whom
contributed their ideas and expertise to developing this program.
We are delighted that you are here and that this workshop has attracted such an excellent
and diverse group. Your willingness to participate indicates the importance of the subject.
It is a challenging subject that involves some tough questions about business, technology,
law, and public policya subject that requires a range of expertise and a variety of perspectives. A number of organizations are doing very critical work in this area. Our goal is not to
duplicate these efforts. Rather, it is to frame the discussion of key public policy questions
around the business case for electronic payments. These questions include issues relating
to standards, privacy, jurisdiction, contracting, access to payments, and many others.
To set the stage, let me briefly review where we are with electronic payments. As you know,
the data on payments are limited in availability, quality, and consistency, so it is hard to get
good apples-to-apples comparisons. But keeping that in mind, let us look at some numbers.
We had about 65 billion checks written in the United States in 1998 with about 1-2% annual
growth. If we look at the credit card numbers, there are under 15 billion transactions in the
same period of time with growth around 10% per year. So despite some significant increases
in the use of credit cards, they still do not rise to the level of checks at the macro level across
the economy. Of course, if we looked at these numbers at the point of sale, we see that
credit cards are being used extensively. Considering growth in debit cards, in 1998 they were
running at approximately four billion transactions, though with growth around 30% per year.
Nonetheless, while debit card use clearly has increased, it still does not come close to the
use of credit cards, no less to the use of checks. You will be hearing about the Federal
Reserves efforts to develop some good baseline statistics later from Pat Barron, First Vice
President of the Federal Reserve Bank of Atlanta, who is leading the Federal Reserve
Systems efforts in this area.
Why are we so interested in discussions about electronic payments? First of all, one of the
primary purposes of the financial services industry as a whole is to support how business is
done and how business will be done in the future. As a result, we must not only concern
ourselves with the future of the payments mechanism, but think of it in terms of the end
user, and that is, in terms of consumers, small and large merchants, and the government.
Second, as you know, part of the Federal Reserves mission is to foster an efficient and
effective payments mechanism. The rapid changes caused by technology mean that we
sometimes have to do double time to keep up. Forums like these promote discussion and
debate on a number of questions that are critical.
> 7
So what have we learned to date on the subject? We have learned that there is a long list
of potential obstacles. We can each give our top ten lists. Checks are cheaper, there are
misaligned incentives, there are legal barriers, and, of course, there is the chicken and egg
network issue. But the more that we have studied this, the more we have learned that
these potential obstacles and barriers must also be studied from the perspective of different
stakeholder needs. And that brings us to today.
We have boiled these questions down to four general areas for conversation based on many
discussions with the industry, Federal Reserve colleagues, and others. And those are the
areas we will focus on today. The first area is: What can and what should be learned from past
and ongoing experiences, both domestically and internationally? Second, what will consumers
and merchants require? What will end users value in terms of payment capabilities? Third,
what is the business case for different payment models? For card-based systems? For electronic banking? For e-cash? And finally, what are the implications for technology, standards,
the law, and for business practices?
We are not going to be able to cover all of these topics in detail, and we do not intend to. We
do want to focus on a manageable number of questions. As a result, we will not be able to
focus on questions such as serving the unbanked or the potential implications of electronic
money on monetary policy. Obviously, there will be no easy answers. We appreciate your
participation and are looking forward to the next two days.
> 8
Proceeding from
the Workshop on


Technological, and
II. Workshop Overview

Henry H. Perritt, Jr., Dean, Chicago-Kent College of Law, Illinois Institute of Technology
(Moderator)
I would like to say how pleased the Chicago-Kent College of Law and the Illinois Institute of
Technology are to have helped organize this program. We believe that universities ought to
generate not only intellectual capital but that they should be active participants in working
with institutions in the real world to help translate theories into something that is useful to
people who have to make decisions and deploy new systems of commerce and democracy.
We want to set up a conceptual framework so that, as the two days proceed, we can think
hard about the choices that people will have to make among different models for payment
systems. Should we think about a greater use of technology to improve the check system?
Should we think about the use of new technologies to improve the credit card system? Or
maybe smart cards are the answer. Or maybe none of these past models are most appropriate for electronic commerce and instead we should think about developing new approaches
for cybercash. People will have to make some tough choices with respect to the payment
system models that they think will resonate with consumers, financial service institutions,
and their merchant customers. In most cases, they will have to make choices in the midst
of considerable uncertainty about what consumers, financial institutions, and merchants
eventually will want.
Let me just make a couple of observations about what draws us here. There is nothing new
about computer networks. Your industry has been using computer networks for multiple
decades for wholesale financial transfers and for several decades for consumer banking
transactions. These computer networks, however, were closed networks. What we are
confronted with now in the form of the Internet is an open network. Now why should that
matter? It matters, I submit to you, for three reasons.
First, when you have a closed network, like an ATM network or CHIPS, you know in advance
with whom you are dealing. In an open network, like the Internet and its World Wide Web,
you do not have that kind of assurance because the people you deal with may be strangers.
The second reason open networks make a difference is that they permit participants who
offer goods or services or software to specialize very narrowly. This enormously reduces the
economic barriers to entry. That has implications for payment systems. Third, open networks
are inherently global. If someone puts up a Web page in the west Loop of Chicago, it is as
visible immediately in East Timor as it is in other parts of Chicago. Globalization has huge
implications for how our legal system accommodates itself to problems that arise in any
marketplace or political arena.
When we think about electronic commerce, it is useful, as Im sure you already do, to distinguish between merchant-to-consumer transactions and merchant-to-merchant transactions.
It also may be useful to make a further distinction among three types of electronic commerce: electronic shopping and electronic fulfillment (e.g., downloading Netscape Navigator),
electronic shopping and physical fulfillment (e.g., purchasing a book at Amazon.com), and
> 9
electronic advertising. The implications for good payment system design may differ depending
on which type of electronic commerce we are talking about. With that, I will turn it over to
the panel.
Catherine Allen, Chief Executive Officer, BITS

My task this morning is to set-up the framework for e-commerce and paymentshow the
two are linked together. I will end telling you about BITS and how we work on behalf of the
industry. The Federal Reserve has been involved, both at the Regional level and the Board
level, in a number of BITS initiatives around the payments infrastructure, fraud, and emerging technologies.
Let me start by saying the greatest challenge that we have in the financial services industry
is probably our culture. The Internet and the Web are part of a much broader influence called
the New Economy. What we are seeing is massive change in the way that we do business,
and not only changes in the channels of distribution. When we talk about e-commerce and
payments, sometimes we use them interchangeably. But e-commerce and the Internet are
going to have a much wider impact today than the payments industry has or ever will have.
> 10
Information technology investments by banks have been traditionally high. In fact, in the
U.S. we spent about 25 billion dollars last year, much of that for Y2K. What we are seeing
is a change in emphasis in the banks on revenue growth and on new types of products and
services that will take them into this New Economy. Most of these products and services
are based upon the Web, PCs, and the Internet. Part of that investment will be in Web
Banks, Internet connections, and extranets. Part of it is going to be based upon increased
expenditures on security.
What is driving all of this interest in the Web? It is part of a convergence of technologies and
data processing, and access to our customers, whether they are at home, the workplace, or
in a mobile environment (See Figure 1). It is not just financial services companies that are
impacted. Many of the players that are moving into financial services have different motivations than we have. AT&Ts entry into the credit card business and MSFDCs (the Microsoft
and First Data venture) entry into electronic bill payment are two examples of non-traditional
players entering the financial services arena. They were not entering the payments business
only for profit, but really looking at it as a way to collect information about their customers.
One of the areas that BITS has looked at is the payments infrastructure. We conducted a
meta-architecture project two years ago when we first started BITS. This is a methodology,
used by the telecommunications industry, to de-layer complex systems. BITS efforts looked
for the value that might exist in payment systems and where financial services companies
needed to be. One of the first interesting things we found is everybody who participated in
the task force asked, Why are we doing this, we know payments, we have done this a
thousand times before? It turned out they did know payments, but only a narrow part of it.
Proceeding from
the Workshop on


Technological, and
Figure 1: Shifting Competitive Environment in Financial Services

Traditional
Industry Players
Players Who Want to

Leverage Customer Databases
Banks
Credit Card Companies
Associations
ATM/POS Networks
Merchant Acquirers
Transaction Processors
Software Companies
Government Entities
Telecommunications Companies
Retailers
Manufacturers
Insurance Companies
Security Firms
Players Where Payments Enable

Delivery of Core Products & Services
Telecommunications Companies
Utility Companies
Cable Companies
Entertainment Companies
Online Services Providers
Software Companies
Retailers
They knew check processing, but did not know anything about debit cards, individuals in debit
did not know anything about credit cards, and so forth. It took getting them all in the same room
at the same time to start to look at this payments infrastructure from a new perspective.
> 11
We concluded that there are only two or three different payments infrastructures. Most of
the others can be leveraged off each other and are really products rather than systems.
Another conclusion was that core payment processing and settlement was not necessarily
the business that is most attractive. We were worried at the time whether nontraditional
players would want to come into the payments infrastructure business. The answer was
probably not, because those parties would be glad to ride over the existing infrastructure
that the banks had put together. The real value was in the customer interfaces for the products and servicesadded value was in the customization of the offer. This has affected the
strategies that we have developed and, in particular, how to take costs out of the existing
payments infrastructure.
We brought to the CEOs attention the importance of the payments business. We found that
for the 25 largest banks, based on Federal Reserve research, contributions to revenues by
the payments business were as high at 40 to 75 percent. I can tell you, we got the CEOs
attention, and certainly they have learned a lot more about payments and the importance of
the business to their revenue streams.
Another question we addressed was: To what extent do we want to maintain limited

access to the payment systems, open access to the payment systems and look where value
might be brought to existing and emerging systems from providing safety and soundness?
E-commerce and payments are linked because one of the roles that banks and financial
institutions have is being the enabler for e-commerce to occur. As we know, there is a
whole body of law that is not yet established for the electronic world. For a long time it is
going to be physical and virtual worlds working together. There is a role for banks to provide
the expertise and to provide that enabling infrastructure of safety and soundness.
Banks, like other players, also take on the role of a retailer in e-commerce. The Internet itself
is changing the way we live and work. Today most devices on the market, including the
cellular phones, have Internet access as part of their capability. The audience or potential
marketplace has dramatically increased and continues to do so in other countries. Not only are
the early adopters of the Internet more affluent and more educated, but the fastest growing
age group on the Internet is 55 plus. Just two years ago the number of women using the
Internet or PCs was around the 25 percent mark, and the year before that it was at 10 percent.
Were now at 50 percent. Why is this significant? Research shows that in 70 percent of U.S.
households, women do the banking, pay the bills, handle account balancing, and purchasing
for the household. When you look at online shopping, it is significant to have women using
the Internet.
> 12
Bill presentment and bill payment will be one of the most significant applications for customers
and financial institutions. Not only is it important because it will take payments away from
traditional credit card or check payment processing, but it also provides a wealth of information on how people spend and how they are managing their budgets. Many players who are
entering the bill presentment/bill payment market are interested in that information and thats
why the privacy concerns of consumers must be protected.
Online trading has been far more popular and certainly has grown much faster than online
banking because there has been a real reason to be onlineto trade, to get information, and
to see your financial positions. The banking arena has been slower to follow because we have
not had bill presentment and bill payment. There has not been enough that has been available
for customers to do other than see whats in their account, and we can do that by telephone
or, for that matter, at most ATMs. Home banking is expected to grow dramatically, however,
as aggregated information is made available, I think you will see more and more banks adding
transactions to their Web sites.
There are many new business opportunities that are based upon information aggregation
the ability to pull information together. It is these business opportunities that drive not only
financial institutions, but also motivate portals and technology providers to enter the financial
Proceeding from
the Workshop on


Technological, and
services arena. Payments are the underlying infrastructure, and from that they believe they
can offer additional financial services. One of the most significant roles you will see for
financial institutions and portals is what is called the aggregator. An aggregator is where, at
a customers desktop, in a real-time environment, account information including banking
relationships, securities, and insurance will be available. The technology exists and software
platforms are being developed. BITS has an aggregator task force working on in this particular
arena. Portals are pursuing the aggregator role right now as well as by Schwab and Fidelity.
As financial institutions we have to move fast in this area.
One of banks greatest concerns about e-commerce is the viability of the business case. You
cannot do a regular business case, a regular ROI (return on investment). One of the things we
are communicating with the CEOs about is how to evaluate technology spending and investments in e-commerce. There are many choices that you may have. Right now you are seeing
a variety of choices from Web-enabled businesses to entirely new Internet banks, to really
integrated approaches which Schwab and Chase.com have right now.
Among the challenges will be: Can we offer a secure environment? Do we have the ability to
provide security and continue to have safety and soundness? Can we protect our customers
information and have principles that will be followed by the industry? And how do we authenticate and authorize our customers? All of those are roles that the banks can play and should
play quite well.
Let me say a few words about BITS. BITS is the financial services industrys swat team on
e-commerce and payments. We were developed two years ago as a consortium to focus on
issues such as: (1) standards, as we have with IFX (Interactive Financial Exchange); (2) developing privacy principles and taking a leadership role for the industry in this area; (3) ensuring
security by developing the Security Lab and a BITS Tested Mark, sort of an underwriters lab
mark for secure browsers, servers, and so forth; and (4) taking costs and redundancies out
of the infrastructure. Another issue is the impact of extranets and intranets on the existing
payments networks. We are addressing the associated opportunities and threats to financial
institutions. On almost all of these initiatives we have the Fed working with us. The BITS
Board is very active, the CEOs are very involved, very informed on this.
Let me close with a quote from Bill Gates about the changes that are coming about: This
new economy and the Internet are changing all of the fundamentals, all of the ways that
were doing business. And its just the beginning, the tip of the iceberg. The winners are
those who get it.
> 13
Patrick K. Barron, First Vice President, Federal Reserve Bank of Atlanta

For those of you that did not see the Dateline show earlier this week, Catherine Allen did a
fantastic job in outlining some of the issues as they pertain to the payment system. It was
really a battle cry for us to move forward and come up with a better system of payments
based on electronics. I say that because many of us assume today, as we struggle with the
various electronic options, that the existing paper-based systems are without flaw. This
assumption is not true. We have many problems today and many take the current imperfect
paper-based system for granted.
Yet in looking forward, from a Federal Reserve perspective, my job in the Fed is to bring focus
to the Federal Reserve activities and to work with Catherine and other organizations as we try
to peer into the future and determine what is the future of electronic payments. A look into the
future is very much like looking into a dense fog from the standpoint that I am not quite sure
whether there is an iceberg out there or whether there is a safe harbor ahead. The reason we
have such a cloudy future is that we have not devoted enough time to effective market research
for understanding what drives the industry and what drives consumer decision-making. We
need to do more of that than we have in the past. You will hear from Jean Woodworth from
Payment Technology, Inc., later on this subject.
> 14
I do want to talk about some of the research that we have underway and what we will be
doing in the future. Every payment system that we have in place today is growing. Certainly
electronic alternatives are growing at a much faster rate, but their volumes pale in comparison
to check usage. As Michael Moskow noted, there are about 65 billion checks written each
year and usage is growing at about 2 percent annually. In addition, consider credit card volumes
with over 13 billion transactions, growing at 10 percent a year, as well as debit card volumes
approaching five billion transactions and growing about 40 percent annually. Note that these
figures do not include emerging payments.
From these figures you would say that everything is growing and nothing is contracting, and
yet on an individual basis, I think all of us would recognize that we are writing fewer checks
today than we ever have before. Our best evidence and research today would indicate that
we are approaching a plateau in checks. In three to five years from now, we may actually see
that plateau level out to a point and maybe take a slightly downward drift. I think I made that
point in 1982 at a similar conference. But, I feel a little better about this one because I think
we have better market research on current trends.
From a Federal Reserve perspective, our check business is growing at about 5 percent a year,
while the overall market is only growing about 2 percent a year. Banks are making logical
choices to streamline their infrastructure and to outsource the check business to the Fed
and other entities as they begin to move those capital investments over to potentially more
profitable enterprises such as the Internet and electronic payments. As I look at the industry
today, I draw an analogy that banks are somewhat like sailing ships: they are riding the waves
of change, trying to decide which port to pull in to, not knowing if that port has sufficient
Proceeding from
the Workshop on


Technological, and
infrastructure to support their needs. Not surprisingly though every port, every opportunity,
seems to be guarded by reefs or barriers that make a safe landing potentially perilous. These
barriers include consumer attitudes, legal impediments, uncertainties about the Internet, and
certainly the economic perspectives of whether or not it makes money. In that regard, I would
submit to you that most organizations today have remained anchored offshore a mile or two
and have only deployed their dinghies into those various ports unwilling to make that total
commitment because they are not sure of where the future is going. I hope that our future
research, which will actually be consumer- and industry-focused, will facilitate better decisionmaking for the both the Federal Reserve and the banking industry.
The Fed is working with the industry in two important ways. We are using our operational role
to better understand the technological, economic, legal, and operational issues associated
with moving from paper to electronics. Second, we hope to contribute to the debate in the
critical areas of standards, interoperability and the law. Currently, we have three experiments
in which we are actively engaged, beginning with a full-blown test of electronic presentment
known as the Montana Project. Similar to the Mondex project, we are working to create a
fully enabled electronic check environment in Montana because of the weather and geographical problems of that particular area. Banks and the people in that particular part of the country
have an amazing willingness to try electronic payments or electronic checks. The Federal
Reserve will be image-enabling all of their reader-sorters. The paper check will be truncated;
micro-information will be forwarded to the banks; and then sent over the Web to the Reserve
Bank. Banks will be able to pull up images to resolve adjustment activities, but also to return
items back to the bank of first deposit. The proof of concept in Montana is now underway.
We have a couple of banks online, and after the Y2K issues subside, we hope to have almost
all of the banks in the area involved. Subsequently, we hope to expand the program to remote
capture sites with images to fully ascertain the benefits, problems, and legal issues.
> 15
We are also bringing images in-house at the Federal Reserve Bank of New Yorks Utica office.
We are going all image throughout that organization to understand if, as a financial industry,
we can save money by moving away from paper and relying more on image technology in the
back office operations. For each of these projects, we will fully share everything that we learn
with the industry. We see that as a critical role for the Federal Reserve to embark on these
endeavors, but also to share it with the industry. We will also be looking at return item reengineering to determine how we can effect that. As Catherine noted on her Dateline program,
there is significant fraud in return items and we need to find ways to reduce that for all of us.
Let me now turn to our mission which is to foster the integrity, efficiency, and accessibility
of the payment system. Efficiency will come from developing models for electronics that
will ensure that all parties find attractive options and options that eliminate redundancies.
Although I have not yet mentioned our ACH activities, we will be exploring activities for the
other ACH operators where we can eliminate some redundancies and improve efficiencies in
the ACH electronic system. But I would say that I believe that true efficiency will be realized
when all participants have reasonable access to each important payment system alternative.
As has been the case with the ACH, checks, credit cards, I think the ability for all customers
everywhere to have access to the system is critical if it is going to be an effective payment

alternatives for our future. The final cornerstone of our mission is integritya term that many
of us use but do not often adequately define. At the Fed, we believe a network has integrity
when it is secure from end-to-end, with accountability controls in place at all points. If you
saw the Dateline show, you know that we have much to address on this front to reduce
check fraud, secure an Internet-based system, and build controls in whatever electronic
commerce we have going forward.
The second area that I would turn to is the Feds responsibility in contributing to resolving
the issues of standards, which are critical. I would note on a very positive point that I find
the industry extremely cooperative in working with ISO and the ANSI standards today, much
more than we ever have in the past. But I worry about the future from the standpoint of the
global payment system and whether or not we can come up with, or whether it is realistic to
come up with, one format for all payment systems. That is an issue that we need to wrestle
with as this program goes forward over the next couple of days. As an example, we have a
lot of people that are converting checks to debit transactions at the point of sale. They are
being converted to ACH, each with their own format. Is that going to survive the test of
longevity? Will that survive the test of consumer acceptance and merchant acceptance? I
am not sure. Will we continue to move forward with those various standards or will we come
up with one standard that contains a core base of information for all payments activities?
Certainly when we think of a universal payment that seems to be something that we need to
address. Or do we continue to migrate down a road where we continually revamp and remap
the payment standards? Do we continue to change or do we look more globally and decide
that, given the influence of the Internet, that now is the time to step forward and to select a
standard that we can all attach ourselves to regardless of those payment system alternatives?
> 16
Proceeding from
the Workshop on
Let me close out by saying that another way the Federal Reserve can and should be involved
in standard setting is in the legal arena. Certainly the Federal Reserve, with its regulatory hat
on, plays a key role in establishing regulations that work with other state and local laws to
form an existing body of law. We have been reluctant, and I think correctly so, to preempt the
evolving market in electronic payments by issuing a regulation or a body of law that establishes
one clear alternative for the future of electronic payments. Instead, we have intended to take
a hands-off approach and let the free market work to determine which is the better alternative
to ensure that we do not latch ourselves on to the wrong payment system until it has had a
chance to properly evolve. But is that the correct policy going forward? Have we reached a
point of significant strength with regard to these options that we should choose one, that we
should choose one standard? Should the Federal Reserve say this is the format, this is the
body of law that will drive the electronic payments of the future? That is a question I would
submit to this particular group going forward over the next two days. In the bottom line
though, the Federal Reserves responsibility is to be a leader, but a leader from the standpoint
of a collaborative approachbringing the various bodies together to discuss these issues, just
as we are doing here today.


Technological, and
Thomas P. Vartanian, Partner, Fried, Frank, Harris, Shriver & Jacobson

I would like to review some issues that affect payment systems. We must keep in mind
three different distinctions that are very important: 1) traditional vs. new forms of payments,
2) open vs. closed proprietary systems, and 3) the particular market, e.g., consumer to
business, business to consumer, etc.
My own personal view is the changes are going to occur on the business-to-business side
first, because the cost savings are enormous and the familiarity of parties is more stable. I
will start with my conclusions. My conclusions are that the payment systems will be changed
over time by three factors. First, will be the introduction and acceptance of electronic wallets
by consumers. Second will be the introduction and acceptance of electronic bill presentment
systems. Third will be the extent to which these systems can engender three advantages for
consumers: cost advantages, convenience advantages, confidence, or trust.
I had the opportunity four years ago to be in Swindon, outside of London, to view the Mondex
electronic experiment. I interviewed some of the people. I remembered a woman that I interviewed in Swindon who said, Why do I need this, I have cash? This is a conspiracy of the
banks. I said, What do you mean a conspiracy of the banks? Well she said, Its free now,
isnt it? I said, Yes, its an experiment. She said, Well, its not going to be free when its
not an experiment, theyre going to charge me. From her point of view, it did not satisfy
the cost, convenience and confidence factors. In that regard, during this baseball season,
I thought it appropriate to include some of this philosophy of one of my heroes. Yogi Berra
said, If people wont come to the ballpark, how are you gonna to stop them? That is a little
bit like the problem we have in financial services and payment systems today.
Electronic bill presentment is one of the great killer applications that will reconfigure all financial relationships. If you change the place where you begin your relationship with financial
services companies, i.e. you go to a Web site to pick up all your bills and use an electronic
wallet opened off your computer, this is going to be the place where you start your financial
services relationship. That is not where most people start today. Therefore, it is going to
change all of the relationships in a hub and spoke fashion that we now have. This change
will raise both operational and legal issues. In my mind, the answer is not to eliminate all the
bricks and mortar we have and not to invest in a completely technological system, but to create a blend called a click and mortar system. How do you blend your real world presence?
You have 1,000 branchesyou are not going to close them all. Those 1,000 branches stand
for strength, stability, and capability. Do not leave that behind. On the other side is the fact
that customers want to interface with you in a way that doesnt necessarily involve those
1,000 branches. Click and mortar!
Lets start by considering what money is. This is an important issue. I find when I go to teach
people about payment systems and electronic money and electronic systems, we have got to
start with the issue of defining money. Consider this dollar bill. Everybody thinks they know
what this is, right? Everybody thinks they know what this is, correct? They think its a dollar.
> 17
But what is it? It is a bundle of legal obligations we carry in our pocket, and it works. I cannot
go to Fort Knox and ask for some gold because there is no longer a gold standard. So what
is money? It is a piece of trust, and the only thing it is worth is some day if the United States
government declares bankruptcy I can get in line as a claimant and get my one dollars worth
of the Grand Canyon. So it is a symbol of confidence, trust, and that is what makes it work.
It works because there is a government behind it; there is a system behind it; there is trust
behind it. Yogi Berra, of course, talked about this issue often, saying, Always go to other
peoples funerals, otherwise they will not come to yours. I have tried to live by this and
you knowI expect to have a real crowd at my funeral.
Who can issue money? This is a legal question, as well as a sociological and political question.
No government allows just anybody to issue money. But non-governments issue most of the
electronic forms of money that we find. Let us assume Mondex becomes terribly successful
and it is being used everywhere. Suppose I have a Mondex card that is co-branded with a
bank name and I am carrying $500 on the card. I leave $1,000 in the electronic wallet and I
downloaded $500 onto the card. I am going to buy some flowers. I walk into the florist shop
and I give them the card to pay for the flowers. There is a Wall Street Journal on the florists
counter and it says Mondex is in trouble, possibly failing. The florist looks at the Wall Street
Journal, looks at my card, and says, I am not taking that. What do I do? What do you do? I
know what you do. You either run to the bank that has its name on that card and say, I want
my $500 back. Or you go to the first offline vending machine and download $500 worth of
Cokes, put them in your station wagon and drive off.
> 18
So, who should be allowed to issue, distribute, and circulate it? Where is it? We invent this
electronic stuff and we call it money. Do the inventors really think it is money? They say
yeahit is just like money. I have a wallet, you can transfer it, and it is immediate and final
in transfer. In 1998, the ABA Stored Task Force concluded that it is a stored obligation, a
representation in electronic form.
So where is the money? Consider the new forms of mileage, barter, and credit card payment
systems that are being delivered. Where does the real obligation reside? Is it on the card?
What happens if I lose the card? Is it on the wallet? Is the money distinguishable from the
card, or do the card and the money have to be complimentary? If you do not know the
answers to those issues, you can not determine what the legal obligations of all the parties
are in the payment system. If you cannot determine the obligations of those parties, you
cannot provide any certainty to users because systems do not always work, parties do not
always stay in business, and people go out of business.
Who can regulate it? I have been dealing recently with a number of very difficult issues dealing
with the issuance of offshore mutual funds. Dean Perritt talked a little bit about jurisdiction
issues. Global jurisdiction is an enormous problem when you are doing business on the
Internet. With respect to these electronic money issues, who is going to regulate it? If I move
from jurisdiction to jurisdiction with this stuff in my pocket, and the wallet has five currencies
on it, am I changing the jurisdiction of regulation every time I move or every time it moves?
Proceeding from
the Workshop on


Technological, and
Will new forms of money move through traditional payment systems where we have rules
and regulations, or are we going to create new systems that require new rules? These new
rules will require uniformity. How is it protected? This is a question of security. Catherine
Allen has talked a lot today about that. Confidence. If we are going to have new payment
systems, its got to be protected and its got to be in a system where we know who is
using it and what they are doing.
How many of you understand encryption? Now, if you wanted to, you could sit down and
decrypt an encrypted message by collecting and assembling all the pieces of the transmission. It would take you quite a long time, but you could do it. That is the point of encryption,
authentication, and digital signatures. It is not that this stuff cannot be deciphered. It is that
encryption raises the bar high enough so that nobody either is going to try to break it or will
have the computing power or the time to break it. Do systems have to be perfect? No. There
is no system in this country, on our planet that is perfect. It just has to be good enough to work.
> 19
III. Lessons Learned from Past Payment Experiences

Christopher Dallas-Feeney, Partner, Booz Allen & Hamilton (Moderator)
The panel will introduce the rest of the workshop and consider developments in electronic
payments from four different perspectives: the business case, technology, standards and the
law. The question of how market-centric our past efforts have been will be among the most
important topics that we discuss this morning. After all, technology has probably not been the
issue. Whether it was the war about computing in terms of mainframes, mini computers, or
the desktop, there always seems to be somebody that is pushing Moores lawsomebody
that understands that we actually can combine integrated circuits in a special way or somebody that writes a new piece of software. I do not think that technology is the limiting factor.
My sense is it is probably more the business case and, to some degree, the standards issue.
With that, let me turn it over to our panel.
Catherine Johnston, President and CEO, Advanced Card Technology Association of Canada
I would like to start by offering a few definitions. You do not have to strictly agree with these,
but they would help you understand what ACT Canada means by certain terms. The first is
smart, or chip card. This is a PC on a piece of plastic complete with an operating system,
applications software and application data. You should also think of these as distributed data
centers. Stored value, from our definition, is electronic value that resides on the chip and can
be spent at participating merchants. E-cash is stored value, but differs as it also can be transferred between individuals, emulating real cash. Lastly, you will hear me refer to financial
institutions, or FIs, throughout my presentation, a term that includes banks and credit unions.
So lets start with business cases.
> 20
The unique nature of the country has challenged Canadian financial institutions, retailers,
governments and others when it comes to building business cases. We have seen successful
business cases built to introduce stored value and electronic cash, but these have not yet
translated into successful business cases for national rollouts. I will come back to the subject
of business cases in a minute.
Mondex, Proton and VisaCash have all been introduced in Canada. Both VisaCash stored value
and Mondex e-cash are still in use and have been the source of many lessons. VisaCash has
been running in Barrie, Ontario, for more than a year. Over that period, it has expanded its
single stored value application and added a loyalty program. It is used by the local transit for
bus fares and throughout the college campus as a student I.D., library card and facility access.
Mondex was implemented in Guelph where it ran for more than a year. This summer, two of
the Mondex Canada members launched a multi-application system in Sherbrooke, Quebec.
The Mondex e-cash application resides on the chip coupled with debit on the magnetic stripe.
Proton, which ran under the name EXACT, was piloted in Kingston, Ontario. Many lessons
were learned from these pilots.
Proceeding from
the Workshop on


Technological, and
The first lesson is that critical mass is a prerequisite for success. Consumers need a critical
mass of merchants who accept the new payment cards, and merchants need a significant
number of electronic transactions. We learned that it is very difficult to introduce stored value
in a geographically bound area unless the population conducts its day-to-day business in that
area. If consumers commute into or out of the area, it means that they shop somewhere else
as well, and when that happens they require traditional cash, that is bills and coins. As a
result, they limit the amount of money they are willing to carry electronically. The third lesson
was that the most promising applications have turned out to be stored value in closed
environments and unattended point of sale. Consumers readily understand the benefits of
unattended point of sale devices such as parking meters, vending machines and coin laundries. This, in turn, promotes their acceptance of stored value in other transactions. Closed
environments can be campuses, shopping malls, airports, or any area that is geographically
bound in terms of location where consumers will acquire products or services.
Now, while we are on this issue, let me point out the first elephant trap. There is no killer
application. The reality is that too many North American organizations are hanging back
waiting for the spread sheet of smart cards. We cannot go back to the time when one
application could drive the introduction of a new computing platform. No matter how much
you like and would use word processing, you are not likely to buy a PC based on that single
application. Consumers and corporations are all accustomed now to product bundles. What
we need to determine is which applications for smart cards are early successes and then
bundle them for specific groups. Is it transit with stored value and loyalty? Is it data and
internet security with smart credit and secure ID? Each of you will have to determine which
bundle is best suited to your needs and opportunities.
Back to the lessons learned in the pilots. The amount of support required for merchants will
exceed your expectations, and it must be available 24 hours a day, 7 days a week, 365 days
out of the year. When a clerk is closing the store at midnight and has a question, it may
require an answer in order to cash out. You will need more consumer and press education
than you would realistically expect. Cultural and age differences also exist. In Canada, Quebecers
and youth are more likely to be early adopters of new technology. When selecting a pilot site
and building your business case, you should take these into account. Reload points provided
us with another lesson. In Guelph for Mondex the reload devices consisted of ATMs, home
and pay phones. We learned that home phones were very popular, with approximately half
the reloads done there. Pay phones, however, were rarely used as load devices, and it was
convenience that drove the use of the home phones.
Now, I promised I would return to the subject of business cases, which brings me to the
second elephant trap and the first lesson not yet learned by enough financial institutions.
You cannot build a business case for smart cards for a single product. Chip must be seen
as a strategic platform for the delivery of many new products and services. Chip offers the
enhanced security and flexibility required redefining service delivery, both retail and commercial. It is only when you accept the chip as a strategic tool that you can build the business
case for the infrastructure costs. If you try to justify the cost of the infrastructure in a case
> 21
for a single product, you will not likely succeed unless, of course, the deployment of the
devices is very limited. This is also, in part, true for governments, but is less of an issue for
retail applications, which operate in somewhat closed environments.
So lets look at fraud as a basis for business cases. In 1997, credit card fraud losses in Canada
were 126 and a half million dollars. I realize in the United States that probably does not even
raise one hair of your eyebrows, but when you scale it to our 30 million population it is
significant. More telling though is that last year we saw an increase of over 20 percent. Last
December, the Royal Canadian Mounted Police conducted a raid in Toronto and seized 5,000
counterfeit gold Visa cards. Each of these cards would generate approximately $3,000 in
revenue for their counterfeiters. During this raid the RCMP also seized Citizenship Card
templates, Government of Canada check plates, blank drivers licenses and Social Insurance
Number card templates. The crooks were also engaged in debit card skimming. Debit cards,
as well as credit cards, are growing targets for fraud, and no one can claim that its victimless.
If you are a victim, your first indication may be an empty bank account.
There is no doubt that card fraud is no longer casual or random, but has become a highly
profitable business endeavor for organized crime. We have also now seen the first PIN pad
device that came with a built-in camera. When you see this trend, combined with the fact
that approximately 45 percent of existing credit card fraud come from counterfeiting, you
might believe there is a strong business case for smart credit and debit. Now, while many
of us believe that is true, we are not seeing recognition of this in the North American marketplace. England, however, has reacted to this situation and is moving to smart credit and debit
rather than run the risk of losing consumer confidence. Only now in the past month am I
seeing indications that our FIs are beginning to look at this situation. And they are also now
determining what it would take to build a national infrastructure.
> 22
Now one last note on business cases for stored value. Traditionally in Canada we have failed
to tell merchants and consumers the cost of handling cash. Although the cost to FIs has been
present in each business case, it is time to share that information with the payment system
stakeholders. So, let us move on to the technology. Smart cards are a very rich facilitation
tool. They allow FIs and retailers to offer a myriad of new products and services, with a level
of security never before available on a consumer-carried card. This technology should be
viewed as a network device.
Thinking back to the introduction of ATMs, it was when FIs agreed to network and share
ATMs that consumers really adopted the service. Again, it is the network of merchants and
POS devices that have made credit and debit globally successful. We have learned that this
technology redefines competition, often promoting or even forcing new partnershipsFIs
with governments, transit authorities and FIs, retailers and FIs, among others. For example,
transit authorities, which in the past have paid their financial institution to process their cash,
are now approaching those same FIs and offering to rent them space on their smart transit
Proceeding from
the Workshop on


Technological, and
cards. A transit system such as Toronto that issues millions of cards will reach consumers
from every major bank and can now charge to be a delivery channel for bank, retail and even
government applications.
Another lesson learned in the area of technology is that North American organizations must
develop some expertise. This means that we cannot afford to continually build our plans
around emerging technologies such as new operating systems, evolving platforms, or next
years devices. It is important to drive a stake in the ground, pilot or implement a basic
application and grow from there. One of the reasons this is so important is that smart card
standards and technology continue to evolve at a rate comparable to the rest of the computing world. And on the subject of standards, there are truly a myriad of standards around
cards, devices and applications. Lacking, however, are standards that would promote the
vision of any card/any application coupled with any card/any terminal and any application/
any terminal. There are groups working on these issues. The Open Card Framework and NIM
start to address these visions, but all parties, including you, must move to build, promote and
adopt standards that will bring a richer mix of devices and users.
We have learned that unattended point of sale is an early winner, but there is a need for
standards that would allow vending devices to move to stored value payment. Unfortunately,
there are many machines out there that are 30 years old and they have been built to varying
specifications. Not only that, but also many of these machines have been modified in the
field, making retrofits difficult, expensive and sometimes impossible. In the area of standards,
progress will be made when each sector focuses on its core expertise to define the standards
and technology required to support their strategic plans and products. This must happen
before integrators can pull the pieces together to support multi-application systems.
In conclusion, I would say that we have taken an understandable but dangerous stance in
North America. We did not implement smart cards for telecommunications as quickly as other
countries because we did not have the same problems. We did not implement smart cards
for credit and debit because we did not have the same problems. We have not even moved
as quickly as many third world countries because we have an existing, functional infrastructure that will be expensive to replace. All of this was not a problem 20 years ago when smart
cards started to move their way into use elsewhere. But in a world that is becoming increasingly borderless, where the Internet makes global commerce available to the average consumer,
and particularly where fraud is the growth industry of this decade, we are falling behind.
North Americans have proven themselves to be avid users of the products and services
offered by payment cards. With this type of receptive market you cannot afford to wait. The
planning, development and implementation cycles run from months to years, so I urge you,
look now at your risks and your opportunities. Do not wait. I would like to leave you with a
quote from William Blake. What is now proved was once only imagined.
> 23
Gary Grippo, Program Manager, Financial Management Services, U.S. Department of

the Treasury
Today I will talk about three things regarding our lessons learned from implementing emerging
payment technology. First, I am going to give you a background as to why the government is
looking at emerging payment technologies. Secondly, I am going to try to give you a mix of
different experiences that we have had. We have done about a dozen different emerging
payment implementations, and I am going to talk about four of them here today. Finally I am
going to try to draw some broad conclusions from our lessons about what has to happen to
the payment system if these things are going to succeed.
As background, Financial Management Services is a user of the payment system. We are
not a regulator of the payment system. We are an operational bureau, not an oversight
bureau. So our interest is not in regulations, it is as users. Second is the fact that we are the
largest users of the payment system on our own account. Anything that happens to the payment system, any inefficiencies in it, et cetera, really affect us significantly. Of course, as the
U.S. government we need to transact with everyoneglobally, citizens, businesses, governments, et cetera. Thus, we are always looking for new payment technologies to support the
federal government operations. As mentioned earlier, we have over the last few years been
working to implement the EFT 99 legislation that mandates the use of electronic payments.
That gives you a little bit of background about Financial Management Services.
> 24
For the last three or four years, we have had in the bureau an electronic money program that
has looked at new ways of storing and transferring value. We are presuming that there will
be a shift in the payment system similar to the one that occurred in the late 60s and early
70s. With the advent of mainframe computing, we saw the emergence of ACH, the modern
wire transfer system, credit card system, and the debit card system. In effect the U.S. payment system, in this short period of time after the introduction of the mainframe, went from
about two payment mechanisms, cash and paper drafts, checks, to six. Our logic was that
the same thing would occur with the Internet, with distributed computing, et cetera, and
we would see a shift in the payment system that brought us e-cash, e-checks, et cetera. We
endeavored to test all these things to figure out what the impact would be on government
fiscal operations. I think at this point that we are the largest user of smart card-based stored
value cards in North America. We have done a lot with the Internet and credit cards, we
have a digital cash project, and, as you can see, a variety of other things here. In each case
we have been using technology to support real federal programs. So we are not just prototyping technology, we are going to federal agencies, like the Department of Defense, and
using it to move federal money.
Let me start out with stored value cards as the first of my case studies. We issue about a
quarter of a million smart card-based stored value cards a year currently, and over the next
year we will probably get up to about half a million stored value smart cards that we are
issuing in the government. This is primarily being done on military bases and in military
deployments like naval ships. Nevertheless, we are a large user, we employ five different
Proceeding from
the Workshop on


Technological, and
commercial banks in doing this and a variety of technologies, including biometric stored value
card purses. We have a broad perspective and have done a lot with smart card-based stored
value. The primary lesson learned would be that, at least in our view, stored value should be
viewed as a corporate cash management tool and not a retail payment option. If you look at
some of the commercial pilots that have been done in Atlanta and New York, the business
model was to provide the consumer another payment option they may choose to use. Of
course, they chose not to use those payment options. We attacked the problem a different
way. We looked to a closed environment like a military base and said we have a corporate
problem with script, money orders, and shipping coin and currency all over the world. We
wanted to use this technology to drive that out of the system. So, were really using it in a
corporate not retail environment.
Secondly, the banks and card associations involved have not figured out an appropriate fee
structure relative to the risk structure. For example, if I can use the example of VisaCash, you
have a system where every transaction is accounted for, all of the value is prepaid, there is
very little credit risk in the system, and yet they are looking to employ a regime of fees similar
to credit cards. And it simply does not work because the risk structure is so much different.
That is just in the way of an example. The same thing would apply to things like Mondex and
Proton in different ways.
A third lesson is that we have seen that stored value has helped us in relatively high dollar
situations, that is to say above $500. Now that does not mean to say we are doing $500
transactions, but we are issuing cards with $500 to $1,000 on the chip, because that is where
we have a business problem in getting rid of large cash transactions in places like military
environment, prisons, et cetera. So, we are not using this technology the way some commercial banks have approached it in trying to eliminate walking around cash. We have learned
a lot about the difference between open systems and closed systems. Suffice it to say that
we think that both of these systems will be around for the foreseeable future. We will be
using, at least for the next five years, both open systems, like VisaCash, and closed systems
that we will be licensing from particular providers because neither of them offers us the
options we need to use this technology.
All four of these things relate to one sort of overall lesson. Overall, you cannot view stored
value, as a lot of banks have viewed it, as an extension of the bankcard or credit card. In the
case of credit cards that are obviously credit-based, there is a set of fees and roles and a risk
model that has developed for those kind of transactions. Of course stored value cards are
prepaid, they are offline, and so none of these business models really apply to stored value
cards, even if you want to use the clearing infrastructure of say Visa to move stored value
transactions. Really this whole notion of the way issuers and acquirers in a credit world deal
with discount in interchange does not work for prepaid offline transactions.
As far as continued government usage, we have expected a broad and aggressive rollout of
stored value technology in the U.S. military, in the U.S. federal prison system and elsewhere.
As I said, by this time next year we will probably have over 500,000 cards in active circulation.
> 25
Let me talk a little bit about electronic cash. To clarify what I mean about electronic cash, I do
not refer to stored value. I am talking about digital coins and digital notes that circulate in a
peer-to-peer manner. E-cash was the first technology we actually looked at in early 1996. It
was the first thing that we wanted to test in the government. If you recall at the time with
the emergence of Digicash and Mondex it was kind of a very hot topic in banking circles. We
endeavored to test it. We began a project with the U.S. National Security Agency to look at
the security of electronic cash and how the government might implement it. We surveyed a
lot of federal agencies to see who might want to use it. We looked at scores of federal programs to find a match where we might use it. To make a long story short, we really found
very few applications, but we did find some.
We have drawn some conclusions from the applications that we did find. What we found is
that digital cash peer-to-peer circulating coins and notes, in our view, will tend toward larger
transactions, not micro-payments. The reason is a need for good funds transactions on the
Internet where you are trying to do a transaction at a Web site and you need good funds to
consummate the transaction. Those tend to be of higher value, those are not micro-payments
necessarily, and we have three or four federal agencies that actually have large programs
where they need good funds transactions, and they are trying to do that on the Internet. And
we will, probably in the next six months, try to use digital cash for that. So this is something
that were actually going to be testing in the near term.
> 26
Let me turn to our experience with doing bank card transactions on the Internet which boils
down to the early lessons learned with SET, secure electronic transactions. We were, early
on, a piloter of SET. We did four SET implementations with three different banks with four
different federal agencies to sell things over the Internet and collect fees and fines from
citizens over the Internet, and needless to say none of those went very well. However, it is
our opinion that we will still need an Internet payment protocol that will fill the space that
SET tried to fill for a variety of reasons, the primary one being fraud rates on the Internet,
which was talked about a little earlier. Our view of SET is that it was a premature attempt at
coming up with a standard for this. More specifically, the individuals who pushed forward to
try to develop this bank card standard for the Internet really did not understand the business
requirements or the business model. It was a case of people saying we do not want a standards war, which is fine. But before developing a standard, it is critical to more fully understand the business requirements. We think that there should have been some more early
competition among different products and protocols before the industries tried to develop a
standard. Suffice it to say at this point there are over 25 agencies actively building merchant
Web sites and doing Internet credit card transactions with things such as fees, fines, lease
payments, taxes, donations to government entities. There is quite a bit of government
Internet credit card transactions going on right now.
Let me move to our experience with an electronic check project we have been doing for a
couple of years now. And first to define what I mean by electronic check, I am referring to
an all-electronic check, a digitally signed payment order. I am not referring in any way to paper
check imaging, or conversion or truncation. This is totally electronic, digital signature-based,
Proceeding from
the Workshop on


Technological, and
digital document-based e-checks. And we have been doing a pilot with a couple of banks and
about a dozen technology companies for, as I say, about two years now to deliver federal
government contractor payments using e-checks over the Internet. This pilot is with the
Department of Defense. And we have learned quite a bit since this project started. We have
had difficulty getting banks and others to participate in this project. And you can imagine what
the reasons are. There are basically two issues. Number one, the chicken and egg problemI
am not going to jump into an e-check project unless I have more banks and I know there will
be some sort of critical mass. The other reason was some banks were just saying we do not
want to test this new technology, we want to invest in new channels to the ACH and credit
cards, et cetera.
What we have learned in using e-checks to make government payments over the Internet has
been promising on a couple of scores. Number one, the underlying technology that we are
using to make e-check payments, which entail digital signatures on electronic documents
delivered by e-mail, have proven to be the technologies that really everyone has now started
to invest heavily in. When we first started this in 96 not many folks were investing in, for
example, e-mail as a financial transactional technology. So the underlying technology that we
are using is very promising here. The other important thing about the e-check model is that,
unique among all payment mechanisms, the check model is the one that fits all transaction
situations. If you think about the different payment methods, the only one that is good for
small dollar and large dollar, consumer, business, government, peer-to-peer, remote, overthe-counter, the only one that does all that is the check. Based upon what we have learned
in using e-checks, that will hold true in the electronic environment too. Government usage of
this will continue. I want to just make one point there at the bottom. The key to the success of
the e-check, as far as I can see, lies in the simple use of e-mail. We are endeavoring to make a
digital check as simple to use as creating and sending and receiving e-mail. If we can do that, I
think this payment technology will begin to find more acceptance in the consumer world.
Let me turn now to some lessons. The key issue is that the problems we have in trying to
adopt these new payment technologies are not things like standards or technology or cost or
even legal issues; the key issues are actually institutional issues. You need an institution that
can do two things; one that can reach all the players, all the banks with a particular technology
or payment mechanism, and one which can develop a system which allows all of those banks
to both cooperate and compete simultaneously. Now, with traditional EFT like wire, ACH, credit
and debit cards, as opposed to e-money, this institutional role has been fulfilled by the Fed on
the one hand and the card associations on the other hand. The question is will those institutions be the ones to drive out things like e-cash and stored value cards and digital signatures,
et cetera?
The question is whether organizations like the Fed and the card associations have either the
wherewithal, or in some cases the political situation, to drive these new technologies and
become the institution that creates systems for banks to cooperate and compete with each
other. I suggest that these institutions will not work down the road. I think we need a new
sort of institution to drive the payment system. I think it will be one that is with a more
> 27
directed form of governance and that is not an association, that is not created by statute. It
will probably be more market driven. I do not know what it is, but I would say that you need
one of these institutions. Every time a payment mechanism, going back to the check all the way
through the traditional electronic payment mechanisms I have talked about, has succeeded,
there has been an institution that has done these things. There is not one out there right now
that can do these for the new electronic money technologies.
I want to make one last point to finish-up. If there was such an institution that could drive
out new technologies in an Internet environment, what should it do, what really should it
focus on? I would suggest that the payment system really has one hole that we are all trying
to fill here when we talk about things like bill payment and payment for auctions. That is the
need for a peer-to-peer electronic payment mechanism. Of course we have peer-to-peer
paper mechanisms in the form of cash and checks, we have host-to-host electronic payment
mechanisms with all the traditional EFTs, ACH, wire, et cetera. What we do not have is a
peer-to-peer electronic technology such as a digital check or electronic cash, et cetera. This
is important not only because it is the hole in the payment system we are all trying to fill but
also because if you look at the way commerce is conducted either on a business-to-business
or business-to-consumer, et cetera, it is done on a peer-to-peer basis. In the business-tobusiness world companies inquire directly of one another. They deliver catalogues directly,
they train each other, they do just about everything peer-to-peer except in some cases where
were trying to make the payment host-to-host. I think that a peer-to-peer electronic payment
tool is really what were looking for to unleash and to get broader uses of some of these
electronic payments.
> 28
Proceeding from
the Workshop on


Technological, and
IV. End User Expectations

William C. Conrad, First Vice President, Federal Reserve Bank of Chicago (Moderator)
The subject of this panel is the end users expectations. This panel should give us a good
perspective into users needs, and also greater insight into the potential obstacles to electronic payments. This is a unique opportunity to hear directly from them, to hear exactly what
they value, and, equally important, to hear what they are seeing in the marketplace and how
that affects their particular business. This will provide important feedback, which might lead
towards a greater use of electronic payments.
Richard I. Kolsky, President, Kolsky and Company

The question keeps coming up, Why arent consumers going more electronic with their payments? We have tried everything. We have tried educating people. We told them it is available, it is cheaper, it is going to save them all kinds of time, they will save money on stamps.
But as Jean Woodworth noted this morning, basically most of the people who will go electronic have gone electronic already. The ones who have not made the move yet somehow
do not seem like they are ready to do more. What else can we do? I say there is hope, but it
requires a new mind set. We have to go beyond our traditional way of thinking. We have to
go spend a day in the life of the customer and use great marketing to generate the
insights it is going to take to actually move people towards more electronics. Notice I did not
say get people to do more e-trading or more electronic payments. We need to focus on what
would improve the customers experience.
Lets start by looking outside the payment system and see if we can pick anything up from
a couple of great market-focused industry revolutionaries: Southwest Airlines and Fidelity
Investments. What do they share in common? They were both in stagnant markets. The one
thing they shared in common is that they targeted terribly under-served segments of the
market. They recognized that their current competitors were all doing the same thing and
targeting the same people. So Southwest went out and said, Im going after the short haul
frequent business traveler. Similarly, Fidelity went out and said, I am going after the selfservice, self-informed young affluent individuals in a hurry. What has happened to Southwest
over the last 28 years? They went from insignificant to the Number 4 carrier in the United
States, the only carrier who has made money every quarter for the last 25 years. How did
they know to do this? They also challenged the conventional wisdom. In Southwests case
everybody believed you could not make money on short hauls. You do not make money by
getting people from Dallas to San Antonio. What did Fidelity get over: If you go around the
agents they will shut you down. Fidelity did that in 1980. Both of these organizations found
segments of the market that were under-served and broke with the conventional wisdom.
How does this apply to our payment system? We must rethink how we compete and how we
serve our customers. Whenever we are saying, Why are customers so dumb? Why dont
they do whats obviously more convenient, less expensive, et cetera? We have to say to ourselves, Maybe we do not understand their lives as well as we should. Therefore, we went
> 29
out and did in-depth, one-on-one interviews with about 35 consumers trying to understand not
necessarily why they are not using electronic payments, but inferring their desires for better
or more efficient payment systems by understanding how payment systems fit into the
broader context of their lives.
The first thing we found out is that the payment system works pretty well from the customers
perspective. People are pretty happy with the alternatives, which means its not very easy to
move them based on the traditional features that we look for, whether it is acceptance, speed,
security, recourse, or financial incentives. Assume everyone in this row is doing all you can on
these very traditional ways of trying to improve the customers overall experience. Then, what
is the problem? What is more meaningful and important than these features?
What we found is there are some aspects that are more inefficient and ineffective than the
added 75 cents we are spending to process a check rather than a debit transaction. The challenge here is we have got to solve more pressing problems (See Figure 2). For example, we
found there are a whole lot of people paying all kinds of late fees and NSF fees because from
their perspective their own personal payment system is very broken.
> 30
Everything we do in the payment system should improve a day in the life of the customer by
more than it costs us to do it. This means we have got to look at payment systems as something more than simply completing the transaction efficiently and effectively, which is the way
we typically view it. Not just completing the transaction, but actually setting up in the first
place. How many people here do all of their monthly bills through automatic debit? What you
hear is, It can be painful to set up all this stuff and, you know, I am not crazy about my bank,
what if I change banks, everything is going to get screwed-up. And then what about service
recovery? You want me to do an automatic payment to the phone company? I have not had
an accurate phone bill in eight years.
In other words, we confront all kinds of issues not only in completing the transaction, people
are really thinking hard about setting up the whole mechanism to make the payments and
then recovering if you do use electronics. That is why people love checks. The key opportunity
for moving people towards more efficient and effective payment systems is this whole
process people use to keep track to record their payments. It is a critical part of their decision
making process.
The issues to remember are the budgeting and finance aspects of payments. One of the
great opportunities I think we have tripped over is that when we talk about payment systems,
we ought to be thinking broadly about its impact on how people budget and finance the
payments. Now, you might be saying, What the heck does this have to do with payments,
and what can we do about it? Which of those should we focus on? Well, one of the other
findings from the research is that theres different strokes for different folks, and there are
very different segments of folks in terms of how they use the payment system and how
effectively they handle each of those steps in the process.
Proceeding from
the Workshop on


Technological, and
Figure 2: Experience for Payment Systems
Fraud, Theft, Mistakes,

Mishandled, Changes, Recourse
NSF Fees,
Savings, Control
Comfort/Inertia, Simplicity,
Control, Involved, Personal Recognition
Speed, Cost, Acceptance,
Safety, Hassles, Involvement
Time to Sign Up,

Time to Change,
Security, Control
Budg
and F et
inanc
e
Servi
Reco ce
very
Com
Trans p l e t e
actio
n
R
and T ecord
rack
Se
Paym t Up
Mech ent
anism
> 31
We had a group we called the over-extended and budget-impaired (See Figure 3). By the
way, the size of these slices is based on our 35-consumer sample. It is not a statistically
accurate sizing of the market. That needs to be done separately. But it just gives you an idea
that this is not a trivial group. This is the kind of person, by the way, who right now has a lot
of NSFs (Insufficient Funds). We had folks earning $30,000 a year with $75 a month cable
bills. They were very clever in the way they managed payments, because they would always
pay the utility bill last. They would wait to see if they had money left, because what did they
know? They knew that the utility is not going to shut off the electricity. They have these very
complicated processes to try and deal with budgeting, and they still continuously screwed up.
Anybody think that is a trivial segment? It is a significant part of the U.S. population.
The second group is really convenience seeking. They already are using a lot of electronics.
Anything they can do to save time. These are your classic overworked yuppie types. Anything
you can do to reduce the amount of time I have to spend in the system. Next, consider the
optimizers. Interestinglywhat kind of people do you think we have in this room? How many
people here will use a credit card based on miles or points, right? The individuals in this room
today are a bunch of optimizers. You are not the majority of consumersI hate to tell you.
We have folks we call controllers and involvers. They love their checks, they have to write it
down, keep track, everything by hand. You can kind of picture these folks as you go. And
then you have others who are really the privacy, security conscious. Remember the movie
Marathon Man, is it safe yet?
> 32
Lets go to these convenience seekers. These are already the heavy users of electronics.
Basically whenever I have the option I always use my credit card and if I have an option to
set up the direct payment, I am going to do it because I do not want to carry my checkbook.
How can we help? Why dont you all use electronic debit for all of your periodic bills? A lot
of times, you may not be able to get them. Secondly, if you want to do this, you have got
to sign up individually with every merchant. So what is the obvious solution here? If you can
almost have the universal sign-up, like you do with a giro, you have one place you can sign
up. Preferably unlike a giro-based system, you can do this automatically. The problem is these
people often times may not be on the Internet or may not be doing their financial services on
the Internet. But, it is one way.
The other reason I do not do it that way is that I have to call eight different people to resolve
problems. The notion that was raised this morning of an aggregator, if you are a bank right
now you really need to think about pushing hard to become the aggregator. If you are not,
somebody outside the industry is going to be there, and then guess what happens to the
DDA account? It becomes almost a trivial commodity. This is a key opportunity for somebody
not only to do the aggregation of all the various payment forms and where the money goes
out to, but also to do the customer service in the back end if there are problems.
The group where there is opportunity to help consists of the low income and financially
overextended. I am a liberal, so I always believe that the private sector should take over the
opportunity of helping these people. They are the light users of electronics. They are the
Proceeding from
the Workshop on


Technological, and
Figure 3: Meet the Segments
Privacy/Security Conscious
: Fear Strikes Out
Controllers/Involvers
: Stay on Track
Optimizers
: Points, Miles, Rebates, Float
Convenience-Seekers
: No Hassles, No Time
Overextended and
Budget-Impaired
: NSFs, No Savings, No Tracking
> 33
equivalent of the short haul, frequent business traveler for Southwest. Interestingly, even
their electronics are inefficient. With small ATM withdrawals and big credit card debt, they
are spending tons of time trying to manage their finances. This is the most inefficient checking
account customer because they are always bouncing checks. Fortunately from the banks
point of view, banks make money on bounced checks.
What can we do for these folks? First of all, there are things that can be done in setting up
the payment mechanism. For example, go to the work site, set up direct deposit and automatic debit together. This will stop bad patterns from starting. Most likely, they are going to
have to have the last look before payment because they may have a bad month, may run out
of money, and may want to hold off the utility bill. To complete the transaction, they may
need to find money. They are struggling to hold on.
I would like to discuss cards for preferred customers that build in savings. You do not need to
remember which store to go to because the savings function is done automatically. Whatever
you can do, if you know every place I spend my money you should be able to help me with
my budgeting. These people desperately need help with budgeting. Consequently, stored
value cards can be incredibly valuable. Every month, out of your paycheck, $60, is all you are
allowed to spend on telephones; $100, that is all we are going to budget this month and that
is what you can spend on clothes. This is a group for whom the electronics can be a very
powerful disciplining mechanism, and also a mechanism that basically cuts off the funds.
So instead of paying a $25 NSF maybe you avoid buying that $20 item.
> 34
The last group I want to talk about is controllers and involvers, the folks who love their checkbooks. They spend a lot of time to actively manage their checkbooks and are averse to preauthorize payment because they want the control. They spend an enormous amount of their
time managing their money. But it is kind of tough to put it together if they have got multiple
ways that they pay for things. But what you have to understand about these folks is they do
this not because they love it, but because they feel that they are adding value to their family
by being involved and participating. It is an issue of self-worth. Well, with that in mindagain,
how many people are in that segment? Maybe two or three of you, right? There are not many
in this group in that segment. To solve their problems, we are going to have to perform an
out-of-body experience to become the customer. It may sound silly to you, but to them, when
you debit, its got to look like a check. If you want the transition to work, you almost have to
make it look like a check.
By the way, we found that consumer education does have its time and place. First of all, start
in the schools. You start in the schoolsand you can see this at the universitiesthere is
where kids get hooked on the electronics. Secondly, hit them at key life events. When do you
want to attack people, when do you want to send them the communication? Right now, we
will send everyone the same communication about ACH and all this kind of stuff you can do.
Hit them at key life events when they actually have to make other big financial decisions and
itll make it much easier hit them at the work site. As long as you are doing the direct deposit,
there are a lot of other features you can build in to the automatic payment system.
Proceeding from
the Workshop on


Technological, and
Finally, I believe you have to choose which segment to target. Are we going to wait for the
banks to reinvent the payments system? Or somehow does the industry have to be much
more aggressive. It is not clear to me that banks are going to do anything about budgeting
tools for the ugly duckling segments. It is not clear that they are actually going to go and
move from a biller to a consumer-oriented automatic debit system. It is not clear that they
are going to have the recourse necessary to make it happen. The question is who will?
George Hood, Director of Electronic Banking Operations, Wegmans Food Stores

Wegmans has been pretty aggressive in terms of the whole electronic payments arena. For
example, we have had our own ATM networks since 1983. We have had a couple of really
strong visionaries relative to the whole direction of where they thought consumer payments
were going to go in terms of coming up with more convenient forms of payment, more cost
efficient forms of payment. We also have, as a result of their visions, a very robust customer
loyalty program that really ties into our electronic payment services.
One of the questions is what do we want or what do we look for in the future as retailers?
Certainly one of the biggest issues is cost containment. For example, at Wegmans, we have
taken a look at our cost of banking services or payment costs across all types of payments,
not just electronic payments. But, from 1995 through about the year 2003, our cost of banking services related to payments are going to increase by roughly 135 percent. It is obviously
a very serious issue. I will really emphasize the whole value-added concept, not just from
the consumer point of view, but from the retailers perspective, what we think needs to be
addressed in the direction of payments as we go along. We have had some very interesting
conversations with card associations in terms of how are we going to moderate costs to go
along. One of the big obstacles we see to the proliferation of electronic payments is if the
cost structure does not become realistic or tied to the real value-added structure, it will not
portend well for the long-term growth of certain electronic payment types.
One of the other big needs we all have to address is coming up with rules that correspond
to the emerging technologies in the payment world. Now, speaking as an organization that
accepts credit cards, I know you walk into a supermarket and think Sure the cashier is going
to look at your signature, sure they are going to make sure the account number on the card
matches what gets printed out on the draft. Thats not the real world. We need to get back
to addressing the real world and make sure that the rules somehow correspond to what
reality is and where technologys going to take us. We cannot have rules that are based on
20-year-old technology in our way. Maybe that is part of the Federal Reserves opportunity to
help participate in that. Certainly I have talked to card associations about working on a collaborative effort not to make it contentious. How do we come up with rules that really fit the
direction of technology and how do we get rules that really help reinforce the cost efficient
mechanisms we are trying to develop?
> 35
Fortunately from our own companys perspective, we are starting to see a fair amount of
interest. It is still a little bumpy, but I think the doors are starting to open up and people are
starting to listen to restructuring the pricing infrastructure, based on the direction that we are
starting to take. As Rick Kolsky alluded to, there are a lot of issuesmore convenience for
customers. We say electronic transactions are very efficient today. Yes and no. Again, credit
card transactions may appear to be efficient from the front end of the supermarket or the
multi-lane environment. We think they are efficient, but they are not. We have got a long
ways to go. Certainly we are starting to see consumers from our perspective starting to
demand a lot more in convenience.
As I alluded to, we do have a pretty robust loyalty program. The point is if you are going to
pay me the same way every time, why do I have to ask you? Why dont I just record or link
your card information through your Speed Pass or your Wegmans Shoppers Club card rather
than have to ask you. But again we need to change some of the rules and some of the procedures to accommodate that and make it work efficiently. All levels of risk must be identified
and everyone must sign up for the appropriate liabilities along the way. Fortunately we are
starting to see a lot of movement in that direction. But again, that is the type of thing we are
starting to hear not only from our senior management, but also from the customer base as well.
> 36
From my perspective, we already have the end solution; we have in place what we call an
electronic check or an ACH-based transaction. We see check truncation introducingespecially
in the multi-lane high volume transaction environmentactually more inefficiency, more cost,
more obstruction to an efficient process, not only from the companys perspective, but from
the consumers perspective. Sure it is a great way for some of the banks to make more
money on fees and processing costs, but from a customer or retailers perspective, we cannot see why in the world anybody would want to do this. Maybe in a low volume merchant
with little risk for bad checks, but certainly not in an environment where we are doing
300,000 checks a week.
The other issue we run into pertains to brandingthis fear over the potential to lose your
identity if a customer uses our Wegmans card. Fortunately in the world of new technology,
there are ways to handle that. Customer comes up, swipes their Wegmans card, comes
back and says thank you very much for using your Visa or your MasterCard. You do not have
to break that branding issue. The technology is there to handle that. Again, the whole branding question seems to be an artificial issue as far as we are concerned because there are
technological ways to handle that.
Two of the other areas where we see problems, and as much from the retailers point of view
as from the banking side of the house, is both a lack of technological foresight, and perhaps
even worse, the fear of technological foresight. Right now, a lot of the payment systems
have been built incrementally over time. If you take all those steps and try to add them up,
it is an obtrusive process when you try to fix it or make it more efficient. So, I think one of
the real longer-term solutions is looking in the context of all the rules, but as well as what
the potentially efficient payment platforms. I am sure we have heard a lot of parallel different
Proceeding from
the Workshop on


Technological, and
processes going on in terms of development of certain payment technologies. I guess what

we are asking for is to get some collaborative efforts over the long term. Lets design
payment platforms and technologies that are going to be really cost efficient and relatively
standard across the board.
One of the issues we are struggling with is to come up with more cost efficient ways of doing
payments. The fact that you have replaced a 75-cent transaction with a 40-cent transaction
does not mean you should automatically raise the 40-cent to a 75-cent transaction because it
is not a one-for-one replacement. You have not preserved any of the cost efficiency or valueadded features of that transaction if you approach the pricing structure that way.
Again, Rick alluded to this and we have seen a big confirmation of this. If we want customers
to shift their payment preferences, lets make it easy for them to participate in the process.
Now, we have not defined what the best process is, whether that is a self-service kiosk,
interactive voice response type of process, what is it. But in order to make it easier for
customers to make their decisions and let us know how they want to pay us, we need to
have them involved in the process and help manage their own information. I mean it does
belong to them. Even if it is within a proprietary network, we feel that we should provide
access to let them participate in the decision process.
A little off the track here, but I know some people asked for little specific input on what we
call e-check or electronic check. It is really an ACH-based transaction and its relatively simple.
A customer just comes and swipes their Wegmans Shoppers Club card. We already have
their DDA account number resident on a customer information file. It is a PIN transaction.
They come in, swipe their card, select electronic check, enter their PIN, and that is the extent
of their involvement in the transaction. We create a batch transaction at night and send it off
to Chase at this point and its over and done with. The demographics of the people who are
going to use this transaction are interesting. They tend to be very upscale, larger family than
average size, and once they start using this transaction they do not go back. In other words,
they will not revert to using another form of payment. We are aware of some smaller chains
that have actually replaced about 30 percent of their check traffic with electronic checks.
The two major points that I would like to leave you with are the notion of value-added costs
to the whole process. In addition, we must work at modifying the rules and the regulations
and adapting them to the new technologies as well. A lot of them are outmoded. So again
whatever we can do to establish collaborative efforts to deal with those issues and move
on with the future will be beneficial to the electronic payments evolution over the long term.
James Constantine, Senior Assistant Treasurer, Sears, Roebuck & Company

I would like to share some of our thoughts relative to electronic payments at Sears. Sears
sells goods in approximately 2,900 locations. We service 50 million households annually
and have over 30 million active credit accounts. Our credit organization is very focused on
> 37
electronic bill payment alternatives. And lastly we have about 15,000 technicians making
approximately 15 million house calls per year. We pay 135,000 associates electronically every
month. 90 percent of our merchandise purchases are paid electronically and 15,000 of our
shareholders have elected to receive their dividend checks electronically. However, despite
these initiatives we issue about 10 million checks annually. So those of you that are in the
check clearing business I can assure you that the world of electronics is not going to put
you out of business any time soon.
I want to go back and focus on the 135,000 associates that we pay electronically today,
because there is roughly 165,000 associates that are paid by check. We, like others, have
been approached by a number of institutions to adopt alternative payment vehicles. The
most popular one thats coming online is the payroll card. Let me give you a sense of the
typical sales pitch for a payroll card: A great convenience for the associate. It very much
centers around those associates that perhaps are the unbankable part of the population. For
all this, we can sign up for a payroll card, we can launch it, and two things can happen. We
fund the payroll on payday and lose the float. In the process, we now replace what was a
relatively efficient check transaction with a transaction that may cost me five dollars a month
per associate.
> 38
So you put all that together and you say now how does that all make sense for us? When
we meet with financial institutions one of our challenges is the question Are we making the
entire business process more efficient? Lets take payroll again as an example. How many
people in this room, for instance, when they get paid get a wage statement? In fact our
associates, particularly those on commissions, demand a wage statement. So we have these
great products to distribute and fund their accounts electronically, yet I have an infrastructure
thats still set with basically a paper-based process of giving all our associates a wage transaction. We need to develop products that not only will provide the solution to us in terms of
cutting costs to deliver the electronic funds, but also to begin to invent the solutions that will
also allow us to deliver the information thats associated with those financial transactions.
When I talk to a bank they talk about EDI and they talk about the financial aspects of EDI. When
we talk about EDI at Sears, the financial payment piece really takes a back seat to what we
are trying to accomplish. When we are talking about EDI, what we are talking about is a no
exception policy for the delivery of purchase order and invoice information. That is the bulk of
our cost to process an invoice and process an order. We ask the vendor to bar code all their
shipments, we use electronic shipping notices to help us with the logistics of moving the
merchandise once it is in our distribution center, and we require that all new vendors must
be EDI compliant. And before we do business with a new vendor we have a third party work
with the vendor to ensure that they are EDI certified. But the electronic payment has never
been mandated.
In fact, this morning, we saw some costs of the differences between processing an EDI
transaction electronically and by check. I would submit to you that effectively most of those
costs surround the matching of our electronic receipt information, invoice information and
Proceeding from
the Workshop on


Technological, and
purchase order. Effectively, the financial piece of that transaction, the difference between an
ACH transaction and a check transaction, is relatively insignificant. In fact, we at Sears a few
years ago decided that we couldnt effectively produce a check, so we outsourced the check
printing function and distribution. So from our perspective, is some respects, we think we are
EDI on all our transactions because we have two fees. We have a fee that goes to a bank that
basically pays those vendors with an ACH transaction if they want payment electronically.
We have another fee going to another provider, who on a very efficient basis, prints and
distributes the check for us.
What are we doing in terms of the recent initiatives in EDI? There is a lot of effort that continues to go on to ensure that the transaction sets and information we are feeding our vendors
is accurate and timely. More recently, we are aggressively promoting the use of electronic
payments. However, our approach is to be float neutral. One of the drivers continues to be,
quite frankly, to eliminate any opportunity for fraud and for the need to follow-up for checks
on request. For those of you that have been involved in the receivable or payables function,
you know that the number one question we get in our payable group is Wheres my check.
Of course, you all know the number one answer is Its in the mail. We are web-enabling
our vendors via an extranet, allowing them to access sales data on the products that we distribute. We are putting in place inquiry functions so that they can get timely information about
their claims, invoices and payments. Lastly, we are developing various report cards to provide
the vendor information about discrepancies, et cetera. What does it take to implement a successful EDI process? It is the commitment of top management. At Sears, I alluded to the
process of mandating EDI, at least on invoice and the purchase order level and having no
exceptions. You can appreciate if a buyer has found a good vendor, if that vendor did not
want to go on EDI, it would. So a very strong commitment from the top is very important.
A lot comes up with vendor sophistication. The key with vendor sophistication, whether it is
a financial EDI transaction or the invoice, purchase order, shipping notice, et cetera, is really
providing the vendors the tools if they are not already compliant, that they can get there relatively simple. We provide all of our vendors access to third parties to get EDI compliant. For
instance, if a vendor is just absolutely stuck in paper, we will suggest a service bureau that
will convert paper to electronic form. What they find out pretty quickly is when they are paying for those costs, they find that there are alternatives that work for them and work for us.
Small value transactions continue to be an issue for all of us, and, like many, we have adopted
a purchasing card to address these transactions. Of course the key to this whole process, in
terms of EDI, is, in fact, the support of the buying departments to provide a motivated vendor
who understands the benefit of EDI.
I would like to switch now from business-to-business to business-to-consumer. A word about
third party credit, because I think it is going to apply as we think about some of the other payment vehicles over time. It was only about five years ago that we accepted third party credit.
The reason we went to accepting third party credit is that our chairman and CEO feels very
strongly about giving the customer the authority to tell us how we ought to serve them. As
part of that customer authority, we saw an emergence of customers that wanted to use a
> 39
third party card, Visa, MasterCard, et cetera, and not, if they want a credit product, to be
purely linked into the Sears proprietary card.
More recently, we have seen recent data that suggests that particularly in the debit card
arena there is increased consumer acceptance of these products. In terms of stored value,
we certainly use it for our gift certificate program. What does a merchant consider when they
are evaluating many of these products? First and foremost, we consider how it relates to the
customer authority. Is the customer looking for you as a merchant to accept this vehicle? If
not, it is highly unlikely the merchant is going to spend the capital dollars either in hardware
or software and/or the training of associates to accept these vehicles. We heard this morning
about the test in New York. One of the issues that caused that test to perhaps fail was the
lack of training on the associates side. Therefore, the lack of training basically slowed down
the execution of the transaction at point of sale for the customer. Those are very relevant
issues both for us and for our customer. Getting a customer into our stores and out of our
stores requires a very efficient process. Todays consumers are very time-starved. Do these
alternative products speed up the payment and cash flow process for us or do they slow it
down? Is there an opportunity to reduce back office expenses? A clearer understanding of
who bears the risk of loss from a variety of these payment vehicles is, of course, key to
the analysis.
> 40
In a department store environment, we have unique challenges compared to the grocery

store industry. A large store at Sears could easily have up to 100 registers, so our willingness
to invest in the hardware to equip 100 registers in one of our full line stores is directly related
to the consumer demand. If we are going to get five transactions a day, it is not likely that
we want to invest the money to equip every register in the stores to take that technology.
Educating essentially 200,000 associates in our environment relative to various payment
methodologies is also a real issue.
Sears will continue to be a leader in electronic payments. We do believe that technology is
advancing many of the alternatives at a reasonable cost. Consumers are embracing many of
the new technologies, and e-commerce will require some new solutions.
Laurie Mitchell, Manager, Cash Management, General Motors Acceptance Corporation

I will start out by setting a framework for the type and number of payments that we receive
and then identify some of the ACH and paper payment pros, cons, and other issues that we
face. I will touch on some of the conclusions regarding our payment environment. Finally, I
will highlight some of our future considerations. Our payment receipts fall into two categories,
the first being our GM and non-GM automotive dealer wholesale floor plan payments and,
secondly, our consumer retail/lease installment contract payments.
On the wholesale side, we are receiving approximately 75 percent of those payments by
check and only 25 percent are ACH. On the consumer side of our active accounts,
Proceeding from
the Workshop on


Technological, and
approximately 92 percent of accounts are paid by check, with the majority coming through
our lock box, and the remaining 8 percent are electronic. This is split between GMAC-initiated
ACH and the other half consumer-initiated ACH. On non-active accounts, what we call salvage
accounts, the overwhelming majority of these payments are made via check and around 1
percent are paid electronically, or more specifically, are paid by check and list.
As far as some of the pros, cons, and issues with ACH, the cost and availability issue is
favorable. The cons really for us are customer service issues. We have heard some complaints about the bank account restrictions with ACH and savings versus checking accounts.
We have situations sometimes where we have to initiate stop payments on accounts where
we cannot collect on a customer account, for example, if theyre going into bankruptcy or we
have started repossession activities on that account. Sometimes, we have timing problems
with an ACH and a coordination of the stop payment. Regardless of how a customer pays
us, we are returning any money to that customer with a check, so sometimes there is some
inconsistency there. Internally we see challenges in marketing our ACH products particularly
at the dealer level and difficulty in gaining external customer acceptance mainly because of
perceived security issues.
On the paper side, the system that we do have for processing all our checks is very efficient.
In comparison to ACH, the cost and availability is not as good. For our lock-box locations, we
have a third party processor who actually does the processing of the transactions and then
they hand it off to our bank provider. Sometimes we have some hand-off problemswhat
gets deposited at the bank is not necessarily what is going to our accounts receivable system. It can be a little frustrating there. It seems a pretty basic concept of balancing. It is not
always that easy. For somebody who is a proponent of change, our paper system is status
quo. It works well, it is efficient and customers like it. It is an uphill battle to get buy-in
especially to try to initiate a change from the paper-based system to ACH.
One of our main conclusions is that we have many different customers with many different
payment preferences. The payment options available to the customers will continue to evolve.
If we want to meet our customer demands, we are going to have to continue to offer various
payment processing options. One of our future considerations is going to be electronic bill
presentment and payment. This is still in the consideration stage due in large part to the
uncertainty surrounding this arena. We have heard a lot earlier this morning about what the
customer acceptance levels will be, as well as the role of bill consolidators. We use a lot of
bill consolidators right now. I have been hearing a lot of talk that their fate may not exist any
more in this new environment, as well as what financial institutions are going to behow
they are going to be involved. The next three of our considerations are all NACHA-sponsored
programs. All three are very applicable at GMAC, but we have a great expectation of getting
results from the pilot programs and being able to analyze those results. Because we feel like
these products will work for us, they are not going to work without quite a bit of tweaking.
We are very anxious to get these results, be able to work through them, and see how we
can apply lessons learned at GMAC.
> 41
My next two points have to do with acceptance. If we are going to continue to meet customer
demands, we are going to have to accept that we will not have maximum availability of our
funds. Other organizations have isolated some of their customer base by requiring ACH, for
example. Especially in our dealer community, we are not about to isolate any of our customers, so we have to continue to offer whatever payment mechanisms the dealers want.
For us, that means not gaining maximum use of our funds. Secondly, we are finding that the
business side of the shop is very constrained these days, in terms of access to information
technology resources. We have new sectors within GM and GMAC focusing on electronic
commerce. These are becoming very important within the company and the business is finding that we are constrained, really as far as technology and infrastructure goes, because we
are waiting to get a better sense for the corporate guidelines.
Ed Zeitler, Senior Vice President, Information Security Services, Charles Schwab
> 42
What I am going to talk about is the more aggressive aspect of the financial industry, and that
is the brokerage business. I enjoy these kinds of discussions because I am a consumer and I
can relate to what we are talking about. It is an exciting time. In terms of product development cycles today, we are talking about 60 to 120 days between concept to launch. Now,
those of you who know about the information technology business and how long it takes to
get an application developed, that is kind of staggering. And that is what we are doing, that is
the way we are operating today again in the Web, in the intranet, and the Internet. So, it is an
exciting time as far as we put something out there, see if it works, if it does not work, we go
to the next product. I will talk a little more about that in a minute. But this is the rate that you
have to operate in this particular environment. If we moved any slower than this we would be
trampled to death. Our CEO says it is much easier to see their headlights behind you than try
to catch up with their taillights in front of you.
Legally binding signatures are one of the more interesting problems today. Did you notice
there is a thing called digital signatures that we all know and love, that have public keys in
them and require a PKI, a public key infrastructure to make it work. Most of the legislation
that is happening now is on electronic signatures, not digital signatures. When they first started
writing the digital signature laws, they wrote what they thought was a good law based on the
technology that the technologists said was good. Well, come to find out, of course, none of
it is workable yet. It is not practical and it cannot be done as envisioned. Those laws are now
being rewritten. Newer legislation tends to be technology neutral. All of a sudden we are talking
about electronic signatures because we just cannot create digital signature legislation that
makes sense because we do not know where digital signatures are going or how they are
actually going to be implemented. We have all done pilots, we have all talked about them,
and we have understood the technology for years now. We all know how difficult it is to
implement. It does not work and yet we keep talking like it is just around the corner. The
legislatures thought it was right around the corner. So legally binding signatures is still
a very hot topic and were going to have some fun with that in a minute because theres a
new California law.
Proceeding from
the Workshop on


Technological, and
Now let me share some thoughts about User I.D.s and passwords. We talk about public keys,
we talk about smart cards, and we talk about all that technology. Again, I am being a little bit
tongue in cheek here, but there is some truth to it that the password is still by far the most
secure, the most efficient, the most effective authenticating information anybody has come
up with. Passwords come out of my head. I can change my passwords whenever I like. We
talk about biometrics. Well, your thumbprint is known. I can get my thumbprint or I can get
a block of data that has my facial geometry in it. So, once that is compromised, it is compromised. I am not going to change my facial geometry, right?
We tend to sell digital certificates like they are something really special, that they take care
of the authentication problems. You know how most people get these certificates? They issue
them through a password under the secure sockets layer protocol (SSL). SSL is good, it works,
we use it, and it is critical to commerce on the Net. The reason it works is because it was
developed by the folks who rolled out the infrastructure. We did not install it. We did not go
out there and sell it and we did not have to convince anybody. It was there and we used it.
Well-meaning security technologists developed the SET protocol right. They did a good job.
SET is a secure and well-constructed protocol. But it is slow to be implemented. It is not
usable yet. It is not going anywhere for the reasons that were brought forward earlier. SSL,
it is there, we use it.
Digital signatureswe originally had this vision that there was going to be the PKI in the sky,
that there was going to be maybe five or six trusted third party centers for the U.S. As a consumer, I was going to have one key set, a public and a private key. I was going to have that
private key on my smart card and that was going to be my identity in cyberspace. It was
going to be legally binding. It could sign contracts and such. When I got to thinking about
that, as an average citizen going down to the supermarket, do I really want a card that is that
powerful, that is my identity in cyberspace? Do I really want to take that responsibility? I do
not think so. I can use a credit card, I can use a Schwab card, I can use a B of A card, I can
use lots of cards with lots of keys on them, but am I really going to have the identity card that
you see in the science fiction stories? Am I going to have a government I.D. that identifies
me anywhere in the world? I would rather notI just would not. I think there is a lot of
Americans who would not. One of the reasons this technology works much better in Canada,
is because the Canadians trust their government. I lived there for several years. When the
government says this will work, this is good, this is a thing we ought to do, they agree. You
cant do that here. As for smart cards, they have been around a long time; they have not
taken-off. France started; they should have had a leg up on uson the rest of the world for
this technology. If you remember a decade or so ago, they came out with major programs,
they were going to revolutionize the world. They were going to lead the world of technology,
and they did on that first rollout. But it was a government structure. Guess what, it is still
there exactly as it was.
The rest of the world has moved on. I suspect that industry might leapfrog the smart card
business altogether, maybe. One of the reasons is the California Uniform Electronic Transaction
Act. It goes into effect for California-based corporations on January 1, 2000. To establish a
> 43
contract, to get an agreement through the Internet, to get a signature that is legally binding
on a contract say, to open an account, under the new law in California, it is just going to take
a mouse click. A person needs to click the button that says, I accept. This is an electronic
signature under the law. We do not need smart cards, we do not need digital signatures, we
need to have a button that says, I accept this contract and we are off and running.
What is happening is we have created such a morass on this technology and it is so unusable
that business is going to move on. Business is not going to wait for smart cards; they are
not going to wait for digital signatures that are approved by the U.S. government. There are
things to be done here, there is money to be made, and we are moving ahead. Unless there
is an honest risk that is really substantial, business is going to keep moving. This topic is
going to be one to really follow.
> 44
Proceeding from
the Workshop on


Technological, and
V. The Payment Provider Perspective

R. Gerald Fox, Editor, Payment Systems Worldwide (Moderator)
Welcome to this closing session that focuses on the perspective of the payments provider.
This morning we heard what can be learned from some of the past experiments and what
these experiments can mean for us now; then earlier this afternoon some of the important
end users described their needs and where improvements should be made. Now we are
going to consider the viewpoints of the payments provider, looking at some of the payment
models of the future, including card-based systems, electronic banking, digital cash payment
approaches, and others. Our panelists will look at the business case for the different models
as well as the technical and legal infrastructure needed to support them.
Earlier speakers described the rapid growth of debit cards, ACH transactions, stored value,
and other electronic payment vehicles. But of course in reality these represent a small
percentage of total payments. We heard about cost savings to banks through new payment
initiatives, yet the bank has to serve the customer and the customers needs or little good
will be achieved. We also heard, I think by a vote of 2 to 1, there are no killer applications.
This does not offer great help to the banks as they try to figure out where to make investments or which products and services to roll out. In the past banks had a reputation as
fast followers rather than initial innovators. Let another bank try it first and we may then
follow. However, in the Internet world the competitive advantage goes to the first one to
offer the service. This different strategy poses both opportunities and risks, and banks must
be able to adjust to this different mind set. It is indeed too bad that the representative from
a large national retail financial institution could not be with us today. The individual was
called away unexpectedly.
Steven Ollenburg, President, Principal Bank

Thank you for the opportunity to voice issues that my organization and I see as vital to the
banking industry. It was very good for me to hear David Weismans presentation. It is very
close to a lot of our beliefs and our opinions. I am a community banker, and have been for
over 16 years. Principal Bank is one of the original pure-play Internet banks. While we did
not formally enter the banking industry until Principal Bank opened in 1998, our companys
history and original strategy is deeply rooted in banking. My point to you in giving you this
context is that we are a community provider of financial services and align ourselves with
many fundamentals of community banking.
My greatest concern in community banking today is the payment system and it is our opinion
that the banking industry is at tremendous risk today. To start off, we strongly support the
notion that all consumers should have equal and nondiscriminatory access to the evolving
electronic payment system in this country. State and federal bank regulators working in
cooperation with the banking industry can help educate consumers about the advantages,
efficiencies and cost of electronic banking, as well as the reliability of EFT contrasted to a
> 45
paper-based payment system. Our highest level concerns are electronic banking standards,
security in electronic banking, financial services firms access to electronic banking services,
ATM issues, debit card issues, and lastly, the Debt Collection Improvement Act of 1996.
Many of the financial service standards have been developed through the auspices of recognized industry groups, and this appears to be a reasonable expectation for future product
developments. Consumer access and financial institution access to the systems incorporating
such standards must be guaranteed. There is a concern by us as to the potential for various
consortia to cooperate on initiatives which could ultimately serve as a competitive shield to
smaller institutions which were not included in the initial development of the evolving payment
system infrastructure. It will be important for banking trade associations to remain acutely
aware of development and implementation plans of coalitions of super regional institutions
to assure that de facto standards will not have exclusionary features. We support the private
sectors efforts to develop appropriate security technologies and procedures that provide
reasonable levels of security for electronic banking. We are supportive of the interplay
between the government and private sector in assuring whatever security procedures are
developed will comport with expectations of regulatory and law enforcement agencies. We
are concerned regarding the work pursued by a consortia of super regional institutions in this
country. Security technologies can possibly serve as a competitive shield by forming an open
access arena within particular security technologies that could be at the exclusion of other
institutions not party to that consortium.
> 46
We believe there is a potential for the largest financial institutions in this country to pursue
a consortium to build an infrastructure that may relate to PIN-less debit card transactions,
smart cards and other chip cards. If the infrastructure is built and can only be accessed
through cards issued by the institutions participating in the consortium, there is a concern
that all banks will not have the opportunity to participate. Or similarly that a franchise fee
to gain access would be so onerous that it would preclude participation. Banks would then
be faced with offering less attractive and secure EFT products. We believe that the ongoing
development of technology by various interest groupsfinancial institutions as well as
nonfinancial institutionsneeds to be closely monitored. We strongly advocate that regulated
depository institutions of all sizes must have access, on equitable terms, to the electronic
payment system and essential electronic banking services.
We also support the notion of the Federal Reserve being a provider of last resort of POS
processing services, due to the fragmented access evidenced in this country. To date, the
Federal Reserve has declined to enter the EFT environment as a backbone to assure continuity of processing. We see no need for the Federal Reserves reluctance. If it were to enter
the EFT environment, the Federal Reserve System would be playing a role with regard to EFT
very similar to the Federal Reserves original purpose of assuring that all paper checks can be
cleared on a nationwide basis. Principal Bank believes that entities such as SHAZAM, which
is the switch in our area, have operated for decades on the premise that transactions should
Proceeding from
the Workshop on


Technological, and
be warranted by an insured depository institution from the point of initiation to the point of
authorization and through the settlement process. We uphold the notion that regulated depository institutions should be the prime players in the electronic payment system. This is viewed
to be the only way that the integrity and reliability of the current payment system can be preserved. We also believe that regulatory agencies should receive ongoing consultation from
the private sector, primarily for the purpose of education. We concur that the developments
are very rapid and market conditions change on a daily basis with respect to the electronic
payments system.
Forums comprised of regulatory agencies and the private sector will be a key factor in developing an integrated payment system as we progress into the next millennium. Regulatory
agencies can play a critical role in assuring that equitable access is provided to all regulated
depository institutions. The ability of the states to prohibit cross-state deposits into nonproprietary ATMs is harmful to both consumers and the banking industry. In a world in which
38.1 percent of all deposits nationally are held by out-of-state banks (see the FDIC Quarterly
Banking Profile of the Third Quarter of 1998), state prohibitions of this kind are outmoded.
These prohibitions also help reinforce the mistaken perception that deposits made in ATMs
are not secure. Consumers are tremendously more mobile and are capable of executing
financial transactions across real and artificial geographic boundaries.
While Principal Bank remains very supportive of the dual banking system, consumers should
not be paralyzed or penalized, but rather encouraged in their decision to make a deposit to
their financial institution of choice. Additionally, consumers should have access to their funds
without charge. Desire by consumers for free access to their funds has been demonstrated
by the growth in the use of credit cards in the past three decades. The success of credit
cards as a vehicle for purchasing goods and services has led the way for tremendous success
in debit card acceptance at merchant locations. This will most likely lead to a successful
smart card payment environment. I know that is debated somewhat, but I am holding out
hope. When consumers use a credit card to make a purchase, this is a conscious decision
whether to allow it to be a credit transaction or to pay that transaction off at a later time.
When they have made that conscious decision, they are not charged a transaction fee for
purchases. The profit of the purchase is built into the cost of goods and subsequent efficiency
of the business operation. This applies to the banking industry as well. Consumers in todays
marketplace believe that ATM surcharges are unfair. There was a referendum passed yesterday in California on this. Consumers deposit their earnings in the financial institution of their
choice, and when they make a decision to use that financial institution, they have the capability
to shop and compare for the internal charges associated with that financial institutions services.
Many financial institutions offer free or almost completely free checking services to their
customer base today; those institutions that have done that have determined their internal
cost structure, and subsequently how to deliver their products and services in a manner that
is competitive in the marketplace.
> 47
Openly charging a person to gain access to their cash is considerably contrary to the Federal
Reserves check clearing system, which has operated extremely well since the turn of this
century. This check clearing system, governed by the Federal Reserve, was intended to
ensure that individuals have open access to funds and that settlements are at par. The ATM
machine originally offered two benefits. First, was to decrease the branch costs and operating
costs of the cash transaction. Secondly, to encourage the use of electronic means of banking
to be further developed in the following decades, which has happened. Again, both of these
have occurred. For the banking industry to then turn around and penalize the consuming public
with surcharges is contrary to their own intentions for creating such a banking process. While
we support a free market philosophy and are opposed to excessive regulation, this is a case
where the banking industry is greatly harming itself for open access and is harming the consuming public for their acceptance and use of this financial transaction medium. The banking
industrys ability to charge any amount deemed appropriate to make ATM transactions highly
profitable borders on a usurious rate of profit taking by the institutions involved in surcharging
and has potential harmful financial implications for lower income consumers.
> 48
We are very supportive of debit cards and ATM cards and advancement of the debit card
technology as an integral component of the electronic payment system. It is recognized that
debit cards have the capability to perform POS transactions on a signature basis without the
utilization of a PIN, however, the online real-time basis transaction continues to be the most
efficient, reliable, and expedient form of EFT transaction. Due to the extreme fragmentation
evidenced at POS locations, Principal Bank supports the notion of the Federal Reserve serving
as a processor of last resort in the event a transaction would otherwise be declined. The
Federal Reserve would merely exchange transaction requests with the appropriate processor
or institution to gain authorizations, and financial institutions would continue to be involved in
the settlement process for these transactions. We believe the issue of consumer protection
policies is within the purview of financial institution trade associations. We support the efforts
of the federal and state governments to convert federal and state payments to electronic
means. The savings associated with this conversion are considerable, and this conversion is
representative of the general trend of consumers to migrate from a paper-based system to an
electronic-based payment system.
We have adopted the position that Electronic Transfer Accounts, ETAs, as contemplated by
rules promulgated by the Financial Management Service of the Department of the Treasury
should be an optional account, with the opportunity to participate extended to all financial
institutions. We are concerned with the implementation of EBT by the Treasury Department
in that it appeared the Treasury was focusing on one or two super regional institutions to
serve as government-designated issuers. The same concern was raised when the Department
of Treasury first contemplated establishment of ETAs as the agency was initially supportive of
a contract with one or two super regional institutions to establish such accounts. We support
the premise that all financial institutions should be able to participate in designating ETA
accounts for recipients at its own election.
Proceeding from
the Workshop on


Technological, and
The last comment I will make relates to online bill payment. In walking around today and talking with people I would say, as a bank that is running online bill payment very successfully,
that there are a lot of misconceptions regarding what online bill payment is. I will not go into
that discussion here and the mechanics of that, but I would encourage you to e-mail me,
to call me, or go to our Web site. I would love to have you open an account, but it is a very,
very successful process and works extremely well. I hear a lot of people that are confusing
electronic bill payment with ACH, with bill presentment and so on. So I encourage you to
study it and really understand how it works. I think it could be the killer app. I do think bill
presentment is also a killer app, but electronic bill payment is a fabulous tool, especially
when it is coupled with a budgeting software capability like we have. Thank you.
> 49
VI. Opening Remarks

Roger W. Ferguson, Jr., Vice Chair, Board of Governors of the Federal Reserve System
Only thirty years ago, U.S. financial markets were drowning in paper. The New York Stock
Exchange had to close early in order to clear trades; checks were piled up in the back rooms
of commercial banks. Today, operations in the largest financial markets are highly automated,
and new technologies are pressing the very organization of these markets. Checks no longer
pile up, thanks to the development of magnetic ink encoding and electronic reader-sorters.
New payment instruments and clearing systems have been introduced, including credit
cards, debit cards, and the automated clearinghousethrough which many people now
receive their wages.
Yet paper systemscash and checksstill play the primary role in the payments made by
most individuals and businesses. How can this be possible in the age of advances in telecommunications and the widespread use of the Internet? In part, the answer is that paper
payment systems have evolved steadily over time to meet a variety of different needs in our
society. Changes in technology, law, and business practices have continued to support the
use of paper. As a result, paper instruments, including the check, provide a generally efficient
means of payment in the United States. In fact, the vast majority of checks are now collected
within a single day after deposit.
Recent Developments
> 50
Nevertheless, the winds of change are blowing, and these winds will almost surely touch
on the retail payment system. Merchants are experimenting with ways to convert consumer
checks at the point of sale to automated clearinghouse transactions. Financial institutions are
experimenting with electronic mechanisms to collect checks. Electronic payment systems
that bypass the check entirely continue to gain acceptance, with debit card use growing at
rapid rates. Electronic systems for bill payment are receiving increased attention and are at
various stages of development and acceptance. Retail on-line banking and brokerage services,
providing consumers and businesses with both new and traditional products delivered through
innovative channels, continue to grow in popularity. Despite these advances, experiments
with novel payment instruments, such as general-purpose electronic money cards, have not
proven popular. But next generation cards that can be used over the Internet or that can
accommodate a wider variety of banking and other transactions may provide greater impetus
to these technologies.
Behind some of these changes is a clear strategic focus in the financial industry on technology,
including the use of technology in the payment system. And alongside technology, consolidation in the banking industry and increased competition from nonbanks have encouraged
financial organizations to take a hard look at the future of their retail payment services.
Whether the current widespread use of paper will be sustainable for much longer is increasingly
open to question. The conventional processing of checks entails relatively high unit-processing
Proceeding from
the Workshop on


Technological, and
costs. If changes to the check instrument and check collection process could be made to reduce
processing costs, while maintaining the versatility of the check as a means of payment, consumers, businesses, and financial institutions would likely benefit. More dramatically, purely
electronic payment systems are likely to hold the key over the longer term to a reduction in
costs and an improvement in payment services.
The major complication for the private sector and for policymakers trying to assess changes
in the payments system is that both the direction and the pace of change are fraught with
uncertainty. How successful will the new payment products be in the marketplace? Is the
economy ultimately headed toward the use of a few or many payment instruments? Will
changes in clearing systems prove useful or counterproductive? Moreover, we dont know
the magnitude of the transition costs to a more-electronic retail payment system, or how
long it will take for this system to evolve.
Payment Instruments
There are at least two views on the question of how many payment instruments are likely to
evolve over the longer term. One view is that many instruments will emerge as new technology reduces the cost of maintaining multiple instruments and competition forces the financial
industry to make a range of products readily available. A second view is that the introduction
of new payment instruments always has proven to be difficult and that there are very few
fundamentally different types of payment instruments. Although lower technology costs and
increased competition are important forces shaping the financial industry, a range of products
is more likely to result from combining a small number of payment instruments with complementary information and financial services, rather than from the introduction of a wide variety
of fundamentally different payment instruments.
The historical evidence in favor of rapid success for new payment instruments is not promising. Automated clearinghouses payments and debit cards, for example, have taken much
longer than initially predicted to achieve modest shares of retail payments. In addition, it has
taken many years for credit cards to become as widely used as they are today.
There appear to be at least four major reasons for such a slow pace in adopting alternatives
to paper payments. First, in the past, it often has been difficult to produce electronic payment
products that provide the flexibility of paper instruments at comparable production costs.
Second, the prices charged to consumers and merchants for using electronic payments frequently have exceeded the direct prices charged for using checks or currency, leading rational
users to stick with paper. Third, the infrastructure of terminals at retail locations necessary to
support transactions using on-line technologies has grown to critical proportions only in the
past few years. The infrastructure necessary for widespread electronic bill payment does not
exist yet, although it will likely grow in the future. Fourth, the payment system appears to
exhibit what economists term a network externality: Users will agree to use a new payment
instrument only if they are reasonably certain it can be used in a number of places and
> 51
accepted for a variety of transactions. But merchants are unlikely to acquire the necessary
infrastructure to accept new types of payment instruments if consumers are not likely to use
a new instrument. Such network externalities suggest that, at best, slow growth may occur
and, at worst, new instruments will fail to gain the critical level of acceptance in the marketplace necessary for widespread use.
The foreign experience with retail payments provides some interesting comparisons. In a
study just published by the Bank for International Settlements covering the G-10 countries
and Australia, one of the most significant developments noted is the high growth rates for
debit cards in virtually all of the countries. In Canada, France, and Australia, the share of debit
cards in noncash payments now exceeds 20 percent. The use of direct debits has been relatively high in Germany for some time, and it has grown rapidly over recent years in Canada
and Italy. A few small countries, such as Belgium, have deployed national stored-value card
systems, although transaction rates are not high.
Overall, the United States and Canada rank at the top of the group of countries in the combined use of credit and debit card payments per capital. However, the United States ranks
in only the lower half of the group of countries in the overall use of electronic payments on
a per capita basis. This latter ranking is due in part to a greater use of electronic payments,
including automated giro (credit transfer) systems and direct debits, to pay bills in some of
the European countries.
Innovation in the Payment System and the Role of Markets
> 52
The United States already has a well-functioning payment system. Our system appears to
be near the frontier among larger countries in the use of electronic payments in retail transactions and a bit behind in adopting more automated methods of paying bills. New methods
of electronic bill payment are developing rapidly, however. In this situation, there is no crisis
that calls for immediate, radical change.
Given the uncertainty about developments in technology and financial products, a perfectly
reasonable course is to rely on markets to sort out what payment instruments and related
products will be developed and become successful. Markets are more likely to be attuned to
what consumers and businesses really believe will provide better payment services at lower
cost. Most important, markets are more likely to stop projects that do not hold promise and
to search for other ideas that may prove more successful.
However, the market may fail because of various types of externalities that can arise in the
payment system. As a result, when individuals and businesses weigh the costs and benefits
of adopting new payment technologies, the incentives they face to change payment habits
may be relatively weak, thus preventing the economy from moving rapidly toward a more
efficient payment system. Even more problematic; older laws and regulations designed to
redress externalities may be based on obsolete technological assumptions and may act as
Proceeding from
the Workshop on


Technological, and
a brake on movement toward the adoption of new technologies. In these cases, regulators
may be able to play an important role in addressing externalities and modernizing regulations
in order to assist the private sector reach a solution that is in societys broader interests.
Clearing Infrastructure
Another major issue is the degree to which there may be further consolidation in clearing
systems and other infrastructure for retail payments. For various reasons, outside of credit
cards, many of the retail clearing organizations in the United States have specialized historically in serving limited geographic areas and in clearing a single instrument. Today there are
more than 100 clearing organizations for retail payments, most of which are local check-clearing
houses. Nationwide banking, the development of new technologies, and the possibility of
achieving greater economies of scale in operations have called into question some of the
traditional patterns of organization.
Some in the financial community have begun asking whether the nation would be better
served by concentrating clearing activity at a few national clearinghouses that can process
a variety of instruments and provide technical infrastructure to the entire financial industry.
Indeed, the ongoing consolidation of clearing in other parts of the financial industry makes it
natural to ask this question about retail payments. Foreign experiences may point to some
interesting examples in this context. In Belgium, for instance, many retail payment instruments are funneled into the same clearing infrastructure.
The answer for the United States is not clear-cut. As the financial industry examines the
case for consolidation, several important points should be borne in mind. First, clearing
organizations can perform very different functions, with very different costs. At one end of
the spectrum, many local check-clearing organizations have relatively simple rules, arrange
for the local exchange of checks, and administer settlements. Most of these organizations
have no processing equipment, network infrastructure, or permanent staff. At the other end
of the spectrum, a few organizations write important rules governing the national use of a
payment instrument, organize authorization and clearing procedures, administer settlements,
provide certain guarantees for transactions, and even engage in marketing activities. Such
organizations may have extensive operations and typically have full-time staffs. The costs
and benefits of consolidating these different types of organizations may depend very much
on the scale and scope of the activities they perform.
Second, different payment instruments present different degrees of risk to financial institutions providing the instruments. Clearing system organization and rules tend to reflect these
differences, providing appropriate management systems for the financial, operational, and
security risks associated with different instruments. Whether a consolidation of organizations
can take place without also affecting the risks and risk management is an important issue that
deserves careful attention, particularly, if cross-instrument clearing systems are being analyzed.
> 53
Third, traditional questions about competition may arise when significant consolidation occurs
in organizations that act as key utilities for their members and the economy. Rules and practices
may affect different-sized members differently, and these rules and practices may have broad
effects on consumers and businesses that indirectly rely on the organization. Typically, the
larger such organizations become, the more their governance structure and business practices
will be scrutinized.
Finally, it is not sufficient to view clearing consolidation through the simple lens of static costs
and benefits. If the payment system were to undergo rapid development, sophisticated infrastructure capable of flexible and rapid change might be necessary to support the retail payment
system. Small and Balkanized clearing systems may not be adequate to provide this type of
infrastructure. Simple cost-and-benefit calculations will not capture the lost opportunities for
innovation should our clearing arrangements be inflexible. These opportunities may be one
of our most important factors ultimately in shaping the future of the retail payment system.
Migration to New Payment Practices

Beyond the development of new payment instruments and new clearing infrastructure is the
issue of how consumers, business, and financial institutions are to migrate to new instruments,
systems, and practices. A major concern is whether new instruments and systems actually
deliver better payment products at a lower cost.
> 54
Besides this straightforward business issue, there is the problem of the network externalities
I mentioned earlier. Individuals may not adopt new instruments and practices until they can
be used widely; similarly, businesses may not change their practices until their customers
change their payment habits. Each group is waiting for the other group to go first. Further, if
financial institutions believe that payment practices will change only very slowly, they may
not have sufficient incentive to make the investments needed to move beyond the current
payment system. Overall, if market incentives are persistently weak because of these externalities, careful thought needs to be given to the issue of incentives and coordination.
As the migration to new payment systems proceeds, who will determine the standards for
new instruments and systems? Who will write the rules? Some look to government to solve
these types of problems. However, in a world of changing technologies with systems provided
largely by private entities, the market will inevitably play a very large role in answering these
questions. Government can, and should, be actively engaged in dialogue with the private
sector and be ready to act if clear problems develop. However, government should also avoid
premature action that will undermine innovation and reduce the benefits of competition to the
payment system.
This issue becomes somewhat more complicated when the division between the private
sector and the public sector is not clear-cut. When the government provides clearing and
settlement services and maintains the infrastructure associated with supporting particular
Proceeding from
the Workshop on


Technological, and
payment instruments, questions arise concerning the governments role in innovation. If we

choose to nudge the check-collection process toward some technological change, how will
that influence choices made by the private sector? This is a difficult question that challenges
us on an ongoing basis.
Role of the Federal Reserve

In light of rapid changes in the financial services industry and in the technology sectors,
Chairman Greenspan established the Committee on the Federal Reserve in the Payments
Mechanism in late 1996 to review the role of the Federal Reserve in the retail payment
system and to consult widely with the public in reaching conclusions about the future. The
Boards former vice chair, Alice Rivlin, headed up this committee, which held meetings around
the country involving 450 representatives of different institutions, groups, and sectors of the
economy. That committee published its report early last year and concluded that (1) the
Federal Reserve should continue to provide check collection and automated clearinghouse
services to the financial system and (2) the Federal Reserve System should play a more-active
role in helping the public move to the next generation of payment instruments and, in so
doing, work closely with providers and users of the payment system. After publishing its
report, the committee held several additional meetings with the public to begin discussions
on payment practices, the development of new technologies, and barriers to implementing
new or enhanced payment technologies.
As the major task of the Rivlin Committee has been completed, the Board announced this
summer the formation of a new group of Federal Reserve System officials, the Payment
System Development Committee, which I will co-chair with Cathy Minehan, the President
of the Federal Reserve Bank of Boston. This new group will follow up on the work of its
predecessor committee, and, more broadly, focus on key medium- and long-term strategic
and public policy issues surrounding the future development of the retail payment system.
The new committee will continue to seek ways to work constructively with the public to
identify barriers to the future development of the payment system and, when appropriate,
to recommend solutions to the Board and other relevant authorities. The committee will
follow closely the experiments of the Federal Reserve Banks and the private sector with
new electronic payment and clearing technologies. In some cases, the new committee may
need to review existing Federal Reserve regulations or practices that are based on outdated
technological assumptions. In other cases, the new committee may need to act as a neutral
third party in seeking the review of rules, market practices, and new technologies developed
by others, in order to help facilitate market developments. In general, the committee will seek
effective means of communication with the public through the use of meetings, workshops,
and other tools for dialogue and education.
> 55
Conclusion
Many have a sense that the retail payment system is changing and that this change may even
be accelerating. From a public policy standpoint, change that makes the U.S. payment system
more efficient, reduces risks, and better meets the needs of individuals, businesses, financial
institutions, and government is a welcome development. The Federal Reserve has encouraged
this type of change for many years, both through its payment system policies and the clearing
and settlement services that have been, and continue to be, developed by the Reserve Banks.
But change does not happen without hard work. Private industry continues to assess the
incentives provided to customers to favor paper-based instruments. Many in the private
sector are examining new technologies that may ultimately produce a much more efficient
retail payment system. And following the century date change, additional resources are likely
to be devoted to accelerating this change. At the Federal Reserve, we believe that active
engagement can help to support responsible change that ultimately will benefit the payment
system and the entire economy.
> 56
Proceeding from
the Workshop on


Technological, and
VII. Technologys Role in Payments

David Medeiros, Group Director, The Tower Group (Moderator)
Yesterday much of the discussion touched on topics such as Internet-based payments, integrated electronic bill presentment and payment, the e-check, smart cards, cybercash, and
other emerging payment mechanisms. A significant part of the discussion focused on how
viable they are; when and how quickly they are going to be adopted; and what the barriers are
to their adoption. What was clear from yesterdays discussion is that more than technological
feasibility has to be in place for a payment mechanism to be adopted. There are a number
of other factors that also have to be in place such as security and privacy, legal recognition,
regulatory support, reliability, a compelling business case, and, of course, standards on which
everyone can agree. This particular session is going to focus on technologys role in payments.
This includes the role of technology in standards; the role that technology plays in security
and authentication in a payment system; what standards work will be most critical in the future;
and whats needed in integrating back office and business practices to handle electronic
commerce and electronic payments.
Dan Schutzer, Vice President and Director of External Standards, Citigroup

It is a pleasure to be here today. I would like to give you my view of what has been happening over the last couple of years in terms of payments and commerce as they meet the
Internet. The Internet has this lure, this promise. It is low cost, and it connects everybody
everywhere, like the public switch telephone system. But, the Internet does not just connect
people; it connects people to machines and machines to machines. And, we can connect
to the Internet using any collection of hardware and software we would like. And it is
increasingly able to accommodate mobility as new kinds of Internet-capable devices emerge
(e.g. Internet phones and palm-sized appliances).
As the Internet grows, the amount of commerce conducted over the Internet has also grown.
And the rate of growth has been explosive. In fact all the Internet commerce growth projections to date tend to be conservative, understating the actual growth experienced. You hear
lots of ranges, but everybody keeps revising their numbers upwards. Despite all the concerns
I am going to talk about in terms of security, privacy, et cetera, the growth of Internet commerce remains exponential. One lesson we can learn from this is that people worry about
security and privacy as a problem, but do not act on those worries as long as nothing really
bad happens to them. If there is sufficient convenience and value, people will take the risk.
They do not want to pay too great a premium for security. And, as people get used to using
the new medium, and taking risks without any immediate adverse consequence, their comfort
and confidence in the new medium grows, their fears and concerns diminish, and they grow
increasingly reluctant to spend more money, or sacrifice performance and convenience, for
increased security. Our concern as a bank, is to take appropriate measures to reduce the risk,
keeping bad incidents to a minimum and under control, so that people do not lose confidence,
and the dramatic growth continues without any adverse incidents.
> 57
Online commerce, as people mentioned yesterday, requires secure, safe, trusted payment,
and lots of other auxiliary kinds of banking functions, such as escrow and credit. This includes
the need for authentication and authorization, privacy, service availability, and being able to
resolve disputes in a clear manner and to get recourse when there are problems. Authentication
in commerce is needed at many levels. We need to know who we are dealing with, that the
parties are legitimate, are responsible, can keep their word, can be trusted to maintain privacy,
confidentiality, are authorized to make commitments and payments, et cetera. Furthermore,
authentication and authorization (that you are who you say you are and you are authorized
to make whatever commitment you are trying to make) are often times linked together.
Authentication is a particularly hard problem to be solved in Internet commerce. We do not
have a good underlying authentication infrastructure today on the Internet. I will touch on
some of the problems there later in this talk.
> 58
It is also important to ensure that the information that is exchanged can be kept private to
the transacting parties, and that the parties can be assured that the information exchanged
has not been tampered with. This introduces additional authentication needs; e.g. the authentication of electronic documents. It also raises issues surrounding the need for privacy. When
information is exchanged, each party is concerned how the counter party will treat their information; that is how the information will be used, who it will be shared with, and whether the
counter party can be trusted to provide adequate security for any information that they maintain. We look to see whether the counter party has made any public statements stating their
privacy principles regarding these matters, and are concerned that if their privacy promises
are not kept, that we can get recourse. Another security concern deals with system accessibility; namely will the system be up and available when you need it. It does not do any good
if all the other security concerns are addressed, but the system is denied to me. Finally, there
is the need for being able to resolve disputes and other problems. I do not worry as much if I
know that when problems occur, they will be addressed and satisfactorily resolved.
Finally, there are always going to be trade-offs between the amount of security employed
and the risk exposure, cost and performance degradation one is willing to endure. There
is no such thing as perfect security. So how much security do we need over the Internet?
Only experience and the marketplace will ultimately determine this. There are still too many
unknowns to be sure. The truth is that the raw security technology being deployed over the
Internet is often stronger than the technology we currently use for our normal point of sale,
credit card, and check processing and cash transactions. Of course the risks in transacting
over the Internet are inherently greater and are more unknown. The very properties that make
the Internet convenient and easy to use, make it easier to commit criminal acts, and more
difficult to get caught, than at a physical point-of-sale. What makes secure commerce more
difficult over the Internet is it is not face-to-face, you do not see somebody, you cannot
stop them and ask for identification. At a physical point of sale, criminals can be physically
entrapped. They are not working at a safe distance in another city somewhere and electronically coming at you. Everything happens a lot faster, so I can conduct fraud more efficiently
over the Internet, stealing very small values but at great volume. Pennies add up in a hurry.
And I do not need much manual labor; I can automate this process.
Proceeding from
the Workshop on


Technological, and
Privacy is a real concern. What kind of information is being collected on me, how can it be
combined to find additional information about me? And how will this information be used?
Here, the concern varies from nuisance, telemarketing, junk e-mails, and so forth to much
greater concerns such as identity takeover, et cetera. There are lots of remediesbusiness,
technological, and legalthat have been proposed to protect ones privacy. All these remedies
require authentication because without authentication I cannot be sure they are who they say
they are and that I am really sending information to the right party. Furthermore, to obtain
recourse, I need to show that the information that I gave really went to the party that made
that promise.
One approach to privacy, which I think is misguided, is to say I am going to solve my privacy
concerns through anonymity. There are some legitimate needs for anonymity, such as the
ability to make a political statement without fear of reprisal, but the use of anonymity just to
ensure privacy is overkill. Anonymity comes with a whole set of issues, including the ability
for individuals to take actions and make commitments without any accountability.
There are tools that could help a person manage and control the information they are asked
to provide counter parties. For example, the payment information I give out could be stored
in some a digital wallet, where the digital wallet only provides this information to those
parties that are responsible and that have met my privacy criteria. Then there is technology
like Novells Digital Me that is a directory type approach that allows you to take personal
control over who gets what subset of your personal data.
Some information is collected passively without the need for a person to explicitly provide
information. For example a web site can keep a record of the web pages I visit and my click
stroke history. It can store this history on my PC in cookies so when I make a return visit my
past history of use is known. This information, that which I explicitly provide as well as that
which is passively collected, can be protected through the use of software agents that guard
my information and prevent its release to another party unless that partys privacy policies are
known and are acceptable to me. P3P is a World-Wide-Web Consortium (W3C) initiative that
provides the standard machine-readable language that would allow these software agents to
communicate and negotiate with one another. It could be used both by wallets and Digital Me
directories/information repositories, as well as other forms of software agents.
One thing for sure is that, as Internet commerce moves forward, the need will arise for many
types of trusted third party services. Just think of all the issues with an eBay auction in terms
of how sellers will be sure they get their payment and the buyers will be sure they get the
goods as advertised. What if the goods are not delivered as advertised, and I already paid
for the goods? Now consider business-to-business global commerce where parties that do
not have prior long-standing relationships with one another wish to conduct business with
one another. There are lots of services, such as lines of credit and insurance guarantees that
can be offered.
> 59
We have this difficulty in authentication and authorization over the Internet because bits can
be manipulated. And of course we do not control the network or the end user devices. They
are not in my bank, they are not in my lobby, they are not in the merchants point-of-sale. The
customer does not use devices that are provided by the bank. They use standard phones and
PCs and Palm Pilots that they have personally bought, and load their own software on them.
This hardware and software does not necessarily have all the protective features and safeguards that are put into bank controlled point-of-sale devices and ATM machines. Furthermore,
we need to have our solutions scaled from hundreds of millions to billions of users. Scaling is
part of the issue. I can find the technology and an approach that would work for security and
safety, but can I find that approach where I can continue to use this economically when it
scales up to that level?
Even if I could afford to provide a secure hardware device, such as a smart card, to hundreds
of millions of customers, these devices will leave the control and custody of the bank, and we
cannot control how they are safeguarded once it leaves our premises. Meanwhile, electronic
banking and payment over the Internet is increasingly becoming a big attractive target. It has
not been too big up to now, only a small percentage of the total GDP, only hundreds of millions of dollars. We are now seeing tens of billions of dollars being spent over the Internet.
> 60
I want to say a few things about public key infrastructures. Public key infrastructure (PKI) is
used both for encryption for privacy, and digital signatures and digital certificates for identification. Both uses are important. You need the encryption to keep the information secure; you
need digital signatures and certificates for the secure messaging and for the authentication.
There are however performance and cost issues surrounding the use and management of
digital certificates. The issue and management of certificates poses a practical deployment
problem. Issuing, renewing and revoking digital certificates for hundreds of millions of users
is logistically demanding. There are also problems with respect to interoperability and implementing a distributed trust hierarchy when there is more than one organization issuing
certificates. There are also issues dealing with the willingness of the organizations issuing
certificates to assume liability and risk in the event that their certifications are false and the
injured parties seek recourse. The FSTC has developed an electronic check product that
makes use of this technology. It is currently being applied to business-to-business payments,
with the Treasury and its vendors using smart card-based hardware to generate digital
signatures to make and receive payment. It also operates with palm devices.
There is more to security over the Internet than just PKI. We need firewalls to protect our
systems from break in and penetration of our files. And we need software to protect our
users from viruses that can take over, tamper with and/or clog our systems. There are all
sorts of process controls needed to protect a system from insiders turned bad. Criminals
can trick people into revealing their passwords and other secrets. This is called social engineering. A really secure system has to address all of those issues, not just the public key
infrastructure. We could have perfect cryptography, theoretically strong enough (e.g. long
enough keys) that for the foreseeable future no advances in computer technology, would be
sufficient to permit a viable cryptographic attack, and we can still see break-ins. And I might
Proceeding from
the Workshop on


Technological, and
point out that most of what we see today when we talk about the violation of the Internet
are not really attacks on the cryptography, they are attacks on merchant sites and the places
where passwords and other sensitive information is stored. We hear about university students
who advertise how they have been able to break-in and attack a particular cryptographic code.
But in practice we do not see those kinds of attacks very often. We usually see these simpler,
easier back door attacks.
We do not have perfect security in the real world. So, we build systems, processes, and procedures to alert us to suspicious activities, to detect and contain any security violations, and
to permit rapid response and remedies. Thus in a real world implementation, there is a tradeoff between the cost and the imposition of inconvenience on the customers, what they are
willing to accept and the level of security that you need, which is tied into the particular
business transaction and the risks exposure. We also have multiple overlapping technologies
all in various stages of maturity, most of them non-interoperable. So we need flexibility in our
security solutions and they must match the business need and risk exposure. We operate in
the physical world with this sort of flexibility, so why cant we operate similarly over the
Internet? As an example, just think about credit cards or checks. Yes, there is the same credit
card information that I have to send to my credit card processing network to get an authorization and then to later on settle and move the funds. But the way in which I send you that
information is quite variable and situation-dependent. It accommodates whatever the business
situation is. So if when we pay at a physical point of sale device, we swipe that card and sign
a receipt. But when we place an order over a telephone, no signatures are collected and the
card information is spoken. We then relax and change our liabilities to match this relaxation in
security and authentication. We try to compensate for the increased risk of fraud by matching
the address of the person where the goods are going to be delivered to their billing address,
and performing other such checks
> 61
If we are trying to safeguard the demand deposit accounts, then we even go a step further.
At that same point of sale, we ask for encrypted PINs, so you not only have the card that
can be swiped and copied but you have to know the PIN as well, it is a secret in your head.
This is called a two-factor protection system. So we get these tools of biometrics, encryption,
authentication, authorization, shared secrets, and physical tokens (e.g. cards), and we use
them in varying combinations to meet the need of the business problem. We need an architectural framework that is sufficiently flexible to allow each business to independently pick
and choose the right level of security for their business need and still interoperate. Such a
framework should be able to allow the interoperation of this stronger digital signature technology with much lighter simpler technology, such as sending unsigned financial information
over encrypted lines, as is currently done with credit cards over Secure Sockets Layer (SSL)
today. This would allow banks and customers to supply the right level of security to match
the business need and to substitute stronger technology as the performance improves and
the cost drops, and the ubiquity gets there.
We hope to launch a project in the FSTC called FAST (Financial Agent Secure Transactions) to
develop such a flexible, technology neutral framework, to addresses many of the authentication
issues (technical and business) discussed earlier, including a user-friendly implementation.

Such an authentication framework could be applied to address a number of needs, including
supporting the secure payment over the Internet for a variety of applications. The bottom line
is we are likely to see all the standard types of payment (debit and credit) that are used in the
physical world today adapted for use in the Internet. And that they will be most successfully
adapted when the security technology is adjusted to meet the business need. And since
security will never be perfect, and there will be multiple parties, we need processes and
operating rules to resolve conflicts, errors, disputes and recent problems.
Another item to think about is the wallet. This is based on the idea that we would like to make
things easier for people to have their information held and safeguarded. A wallet can be
implemented to reside locally on your PC or palm device, or remotely on a server communicating through a standard browser, or as a hybrid of these two extremes. Each implementation approach has its pros and cons. For example, you might feel more secure if its on
your PC, but it lacks portability. In this case its wed to your PC, and it does not work too
well with memory constrained devices like a network appliance, a set-top box, or a public
kiosk. Furthermore the wallet can be associated with a merchant or can be used cross web
sites if operated by a bank or portal. We are beginning to see a number of different wallet
implementations and business approaches in the market place. Consumers and merchants
are likely to have to support a rich and diverse variety.
> 62
So, to make the transfer of information from a wallet to merchant and vice versa easy, we
need some way of standardizing what that information is and how it is represented. And
there is a standards group addressing this need. It has produced ECML, Electronic Commerce
Monitoring Language, which has already specified the first draft for such a standard for the
exchange of information from a wallet to merchant. This first draft just addresses the transfer
of credit card and shipping information but hopefully will be extended to include other kinds
of payment products and other information soon. The initial version is specified in terms of
HTML, but a newer version has been specified in terms of XML (Extensible Markup Language).
XML provides a more powerful way of expressing that information rather than just a Web
page with HTML tags. HTML tags are really designed as a language for expressing how to
visually present a page to humans. For example, the tags tell the browser where to put a
title, a link, or an image. For a wallet to merchant server, we would prefer a language better
designed to support the exchange of information between software applications.
XML is such a language. It allows machines to communicate with each other efficiently over
the Internet. It is a standard that has come out of the World Wide Web consortium and has
had rapid adoption by most of the vendors. One of the reasons why it has rapid adoption is
because it is light, low cost, small enough that all the vendors can agree upon it and still
sufficiently flexible and open to allow each vendor to freedom to develop differentiated
products and to pursue their proprietary needs. It is also of the Web, which is where all the
action is. So look for more products and standards based upon XML. Just to give you an idea
of what the banking community is doing, the latest OFX (Open Financial Exchange) version,
the personal finance module interchange standard, is expressed in XML. So if you are talking
Proceeding from
the Workshop on


Technological, and
about home banking and so forth that that will be XML-based. ANSI EDI (American National
Institute of Standards) standards are now looking at specifying things in XML. And there are
efforts at producing an XML digital signature standard. FSTC developed an Internet payment
systems standard in XML. And there are a number of XML-based standards initiatives in the
electronic commerce space.
Guy Tallent, Chief Executive Officer, Identrus

I certainly appreciate the opportunity to share with you some of the thoughts that I have and
my company has had on electronic trust, which really picks up where Dan Schutzer left off
and speaks to the authentication component of digital certificates, digital signatures. It also
picks up on how businesses can use those on a global basis as opposed to simply within
closed community groups as we transcend from islands of trust, which are typical in a user
I.D. password world, to a ubiquitous mechanism. Identrus and its global financial institution
partners have focused on this topic for about 24 months to date. We started principally by
looking at the customer use side of this. Our fundamental objective was to make the technology
seamless for the end user so they would in fact adopt it and so the system would in fact provide advantages to the banks in servicing their customers. At the same time, it would provide
advantages to the customers themselves in using it with their trading partners.
Before I speak to how Identrus satisfies a lot of the requirements of authentication, I would
like to touch on the context behind what is required for e-commerce in general on a global
basis. Fundamentally, it requires a global approach, and this is for the simple reason that
customers and the Web are predominantly global. Secondly, from a technology standards
perspective, we look at open standards as a fundamental component. It is certainly an
underpinning for all of e-commerce ensuring that technology standards are ubiquitous and
customers are using the same standards in an open way. However, that in and of itself says
nothing about trust in the context of who I am dealing with over an open network connection,
over the Internet. We have placed a lot of our effort over the last 24 months in looking at the
business process. This includes the ways in which a bank would deploy and sign up their customers, know your customer practices, and ensuring that as a bank identifies their customers,
provides them with a bit of technology, that there is a consistent process in place on a global
basis. So a company in Lima, Peru, or in Kuala Lumpur can effectively be trusted in the same
way that a company in Michigan, U.S. could be.
So we have looked at trust infrastructure from a risk management perspective to the receivers
of certificates, the users of certificates, as well as from the banks perspective on how do you
effectively manage and meter that. And I will share with you some thoughts on that as well.
We believe that as the technology is deployed, and Dan mentioned one thought that I think
is shared by all of the members of Identrus, banks and the companies alike, business will
drive the technology. When we look at the business-to-business space, we focus it now on
the core elements of providing a business user the ability to sign documents and to sign
messages. This allows businesses to engage in commerce and is the fundamental element
> 63
that needs to be focused on. It must be simple so I know that I am signing something and
that I am binding my company to a transaction. If the signing process changes each time with
every trading partner, you create confusion and ultimately we believe that you would lower
the penetration rates in e-commerce in general.
The partners that you can see for Identrus illustrate our global approach to this. European,
U.S., and Asian partners are at the table already and we are continuing to add to this list as
we proceed. Currently our member institutions represent customers in more than 100 countries globally, and we are looking at each of the practices that would be necessary in each of
those countries as we expand. From an infrastructure perspective, I will not walk you through
all of the components here, but as I said, digital certificates and the signing capability is fundamentally underpinned by a secure architecture (See Figure 4). What Identrus is doing is
specifying the standards of operation for the technology components in a secure environment. This also outlines the technology standards that allow for interoperability on a global
basis. This interoperability starts at the root itself, coming down to the certificate authority
level, which would be a member financial institution. The financial institution would select
their own technology provider consistent with the technology standards that we have adopted
and work all the way down to the end user (the business user). Our infrastructure requires a
hardware-based security token, again picking up on the notion of combining what a user has
in their physical possession with what they know in terms of a pass phrase to activate the
signing activity.
> 64
The second component that we have spent a great deal of time on is the contractual binding
within the network. I probably was surprised myself, but in this perspective the law is our
friend. This is because, at the top, Identrus sets out specific operating procedures, know
your customer compliance rules, and security policies (all of the necessary components for
an institution to put in place a controlled and managed risk environment). This ensures by
contracts with Identrus and with its other member institutions, that if they fall short, they
bear the responsibility to the system for their own actions. Taking it one level down between
the bank and its customer, we have defined and set out certain core provisions that would be
required in a corporate contract between the bank and its customer. Now we are not specifying the contract per se, or the specific components of the contract, but the end user must
sign and agree to certain core provisions.
These provisions differ depending on which side of a transaction you are on. As the holder
of a certificate, they simply say that you agree that when you sign something, you will know
when you sign something and that you cannot dispute the fact that you signed a message
when in fact you did. On the receiving side you are agreeing to a core provision that says
when I receive a signed message, I recognize that I cannot trust that signature unless, in fact,
I go back to the issuing institution and validate the current status of that signature or certificate itself. When put in place all of that enables each of the parties to control the risks of
bearing and using the signing device in an open environment. What Identrus provides is a
warranty mechanism for the seller to request and receive, for a specified dollar amount and
a specified time period, identity assurance. If there is a problem with the identity, you have
Proceeding from
the Workshop on


Technological, and
Figure 4: Identity Assurance for Users
IDE
RU
T
N
Relying
Participant
n&
Issuing
Participant
tio
ida tity
l
a
V en e
Id ranc s
su ay
As 0/30 d
,00
$1
Real-time
Certificate/
Identity
Verification
Sponsor
Corporation
Sponsor
Corporation
> 65
?
ay
eB ?
to b id
w I ll ?
N e d o I s e s a fe!
w
e
H o d o a y is fr e
w
H o y e Br, it 's
h
W is te
g
e
R
W
NE as
X 'ms
CD
Message/
Offer
Firestone E-Bid Form
Purchasing
Manager
Company: XYZ Corp.

Agent: John Jones
Quantity: 1,000
Price: $100/ tire
Total Value: $100,000
Delivery Date: 6/15/98
an
o rd
lJ
a e tt e r
ic h o
M y P re w s
rr D ra
Ha ncy ame s
te
N a e o C P la
s
ic id a y
ve
us V o li d
M
oti
H
s,
m
le
r sa
s fo w !
em no
1 it ri es
es
8, 50 go pa ge
dg T!
3, 39 8 ca te lli on !
rt ri H O l
bi th
C a rs ! n d
2, 56r 1. 5 m on
ck Hou Bu
ve pe r
la
B
re
O
s
s B 32 wa se 4M
vi ew
ri e s ! o ft C a , 6
S e a rd e S if t_ H D
00 e C ug _G GB t
to es vie s
/5 0 o n H e n .5 e
Autiqu Mo mp
0 0 P h ts !! e te 8 , 6 g S
/4 0 te u lv 9 in
Anoks, Sta
0 0 u N e in a rr
&
2 0 M in I' m h _ V w /W & E
Boins bles
o n e r k s it m e
a n t P h in _ W te ra c
Collectiters s s
s C C e n e T P e n S y s k -B
re
if
z
Compu igu tion ne
_
1 W od H ec
F c
y o M N
Co lls, olle mstonics
M e w 4 6 6 s ta l
e
s
Do at C , G ctro
R o ro n C ry
y
le n
Gre elr Elelass ilia h C e tr ia
w &
s
Je oto & GorabPlus A u
Phttery em Bag
Po ort Mean us
o
Sp s, Bane
y
To cell
is
M
in
Sales
Agent
a mechanism for recourse. You can go back to the issuing participant, who in turn may go
back to its own corporate customer by contract to say your procedures fell short and I need
resolution on the goods or services that I was seeking to offer. This helps the seller manage
the risk involved in the transaction.
I would like to now touch on how the financial institution and the certificate holder can use
the same warranty mechanism to manage their risk. Every certificate within Identrus bears
a maximum amount of warranty or assurance that can be offered at any one given time. That
is set at the certificate level or the end user level. But at the time of sign-up that card would
have a maximum amount of risk or assurance tied to it. From there you simply aggregate to
a company level and to the bank level. It is at the bank level that Identrus plays a role in
ensuring that the maximum of all of the outstanding warranties within the system for the
bank cannot exceed a maximum risk limit for that bank. That is a component of the system
that Identrus monitors on an ongoing daily basis in real-time to assure all of the users that
no bank is exceeding its limits. What this enables companies to do is to sign not only at the
payment stage of a transaction, but it actually allows the end users to use the same signing
device early in the transaction cycle. So it creates a seamless environment for end users to
end the transaction with a trusted identity. No longer will we have the bifurcation between
EDI and financial EDI where companies are dealing in two separate spaces to handle different
pieces of the same commerce transaction.
> 66
From a company perspective, where do we stand? We continue to develop and deploy our
architecture and are on a path for deployment in the second quarter of 2000. We formed an
independent company on March 5th of this year (1999). New member sign-up continues to go
exceedingly well. Banks globally are our channel partners so it is very crucial that we continue
to have success on that side. The development of the operating rules is largely complete. We
continue to work with our bank customers as well as with the vendor community making sure
that our technical specifications, as well as our operating rules themselves, fit together and
provide a workable and extensible solution to the marketplace.
We have completed a pilot of our system with each of the original eight banks. That pilot was
extremely successful. We are now moving into the next phase, which is an interoperability
phase and testing various banks and their technology providers of choice to enable them to
interoperate on a global basis from a technical perspective. At this point we will also begin to
test some of the operating rule components, the manual procedures and process components
that would allow a bank to begin to operate in a safe and secure manner. Our banks are working with some of their customers in an exploratory phase to look at how those customers
would then integrate the technology and procedures into their end user applications.
For example, Bank of America recently announced an agreement with Cisco where, as the
Identrus solution becomes available, Cisco would be adopting the Identrus standards and
mechanisms for their leasing unit. From a business perspective we are talking about taking
20 to 30 days of contracting time down to a period of two to three days simply by automating
Proceeding from
the Workshop on


Technological, and
that transaction cycle. This shows that a significant increase in revenue from the business
community perspective is possible. That should give you a good idea of how the market is
likely to develop going forward.
To sum up, e-trust, from our perspective, is fundamentally a critical component to all of
e-commerce. Dan had mentioned in his remarks that security, privacy, and all of these trust
components are assumed by customers. In our customer research within Identrus, that
absolutely holds true. We do not want to get to the perspective of having a mistake or a
problem surface. We want to simply provide some solutions that raise the bar for security
and privacy in a controlled risk management environment to ensure that companies can pick
up on the growth rate that is forecasted and ensure that they can reach those forecasted
growth rates.
> 67
VIII. The Laws Role in Payments

Stewart A. Baker, Partner, Steptoe & Johnson (Moderator)
I cannot help but think of a conversation I overheard at home. My daughter said she wanted
to be a lawyer when she grew up and my wife said, You cant have it both ways. This is a
panel of lawyers, and we will be talking about a variety of legal issues. Were going to try to
leave a lot of room for discussion with the audience if we can, so Ill be calling time on people
after about ten minutes.
David Goldstone, Attorney, Office of Computer Crimes, Department of Justice.

The primary subject of my remarks today relates to legal issues in electronic transactions and
specifically the Justice Departments ability as litigators to litigate fraud cases that can arise
out of electronic transactions. We act as litigators with a very large client that happens to be
the federal government, and the federal agencies are under a mandate from Congress that,
where practical, they need to take all of their processes electronic by 2003. So they are gearing up to try to take as many as possible of their processes electronic in that time frame. In
most cases, the conversion to electronic transactions is promising. We encourage agencies to
proceed aggressively while weighing and minimizing risk. And we are trying to work with them
to ensure that they can do that in a way that preserves our ability to litigate and prosecute
cases. I will touch on a couple of the major legal concerns that arise out of those discussions,
and then I will touch briefly on another role that we serve at the Justice Department, which is
prosecuting hackers. And hackers and security concerns are obviously another major concern
when you take your processes electronic. So I will briefly touch on those issues as well.
> 68
Before I get into the specifics of what our concerns are, I would like to emphasize that our
clients, as it were, are federal agencies. And federal agencies stand in different shoes from
many private sector firms when it comes to taking their processes electronic. So I do not
want my remarks to be understood as perfectly applicable to firms in the private sector, but
maybe they can provide some insight at a practical level at what the issues are that we see.
We as the federal government take all comers. In the private sector you put enormous
resources towards monitoring your customers, probably more than we do. You may have
more state-of-the-art technology and you may hire away some of our best staff because you
pay higher salaries. Many federal agencies are subject to heavy restrictions on how they can
use information. Nonetheless, we have identified five general areas of legal issues that apply
to agencies when they take their processes electronic.
The first one is the availability of information, the second is the persuasiveness of that information, the third is the legal enforceability, the fourth are process restrictions and responsibilities such as FOIA or the Privacy Act, and the fifth is admissibility. Of those I would like to
focus today on the first two, the availability of information and the persuasiveness of information. Because I think that in my experience making sure information is available by the time
litigation arises is a process that federal agencies generally know how to do very well in the
Proceeding from
the Workshop on


Technological, and
paper realm. Whereas in the electronic realm they are just learning how to do it, and they
need to pay attention to it.
Our private sector counterparts may have the same need for learning, because for the information to be available when we need it at some later date, which could be three to five years
later, the information collector has to take three separate steps. Each of them has to be done
correctly and reliably and each of them is easy to do in the paper world, but may not be easy
to do, or we may not yet have learned how to do it in the electronic world. And this is not a
legal issue in the technical legal sense that we need a statute passed. It is a legal issue in the
sense that lawyers have a longer time frame, that lawyers are often dealing with contracts
that are made years before, whereas the technology people that I work with often have a
very short time frame. These individuals want to get the system working so that five minutes
after the information has been collected they can read it.
The three things that an agency needs to do right, or a company needs to do right, when it
is collecting information to make information available are (1) collecting it, (2) retaining it and
(3) making it accessible. Now, collecting information does not sound like a very difficult task,
and certainly the way we collect information in the paper world is we allow people to write
it on paper and then we have collected the information. So why should this be so hard in the
electronic realm? Let me give you some examples of experiences that I have had. First of all,
when we collect information that information is usually transmitted to us within a context.
The federal government has many forms. When a person fills in their tax form and they mail
it in, we are getting more than just the answers to the question. In other words if the number
$10,000 is entered on a tax form, we get more than just the number $10,000, we get $10,000
in response to a question. That question might be What is your income, it might be What
is your deduction, maybe What is your tax owed. But that $10,000 has no independent
meaning. If you take that tax form and put it on the Internet in an HTML form, you can collect
the information that the person enters. However, the record that the computer system administrator may ordinarily save is just the answers that the person put in the boxes; they may not
collect the questions. The problem is that forms change. Now, you can keep careful version
numbers of which form is in use. But that requires a process of a record keeping of which
forms were in use on which days and ensuring that the version numbers are updated on a
regular basis, because otherwise the information you collect will effectively be meaningless.
In the paper world we do not have that problem.
Whenever I have done a fraud case and I get the relevant form, always stapled in the upper
left-hand corner to that form is the envelope that the form was mailed in. Now, every federal
agency saves these envelopes. I do not know if they do so in the private sector as well. But
I think that there is actually some information on that envelope. There is a postmark that
gives not only a date, but also a place, and it provides some limited amount of information.
My point is that within a process we have many ways of collecting information. It could be
the receipt of an envelope or it could be that we have the person send in a form that we mail
to their address. Here by the fact that they are returning to us a form that we mail to their
address, we have a specific physical place where we know they live, and that can help us
> 69
in our fraud investigation, or any investigation. If we transmit that to the electronic realm and
we e-mail them the form to their Hotmail account, we may effectively know nothing about
them, because of course you can get a Hotmail account by providing no information whatsoever. So when we talk to agencies about collecting information, we ask them to look at
the whole process. Retaining information is another process. In the paper context, to retain
information, just take the papers, put it in a warehouse and make sure the warehouse doesnt
burn basically.
In the electronic context electronic data is more fragile. Electronic data is susceptible not only
to say hackers, but also to corruption, magnetic disruption. But more than that, I have worked
with many agencies who tell me every two years they change their system. And whenever
they change their system they go through a process that they call data migration where
they take all the data from one system and migrate it to the other system. I have also found
that often in the migration some of the data does not make it the whole way, it gets cut-off
somewhere on this migration, and then the agency has not done an effective job of retention.
> 70
The final step is accessibility. We need a way to look at the data today that was generated
five years ago. And hard to imagine, but five years ago I bet no one in this room had used
Netscape ever, because five years ago Netscape had just practically been invented. And who
is to say what kind of technology we are going to see five years from now. We need the data
thats generated today to be accessible by technology five years from now. On the persuasiveness point, electronic data when it is collected, retained and made accessible, when
we look at it, often is understandable only to the technology people. Now I am a technology
person. I am sure many of the people in this room are technology people. I am sure we all
are comfortable with encryption and public key infrastructures and certificate authority. But
a lot of our customers out there are not as comfortable with this, and many of our disputes
are with our customers. In resolving the dispute if we are going to tell our customer that
they signed a certain form, then we have to be able to persuade them that they in fact were
the ones who signed the form. And if they disagree, they will litigate it and then we have to
persuade a jury of 12 people off the street of the information thats contained in our electronic
form. And particularly for the government the juries may not believe that the information
stored in government computer systems is 100 percent perfectly reliable unless it is simple
and easy to understand. So we try to counsel our agencies to develop the data in a way that
will be persuasive.
Let me finish with a note on hackers, because prosecuting hackers is one of the things we
do in the Computer Crime Section. We have long seen a continuing tension between access
and security, and as is more money going into e-commerce we are seeing more of a pressure
being placed on access and less weight in many firms being given to security. Security is
often seen as an afterthought. But security is obviously quite a serious issue if you want
to prove a case a couple years later when the system has been ravished by hackers in the
interim. So we expect that tension to continue. On the upside, in the private sector I would
say many hackers are disgruntled former employees. And that provides a possibility the
private sector might be able to control the risk there. This is the case particularly in a world
Proceeding from
the Workshop on


Technological, and
where the old model security was a perimeter model and where access to the system was
very severely restricted. But then once you got into the system, the data was relatively available and the new model which much more heavily relies on encryption and use of encryption
products, and with this new model there is substantial hope for much improved security if
attention is paid to it.
Thomas Smedinghoff, Partner, Baker & McKenzie, Chicago

I want to focus on some very basic issues that we need to consider when we want to move
from the paper world to the electronic world. And I want to start it out by focusing on the
three most fundamental issues that we need to consider whenever we want to move a transaction from a paper-based medium to an electronic-based medium. The first question is quite
simple; Is it legal? That is: Can I do this? Is it enforceable? For example, can I enter
into a contract electronically? Can I create an electronic check? Can I store value on a smart
card and use that card to transfer value without generating a paper receipt? Whatever it is
that I want to do, can I do it electronically? That is the fundamental threshold question that
we have to address. This issue is also the subject of most of the legislation that we are
seeing right now being promulgated both at the state level and at the federal level. But
it is a very threshold question.
The second question, however, is the question that perhaps deserves more attention, and
that is the question of trust. Do I trust the message? Am I willing to act in reliance on this
particular electronic message? Am I willing to transfer funds? Am I willing to change my
position? Am I willing to ship product? Am I willing to do things that, in theory, could create
a loss if the other party does not perform or if the transaction is fraudulent? And how can
I tell at the time of the transaction whether or not I can act in reliance on this message.
Because after all if we are doing things electronically the goal is to do them in real-time,
do them as quickly as possible without taking the time to have to go back and check out
the transaction more thoroughly. The third question that we have to face, is quite simply,
what are the rules that govern this kind of transaction? Can we take the same rules we use in
the paper world and simply apply those in the electronic medium? Or have things sufficiently
changed because of the new medium that we need to consider a new set of rules, or at least
some changes in the existing rules that applied in the paper-based world?
I want to focus, at least initially, on this whole question of trust and what are the issues that
we are grappling with in trying to address the question of trust. In many respects this is the
most important issue that we have to address for electronic commerce. UCC Article 4A deals
with that issue, but only in the context of electronic funds transfers between businesses. We
need some ability to determine whether a message is trustworthy at the time the message
is received, at the time we need to react. If we look at this question of trust in a little more
detail, it basically has three elements to it. The first is what we call authenticity. Who really
sent the message? Was it really from Bill Gates? How do we know? How can we tell at the
> 71
point in time that we get the message? The second is integrity. Is this really the message he
sent? Was it really a $10,000,000 payment instruction as opposed to $1 million or something
else? And then third is the question of non-repudiation. Are we going to be able to prove this
up in court from an evidentiary perspective if in fact that becomes necessary?
And in many respects non-repudiation is the ultimate issue that we have to deal with. If I
have to go to court because Bill Gates claims he did not send that message, how am I going
to ensure that he cannot falsely deny he sent it, or that he cannot falsely deny the contents
of that message? At the time I have to decide whether or not to act on that messageI
would like to have some reliable indication as to whether or not that message is valid. But
when we deal with this question of trust we have to recognize that it is a relative concept,
and that our response has to be based on the extent of the risk in each particular transaction.
If I am Amazon.com and I am selling $20 books over the Internet, I probably do not need to
do a lot to deal with the question of trust. If you type in your name and a ship-to address
and give me a credit card number that ties back to your name and ties back to your ship-to
address, I am probably fine. I will go ahead and ship the $20 book. I will take the risk. The
worst case is I am out the $20, but as a practical matter that probably is not going to happen
very often when those other indicia of trust are present. If I am doing $10,000,000 transactions that require instantaneous action, perhaps I want a little bit more to establish this
trust. So, we have to balance the risk against the cost, and look at our potential loss in order
to decide what we need to do with respect to trust.
> 72
Now if we look at the technological solutions, the focus has been on digital signatures. A
digital signature is a cryptographically-created way of signing an electronic message, which
if done properly, provides a very, very reliable assurance of both the authenticity and integrity
of the message. But this is, of course, a very big If. We need to have some mechanism to
ensure that is done properly. That is where we get into the legal side of this whole situation.
How are we going to approach trust from a legal perspective? Some of the basic approaches
that have been talked about, that have been implemented, at least in some legislation, have
to do with what are called attribution rules. This helps answer the question when a message
from Bill Gates comes in, under what circumstances are we going to decide legally that in
fact it was sent by Bill Gates?
One controversial approach to this issue that some legislation has taken is to establish a presumption. This means that if you do things in a certain way, if you use a certain technology,
and if one, ten, or 50 other factors are present, we are going to presume that it was Bill
Gates that sent this message. This relieves the recipient of the burden of proving it was Bill
Gates that sent the messages and puts the burden on Bill to prove that he did not send the
message. But then we get into questions of how does he prove that, and how do we decide
under what circumstances this presumption should apply. And, most importantly, should we
have a different rule for consumers, just like we have with credit cards and with ATM cards.
If somebody goes to my bank, uses my ATM card and types in my number, there is not necessarily a presumption it was me. If I deny that transaction the bank has to put the money
back in my account. Should we treat consumers differently in this world is a key question.
Proceeding from
the Workshop on


Technological, and
Another key issue is how do we determine when we are going to legally consider a particular
technology or a particular procedure to be trustworthy. We have a number of questions to ask
here. Is the technology good enough? How do we know when a particular technology is good
enough? Even if it is a good technology, it can be implemented wrong. So how do we know
when it is applied properly such that it is trustworthy? And how do we know when and under
what circumstances it is commercially reasonable to use a particular technology? Some technologies, and this has certainly been the issue with respect to digital signatures, are very
complex. And maybe again in a consumer context thats not an appropriate way to go about it.
Those are the kind of questions that we are trying to wrestle with. And what we are basically
seeing are two legal approaches to this. One is to pass legislation, and the other is to develop
private legal infrastructures. Several states in the U.S. and several other countries have passed
digital signature statutes. These statutes focus on the cryptographically-created digital signature and define the rules regarding how you have to use it in order to get a presumption that
will provide the legal trust that you are looking for. To provide presumptions, however, we
need to impose some quality control on the process. To accomplish this, some states license
or audit the certification authorities that are necessary for this process so we can make sure
its done right. But then you have different states doing different things and licensing under
different terms, and how do we do business across state borders, much less across country
borders? We do not have any consistency here on that approach, and it is real questionable
as to whether that is going to ultimately bear fruit.
The other alternative that we are seeing is to set up a private legal infrastructure. That means
lets take all the community of people who are going to be involved in these transactions and
lets have them contractually agree on what the rules are and contractually agree under what
circumstances we are going to trust these messages. And that way we have the uniformity
we need, we have the agreement we need, and we go forward on that basis. We are seeing
a number of projects taking that approach. And this is a very short list of some of the key
examples. The automotive industry has done it between the Big Three and their suppliers
for purposes of electronic transactions for purchases of the component parts and so forth
that go into the cars. The banking industry has a number of initiatives underway. Earlier
today you heard about the Identrus approach. The American Bankers Association through
its ABAecom subsidiary is also working on an approach in this area, as is NACHA, the
Automated Clearing House Association. The credit card industry has set up its SET, secure
electronic transactions protocol. This has not really taken off, but it is an attempt to do the
same thing. And the federal government recently announced its ACES project whereby it
wants to provide government services to citizens using digital certificates, again in the
context of a private legal infrastructure where the rules are established basically by agreement. If we are going to do that, however, we need enforceable contracts, we need people
to be bound by appropriate agreements.
How are we going to make that happen? We can have them all sign a paper document, but
that does not seem to work well for electronic commerce. Instead, perhaps I get on the
Internet and I agree by clicking on an I accept buttonthe click wrap concept. Another
> 73
approach is agreement by conduct, especially in the digital certificate area, by using a certificate that is evidence of my agreement to be bound by certain terms. And then we have got
a whole other issue of incorporation by reference. I have got a lot of terms I want to have
people bound by. I do not want to have them all displayed on the screen because nobody is
ever going to read it anyway. So I will just say, by the way, I am incorporating by reference
this 100-page document that sits over here, which of course every consumer will thoroughly
read before they agree. Those are the kind of issues we are wrestling with. Not necessarily
a lot of answers here yet. But this is sort of the set of questions maybe that we need to deal
with in terms of how are we going to set up a private legal infrastructure. Further information
regarding pending and enacted electronic commerce legislation in the U.S. and worldwide is
available at my firms website.
Amelia Boss, Professor of Law, Temple University.
> 74
Although it was said earlier that the lawyers were here to clear up confusion, too many
business people think that lawyers actually obfuscate. Lawyers are viewed as obstructionists,
standing in front of the person from industry who wants to move forward and compete in the
marketplace. One of the real challenges is to reconceptualize the role of the lawyer in working
towards e-commerce solutions to problems. Any business that is moving forward has to think
about a strategic alliance between three different sets of people. One set, of course, includes
the business people that are considering the implementation of various business models for
conducting trade online. The second group of people is the techies, as we fondly refer to
them, who come up with creative solutions for such important issues as security. And last,
and often the least, is the lawyer who is concerned with the types of questions that Tom
Smedinghoff raised earlier. Indeed, Tom posed three in approaching an e-transaction: Is it
legal? Can I trust it? What are the rules?
I am going to take issue with Tom on one very important point: his focus on trust. The whole
concept of trust is one of the very important problems underlying any electronic commerce
transaction. But I would submit to you that trust is just as important in the telephone transaction, in the face-to-face transactions, in the large transactions that I will explain. Of course,
we have learned how to evaluate peoples trustworthiness in these situations. The fundamental point is that trust is something that is not a legal issue. Trust is an accumulation of experiences. Trust is the building up of relationships. Trust is looking at and evaluating technological
solutions. But ultimately, you cannot legislate trust. Just as putting on a dollar bill In God We
Trust hasnt really done much for religion in the United States.
But, let me go back to really what the function of the lawyer is. The function of the lawyer in
facilitating electronic commerce is really divided in two ways. First, in the individual transactions
the lawyers important role is evaluating what risks might be inherent in those transactions
and using traditional legal tools such as contract to allocate those risks. This angle is familiar
to all transactional lawyers. In the banking industry you are familiar with bank customer agreements, interbank agreements, and the area of Identrus. In his explanation of Identrus, Guy
Proceeding from
the Workshop on


Technological, and
Tallent talked about the contractual relationships between the parties. And that is all very
important, but it depends upon two things; one, the identification of those risks inherent
in the transaction; and two, the ability to allocate those risks, for example, by entering into
contracts with other parties.
What is the second role that the lawyer can have? It is to identify legal barriers and work
towards the removal of those barriers. And it is that particular point that I would like to
addressthe removal of barriers, particularly through the enactment of legislation throughout
the country, and throughout the world. The area of electronic commerce and the barriers to
electronic commerce have actually been talked about for decades. You can go back in the
annals of the United Nations, for example, and find discussions of these issues back in the
50s and 60s. But it has really been only lately that people have begun to think about
removing all these types of barriers.
Right now efforts are underway in multiple fora. What I would like to do is sketch out for you
what those multiple fora are, talk about the different kinds of approaches that are being used,
and then tie it all back to payment systems and some of the things that you can look at traditionally. Initially, on the international level, there has been has been proceeding primarily within
the United Nations Commission on International Trade Law, or UNCITRAL, where the barriers
to electronic commerce and their potential removal have been the focus of extensive study.
UNCITRAL in 1996 adopted a model law, and its primary goal was to remove the barriers to
doing business electronically. This model addresses the first issue raised by Tom: Is it legal?
Do I have to get it in writing? What is a signature when I need to sign this? The UNCITRAL
model law establishes a basic principle that is now being heard throughout the world: an electronic message should not be denied legal significance solely because it is in electronic form,
the basic principle of nondiscrimination. Of course, the UNCITRAL model law is simply that, it
is a model law. Nonetheless, its influence is being widely felt, even in the United States.
The model law has been enacted in a number of countries. In the United States, however, it
is not that easy. In the United States we have a federal system and commercial law reform
proceeds state by state. Congress may become involved in the exercise of its power over
interstate commerce. In that regard, there are two very important initiatives you should know
about. On the state level, there is a large probability of non-uniformity. To prevent such nonuniformity, the National Conference of Commissioners on the Uniform State Laws, referred
to as NCCUSL, was formed over one hundred years ago. This past summer, the NCCUSL
gave its final approval to a new proposed uniform statute called the Uniform Electronic
Transactions Act, or the UETA. The UETA is a suggested and strongly urged model for all
states to adopt. In a few months since its finalization, it has been introduced and passed in
California, Pennsylvania, Virginia, and is under consideration in Kentucky and Maryland. The
next year should bring a number of enactments of the UETA. It is something to look for.
There is a second product of the national conference that I am going to mention solely to
mention it and tell you it is different, and that is known as theit is UCITA, the Uniform
Computer Information Transactions Act. It is very different than UETA and they should not
> 75
be confused. UETA deals with online commerce and removal of barriers. UCITA deals with
software transactions and the licensing of software. Its scope is quite broadbut only a small
portion of the UCITA deals with the issues covered by the UETA. On the federal level, a lot of
legislation has been introduced but very little of it has been passed. There are two bills, one
passed by the House and one by the Senate, dealing with electronic commerce. In each case,
the legislation is intended to secure a supportive role for electronic commerce. It is intended
to make it valid and enforceable for parties to do electronic commerce, but it does not prescribe how electronic commerce is to be done. It does not prescribe how businesses are to
act, but simply enables them to act.
Indeed I think it is reminiscent of what Roger Ferguson said this morning in his opening
remark. He cautioned against premature standards setting. He said one of the problems with
premature standards setting is that the technology may not be fully developed at this stage
for us to set standards, and business models may not be sufficiently crystallized for us to set
standards. You see the same problem with the law. If the law sets too many rules it runs the
risk that technology will develop in a different way, or the business practices will develop in
a different way. The key to both federal and state legislation is that they do not regulate but
enable; they remove barriers without establishing new ones. Moreover, the federal legislation
at the same time that it supports electronic commerce will defer to the law of any state that
has enacted the Uniform Electronic Transactions Act. If the state has not enacted the UETA,
state law is preempted.
> 76
How does this tie back to payments? One of the more traditional payment devices is the
traditional check. There have been a number of discussions over the past couple of days
about how one migrates from checks to online commerce. This is something that this new
legislation does deal with. The UETA, and the federal legislation, appear to dispense with
any requirements of paper and signatures. But what does that mean when you have a check?
What does that mean when you have a promissory note? When you think of check you think
of a piece of paper that you can take and you can negotiate and pass on to someone else.
What does it mean to get rid of the paper? From a legal perspective, paper has always been
important for one key reason; the person who has the paper has the rights in the paper.
Everything is bound up in possession. This is the basic the concept of negotiability. If you
have possession of the paper, you have the rights embodied in the paper. In addition, the
paper has been important because the person who possesses that paper may qualify under
the law as what we call holder in due course. You not only get that paper, but you can cut
off defenses and rights that other people might have to a claim on that paper.
People in the mortgage industry are well familiar with this concept: when you purchase notes,
take possession and are a holder in due course, you can enforce them and not worry about
any of the defenses. How do you translate that concept, the concept of possession and
greater rights into an electronic environment? An illustration: If I have a paper message and
I handed it to Stewart, I would not have the paper any more. On the other hand, if I had an
electronic message, I could store my electronic messages in my out box. I can then send the
Proceeding from
the Workshop on


Technological, and
message to Stewart and then turn around and send it to Hank; I can send it to Steve; I can
send it to a lot of people. I can make multiple copies of it.
The UETA eliminates the notion of possession as the key to rights in an electronic environment, and substitutes a different notion: that of control. This concept is now well established
in the area of securities. These days, you do not get a stock certificate any more when you
purchase stock. Your stockbroker simply notes your purchase in his accounts and records.
Isnt he in control? The UETA adopts the concept of a transferable record. What is a transferable record? First of all, the notion of a transferable record picks up on contract. You have to
opt into it. People must agree we are going to create an electronic transferable record. So
when I go to closing on my home, instead of signing a paper note, I can sign an electronic
note. This note would say if this paper were in writing it would be governed by Articles 3
and 4, but we agree that it will be treated as a transferable record for all purposes.
Once you have that electronic record, how do you establish control? In the UETA, Article 9
picks up on this notion of control, and it says that basically what you need is a system. The
system can be defined in terms of technology or, it can be defined in terms of business practices, but you need a system that tracks that record. When it tracks that record you should
be able to tell at any point in time who was the owner of that record, to whom it has been
transferred, whether any changes have been made to that record, and whether there are any
copies of that record out there. That is a very quick summary of a provision that is much more
complicated, but the principles themselves are very simple. The UETA creates a legal framework for people to start doing things electronically with transferable records. For bankers,
however, there is one big drawback. Transferable records include the traditional check, but
not the traditional check. And with that I am going to sign off because I know someone
will ask me later why.
> 77
Margaret Stewart, Professor, Illinois Institute of Technology, Chicago Kent Law School
What I am going to talk about is what you never want to have to think aboutwhat if everything goes wrong. Since I got involved with the American Bar Associations Jurisdiction Project,
it has struck me that while all people involved in business want and, to one degree or another,
need clarity and transparency and predictability with respect to issues of governing law, payment systems depend on them totally. This is something that Hank Judy has convinced me
of over the course of the last year.
To a great degree in the past you had them, but it not because of the jurisprudence of jurisdiction. Rather, it is because of the combination of a robust private regulatory system and agreement on governing law. To the extent that states or nation states have the same body of law
that regulates transactions with which you are involved, you do not really care what law
Alabama or Tennessee or Britain applies. If it is all the same law, you know what you do, you
comply, and the source does not matter. Similarly, to the extent that private agreements can
create contracts that govern your business transactions, and to the extent those contracts
are enforceable, again you really do not care what the default position would be if you did
not enter into a contract.
The reason I am your nightmare is because I am talking about what happens when none of
those safeguards work. You do not have an enforceable contract to regulate conduct; you do
not have a private resolution system in place. The law that is relevant to the transaction differs from place to place, and something goes wrong with the transaction. Now you need to
worry about jurisdiction. There are two issues you need to worry about. First of all, where can
you be sued? In what court are you answerable for your conduct? The United States has an
extraordinarily rich jurisprudence with respect to personal jurisdiction. One of the difficulties
with that jurisprudence is that unless the Supreme Court has decided a case that is four
square with yours, you never really know what the answer to the jurisdictional question is,
something that drives first year law students absolutely mad in civil procedure. One thing is
clear: courts look to whether or not you as a defendant have purposefully contacted the foreign state. Have you done something that directed your activities to the forum? The sort of
businessmans question in the Internet world is, If I put up a Web site which is accessible
every place in the world, does that mean I am subject to jurisdiction in Timbuktu? The
United States Supreme Court has never decided an Internet case, but there are many lower
court cases dealing with the issue. And as is usual with respect to jurisdiction, there are two
obvious extremes and then the muddy middle.
> 78
One obvious extreme involves actually doing business using the Internet. Amazon.com is a
classic example. Whether what is sold is a physical item or the digital transmission of data
makes no apparent jurisdictional difference. So, if the sale goes bad, you are likely subject
to jurisdiction. Why doesnt Amazon.com get sued? It is because, for $20, it is not worth the
effort. They will send you a different book. On the other extreme, the passive posting of the
Web site alone does not subject you to jurisdiction wherever the site can be accessed. You
are safe. Then there is the muddy middle. You have got what the courts love to term an
interactive Web site. You put up information and you respond to e-mail, or you collect data.
At that point the courts have said jurisdiction depends on the degree of interactivity and the
surrounding circumstances. As I said, it is the muddy middle. If you are found to have directed
your Web site to the forum, and if the claim that is being brought against you arises out of
what you directed to the forum, you are subject to jurisdiction. Whether or not that is a
horrible thing, of course, is going to depend in large part on what law the jurisdiction uses
to determine whether or not you are liable to plaintiff.
Assume an evil cabal in Europe gets together in order to monopolize something and it has
a substantial effect in the United States. The evil cabals activities, let us assume, are illegal
under United States law but perfectly legal under the law of the location of the evil cabal. An
American harmed by the monopolization brings a lawsuit in a United States court. In the first
place of course, the Frenchman really does not want to come over to the United States to
litigate about it, but given the Concord thats not the real problem. The real problem is whether
their conduct is going to create liability even though it was legal where it was undertaken?
Proceeding from
the Workshop on


Technological, and
Under United States law the answer is yes. Interestingly enough, this is also a concept the
European Union accepts as well. This is known as the effects test. If conduct that takes place
outside the territory of the forum, in this context outside the United States, is intended to,
and has, substantial effects in the U.S., U.S. courts will apply U.S. law to regulate that conduct. Or at least U.S. courts are free to apply U.S. law. Congress may choose not to extend
the scope of U.S. law as far as it could be extended internationally, but that is a congressional
choice not a jurisdictional one. In the context of state to state disputes, the question is the
same: if your conduct is legal in Michigan where it is undertaken, but it has substantial effects
in Illinois where it is illegal, can Illinois apply Illinois law? The constitutional answer is the
same, yes, Illinois can. As long as there is some relevant contact between the activity and
the state, the state is free to use the states own law.
An easier example involves a car accident in which an Illinois plaintiff sues an Indiana defendant based on an accident in Ohio. There are three states that have relevant contacts with
that accident: Illinois because the plaintiff lives there; Indiana because the defendant lives
there; and Ohio because thats where the accident took place. All three of those states could
constitutionally use their own law or the law of either of the other two states to decide the
dispute. However, the court must choose one, which it does pursuant to a doctrine known
as choice of law. Under choice of law doctrine in the United States, most states subscribe
to something called the most substantial relationship test. In this case, the state with the
most substantial relationship to the claim would be Ohio. What does all that mean from
your point of view? If you are in contact with folks who live in jurisdiction A and something
goes wrong as a result of that contact, it is constitutionally very likely that jurisdiction A can
insist that you show up and defend yourself there. And jurisdiction A, if it chooses to do so,
can utilize its own law to determine your liability. How do you know whether or not jurisdiction A will do that? Well, thats Amy Boss problem. Recall that we have 50 states and many
more countries to consider. Maybe this is a third role for lawyers; we get to read all the
jurisdictional statutes.
Stewart A. Baker, Partner, Steptoe & Johnson

I got into this business by being General Counsel of the National Security Agency, and the
most unlikely thing that happened to me as a result is that I went on the Phil Donahue Show
to talk about electronic cash. And ever since Ive thought that this is a great technique
nobody can sleep if you walk into the audience. They are always afraid you will stop and
say, Are you paying attention here?
I am actually going to play Peter Swire, who could not make it today. I am going to give you a
brief talk on privacy. We will start that out with a poll of the audience. How many people here
believe that you have a right to privacy? The next question is multiple choiceyou can only
choose one of these. Does your right to privacy protect you from the FBI or from your bank?
How many people that raised their hand for the bank are from Europe? That is what I wanted
to talk about. The European view is that your right to privacy protects you from the bank but
> 79
not from the FBI, and the general American view is that your right to privacy protects you
from the FBI but not from the bank. There are some exceptions there, but generally in the
U.S. there are very few restrictions on what private companies do with data that they acquire.
There are four. Theres the Fair Credit Reporting Act, cable viewing records, video rental
records, and the Drivers Privacy Protection Act which protects drivers license records, but
which is at risk of being held unconstitutional this term. So in the United States there are
pretty limited protections from privacy, although there are serious public relations consequences for getting caught doing something unusual with peoples data.
In fact, practically every company that is in Internet business has suffered a black eye at
one time or another for doing something with the data that they have. So, let me offer a
very simple rule for those of you who are figuring out what you can do with data. Its the
same rule that they use in the stock market: Bulls can make money, bears can make money,
and pigs are going to get slaughtered. Dont be piggy with this data. Do not do a bunch of
innovative stuff with this data because your customers are going to be unhappy and you
have the possibility of embarrassment.
> 80
There are also a number of laws pending in Congress; there could yet be extensive regulation, for reasons I will cover in just a second. So, if you get piggy at the wrong time you
could get a whole bunch of new legislation. But for now you can use personal data as long
as you do not make a pig of yourself. However, you are dealing with Europeans as well. The
European view is that if you are in private enterprise you are going to do bad things with the
data. European law and the European Data Protection Directive create what amounts to a
right for consumers to own their own data. You own the data about yourself and when you
give it to companies what you are giving is almost like a licensed piece of software. They can
use it for certain things and then they have to give it back to you; they cannot use it outside
of the license that you granted.
That means that once you get information about Europeans in your European subsidiary or if
you collect it on your Web site, you are likely to be subject to the European data protection
rules. Those rules are pretty simple. You cannot do anything with that data except in certain
circumstances. The first exception is for law enforcement or for some other legal obligation to
hand over the information to the government. Now this sort of shows the difference between
Europe and the U.S. They have no problem with the FBI or the French equivalent getting the
data. The second exception is what I would call the duh rule. If I give my information to
Amazon.com, can they give that information to Fed Ex so that FedEx can deliver the books?
Well, duh. Yes, if it is a necessary part of the transaction the data can be shared.
The third exception is unambiguous consent to share the data. To get consent, you have to
have, and you have to make enforceable, which will be tricky, a bunch of rules about what
your privacy policy is and what you are going to do with the data. Here you have all of the
problems that come with the tension between what you want to say legally and what you
can say with a straight face. You do not want to write a privacy policy that says thank you for
your data, we are going to sell it to spammers, we are going to sell it to anybody if we can
Proceeding from
the Workshop on


Technological, and
make a buck off of it. But, and I cannot emphasize this enough, and those of you who have
technology responsibilities are really going to have to struggle with this, if you say anything
else it is probably not true. You have got to establish good controls, technical controls, over
that data and where it goes so that you know that promise travels with it and so you do not
inadvertently violate the promises that you made to all these people.
Why is that? In Europe you are subject to all these rules, but it often does not really matter
because they may never enforce the rules. But here in the United States, the Federal Trade
Commission is taking the position that if you make a privacy representation to people, you
have made a binding representation and its fraudulent not to adhere to your policy. The FTC
is saying that in part because there is extensive pressure from the European union which has
threatened to cut off all exports of data if the U.S. doesnt develop better privacy rules.
So those are the essential rules I think you need to know. First, in the United States, dont
be a pig with the data. Second, get the broadest consent to data sharing that you can stand
to make public, and then make sure you actually follow through on the privacy promises
you made.
> 81
IX. Where to Go From Here?

Janet Smith, Executive Vice President, Wachovia Corporation
I am sure you have been as impressed as I have been with these thought provoking, stimulating presentations and the great lineup of the speakers. There have been a number of great
points made and rich materials covered. I am not going to begin to include all of them. But I
would like to make several observations.
One of the takeaways deals with the idea of a model shift for the payment systems from a
proprietary environment to an environment with interoperability. Historically commercial bank
payment franchises were built around proprietary products and networks. The movement to
electronic payments, and more recently, the Internet, has commoditized payment services
pushing us to an environment where products must be interoperable and built on open access
if they are to be successful. It is not a nice to have, but rather is absolutely necessary and
essential that it be interoperable. As Hank Perritt mentioned in the very first panel yesterday,
this opening brings with it both opportunities and challenges. It permits participants to specialize very narrowly in a ubiquitous pre-designed marketplace. It allows more new entrants,
creating an inherently global environment. But it also poses problems with identifying who
you are doing business with from an authentication and security perspective.
> 82
Lets think about EBPP (electronic bill presentment and payment) for a minute. Here we have
a very promising application. Granted it is coming slower than we had hoped for, but if David
Weismans predictions hold true, then we can expect a significant number of households
using EBPP services by 2004. However, EBPP will not flourish unless clear standards, policies
and technology are designed to allow these exchanges of bills and payments from the biller
to the consolidator and the customer. As Steve Ollenburg said yesterday, we have to make
certain that we do not lock out anyone. Shutting others out only cuts our nose off to spite
our face. As one example, BITS worked with the industry to design an enhanced version of
two competing standards, GOLD and OFX (Open Financial Exchange). The new standard,
IFX (Interactive Financial Exchange), as it is known, allows billers, financial institutions and
technology vendors to invest in and deploy standards-based bill presentment solutions that
provide the widest possible reach through a single implementation.
What does it take from us going forward? Well, we must embrace the standard and we must
demand that our service providers absolutely adopt it. In the past we have not been quick to
do this and get on board. But from what I have heard these last two days, it is absolutely
necessary. And as Catherine Allen said, e-commerce poses a major threat for us. The value
of the proprietary systems erodes with this open environment on the Internet, and typically
we are not nimble to change. Think of a non-bank start-up companys advantage that wants
to provide a front-end payment service. It is not saddled with this legacy infrastructure to
work with. This new company can start out of the gate with a more flexible architecture and
bring a product quickly to market. A good example of this is a non-bank portal.
In terms of new products, both Gary Grippo and David Weisman remarked that banks were
unsure about what are the best payment devices for enabling e-commerce. Clearly today
there is only the card for making Internet payments. By the way, I did clarify with David that
Proceeding from
the Workshop on


Technological, and
his reference to cards included both credit cards and off line debit cards. But banks must
offer their customers more choices on this channel. But what is best? E-check, such as the
U.S. Treasury is advocating? Online wallets, such as the Amex Blue Card? Where should we
invest? While this may not be clear today, whatever we do choose, we do know it must be
interoperable. We have to get over being proprietary and unique.
Openness and interoperability lead to another wake-up callthe importance of collaboration.
Let me pose a question to you: Are we doing enough collaborating to move the payment
system forward? BITS, as you know, has been a forum for collective thinking and has been
attacking several areas. This is an attempt at creating nimbleness and preventing redundancy.
SVPCO was created to get to market quickly with a standard operating environment. But how
serious are we? Are we just playing at it? Are we really just jockeying for position, while intelligence gathering? It is time to stop cooperating and chatting in discussions and get down to
genuine collaborationwhere participants make real compromises. Much of the differentiation
and protectiveness of the past is absolutely unnecessary. The only portion of differentiation is
this interface to the customer, that intimacy that you need to create with your customer. All
the reststandards, which railroad we ride on, which rules, which systems, which laws
does not matter. We need to stop whining and get on with things. Clearly the panelists from
this mornings session on the laws role in payments discussed a perfect example that calls
for collective collaboration which can be led by the strongest industry players, such as the
Fed and BITS.
A final observation deals with this issue of knowing your customers. I think this is one of
the worst fallacies in our industry. We think we know our customers, but we do not. We may
know demographics, but not psychographics. We do not know why a person behaves the
way they do. As Rick Kolsky suggested, we need to spend a day in the life of some of our
customers. Only after performing this out of box experience would we be equipped to derive
new solutions for them. Keep in mind that the majority of our customers are nothing like
the people in this room. You here today fall in the top one to two percent of the total U.S.
population. We are not the bread and butter customers of our company.
In thinking of the adoption of electronic payments, we must shed our blinders that cause
us to think of our customers as homogeneous. As the recent research we heard yesterday
points-out, there are many different attitudes about and needs for payment services. We
cannot lump our customers into a box when we are strategizing about our product mix.
Understanding the kind of segments that Rick pointed out yesterday such as budgetimpaired, convenience seekers, and optimizers is absolutely critical. Whatever safety we
thought we had for sustaining relationships is totally gone in the new Internet world. For
preservation of the relationship with the customer, they must love us because we are
continuously fulfilling their needs and desires. We can only do this if we really have a
strong intimacy with them.
So in summary, I think the three takeaways are the following. We need to require openness
and interoperability being inclusive with all if we want to win at this game. We need to genuinely collaborate on payment issues and work them quickly or were going to be left behind.
> 83
And above all, we must get to know our customers very intimately if we are going to build
the stickiness to hold on to them in this future electronics world.
Richard R. Oliver, Senior Vice President, Federal Reserve Bank of Atlanta

First, let me add my thanks to the Federal Reserve Bank of Chicago, and to Hank, you and
your colleagues for helping to orchestrate what I found to be a quite unusual conference.
This conference has brought together a diverse, and I would even say perhaps eclectic group
of both audience and speakers to talk about subjects in the same room without the threat of
breakout sessions in which youre going to miss things. And it has been quite an experience.
I think that this groups forthrightness has added a lot to the conference because it allows us
to see below the issues and into the type of passion and emotion that people have for the
subjects. And what we need to take away from that is that resolving these problems is not
going to be easy, because there are people who are very committed to what they believe
about the philosophies that underlie the problems here.
> 84
There is a temptation after a conference like this, and particularly after this morning, to begin
to sit and talk about the technical issues and the legal issues. And to ask questions like Do
we need for the first time to take a bottom up look at the legal infrastructure that surrounds
our payments right now in the 21st Century and do them all over again? If PKI and SET do
not work, what do we need to do about it and what should we accept as a challenge? And
Do smart cards need to be a part of that solution? But I am not going to ask those questions.
Instead I want to go perhaps to a little bit softer issue. And I guess my first observation about
the conference is this. Time and time again, in subtle and sometimes not so subtle forms, I
heard cries of anguish, grinding of teeth, and every once in awhile even a voice of optimism
and enthusiasm to the fact that the current environment is forcing us all out of our comfort
zones. The things that worked for us historically as organizations are not working for us any
more, and we are all trying to reengineer not so much our operations, but rather our management and culture to cope with the kind of change that is being brought to us today. Technology
is at the core of changing everything about us, including our customers and how they want to
do business, including the law, including the processes and procedures we are going to use.
Now, when you take a look at this comfort zone challenge, it occurs to me that banks in
particular are poorly positioned to deal with it because historically we have been conservative.
And Federal Reserve Banks define the term conservative. Well, we have a wake up call, as
Janet has alluded to, and we have to wrench ourselves out of that historical mold. And as
Janet said, if we do not, we are going to be overrun by change, more so than we could
have ever imagined. We have to be able to understand how the customer and technology
are switching away from historical loyalty to almost hysterical flexibility. The profiles are
new and our solutions have to be new. We have to begin to ask our customers and our
younger, more technically adaptable management teams to help us meet the challenges of
the future. It occurs to me, as I sat here, that our management teams today have not grown
up in the current environment and therefore are not as adept at making dog food today that
Proceeding from
the Workshop on


Technological, and
the dogs really want to eat, to pick-up on the language we used yesterday. Time and again
we said during the conference, and I heard from many people, that business will drive technology. And I would contend that the businesses that will be successful are the ones that are
able to harness this technology to their advantage as opposed to being harnessed by it. We
talk a lot about the banking franchise over payments, and there is a whole user community
out there that is barely taking time to ask what franchise are you talking about. And this is a
great challenge to us.
My second point revolves around the concern expressed here that progress may somehow
be slowed by an absence of knowledge about the rules of the gamethe customer rights,
the liabilities, the regulation, the law and so forth. And obviously there is clearly a balance to
be struck between trying to do what is necessary to protect people and trying not to do so
much as to distort the evolution. A couple of years ago I had an opportunity to participate in
a task force organized by the Office of the Comptroller of the Currency to look at the effect
of emerging payments on consumers. And it consisted of all the regulators, the Fed, the
Comptroller, the FDIC, the FTC and various other entities such as Financial Management
Services. We interviewed consumer groups and service providers, and we held public forums.
At the end there was a formal report issued and the report contained a singular posture for all
these government agencies and basically that posture was represented in Roger Fergusons
remarks this morning. It said we are not going to go out there and regulate at this time because
we think it will forestall the evolution of the market, which we hope will promise a better
payment system for the consumer and for the company in the years ahead. But what is
said in that report, but not said in the remarks we have heard so far at the conference, is
the responsibility then for making it happen in a reasonable fashion that will not bring the
government in by necessity to make rules for the industry. The responsibility is to educate,
inform and take care of those customers using the system, each of us, as independent
providers of service absent law.
I sat on a panel subsequent to that in which I heard people talk about their service offerings
and I raised the provocative question; Whose responsibility then is it to educate people?
Who should do it? Is it the governments? Is it the banks? Is it the trade associations? Is
it the corporations themselves? Is it the service providers? Or as I have unfortunately seen
in some of our emerging payments, is it the convenience store clerk or the checkout person
at the cash register whose responsibility it is to educate the consumers about the payments
contract they are about to enter into? What do we expect? We have not done a darn thing to
educate anybody in reality. We send out the required statement stuffers, and we put in systems that clerks and tellers are supposed to explain to the customers, and quite frankly dont
have a chance of doing successfully. We learned the same thing in ACH a couple years ago
when we did market research. We did not have any idea what the customers were thinking
or wanting. We were solving the wrong problems. I want to leave you with this point. If we
want to move from paper to electronics, what we are going to have to do is to help the users
of the system, both corporate and consumer, understand the value proposition, be comfortable with the environment, and make the changes that are necessary.
> 85
Henry H. Perritt, Jr., Dean, Chicago-Kent College of Law, Illinois Institute of Technology
As I listened to the proceedings, it seems to me that we might think about where we go from
here in terms of three concepts: law, liquidity and leadership. With respect to law, I want to
offer three suggestions. First of all, the law should lag rather than lead. It is not a good idea
for a bunch of lawyers or law professors to get in a room with a bunch of technological visionaries and come up with some dream about how the future electronic payments world is going
to work and then write a statute around it. That is not the way things should work in a market
economy. In a market economy, innovation comes from the business community. And it is
only when that entrepreneurship, interacting with real consumer behavior by normal human
beings, reveals some actual difficulty that the law then should respond. Having said that, it
sounds like there may be some areas that are worth further thought, in particular the possibility
that it may be appropriate to adapt the transferable record concept from the UETA to what I
hear you saying you would like to do with making checks paperless.
Second, the law should encourage private regulation. In other words, all of us should be
enabled as lawmakers, because we have a better sense than legislatures or courts about
what rules will work and what rules will not work. And, as important, we, as private lawmakers in a private regulatory system, can be much more creative and effective in coming
up with new techniques for dispute resolution and promoting consumer confidence.
> 86
Third, the law should seek global solutions. This is not the subject matter for thinking only
about how Illinois or the United States will solve problems. It is essential as we think about
new frameworkslegal in the public law sense, as well as legal in the private regulatory network sensethat promote global interoperability. And as Margaret Stewart told us, we better
be thinking about global solutions to problems like privacy and consumer protection. Eddie
Zeitler reminded us that we need to make sure that consumers and public policy makers
understand that the mouse click may be a signature. And that is a big consumer protection
problem, and because the mouse click may be coming from Malaysia as well as Montana,
our legal solutions need to be global.
Liquidity. I do not mean liquidity in the technical sense; I mean liquidity as a kind of proxy for
the consumer confidence and convenience. The liquidity concept suggests that we understand
that what is money has changed quite a lot over even a relatively short period of history. If
you had asked the question, What is money? in 1860, everybody would have told you it
was a gold piece or it was a bank note. By 1890 they would have expanded the concept to
include personal checks, which were invented by the banking system after the Civil War. By
1970 they would have expanded the concept to include credit cards, and to a certain extent
debit cards. We have to recognize that what qualifies as money, the medium of payment, is
enormously flexible and will continue to evolve. As it evolves, the paths that this expanded
concept of money chooses will be shaped by liquidity goals as it always has in the past. Eddie
Zeitler and George Hood gave us some very useful guidance in terms of understanding what
merchants and consumers really want, and what they do not care about. If we are to be
effective in inventing and further expanding the concept of money so we produce the kind
of liquidity that will resonate in the marketplace, we need to pay attention to evidence about
what people really want and what they do not care about.
Proceeding from
the Workshop on


Technological, and
The liquidity principle also suggests that we be open to new means of promoting confidence.
Now, to some extent that means new techniques. I was intrigued by one of Dan Schutzers
slides. In the middle of it he had the ideas of performance bonds, escrow funds and transaction insurance, which already are being deployed by eBay. Being open to new means of
assurance and promoting confidence, and therefore liquidity, also means that we need to be
open to the possibility of new kinds of intermediaries. It is not necessarily going to be the
existing financial institutions that aggregate bills and that aggregate other kinds of payment
mechanisms. Amazon intends to do that already. That is at the heart of Amazons concept for
its new virtual shopping center. Independent merchants will set up storesprimarily, I would
submitbecause Amazon is going to do the bill collecting and presentment and operate the
payment system primarily through credit cards. In other words, as Janet said a few minutes
ago, e-commerce poses a major threat to us, but threats are also opportunities.
Finally, with respect to liquidity, I would submit to you that the Internet is not a passing fancy.
We will provide the kind of liquidity that people in the real world want, if we embrace the idea
of open networks like the Internet as a new kind of global marketplace that is going to suck
more and more commerce into it, which presents some new problems. But it also presents
some new possibilities for decentralized distributed payment systems. Let me give you an
example. One of the things that a payment system has to dowhether you are talking about
check clearing, credit card system, or debit cardsis it has to perform a routing function.
Presently that routing function is performed in a very centralized way. Centralized not in the
sense that there is no competition, there is lots of competition. But centralized in the sense
that we all assume that there has to be one computer for that system that does the routing
and the clearing and the settlements. That is not necessarily so, because the routing problem
is, at some level of abstraction, remarkably similar to the problem of finding Internet domain
names. Thinking back 20 years, everyone thought that that was a centralized function that
had to be performed by a big mainframe computer somewhere, but it does not. That is what
the Internet is all about. People discovered that that routing function for a universal addressing system for the whole world could be performed in a distributed way. It may be that, as
we pursue the kind of liquidity that our customers really want, we should be open to the possibility that we may avoid some of the bottlenecks and the scaling problems that otherwise
would exist by taking advantage of the Internets distributed and decentralized possibilities.
Finally, let me turn to leadership. If anything would come out of the last two days, it is that
there is lots of experimentation, and there is room for a lot more. The nice thing about a
market economy is that everybody can be a leader. I liked the part of Janets message where
she said that we need to embrace that possibility. We must be willing to take the risks of
entrepreneurial leadership and experimentation, as we learn more about what people want in
the marketplace. We also can expect that leadership will come, whether from us or not, from
some new players, people like Amazon and Yahoo and eBay, who are already taking advantage of these opportunities for new kinds of intermediation and aggregation, which we may
take advantage of or not.
> 87
A third opportunity for leadership exists for the government. The federal government, through
the electronic benefits transfer programs and the associated electronic transaction accounts
for people who do not have regular bank accounts, already has put in place a system that is
a payment system for some $150 billion a year in transactions. That surely is an opportunity
for experimentation with new kinds of payment mechanisms. In addition, the Federal Reserve
System recognizes the possibility for appropriate kinds of Fed leadership. One area that
seems especially promising for that kind of governmental leadership is the standards area.
If we are going to have global interoperability, if we are going to get rid of paper collection,
if we are going to embrace what people tell us with their dollars and their mouse clicks they
really want, we almost certainly will need some new protocols and standards. And it may be
helpful if the Fed takes a leadership rolenot in deciding what the standards should be
but rather in convening the appropriate groups from the private sector. This might include
looking at things like relatively new ISO standards for electronic payments along with what
has come from NACHA and considering initiating a process through the X9 channel that
would in a timely way develop some new standards for electronic checks or debit orders.
The opportunity for leadership is especially great in connection with e-commerce. Here we
have an opportunity to define and deploy new payment system ideas, right along with the
definition and deployment of new markets. We can be right there with the people that are
developing and designing the markets while we use our experience and ingenuity to develop
new payment systems.
> 88
E-commerce is rapidly growing. Not only that, when you get e-commerce your electronic
infrastructure comes right along with the marketplace. You do not have to convince the
merchant to invest his capital budget in some new kind of device. He has already got the
electronic device; he is using it to make the sale. As we figure out approaches to deal with
problems like privacy and consumer protection, we have ready-made opportunities to deploy
private regulatory systems and private dispute resolution mechanisms right in the electronic
commerce marketplace. For instance, consider what eBay is doing, just as your industry
historically did as it developed bankcard networks.
Finally, and most important, we should not waste time on solutions for things that are not
problems. We made that mistake much too often in the past 10 or 15 years. Sometimes it
was just that our guesses were wrong, as when we thought that consumers would never
use their credit card numbers on the Internet. Well, they are using their credit card numbers
on the Internet. Just ask Amazon and eBay and everybody else who is rushing to set up
e-commerce sites on the Web. And they are using their credit card numbers without all of the
fancy sophisticated security technology that so many people, myself included, spent so many
hours and so many dollars developing over the last 15 years. It is extremely important that we
listen to people like Eddie Zeitler and George Hood, and the people for whom they speak. As
we design new electronic payment systems for these new electronic marketplaces, we must
design them so they meet the needs of real people as opposed to responding to figments of
our imagination.
Proceeding from
the Workshop on


Technological, and
X. Speaker Biographies
Catherine A. Allen, Chief Executive Officer, Banking Industry Technology Secretariat (BITS),
Washington, D.C.
Catherine Allen serves as CEO of the Banking Industry Technology Secretariat (BITS), a division of
The Financial Services Roundtable. The BITS Board is made up of the Chairmen and CEOs of the
14 largest U.S. bank-holding companies, as well as representatives of the American Bankers
Association (ABA) and the Independent Community Bankers of America (ICBA). BITS mandate is
to foster the growth and development of electronic banking and commerce in an open environment that will encourage greater choice and efficiency in financial software, access devices,
networks and processing capabilities for the benefit of financial institutions and their customers.
Catherine also is Chair of The Santa Fe Group, a strategic consulting and research firm that
specializes in emerging technologies, innovation, partnering and alliances. Previously she
was Vice President, Business Development and Alliances, reporting to the Senior Technology
Officer of Citicorp, where her responsibilities included developing and managing strategic
alliances with technology and telecommunications companies for new, technology-based
products and services. She chaired several cross-Citibank Task Forces and represented
Citibank as Founding Chair and President of the multiple-industry-based Smart Card Forum.
She remains on the Board of Directors of the Forum. Catherine first joined Citibank to head
marketing and planning for the market trial of the Enhanced Telephone, a home-banking
service offered over screen-based telephones. She reported to the General Manager of the
U.S. Card Products Group where she had responsibility for strategic alliances and technologybased new product development.
Prior to joining Citibank, from 1985-1989, Catherine was a Director of Corporate Planning for Dun
and Bradstreet, and she managed market research and planning for the Donnelly Talking Yellow
Pages. She also served as a consultant to CBS, Inc. on new technologies and international trade
issues, while a professor at the American Universitys Kogod College of Business Administration.
Catherine was named as one of 16 unsung heroes and rising stars in the country by FAST
COMPANY magazine. She was singled out in the December 1998 issue as an innovator on
the fast track who circumvents convention and stimulates creativity in the traditional riskaverse world of banking. She is consulted as an authority on the subject of interactive services and smart cards. She has appeared on CNN, ABCs Good Morning America, CBSs This
Morning, NBC News, PBSs Nightly Business News, and is quoted frequently in The New
York Times, American Banker and other industry publications.
Catherine was co-editor and author, with William Barr, of Smart Cards: Seizing Strategic
Business Opportunities (Irwin Professional Publishing, 1997). She also collaborated on the
recently published, The Artists Way at Work: Riding the Dragon-Twelve Weeks to Creative
Freedom (William Morrow and Co., Inc., 1998). She is co-author, along with Julia Cameron
and Mark Bryan. She holds a B.S. from the University of Missouri, M.S. from the University
of Maryland, and completed doctoral work at the George Washington University. Catherine
is President and Chairman of the Board of the Mark Twain Research Foundation.
> 89
Stewart A Baker, Partner, Steptoe & Johnson, LLP, Washington, D.C.

Stewart A. Baker practices law at Steptoe & Johnson LLP in Washington, D.C. From mid-1992
to mid-1994, he was General Counsel of the National Security Agency, where he was actively
and publicly involved in issues such as export controls and key-escrow encryption. His work
in the private sector involves a variety of high-tech, mass media, privacy, and telecommunications issues, with an emphasis on international and appellate matters.
Mr. Baker is a member of the Presidents Export Council Subcommittee on Encryption, a
member of the Free Trade Area of the Americas Experts Committee on Electronic Commerce,
and a member of the UNCITRAL Group of Experts on Digital Signatures. He is also the
founder of The State and Local Legal Center, which represents state and local government
interests before the Supreme Court. Previous tours in government include a stint as Deputy
General Counsel at the Education Department and as law clerk to Justice Stevens of the U.S.
Supreme Court and Judges Coffin and Hufstedler of the U.S. Courts of Appeals.
Mr. Baker graduated from UCLA School of Law in 1976.
Patrick K. Barron, First Vice President and Chief Operating Officer, Federal Reserve Bank
of Atlanta, Atlanta, GA
> 90
Patrick K. Barron was appointed first vice-president and chief operating officer of the Federal
Reserve Bank of Atlanta in February of 1996. Mr. Barron oversees the day-to-day operations
and administrative matters of the Bank, which include all operating and support financial
services activities at the corporate headquarters in Atlanta and at the branch offices located
in Birmingham, Jacksonville, Miami, Nashville, and New Orleans. He is vice-chairman of the
Banks Management Committee and serves on the Discount Committee. In addition, he is a
member of the Federal Reserve Systems Conference of First Vice Presidents and its Financial
Services Policy Committee. As the second-highest-ranked individual at the Bank, Mr. Barron
works closely with the president in developing Bank policies.
In 1991, Mr. Barron left Atlanta when he was named first vice-president of the Federal
Reserve Bank of San Francisco. In San Francisco, his responsibilities for the Twelfth Federal
Reserve District were similar to those he currently handles for the Sixth District. He also
served as Director of the Federal Reserve System Support Function Office.
Mr. Barron began his career with the Atlanta Fed in 1967 in the computer operations area.
He transferred to the Miami Branch in 1971, was named assistant vice-president in 1974, was
appointed vice-president and branch manager in 1982, and, in 1987, was promoted to senior
vice-president. He returned to Atlanta the following year to assume broader and more strategic responsibilities as head of corporate services overseeing automation administration, communications, corporate planning and control, accounting, data processing, and human resources.
Proceeding from
the Workshop on


Technological, and
He was a member of the Management Committee of the Atlanta Fed and has served on or
chaired several important System committees of the Federal Reserve.
Mr. Barron is coordinating First Vice President of the Federal Reserve System financial services product directors, which consists of five first vice presidents and oversees the financial
services of the entire Federal Reserve System. In this role, he has responsibility for the coordination of the committees overall strategic planning and tracking of performance against
objectives, oversight of System business development and financial services products, and
the promotion of good relations with the financial community. This role also involves responsibility for key financial management activities of the System and includes leadership in preparation and ongoing monitoring and assessment of the Systems budget objective.
Mr. Barron graduated, cum laude, with a bachelors degree in management from the University
of Miami. He also completed the Harvard Business Schools Program for Management
Development and attended the Stonier Graduate School of Banking at Rutgers University,
where his thesis was accepted for the school library. Active in community affairs, Mr. Barron
has served as vice-chairman of the Greater Miami Chamber of Commerce, as an associate
vice-chairman for the United Way of Atlanta, and as a member of Leadership Atlanta, a select
group of business leaders who study the major issues confronting the greater Atlanta area.
He has been named to the Presidents Council of the University of Miami.
Mr. Barron is married to the former Martha Morgan, who is a native of Atlanta as well. They
have three grown children, two daughters and a son, and three granddaughters. The Barrons
are members of Christ the King Lutheran Church and enjoy playing tennis as much as possible.
Amelia H. Boss, Professor of Law, Temple University School of Law, Philadelphia, PA

Professor Boss, a graduate of Bryn Mawr College and Rutgers Camden Law School, is a
Professor of Law at Temple University School of Law, where she teaches in the commercial
law, bankruptcy and electronic commerce areas. She is a member of the Permanent Editorial
Board of the Uniform Commercial Code, and the former chair of the Uniform Commercial
Code Committee of the American Bar Association. She serves as the American Law Institute
member of the Drafting Committee to revise Article 2 of the UCC on sales, of the Drafting
Committee on the new Article 2B on licensing of software, and of the Drafting Committee to
revise Article 1 on general provisions. In the past, she served as an advisor/observer to the
revisions on Article 5 (letters of credit) and Article 8 (investment securities). She is a member
of the American Law Institute, and served on the Members Consultative Group on the
Restatement of the Law of Suretyship. Professor Boss is the incoming Vice-Chair of the
Section of Business Law of the American Bar Association.
Professor Boss is an expert in the emerging area of electronic commerce and electronic
commercial practices. She was one of the drafters of the American Bar Associations report
and model agreement on electronic data interchange. Her book, Electronic Data Interchange
> 91
Agreements: A Guide and Sourcebook, was published by the International Chamber of

Commerce. She currently serves as an advisor and as the United States Delegate to the
United Nations Commission on International Trade Law (UNCITRAL) on issues relating to electronic commerce. She is Editor-in-Chief of The DataLaw Report (published bi-monthly by Clark
Boardman Callaghan), and is on the editorial board of The EDI Law Review and the Journal of
Bankruptcy Law and Policy. She is the Editor-in-Chief of Volume 54 of The Business Lawyer.
William C. Conrad, First Vice President and Chief Operating Officer, Federal Reserve Bank
of Chicago, Chicago, IL
William C. Conrad, First Vice President and Chief Operating Officer of the Federal Reserve
Bank of Chicago, has responsibilities for overseeing all paper and electronic financial services,
both priced and non-priced, emerging payments, Information Technology Services, Financial
and Management Services, Legal Department, Human Resource Services, Support Services
and internal services such as Facilities Management and Protection as well as the Detroit
Branch and offices in Des Moines, Indianapolis, Milwaukee and Peoria. He serves as the
Financial Services Committee Chairman and continues as a member of the Management
Committee and Loan Committee. He also serves on various Federal Reserve System committees and is a member of the Federal Reserve Systems Conference of First Vice Presidents as
well as product director of the Business Development Office. Prior to his appointment as First
Vice President, Mr. Conrad was responsible for all electronic payment services, automation
and communications and marketing financial services.
> 92
He began his career with the Federal Reserve Bank in 1959 at the Detroit Branch. In 1967, he
was appointed to the Banks official staff as Assistant Cashier and in 1969, he was appointed
Assistant Vice President; in 1973, as Vice President and Manager and in 1978, as Senior Vice
President and Branch Manager. He transferred from the Detroit Branch to the Chicago office
in 1984 as Senior Vice President and Electronic Services Product Director up until his appointment to First Vice President effective October 1, 1992. He received his Bachelors of Science
degree in 1959 and in 1965, he received his Masters in Business Administration from Wayne
State University of Detroit, Michigan; he also attended the Graduate School of Banking at the
University of Wisconsin, completing this program in 1966. In 1984, he attended the Advanced
Management Program at Harvard University in Boston.
Mr. Conrad holds memberships to the Council on Foreign Relations, Economic, Executives
and Bankers Clubs of Chicago and serves as co-chair to the Executives Clubs Finance
Committee. He was born April 17, 1936, in Detroit Michigan. He is married, has a daughter,
a son, two grandsons, and a granddaughter and lives in Barrington, Illinois.
Proceeding from
the Workshop on


Technological, and
James D. Constantine, Senior Assistant Treasurer, Sears, Roebuck and Co.,

Hoffman Estates, IL
James D. Constantine was appointed Senior Assistant Treasurer of Sears, Roebuck and Co. in
May 1991. He is responsible for the companys corporate finance and banking function, which
includes development of the companys financing plans, bank credit relations, cash management, project financing, and rating agency relations.
Constantine joined Sears in 1981 as the manager of external reporting. In 1983 he became
corporate director of accounting services. In this capacity he served as the companys chief
accountant. Prior to joining Sears he was affiliated with Deloitte & Touche.
Constantine graduated from Northern Illinois University with a degree in accounting and
received a MBA from the University of Chicago. He received his CPA certificate in the State
of Illinois.
Christopher Dallas-Feeney, Partner, BoozAllen & Hamilton, New York, NY

Christopher Dallas-Feeney is a Partner in BAHs Electronic Commerce consulting group. Mr.
Dallas-Feeney serves clients across all major industries on a full range of strategic, operational
and technical issues relevant to E Commerce. Mr. Dallas-Feeney has over twenty years experience in senior management consulting to many of the largest global corporations. Over the
last two years, he has focused exclusively on assisting his clients in their strategic transformation towards an E Commerce-centric business and operating model.
Recent Representative Engagements

Development of the E Commerce-centered strategy, business model and virtual IPO
for a global UK financial institution
Development of the EC investment strategy for one of the five largest health insurance
companies in the US
Development of the strategic business case for a global telecommunications companys
entry into the IP-based communications services business
Assessment of the technical, economic and managerial fitness of an international
cable companys initiative to develop an interactive television services capability for
the mass market
Transformation of the IT function of three of the largest corporations in the US
(financial services, oil and gas and telecommunications)
> 93
Chris received a BS in Business Administration from the Pennsylvania State University. He

is co-author of several articles on the business and technical issues relevant to E Commerce
including BAHs Viewpoint: E Commerce-Delivering on the Real Promise. Chris is currently
collaborating with his BoozAllen colleagues to author the book entitled: From Big Business
to E Business: Blueprint for Strategic Transformation.
Roger W. Ferguson, Jr., Vice Chair, Board of Governors of the Federal Reserve System,
Washington, D.C.
Dr. Ferguson took office on November 5, 1997, as a member of the Board of Governors of
the Federal Reserve System to fill an unexpired term ending January 31, 2000.
Dr. Ferguson was born on October 28, 1951, in Washington, D.C. He received a B.A. in economics (magna cum laude) in 1973, a J.D. (cum laude) in 1979, and a Ph.D. in economics in
l98l, all from Harvard University. From 1973 to 1974 Dr. Ferguson was Frank Knox Fellow at
Pembroke College, Cambridge University.
Before becoming a member of the Board, Dr. Ferguson was a partner at McKinsey & Company,
Inc., an international management consulting firm. He was based in New York City, and he
managed a variety of studies for financial institutions from 1984 to 1997. Dr. Ferguson also
served as Director of Research and Information Systems, overseeing a staff of 400 research
professionals and managing the firms investments in knowledge management technologies.
> 94
From 1981 to 1984 Dr. Ferguson was an attorney at the New York City office of Davis Polk &
Wardwell, where he worked with commercial banks, investment banks, and Fortune 500 corporations on syndicated loans, public offerings, mergers and acquisitions, and new product
development.
He is an elected member of the Board of Directors of the Harvard Alumni Association and
formerly was Treasurer of the Friends of Education, a Trustees Committee of The Museum
of Modern Art, New York City.
Dr. Ferguson is married to Annette L. Nazareth, and they have two children.
R. Gerald Fox, Editor, Payment Systems Worldwide

Gerald Fox currently serves as Editor of Payment Systems Worldwide and Chairman and
President of F.I.A. Publishing Company (Lake Forest, Illinois). F.I.A. is a financial publishing
firm that publishes books and periodicals in the field of international banking, payment systems,
and financial fraud. The magazine Payment Systems Worldwide is read by bankers and others
in more than 80 countries. Mr. Fox also serves as a Research Consultant to the Hitachi Research
Institute (Tokyo) which is a non-profit research group that conducts worldwide research on
Proceeding from
the Workshop on


Technological, and
banking and corporate financial issues. Mr. Fox is a Partner in the Payments Conference
Partnership, which works with central banks and non-profit educational organizations in Europe
to plan and execute programs in the areas of financial fraud, payment systems, clearing and
settlement, and audit. From 1967-1990, Mr. Fox served as Group Executive Vice President
and Director, Bank Administration Institute (Chicago), where he directed the publishing and
products group of this national banking association, as well as its company-wide international
efforts. In this capacity, Mr. Fox served as editor and publisher of magazines in the fields of
U.S. banking, international banking, regulatory activities, and financial fraud/internal control.
Mr. Fox also directed the book publishing program that published in the fields of audit/internal
control, financial fraud, operations, payment systems, and others. From 1962-1967, Mr. Fox
was an editor with the Financial Publishing Division of Rand McNally & Co. (Chicago).
Mr. Fox was the former Director and Chairman of the Board of a Chicago area community
bank. He was Chairman of the Board of Trustees of the University of Dubuque in Iowa from
1991 through 1996 where he is currently a Board member and Chair of the Committee on
Trustees. Mr. Fox earned graduate and undergraduate degrees from the Medill School of
Journalism, Northwestern University and attended the Aspen Institute and the Center for
Creative Leadership.
David J. Goldstone, Trial Attorney, Computer Crime & Intellectual Property Section,
U.S. Department of Justice, Washington, D.C.
David J. Goldstone is a trial attorney in the Computer Crime and Intellectual Property Section
of the Criminal Division of the Department of Justice. In that role, he is faced with a wide
variety of complex legal issues that arise in relation to new technologies. In addition investigating and prosecuting cases involving computer intrusions, wiretapping, intellectual property
crimes, and searches of electronic information, Mr. Goldstone has worked actively on policy
matters such as electronic commerce, cryptography, and personal privacy. Mr. Goldstone is
currently the co-chair of the Justice Departments Electronic Commerce Working Group.
Mr. Goldstone lectures regularly on topics related to computers and the law. He has spoken
with a variety of domestic and foreign law enforcement groups (including both prosecutors
and investigative agents) on searching and seizing computers and on computer crime. He
has also addressed other groups, in both the public and private sectors, on a variety of topics,
including computer crime, use of electronic evidence, electronic commerce, and censorship
and the Internet.
In addition, Mr. Goldstone regularly teaches cyberspace law as an adjunct professor at
Washington D.C. law schools. He has taught classes on the ALaw of Cyberspace@ at the
Georgetown University Law Center and at George Washington Universitys National Law
Center. He has written a number of published articles on criminal law, constitutional law,
and commercial law issues implicated by technological developments. A listing of his legal
publications is provided on the next page.
> 95
Mr. Goldstone received a J.D., cum laude, from Harvard Law School and subsequently clerked
for Justice Herbert P. Wilkins of the Massachusetts Supreme Judicial Court. After his clerkship,
he practiced with the Washington, D.C. law firm Wiley, Rein & Fielding as a communications
and litigation attorney, with specialties in First Amendment and cyberspace law.
Prior to practicing law, Mr. Goldstone studied Computer Science at the Massachusetts Institute
of Technology (M.I.T.), from which he received M.S. and B.S. degrees. His Masters Thesis,
awarded for work at M.I.T.s Artificial Intelligence Laboratory, is titled Applying Model-based
Diagnostic Techniques to Analog Circuits. While at M.I.T., he was a teaching assistant for the
course Structure and Interpretation of Computer Programs.
He has worked in computer research and development at IBM, in Austin, Texas, and at Xeroxs
Palo Alto Research Center (PARC), in Palo Alto, California. At the 1991 National Conference
on Artificial Intelligence, in Anaheim, California, he presented a technical paper entitled
Controlling Inequality Reasoning in a TMS-based Analog Diagnosis System.
Gary Grippo, Program Manager, Financial Management Services, U.S. Treasury Department,
Washington, D.C.
Gary Grippo is the Program Manager for Electronic Money at the Financial Management
Service of the U.S. Treasury Department. He is responsible for testing and evaluating emerging payment technologies, including electronic cash, electronic checks, stored value cards,
and Internet payment protocols.
> 96
Mr. Grippo has worked at the Treasury for 9 years. In previous positions at Treasury he was
responsible for writing Federal Regulations on a variety of financial management matters. He
worked at Chase Manhattan Bank prior to joining the Treasury. Mr. Grippo studied at Harvard
and the London School of Economics.
George R. Hood, Director of Electronic Banking Operations,Wegmans Food Markets, Inc.,

Rochester, NY
George is Director of Electronic Banking Operations for Wegmans Food Markets, Inc. based
in Rochester, New York. He oversees all operational functions related to the Electronic Teller
Network and Customer Payment Systems. In his role, George is actively involved in the support of Wegmans highly successful customer loyalty programs.
George is a member of the Food Marketing Institutes Electronic Payment Systems Committee.
He sits on the board of Wegmans Federal Credit Union. In the EBT arena, George is active in
the retail industrys efforts related to EBT programs in New York and Pennsylvania, as well as
other new payment technologies.
Proceeding from
the Workshop on


Technological, and
Prior to joining Wegmans, George held a number of positions in banking operations in both
commercial bank and thrift environments. He holds degrees from the University of Rochester
and Rochester Institute of Technology. George and his wife Ann live in Rochester, New York.
Catherine Johnston, President and CEO, ACT Canada, Ontario, Canada

Catherine Johnston is the President and Chief Executive Officer of the Advanced Card
Technology Association of Canada. ACT Canada, founded in 1989, is a non-profit association.
Its mission is to promote awareness, understanding and use of all advanced cards including;
smart, optical, capacitive, and emerging card technologies, as well as complimentary technologies such as biometrics.
ACT Canada has taken an active role in international discussions on protection of privacy and
data. In addition, the association serves Industry Canada as the conduit for requests for information, products and services related to advanced cards, received from international consulates.
In her twenty-seven years in the technology marketplace, Catherine has specialized in emerging technologies. Her prior involvement with advanced cards started at Philips where she was
responsible for introducing optical disc technology in Canada. From there she moved to Bull
HN Systems Canada. As the Smart Card Market Development Manager, she and her team
developed an award winning, highly sophisticated, secured laptop computer, using smart
card technology to provide the security.
Catherine was elected to the board of ACT Canada as President in 1992, and assumed the
staff position of Chief Operating Officer the following year. In 1995 she was promoted to
Chief Executive Officer and President.
In this capacity she monitors the market place and industry, conducts corporate briefings,
develops and teaches seminars related to advanced cards and consults in this area. In the
past seven years, Catherine has traveled around the world talking about the technology and
Canadas place in the world market. She has also become a leading expert in the field of privacy and card technologies. With the Office of the Information and Privacy Commissioner/
Ontario, she co-authored the worlds first Privacy Assessment procedure for Smart, Optical
and Other Advanced Cards and is currently working on a version for multi-application cards.
Her work brings her in contact with governments, privacy advocates, suppliers, users and
regulators. She served on the federal governments National Advisory Board for Technology and
Tourism and currently sits on the Canadian Payments Association Stakeholders Advisory Council.
Catherine is a founding member of the Global Smart Card Summit and is currently coauthoring a book on the future of smart cards.
> 97
Richard I. Kolsky, President, Kolsky & Co., Evanston, IL

In 1991, Rick founded Kolsky & Co., dedicated to helping companies take marketing to the
bottom line. Dr. Kolsky has spent the past nineteen years helping clients convert many of
todays fadssuch as competing for the future, strategy innovation, core competencies, making mergers work, target marketing, reengineering distribution, relationship selling, and rightsizingfrom simple buzzwords to bottom-line reality in markets as diverse as infant formula,
life insurance, and earth moving equipment. Among Ricks clients are AAA, Aetna, Allstate,
American Express, BankBoston, Bristol Myers, Caterpillar, Cernex, CIGNA, Federal Reserve,
Fleet Financial, The Hartford, IBM, International Paper, J&J, MasterCard, Motorola, Smuckers,
and The Zurich.
In addition to his consulting engagements, Dr. Kolsky is a faculty member for a number of
company-specific and Northwestern University executive education programs. Rick has
published numerous articles and been keynote speaker for conferences on a range of subjects, including Break the Rules to Compete for the Future, Making Mergers Work,
Distribution: From Landmine to Competitive Advantage, and Tossing Out the Pink Slips.
Kolsky & Co. has also established a number of strategic alliances to better tailor its consulting
approach to meet client needs. Partners include Strategos (a strategy boutique founded by
Professor Gary Hamel) and selected Marketing faculty of the Kellogg Graduate School of
Management at Northwestern University, where Rick teaches in executive programs.
> 98
Prior to starting Kolsky & Co., Rick worked in the White House, was a consulting partner for
The MAC Group and Peat Marwick, and taught economics and consulted at Yale. Dr. Kolsky
holds a Ph.D. in Economics from Yale University and a BA-MA in Engineering and Economics
from Brown University.
Craig Macdonald, Research Director, World Research Advisory, Dulles, VA

Craig Macdonald is the President and Research Director at World Research Advisory (WRA).
After co-founding WRA in 1997, Mr. Macdonald served as the Service Director of the Financial
Advisory Service (FAS). Mr. Macdonalds previous experience included work for the META
Group, where he helped the company complete its initial public offering (IPO) and was
Director of International Operations. Before joining META Group, he was the Director of
Research & Development at Greenwich Associates, a strategic consulting and market
research firm. Mr. Macdonald holds a BS in Mechanical Engineering from the University
of Pennsylvania and an MBA in finance from New York University.
Proceeding from
the Workshop on


Technological, and
David Medeiros, Group Director, TowerGroup, Needham, MA

David Medeiros is the Director of the Wholesale Banking practice at TowerGroup, a research,
advisory, and consulting firm whose focused on the strategic use of information technology in
the financial services industry. Davids research and consulting activities for TowerGroup cover
a broad range of corporate banking activities, including commercial lending and commercial
finance; cash management; international core banking systems; trade services; electronic
commerce and payment systems; corporate trust and custody systems; risk management;
foreign exchange, financial control, management, and decision support technologies; and
other technology management issues. Dave has a wide range of technology planning, product
development, and implementation experience.
In addition to his responsibilities as Director of Research, David also provides analysis,
research and consulting services in the areas of image processing technology, workflow
automation, check and payment item processing, and electronic payments processing.
At TowerGroup, David has managed and conducted consulting assignments in the areas of
product marketing, product and technology planning, market analysis, business plan generation, and competitive analysis for clients engaged in new product introductions, technology
planning, technology development, and mergers and acquisitions.
Prior to joining TowerGroup, David was a consultant in the Technology Assessment Group at
the management and economics consulting firm Charles River Associates. David was also a
marketing consultant and an internal management consultant at Digital Equipment Corporation.
As a marketing consultant with Digitals Financial Services Industry Group, David was responsible for defining product, technology, and market requirements for Digitals worldwide business in the financial services industries.
As a management consultant with Digitals Management Sciences Group, David managed and
performed both individual and team management consulting projects in strategic marketing,
product positioning, pricing, financial analysis, operations management, and market research,
in both US and international markets.
David holds an MS in Management from the Sloan School of Management at the Massachusetts
Institute of Technology, with a joint concentration in finance and corporate strategy, policy,
and planning. He also earned an MS in Engineering from Stanford University and a BS in
Engineering from the Massachusetts Institute of Technology.
> 99
Laurie Mitchell, Manager, Cash Management, General Motors Acceptance Corporation,

Detroit, MI
Laurie Mitchell has been involved in Cash Management at GMAC for approximately the last
five years. Most recently she spent the last two years as the Corporate Year 2000 Global
Financial Service Supplier Manager.
Prior to Y2K rotation, she developed and managed the installation of a revised North American
dealer payment system. Post Y2K initiatives will include investigating and implementing various customer and dealer electronic payment collection/disbursement mechanisms throughout
North America.
Michael H. Moskow, President and CEO, Federal Reserve Bank of Chicago,Chicago, IL

Michael H. Moskow took office on September 1, 1994, as the eighth president and chief
executive officer of the Federal Reserve Bank of Chicago. In that capacity, he serves on the
Federal Open Market Committee, the Federal Reserve Systems most important monetary
policymaking body.
Mr. Moskows career includes service in the public and private sectors, as well as academia.
During the course of his career, Mr. Moskow has been confirmed by the Senate for five U.S.
government positions.
>100
He began his career teaching economics, labor relations, and management at Temple University,
Lafayette College, and Drexel University. From 1969 to 1977, he held a number of senior positions with the U.S. government, including under secretary of labor at the U.S. Department of
Labor, director of the Council on Wage and Price Stability, assistant secretary for policy development and research at the U.S. Department of Housing and Urban Development, and senior
staff economist with the Council of Economic Advisors.
In 1977, Mr. Moskow joined the private sector at Esmark, Inc. in Chicago and later held
senior management positions at Northwest Industries, Dart and Kraft, Inc., and Premark
International, Inc., a spin-off from Dart and Kraft. In 1991, President Bush appointed Mr.
Moskow Deputy United States Trade Representative, with the rank of Ambassador. He was
responsible for trade negotiations with Japan, China, and Southeast Asian countries as well
as industries such as steel, semiconductor, aircraft, and telecommunications. Mr. Moskow
returned to academia in 1993, joining the faculty of the J.L. Kellogg Graduate School of
Management at Northwestern University, where he was professor of strategy and international management at the time of his appointment as president of the Chicago Reserve Bank.
Mr. Moskow is active in numerous professional and civic organizations. He serves as director
of the Chicago Council on Foreign Relations, the Chicagoland Chamber of Commerce, World
Business Chicago, and the Economic Club of Chicago. Additionally, he is a director of the
Proceeding from
the Workshop on


Technological, and
National Bureau of Economic Research and the Council on Foreign Relations in New York
City. Mr. Moskow is also a trustee of Lafayette College and a member of the Advisory Board
to the J.L. Kellogg Graduate School of Management at Northwestern University, and the
Visiting Committee of the Irving B. Harris Graduate School of Public Policy Studies at the
University of Chicago. In addition, he is a member of the Civic Committee of The Commercial
Club of Chicago, a fellow of the National Academy of Public Administration and a member of
the Governing Board of the Illinois Council on Economic Education.
Mr. Moskow was born in Paterson, New Jersey. He received a B.A. in economics from
Lafayette College in Easton, Pennsylvania, in 1959, and an M.A. in economics in 1962 and
a Ph.D. in business and applied economics from the University of Pennsylvania in 1965.
Richard R. Oliver, Senior Vice President, Federal Reserve Bank of Atlanta, Atlanta, GA
Mr. Richard R. Oliver is a native of Reno, Nevada. He received his B.S. degree in Mathematics
from the University of Nevada, an M.S. degree in Computer Science from Georgia Institute of
Technology, and an M.B.A. degree in Management at Georgia State University. He has also
completed the University of Tennessee Executive Development Program and the Program
for Management Development at Harvard University. Mr. Oliver has been employed by the
Federal Reserve Bank since 1973. He has served the Bank as a Planning Analyst, Manager
and Officer in Charge of Software Development, and as Vice President in charge of Automation
Services, to include data processing, systems development, and technical support. In the
electronic payments area, he has served as Administrator of the Automated Clearing House
and Chairman of the Federal Reserves Electronic Payments Implementation Task Force. From
January 1, 1988 to June 30, 1992, Mr. Oliver served as the Product Manager for Electronic
Payments Services for the Federal Reserve System. Mr. Oliver was promoted to Senior Vice
President effective January 1, 1989.
On July 1, 1992, Mr. Oliver assumed responsibilities as a Senior Vice President in the
Banks Financial Services Central area where he was responsible for check and EFT Product
Management, business planning, pricing, regional/national customer relations, contingency
planning, and Unisys software development for check systems. In September 1994, Mr.
Oliver was appointed Staff Director for the Federal Reserve Systems Policy Committee for
Financial Services, where he was responsible for coordinating integrated financial management, project management, and strategic planning for the Federal Reserves payments
services nationwide. Effective June 17, 1998, Mr. Oliver was appointed Retail Payments
product manager for the Federal Reserve System. In this capacity, he has responsibility for
managing the Feds check and ACH businesses nationwide. He also serves on the Federal
Reserve Bank of Atlantas Management Committee.
He and his wife, Karen, have two children and reside in Conyers, Georgia.
>101
Steven J. Ollenburg, President, Principal Bank, Des Moines, IA

Steve Ollenburg is President and CEO of Principal Bank. He is a native of Mason City, Iowa.
He holds a bachelors of business administration degree from the University of Iowa and has
completed the Graduate School of Banking at the University of Wisconsin-Madison.
Steve started at The Principal Financial Group in 1996 to develop its banking operation. He
has worked in the financial services industry since 1983, including four years as a thrift president with the former Liberty Financial Corporation. He has been very active in community
service and banking organizations. He is currently on the Government Affairs Committee for
Americas Community Bankers and has been nominated to begin serving on the board of
directors of Americas Community Bankers. He has also been recently elected to the board
of directors for the Midwest Conference of Community Bankers, is the current chairman of
the Convalescent Home for Children Network, is on the Advisory Board of Directors of
Security First Technologies in Atlanta, Georgia, and is currently serving on Iowa Advisory
Board for Federal Reserve Bank of Chicago. Steve previously served as the chairman
of Iowas Community Bankers, and served several years on the board of directors and
executive committee of SHAZAM, Inc. He was named on the 1998 Des Moines Register
Business Up & Comers for State of Iowa and was listed in the 1998 People to Watch for
Business for Insurance Industry. Through his career he has served numerous local service
clubs, chamber of commerce committees, charitable organizations, legislative task forces
and other similar activities.
>102
The Principal Financial Group is a diversified family of insurance and financial services companies with more than $82 billion in assets under management. Its member companies serve
more than 10 million customers by providing a full line of individual and group insurance and
financial products. Its flagship and largest member, Principal Life Insurance Company, is the
8th largest U.S. life insurance company in assets.
Henry H. Perritt, Jr., Vice President, Dean and Professor of Law, Chicago-Kent College of
Law, Illinois Institute of Technology, Chicago, IL
As dean of Chicago-Kent College of Law and vice president of the Downtown Campus of
Illinois Institute of Technology, Dean Perritt has emphasized the dual roles of American law
schools as developers of both intellectual and human capital: intellectual capital in the form
of faculty scholarship, law reform and policy development, and human capital in the form of
law school graduates who are educated to function effectively in a changing profession. He
has been responsible for the establishment of the Institute for Science, Law and Technology,
a university-wide framework for faculty, student, and professional collaboration at the intersections of technology and law. He has increased Chicago-Kents involvement in international
affairs, making it possible for groups of law and engineering students to work together in
using the Internet to build a rule of law, promote the free press, and provide refugee aid in
Proceeding from
the Workshop on


Technological, and
the former Yugoslavia through Project Bosnia and Operation Kosovo, and building new
links with educational and governmental institutions in China.
Before coming to Chicago-Kent in June 1997, Dean Perritt was a member of the faculty of
Villanova University School of Law for more than 15 years, where he designed a course in
computer applications for lawyers and ran an Internet server specializing in public agency
information and practitioner access in addition to his regular teaching duties.
Dean Perritt is the author of more than 45 law review articles and 15 books on technology
and law and employment law, including the 730-page Law and the Information Superhighway.
He served on President Clintons Transition Team, working on telecommunications issues, and
drafted principles for electronic dissemination of public information, which formed the core of
the Electronic Freedom of Information Act Amendments adopted by Congress in 1996. During
the Ford Administration, he served on the White House staff and as deputy under secretary
of labor.
Dean Perritt has been appointed to a National Research Council committee on Global
Networks and Local Values and was appointed by the governor of Illinois to the Advisory
Commission on Internet Privacy. He is a member of the Bars of Virginia, Pennsylvania, the
District of Columbia, Maryland, Illinois and the United States Supreme Court. He is a member
of the Council of Foreign Relations and of the Economic Club.
Dean Perritt earned his B.S. in engineering from MIT in 1966, a masters degree in management from MITs Sloan School in 1970, and a J.D. from Georgetown University Law Center
in 1975.
>103
Daniel Schutzer, Vice President & Director of External Standard and Advanced Technology,
e-Citi, CitiGroup, Financial Services Technology Consortium, Board Chairman,
New York, New York
Currently responsible for directing and coordinating Citigroups advanced technology efforts
and Citigroups senior representation at external organizations and standards bodies. This
includes ensuring research and standards activities are properly focused and aligned with
business goals and priorities; formulating and executing business-driven technology directions
and strategies; providing overall management, assessment, and prioritization of research and
standards activities; and keeping the Citibank highly innovative. Areas of focus include electronic banking, payment and electronic commerce, bill presentment and payment, portfolio
and risk management, financial engineering and new product design, customer behavioral
modeling, mathematical marketing analyses and simulations, fraud detection and control,
security over computer networks. Advanced technologies under investigation include agent
technology, machine learning, multimedia, biometrics, image and voice processing, smart
cards and secure tokens, high performance computing.
Previous positions include Technical Director Naval Intelligence, Technical Director Navy
Command, Control and Communications, and Program Manager Sperry Rand. Also worked
for Bell Labs, Syracuse University and IBM.
Currently serving as Research Professor of Information Technology at Rutgers Center of
Management, Integration and Connectivity (CIMIC), and teaching part time at Iona College
in New Rochelle, New York, and George Washington University in Washington D.C.
Thomas J. Smedinghoff, Partner, Baker & McKenzie, Chicago, IL

Thomas J. Smedinghoff is a partner with the law firm of Baker & McKenzie and Coordinator
of its E-Commerce Practice. His practice focuses on implementing electronic commerce for
businesses and government agencies. He is chair of the Illinois Commission on Electronic
Commerce and Crime, and author of the recently-enacted Illinois Electronic Commerce
Security Act (5 Ill. Comp. Stat. 175). He is chair of the American Bar Association Section of
Science & Technology, and immediate past chair of its Electronic Commerce Division. He is
also a member of the U.S. Delegation to the United Nations Commission on International
Trade Law (UNCITRAL) where he participates on the Working Group on Electronic Commerce
that is drafting international electronic and digital signature legislation.
>104
Mr. Smedinghoff is an Adjunct Professor of Computer Law at The John Marshall Law School
in Chicago (1985present), a Member of the Editorial Advisory Panel for The John Marshall
Journal of Computer & Information Law (published by the Center for Computer/Law and
The John Marshall Law School) (1988present), and a Member of the Board of Editors of the
E-Commerce Law Report (published by Glasser LegalWorks) (1998present). He is also the
editor and primary author of the book on electronic commerce titled: ONLINE LAW: The Legal
Guide to Doing Business on the Internet (U.S. publication by Addison-Wesley, 1996; Japanese
translation and publication by Shichiken Publishing Co., Ltd., 1998).
Janet W. Smith, Senior Vice President, Wachovia Corporation and Executive Vice President,
Wachovia Operational Services Corporation, Winston-Salem, NC
Janet W. Smith is a senior vice president of Wachovia Corporation and an executive vice
president of Wachovia Operational Services Corporation. She serves as manager of Payment
Systems Strategies.
Mrs. Smith is responsible for identifying enterprise-wide opportunities for Wachovia in the
rapidly evolving payment systems industry. Mrs. Smith has been very involved with the
Banking Industry Technology Secretariat (BITS) which is a part of the Financial Services
Roundtable. She serves as a co-chair to the Electronification Task Force for BITS. Mrs.
Smith sits on the Star, Inc. board as well as various industry committees representing
Wachovia in policy-making groups.
Proceeding from
the Workshop on


Technological, and
Mrs. Smith also serves as Vice Chair to the State of North Carolina on the Information
Resources Management Committee (IRMC). The group oversees the technology issues and
concerns that will affect the future as well as the people from the State of North Carolina.
Mrs. Smith served as manager of Wachovia Corporations Consumer Financial Services
Support Group from 1995 to 1998. In this position, she led development of Wachovias
Pro banking and market network alignment strategies.
A native of Taylorsville, N.C., she joined Wachovia in 1976. She received an undergraduate
degree in mathematics and a masters degree in business administration from the University
of North Carolina at Greensboro. She also completed Wachovias senior management development program at Duke Universitys Fuqua School of Business.
Margaret G. Stewart, Professor of Law, Chicago-Kent College of Law, Illinois Institute of

Technology, Chicago, IL
Margaret Stewart graduated from Kalamazoo College in 1968 with a major in political science
and a keen interest in issues of nationalism as reflected by the then nascent Scottish
National Party. She attended Northwestern University School of Law, where she was Notes
& Comments Editor of the Law Review. After receiving her J.D. in 1971, she litigated with
the firm of Willkie Farr & Gallagher in New York, leaving in 1974 to become an Assistant
Professor of Law at the University of South Carolina. Since 1977, she has been on the faculty
of IIT Chicago-Kent College of Law, where her teaching and scholarly interests include civil
procedure, constitutional law and federal courts. Most recently, Professor Stewart has
become involved with an American Bar Association project on transnational jurisdictional
issues and the internet, serving as project reporter and director.
Guy S. Tallent, President and CEO, Identrus, New York, NY

Guy S. Tallent is president and CEO of Identrus. He is responsible for driving the companys
success toward its goal of fostering business-to-business e-commerce over the Internet.
Prior to accepting the post in 1999, Tallent served for a year as chairman of the steering committee that created the organization. At the same time, he was vice president and electronic
commerce strategy executive for The Chase Manhattan Bank, responsible for developing
electronic commerce strategy, thought leadership and communications across lines of business at Chase. He was also active in developing Chases electronic bill presentment and
digital certificate strategies.
In 1994, Tallent joined the heritage Chemical Banking Corp. as strategy and planning advisor
to the president for global operating services. During the companys merger with Chase
Manhattan in 1995, Tallent was one of four executives appointed to manage the global
>105
merger integration process for the newly combined company. In this capacity, he was responsible for developing and launching Chases electronic merger management and planning systems.
In 1996, he was given the additional responsibility of establishing a company-wide effort to
develop and focus Chases strategy in the emerging electronic commerce marketplace. In
1997, he became vice president and electronic commerce strategy executive.
Earlier in his career, Tallent served in various positions with Bankers Trust Company and First
Tennessee Bank, N.A. He earned a bachelors degree in finance and business administration
in 1988 from Memphis University, Memphis, Tenn., and an MBA in finance in 1992 from the
University of Chicago Graduate School of Business.
Thomas P. Vartanian, Partner, Fried, Frank, Harris, Shriver & Jacobson, Washington, D.C.
Thomas P. Vartanian is Chairman of the Corporate Department and Head of the Financial
Institutions Transactions and Electronic Commerce Technology Groups in Fried Franks
Washington, DC office. He is the former Managing Partner of the Washington office (19871999).
Mr. Vartanian is an Adjunct Professor in the graduate law programs at Georgetown University
Law Center and the Boston University Law School (Morin School of Banking), where he
teaches a course on 21st Century Banking issues. He is on the faculty of the ABA Stonier
Graduate School of Banking. He is also Chairman of the American Bar Associations
Committee on Cyberspace Law and the ABAs Transnational Jurisdiction in Cyberspace
Project. He is a member of the ABAs Ad Hoc Committee on Financial Services Deregulation
and Consolidation.
>106
Mr. Vartanian is the co-author of two recently published books on financial electronic commerce: 21st Century Money, Banking & Commerce and The Management of Risks Created
by Internet-Initiated Value Transfers. He is a contributing author to The Year 2000 Legal Guide
and Current Developments in Monetary and Financial Law.
Mr. Vartanian is also active in various professional and civic organizations. In addition, he is
a member of: The Executive Board of the National Center for Technology & Law; The Digital
Signature Technical Advisory Committee of the Virginia Legislatures Joint Commission on
Technology and Science; The Information Security Exploratory Committee established by the
National Information Infrastructure (NII) Task Force of the Presidents National Security
Telecommunications Advisory Committee (NSTAC); The Executive Committee of the Board
of Directors and Co-Chair of Member Services of the Greater Washington Board of Trade; and,
The Advisory Board of the Electronic Banking Law and Commerce Report.
Prior to joining Fried Frank, Mr. Vartanian was the General Counsel of the Federal Home Loan
Bank Board and the Federal Savings and Loan Insurance Corporation, which also included
responsibility for legal issues affecting the Federal Home Loan Bank System and the Federal
Home Loan Mortgage Corporation (Freddie Mac). Prior to that, he was special assistant
Proceeding from
the Workshop on


Technological, and
to the chief counsel of the Office of the Comptroller of the Currency and senior trial litigator
for the agency. He has been a staff counsel to the Depository Institutions Deregulation
Committee, the Vice Presidents Task Group on Regulation of Financial Services, and the
Administrative Conference of the United States.
Mr. Vartanian is a nationally known writer, lecturer and radio and TV commentator on electronic commerce issues. He has written numerous books and publications.
David E. Weisman, Group Director, Research, Forrester Research, Inc., Cambridge, MA

David leads Forresters research in on-line financial services and commerce site technologies.
His group explores how to sell goods and services to consumers over the Internet and how
technology will extend premium financial services to the mainstream investing public. His
team also examines tools and technologies for site design and eCommerce applications.
Davids comments and research have appeared in The Wall Street Journal, Money Magazine,
Investors Business Daily, Investment Dealers Digest, and American Banker. He has also
appeared on National Public Radio, CNBC, and CNNfn.
David has six years of experience in electronic banking, with positions in research and development, self-service banking, and ATM product management. Before joining Forrester, he was
vice president of self-service banking at Fleet Bank. In addition to managing Fleets 900 ATMs
in six states, he directed Fleets alternative delivery efforts in remote banking, smart cards,
Internet access, and video conferencing. He also served as vice president of research and
development at BayBank, where he monitored, researched, and developed new consumer
retail banking technologies. Davids previous experience also includes founding KidByte, a
computer learning center for children, and product management at GCC Technologies, a
Macintosh peripheral manufacturer.
David holds a B.S. in marketing from the University of Connecticut and an M.B.A. in marketing from the Columbia Business School.
Jean Woodworth, President, Payment Technologies, Inc., Mechanicsburg, PA

Jean Woodworth, the President of Payment Technologies, Inc. (PTI), has spoken at many industry conferences on consumer and commercial cards, the Internet and Smart Cards. Payment
Technologies, Inc. (PTI) is a consulting firm specializing in the payments industry. PTI has been
consulting to processors, associations, financial institutions, and other parties since 1986.
PTI provides both primary and secondary research resources for organizations wanting specialized information on the payments industry. PTI has completed research projects from
healthcare payments to examinations of smart cards, to research on EBT.
>107
Our company works with organizations to determine their requirements for research. Based
on those requirements, PTI performs both primary and secondary research to complete the
assignment. The PTI library includes all types of publications from industry sources, as well
as the syndicated research performed by our organization. We have completed both telephone and in-person interviews with many entities, including many industry leaders.
Our most recent research has been on credit card issuers and acquirers and their presence
on the Internet.
Eddie L. Zeitler, Senior Vice President, Charles Schwab & Co., Inc., San Francisco, CA
Mr. Zeitler manages the Information Security Services organization that is composed of
six specialized units: Information Access and Protection, Business Resumption Services,
Information Security Technology, Information Security Risk Management, Security Strategy
and Architecture and Security Awareness and Training. The organization manages business
resumption planning, develops information security policies, standards and procedures, implements information security measures and technology, manages network, platform and application security controls, and provides information security support services across the firm.
>108
Ed has a varied background in computers and information processing, beginning with the
development of radar system controls at ITT Gilfillan and the operating system used on the
Shuttle Orbiter at Rockwell International. Management experience includes data center performance and configuration for Transamerica Information Services, technical services (operating systems and software) and computer center operations for the National Data Center of
Federated Department Stores, the capacity planning function for Security Pacific National
Banks computer centers, and the Information Security function at Security Pacific National
Bank, Bank of America and Fidelity Investments.
External activities include participation on various committees such as the OECD Workshop
on Digital Signatures, the Los Angeles County Computer Crime Task Force, the Department
of the Treasurys Financial Management Services Security Advisory Panel, the ANSI X9
Working Groups for financial services, the U.S. Treasurys EFT Task Force Subcommittee on
Interoperability, the ABA Information Systems Security Committee, the ISC2 Waiver Evaluation Committee and the National Com-puter System Security and Privacy Advisory Board.
Educational background includes a Bachelor of Science in Mathematics and a Master of
Science in Systems Engineering from the University of Arizona. Ed also completed his Ph.D.
Candidacy in Computer Science at the University of Alberta. Ed has also passed the General
Securities Representative Examination (Series 7).
Proceeding from
the Workshop on


Technological, and
XI. Participants
Theresa Abbamondi, American Bankers
Association, Washington, DC
Bob Chakravorti, Federal Reserve Bank

David R. Allardice, Federal Reserve Bank

of Chicago Detroit Branch, Detroit, MI
Lyman Chapin, BBN Technologies,

Waltham, MA
Catherine Allen, Banking Industry

Technology Secretariat, Washington, DC
Darryl L. Coffman, The National Bank &

Trust Company, Sycamore, IL
Patricia Allouise, Federal Reserve Bank of

Boston, Boston, MA
Kate M. Coleman, Cash Station, Inc.,

Chicago, IL
Susan Anderson, Deluxe Corporation,

Shoreview, MN
William C. Conrad, Federal Reserve Bank

Adam Backenroth, Chase Manhattan Bank,

New York, NY
James D. Constantine, Sears, Roebuck

and Co., Hoffman Estates, IL
Stewart A. Baker, Steptoe & Johnson LLP,

Washington, DC
Mark Cords, GMAC, Detroit, MI
William Barouski, Federal Reserve Bank

Patrick K. Barron, Federal Reserve Bank
Terry Corrigan, New York Clearing House,

New York, NY
Adam P. Coyle, Western Union,
Englewood, CO
Ken Crisler, Motorola, Schaumburg, IL
Eric Berggren, Berggren & Co., Inc.,

Chicago, IL
Roger H. Bezdek, U.S. Department of
Treasury, Washington, DC
Amelia H. Boss, Temple University School
of Law, Philadelphia, PA
Henry H. Bourgaux, Federal Reserve Bank
of St. Louis, St. Louis, MO
Christopher Calabia, Federal Reserve Bank
of New York, New York, NY
A.J. Cave, VISA International, San
Francisco, CA
Nancy Curtis, McDonalds Corporation,

Oak Brook, IL
Christopher Dallas-Feeney, Booz Allen
& Hamilton, New York, NY
Laura Ermer, McDonalds Corporation,
Oak Brook, IL
Gary D. Farrar, Sears, Roebuck and Co,
Hoffman Estates, IL
Roger W. Ferguson, Jr., Board of
Governors of the Federal Reserve
System, Washington, DC
>109
Robert M. Fitzgerald, Chicago Clearing

House Association, Chicago, IL
Philip Hablutzel, Illinois Institute of

John Flesch, U.S. Department of Treasury,

Washington, DC
Anne Hagen, Wells Fargo Service Co.,

Minneapolis, MN
Julie Foster, National Automated Clearing

House Association, Herndon, VA
Steve Harris, Illinois Institute of

R. Gerald Fox, F.I.A. Financial Publishing,

Lake Forest, IL
Beth Anne Hastings, ABN AMRO Service

Company, Chicago, IL
Jean Freeman, New York Clearing House,

New York, NY
Jennifer Hatcher, Food Marketing Institute,

Washington, DC
Joanna H. Frodin, Federal Reserve Bank

of Philadelphia, Philadelphia, PA
David E. Hayes, Security Bank, Dyersburg, TN

Ken Hobday, CheckFree Corp., Dublin, OH
Charles Furbee, Federal Reserve Bank

Colleen George, Western Union,
Englewood, CO
>110
David J. Goldstone, Computer Crime

& Intellectual Property Section, U.S.
Department of Justice, Washington, DC
Glenn E. Gottfried, Thomson Financial
Publishing, Skokie, IL
William H. Gram, Federal Reserve Bank
Nancy Grant, National Automated Clearing
House Association, Herndon, VA
Sally Green, Federal Reserve Bank of
Boston, Boston, MA
Gary Grippo, U.S. Department of Treasury,
Washington, DC
Proceeding from
the Workshop on


Technological, and
George R. Hood, Wegmans Food Markets,

Inc., Rochester, NY
Walter Hoogmoed, Arthur Andersen,
Chicago, IL
Stephen F. Ingram, National Automated
Clearing House Association,
Herndon, VA
David L. James, Thomson Financial
Publishing, Skokie, IL
Derrelle Janey, Federal Reserve Bank
of San Francisco, San Francisco, CA
Richard S. Jenkins, SHAZAM, Inc.,
Johnston, IA
Catherine Johnston, Advanced Card
Technology Association, Ontario,
Canada
Henry L. Judy, Kirkpatrick & Lockhart LLP,

Washington, DC
Steven J. Ollenburg, Principal Bank, Des

Moines, IA
Elizabeth A. Knospe, Federal Reserve

Bank of Chicago, Chicago, IL
Susan E. Orr, FDIC, Chicago, IL
Richard I. Kolsky, Kolsky & Co.,

Evanston, IL
Kathy Paese, Federal Reserve Bank of

St. Louis, St. Louis, MO
Bill Parker, Arthur Andersen, Chicago, IL
Craig M. Lang, Chicago Transit Authority,

Chicago, IL
Steve Looney, Iowa Bankers Association,
Des Moines, IA
Craig Macdonald, World Research
Advisory, Dulles, VA
Brian Mantel, Federal Reserve Bank
Byron Marshall, Global Concepts, Inc.,
Norcross, GA
David Medeiros, The Tower Group,
Needham, MA
Tony Pearl, McDonalds Corporation, Oak

Brook, IL
Henry H. Perritt, Jr., Chicago-Kent College
of Law, IIT, Chicago, IL
John C. Peterson, ABN Amro Services Co.,
Chicago, IL
Anne L. Raczkowski, Consumers Energy,
Jackson, MI
Stephen L. Ranzini, University Bank, Ann
Arbor, MI
Pierre Roach, Canadian Payments
Association, Ottawa, Canada
Laurie Mitchell, GMAC, Detroit, MI

Clyde Monma, Telcordia Technologies,
Morristown, NJ
Katherine Schrepfer, Federal Reserve

Dan Schutzer, Citigroup, New York, NY
Michael H. Moskow, Federal Reserve

Robert Mulford, Federal Reserve Bank
of San Francisco, San Francisco, CA
Paul S. Nelson, The Northern Trust
Company, Chicago, IL
Richard R. Oliver, Federal Reserve Bank
Fiona Sigalla, Federal Reserve Bank of

Dallas, Dallas, TX
Scott Silverman, National Retail
Federation, Washington, DC
Yurii Skorin, Federal Reserve Bank of
Chicago, Chicago, IL
Thomas J. Smedinghoff, Baker &
McKenzie, Chicago, IL
>111
Janet W. Smith, Wachovia Corporation

and Wachovia Operational Services
Corporation, Winston-Salem, NC
Ann Spiotto, Federal Reserve Bank of
Chicago, Chicago, IL
Ron Staudt, Illinois Institute of Technology,
Chicago, IL
Joanna Stavins, Federal Reserve Bank of
Boston, Boston, MA
Robert S. Steigerwald, Consultant,
Hinsdale, IL
Margaret G. Stewart, Chicago-Kent
College of Law IIT, Chicago, IL
Guy S. Tallent, Identrus, New York, NY
Paul Tomasofsky, NYCE Corp., Woodcliff
Lake, NJ
Thomas P. Vartanian, Fried, Frank, Harris,
Shriver & Jacobson, Washington, DC
>112
Michael Versace, Federal Reserve Bank

of Boston, Boston, MA
Sophia R. Vicksman, Federal Reserve
Bank of New York, New York, NY
Frank Vree, Fundserv Inc., Toronto ON,
Canada
Chuck Wade, BBN Technologies,
Cambridge, MA
Ting Wang, Motorola, Schaumburg, IL
Viveca Y. Ware, Independent Community
Bankers of America, Washington, DC
Proceeding from
the Workshop on


Technological, and
Richard Warner, Chicago-Kent College of

Law, IIT, Chicago, IL
John Weinberg, Federal Reserve Bank
of Richmond, Richmond, VA
Stuart E. Weiner, Federal Reserve Bank
of Kansas City, Kansas City, MO
Dave Weisman, Forrester Research,
Cambridge, MA
Kirsten E. Wells, Wachovia, WinstonSalem, NC
R. David Whitaker, Federal Home Loan
Mortgage Corp. Freddie Mac,
McLean, VA
Jack Wing, Illinois Institute of Technology,
Chicago, IL
John J. Jack Wixted, Federal Reserve
Jean Woodworth, Payment Technologies,
Inc., Mechanicsburg, PA
Eddie Zeitler, Charles Schwab & Co.,
San Francisco, CA

Pay Sys Proceedings

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Pay Sys Proceedings

Uploaded by

Copyright:

Available Formats

Proceedings from the Workshop on

Promoting the Use of

Assessing the Business,

Numerous individuals contributed to developing this workshop. We would like to thank

Workshop Support Team

Citing Speaker Presentations

Sponsors Web Site Addresses

Promoting the Use of

Assessing the Business,

Participants involved in the payment transaction (e.g., consumers, businesses,

Networks which link participants (e.g., physical network, proprietary electronic

Attributes associated with payments which include authorization, clearing,

David R. Allardice, Ph.D.

Promoting the Use of

Assessing the Business,

Table of Contents (Day 1)

Lessons learned from past payment experiences . . . . . . . . . . . . . . . . . . . . . . . . 20

End user expectations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

The payment provider perspective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

*Comments were not available at the time of publication.

Table of Contents (Day 2)

Technology's role in payments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

The law's role in payments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Janet Smith, Executive Vice President, Wachovia

Where to go from here?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

Workshop participants. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Promoting the Use of

Assessing the Business,

Promoting the Use of

Assessing the Business,

II. Workshop Overview

Catherine Allen, Chief Executive Officer, BITS

Promoting the Use of

Assessing the Business,

Figure 1: Shifting Competitive Environment in Financial Services

Players Who Want to

Players Where Payments Enable

Another question we addressed was: To what extent do we want to maintain limited

Promoting the Use of

Assessing the Business,

Patrick K. Barron, First Vice President, Federal Reserve Bank of Atlanta

Promoting the Use of

Assessing the Business,

everywhere to have access to the system is critical if it is going to be an effective payment

Promoting the Use of

Assessing the Business,

Thomas P. Vartanian, Partner, Fried, Frank, Harris, Shriver & Jacobson

Promoting the Use of

Assessing the Business,

III. Lessons Learned from Past Payment Experiences

Promoting the Use of

Assessing the Business,

Promoting the Use of

Assessing the Business,

Gary Grippo, Program Manager, Financial Management Services, U.S. Department of

Promoting the Use of

Assessing the Business,

Promoting the Use of

Assessing the Business,

Promoting the Use of

Assessing the Business,

IV. End User Expectations

Richard I. Kolsky, President, Kolsky and Company

Promoting the Use of