Quips: #CES2014 Preview - Trends In Digital Disruption For Consumers Center Around Mass Personalization At Scale

R "Ray" Wang

Principal Analyst and Founder
Constellation Research

R “Ray” Wang is the CEO of Silicon Valley-based Constellation Research Inc. He co-hosts DisrupTV, a weekly enterprise tech and leadership webcast that averages 50,000 views per episode and blogs at www.raywang.org. His ground-breaking best-selling book on digital transformation, Disrupting Digital Business, was published by Harvard Business Review Press in 2015. Ray's new book about Digital Giants and the future of business, titled, Everybody Wants to Rule The World was released in July 2021. Wang is well-quoted and frequently interviewed by media outlets such as the Wall Street Journal, Fox Business, CNBC, Yahoo Finance, Cheddar, and Bloomberg. Short Bio R “Ray” Wang (pronounced WAHNG) is the Founder, Chairman, and Principal Analyst of Silicon Valley-based Constellation Research Inc. He…...

Read more

Consumer Trends Often Lead The Enterprise Space

The Consumer Electronics Show begins Tuesday, January 7th, 2014 in Las Vegas.  Dubbed consumer tech's largest event, Constellation expects to see a few big things for #CES14.  In fact, digital disruption is alive and well.  The five forces of consumer tech: social, mobile, cloud, big data and video converged early in the consumer space and has commoditized faster than ever.  Consumer tech often showcases what the art of the possible will be for the enterprise.  Five big categories for CES embody this digital disruption for consumers:

1. Wearables go mainstream. The self quantification movement has gone from geek to chic fashion. Major fashion brands and pharma tech companies scramble to get the latest designs out.  Products range from smart watches, to bio monitoring devices, and to fitness tracking. Purpose built, these consumer devices will be the stars for CES this year.
2. Internet of things drives data driven personalization at scale. The machine to machine and automation market is seeing a boost from home automation in lighting, entertainment, and security. The big push is to put sensors to create data driven products that can not only improve personalization but improve context and relevancy on devices.  The result will be smarter homes, smarter cars, smarter buildings, and lots of big data business models harnessed by the vendors.
3. Video gets cheaper and better faster. 4K TVs go mainstream and price points drop.  Expect more and more OLED and lower price points. The Koreans have an edge here but don't be surprised if someone else comes from out of the blue.  Integrated video with home entertainment and traditional PC's are creating new form factors like Steambox in the living room.
4. Maker movement expands accessibility. 3D printing and imaging improve in accessibility. The goal is to drive down price points, improve access, and drive up the ecosystem. Expect new business models to emerge that will enable more local production and mass personalization at scale.
5. Robotics revolution. A host of consumer grade robotics enter the market.  The current wave cover hard labor automation, telematics, artifical intelligence, connected experiences, and simulated human relationships.  As cognitive computing improves, expect robotics to take advantage of these improvements to improve the overall interaction and self-learning.

The Bottom Line: Mass Personalization At Scale Is The Unwritten Theme of CES2014

The low cost of sensors and computing power now enable data driven personalization at consumer scale.  The data behind mass personalization will enable context which will drive relevancy in the overall customer experience.  This is the dawn of the data driven consumer tech and data driven customer experience era.  CES 2014 attendees looking back will realize that the digital disruption in 2014 came from sensor enablement, creation of bigdata business models, and the launch of mass personalization at scale.  Expect the next stage in convergence as wearables tie back to sensor and analytical ecosystems in IOT, that then enable video, to create things.  Ah, you see you do get it!

Disruptive Technology Companies: Filemobile

Constellation Research

J. Bruce Daley is a former vice president and principal analyst at Constellation Research, Inc.  , Title: Big Ideas Age Before Beauty Before there can be a wholesale conversion to the Cloud legacy applications must be converted. This will take decades and not every vendor has taken this obstacle into account when projecting growth. Professional Services Firms Need a Recurring Revenue Model The services business has a lot of advantages but one big disadvantage in that you are always going out of business. Some organizations are using the Cloud to offer clients new ways to spend money than just time-and-materials or fixed price projects. ...

Read more

Filemobile offers a disruptive technology that goes beyond its niche in on-line media. The company, based in Toronto, Canada, at one level allows its clients to gather, curate, publish, and promote user generated content. At another level the company has developed an Inclusion Theory Layer product complete with mobile device support, API's, authentication, and an SDK that could be used to develop new business models.  Filemobile clients currently use the cloud based technology organize and assemble user-generated content primarily to build brand  or encourage customer engagement. The company reports seeing a lot of growth in internal intranet uses. A few have even begun experimenting with more disruptive ways to take advantage of the technology.

CablePulse 24 (CP24), a Canadian cable and satellite television channel focusing on local news from Toronto and Southern Ontario, used the geo-location features of the product to identify and solicit on-the-spot reporting from viewers during  the Southern Ontario Tornado Outbreak of 2009,  the largest one day flurry of tornados in Canadian history.  CP23 was able to scoop larger, better funded competitors and  break the station's viewership record in the process.

 Source: Flickr

The company's Inclusion Theory Layer product is called Media Factory. It was built from the ground up to handle different media formats in large quantities while also providing flexible workflows for moderation and publishing. Given the right API's there is no reason it could not be used with enterprise systems such as SAP or Siebel to build mobile composite applications.

Privately held, Filemobile clients include Gannett, Wall Street Journal, ABC, and Fox News, Life is Good, Tim Hortons, JC Penney, Farmers, Honda, and Fischer Price.

A good contact at the company is Marc Milgrom who can be reached at + 416 642 652 or at [email protected].

Getting Social with Siebel #4: Can I support other CRM Platforms

Constellation Research

J. Bruce Daley is a former vice president and principal analyst at Constellation Research, Inc.  , Title: Big Ideas Age Before Beauty Before there can be a wholesale conversion to the Cloud legacy applications must be converted. This will take decades and not every vendor has taken this obstacle into account when projecting growth. Professional Services Firms Need a Recurring Revenue Model The services business has a lot of advantages but one big disadvantage in that you are always going out of business. Some organizations are using the Cloud to offer clients new ways to spend money than just time-and-materials or fixed price projects. ...

Read more

By Richard Napier

At Buzzient we believe that you should not be tied up in multiple platforms for Social Engagement just because you have different departments or different platforms. For example, if your outbound marketing happens in Salesforce, and your helpdesk uses NetSuite, or your Italian operation uses another CRM.

Question 5 : Can your Social Engagement platform co-exist and be CRM vendor neutral?

At Buzzient, we think that is a fundamental rule – why should you need to have multiple systems. It’s all about the customer! Pick up some of the core documentation on the Buzzient resources area,

This post originally appeared in the On Demand Education Ltd. Blog

The Snapchat data breach

Steve Wilson

Former Vice President and Principal Analyst
Constellation Research

Steve Wilson is former VP and Principal Analyst at Constellation Research, leading the business theme Digital Safety and Privacy. His coverage includes digital identity, data protection, data privacy, cryptography, and trust. His advisory services to CIOs, CISOs, CPOs and IT architects include identity product strategy, security practice benchmarking, Privacy by Design (PbD), privacy engineering and Privacy [or Data Protection] Impact Assessments (PIA, DPIA). Coverage Areas: -  Identity management, frameworks & governance-  Digital identity technologies-  Privacy by Design -  Big Data; “Big Privacy”-  Identity & privacy innovation Previous experience: Wilson has worked in ICT innovation, research, development and analysis for over 25 years. With double…...

Read more

Yesterday it was reported by The Verge that anonymous hackers have accessed Snapchat's user database and posted 4.6 million user names and phone numbers. In an apparent effort to soften the blow, two digits of the phone numbers were redacted. So we might assume this is a "white hat" exercise, designed to shame Snapchat into improving their security. Indeed, a few days ago Snapchat themselves said they had been warned of vulnerabilities in their APIs that would allow a mass upload of user records.

The response of many has been, well, so what? Some people have casually likened Snapchat's list to a public White Pages; others have played it down as "just email addresses".

Let's look more closely. The leaked list was not in fact public names and phone numbers; it was user names and phone numbers. User names might often be email addresses but these are typically aliases; people frequently choose email addresses that reveal little or nothing of their real world identity. We should assume there is intent in an obscure email address for the individual to remain secret.

Identity theft has become a highly organised criminal enterprise. Crime gangs patiently acquire multiple data sets over many months, sometimes years, gradually piecing together detailed personal profiles. It's been shown time and time again by privacy researchers (perhaps most notably Latanya Sweeney) that re-identification is enabled by linking diverse data sets. And for this purpose, email addresses and phone numbers are superbly valuable indices for correlating an individual's various records. Your email address is common across most of your social media registrations. And your phone number allows your real name and street address to be looked up from reverse White Pages. So the Snapchat breach could be used to join aliases or email addresses to real names and addresses via the phone numbers. For a social engineering attack on a call centre -- or even to open a new bank account -- an identity thief can go an awful long way with real name, street address, email address and phone number.

I was asked to compare the theft of stolen phone numbers with social security numbers. I surprised the interviewer when I said phone numbers are probably even more valuable to the highly organised ID thief, for they can be used to index names in public directories, and to link different data sets, in ways that SSNs (or credit card numbers for that matter) cannot. 

So let us start to treat all personal inormation -- especially when aggregated in bulk -- more seriously! And let's be more cautious in the way we categorise personal or Personally Identifiable Information (PII).

Importantly, most regulatory definitions of PII already embody the proper degree of caution. Look carefully at the US government definition of Personally Identifiable Information:

      information that can be used to distinguish or trace an individual's identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual (underline added).

This means that items of data can constitute PII if other data can be combined to identify the person concerned. That is, the fragments are regarded as PII even if it is the whole that does the identifying.

And remember that the middle I in PII stands for Identifiable, and not, as many people presume, Identifying. To meet the definition of PII, data need not uniquely identify a person, it merely needs to be directly or indirectly identifiable with a person. And this is how it should be when we heed the way information technologies enable identification through linkages.

Almost anywhere else in the world, data stores like Snapchat's would automatically fall under data protection and information privacy laws.  Regulators would take a close look at whether the company had complied with the OECD Privacy Principles, and whether Snapchat's security measures were fit for purpose given the PII concerned. But in the USA, companies and commentators alike still have trouble working out how serious these breaches are. Each new breach is treated in an ad hoc manner, often with people finessing the difference between credit card numbers -- as in the recent Target breach -- and "mere" email addresses like those in the Snapchat and Epsilon episodes.

Surely the time has come to simply give proper regulatory protection to all PII.

Top 3 things to look for in 2014

pending

Guy Courtin was formerly Vice President and Principal Analyst at Constellation Research covering Matrix Commerce and how the Internet of Things drives the evolution of commerce.  Guy has over 15 years experience in the technology space and specifically in the supply chain space. Most recently he was the Vice President of Research at SCM World. Where he focused on the service providers that empowered supply chains. Prior to SCM World, Guy held numerous senior positions. He was responsible for product marketing at RSi, a retail supply chain solution provider. There managed RSi’s go to market strategy around their leading cloud based supply chain solutions. He also spear headed Progress Software’s supply chain group. Where he was responsible for driving revenue and market share as well…...

Read more

When it comes to the supply chain space and solutions, there are three trends I am looking for in 2014:

• Software providers will strive to offer full supply chain solution suites. Mega vendors such as SAP, Infor and Oracle have been ahead of this game, just by their sheer size. A growing number of service providers such as JDA and Logility will continue to push in this direction –looking to offer their own supply chain solution platform.  Practioners will seek service providers that can address larger and more inclusive supply chain challenges, rather than simply optimizing pieces of the overall puzzle. They recognise that optimizing parts of the supply chain can often times lead to unintended consequences in other parts of the supply chain. This does not mean that software providers that do not offer a full end to end solution will fall out of favour. These bolt-on solutions will continue to allow for targeted supply chain problems to be addressed. However, these solution providers will have to continue to demonstrate how their solution will be interoperable within the overall supply chain solution network. If you are already engaged with a mega vendor, lean on them to understand how their solution suite can address your larger supply chain issues. When it comes to vendors with smaller solution footprints, ensure that they can seamlessly tie into the solution ecosystem.
• Expect innovation from the non-usual suspects. Innovative solutions as well as thought leadership will not come only from best of breed providers or consultants, but also from such sources as 3pls and contract manufactures. These players will bring their unique perspective to the supply chain, and drive innovation and thought leadership from the manufacturing and transportation position….think about 3D printing from your contract manufacturers like Flextronics or Jabil and how they are applying this technology and how that innovation can impact your supply chain. Or how your logistics provider like DHL, FedEx or UPS will drive aspects like same day delivery or multi-channel retailing. Other logistics providers who can empower you to drive your supply chain into emerging marketing such as the likes of Agility or Imperial Logistics. Innovation in the supply chain had become more democratized; do not hesitate to look to all your service providers for innovative thinking.
• It will not be about big data but about actionable data. The notion of large amounts of accessible data will not diminish, on the contrary the amount of data we have access to for our supply chains will only continue to grow. But the vendors that are equipped to provide actionable data is going to be more important than big data. For example vendors such as IRI and Neilson can already provide large quantities of consumer data. Other business intelligence vendors have the ability to take massive data to cleanse and harmonize data. But practioners need to look for the vendors that are focusing on identifying that actionable data. To borrow a phrase from a conversation with SAP – “the haystack keeps getting larger and larger, and you are still looking for that needle” Solution providers will start focusing on identifying the actionable data, rather than just big data. Just because we can start looking at every last piece of data does not mean we should be doing so. Solution providers that offer the intelligence to find the key pieces of data within that haystack will be the ones that gain in relevance.  Companies like Zyme are focused on the hi-tech space will be able to give companies like Barnes and Nobles a better understanding of what data they need to be aware of for products such as the Nook tablet. Work with your service providers to go deeper than just looking at big data – understand what types of data they are comfortable with and what industries they have deep knowledge of.

2014 should be another interesting year in the space…but then again isn’t every year that way?

David Schwab Joins FusionOps Board of Directors

Constellation Research

J. Bruce Daley is a former vice president and principal analyst at Constellation Research, Inc.  , Title: Big Ideas Age Before Beauty Before there can be a wholesale conversion to the Cloud legacy applications must be converted. This will take decades and not every vendor has taken this obstacle into account when projecting growth. Professional Services Firms Need a Recurring Revenue Model The services business has a lot of advantages but one big disadvantage in that you are always going out of business. Some organizations are using the Cloud to offer clients new ways to spend money than just time-and-materials or fixed price projects. ...

Read more

David C. Schwab, who  co-founded Scopus Technology and served as Vice President of Sales until it was acquired by Siebel Systems, has joined the board of FusionOps. FusionOps is a “domain-based” Business Intelligence (BI) company that brings together cloud, Big Data, and a user-friendly interface to provide insights into supply chains. 

Built in the cloud, FusionOps provides users with pre-built metrics, tickers, and analytic reports. Business users can also fine-tune existing reports, to create new analytics, and drill down into the details. In addition, the product includes collaboration and social networking features. The company currently serves a diverse set of industries including: apparel and sportswear, mining, medical equipment, electronics, and energy companies.

The company is currently recruiting sales engineers and sales managers. Resumes can be sent to [email protected].

Schwab has been a long time Director of Sierra Ventures and helped build Sierra’s enterprise software investment practice. His primary investment focus is business applications and next generation infrastructure. Portfolio companies Dave has worked with in the past include: Accruent (acquired by Vista Equity Partners), Crosslogix (acquired by BEA Systems Inc.), CSS (acquired by Partners Group), SalesLogix (IPO and acquired by Sage), Knova (Merger of Kanisa and ServiceWare), MicroMuse (sold to IBM), OnLink Technologies (sold to Siebel Systems), and 360Commerce (sold to Oracle). His portfolio includes Corrigo, Parature, Prelert, Revionics, Trivantis, Zebra Imaging, and Zoom Systems.

In addtion his MBA from Harvard, Schwab holds two graduate engineering degrees from Stanford University and an undergraduate degree from UC San Diego.

Trends: 10 Trends for #Cloud Computing in 2014 To Dominate #Digital Disruption [Slide Share]

R "Ray" Wang

Principal Analyst and Founder
Constellation Research

R “Ray” Wang is the CEO of Silicon Valley-based Constellation Research Inc. He co-hosts DisrupTV, a weekly enterprise tech and leadership webcast that averages 50,000 views per episode and blogs at www.raywang.org. His ground-breaking best-selling book on digital transformation, Disrupting Digital Business, was published by Harvard Business Review Press in 2015. Ray's new book about Digital Giants and the future of business, titled, Everybody Wants to Rule The World was released in July 2021. Wang is well-quoted and frequently interviewed by media outlets such as the Wall Street Journal, Fox Business, CNBC, Yahoo Finance, Cheddar, and Bloomberg. Short Bio R “Ray” Wang (pronounced WAHNG) is the Founder, Chairman, and Principal Analyst of Silicon Valley-based Constellation Research Inc. He…...

Read more

Holger Mueller

Vice President and Principal Analyst
Constellation Research

Holger Mueller is VP and Principal Analyst for Constellation Research for the fundamental enablers of the cloud, IaaS, PaaS and next generation Applications, with forays up the tech stack into BigData and Analytics, HR Tech, and sometimes SaaS. Holger provides strategy and counsel to key clients, including Chief Information Officers, Chief Technology Officers, Chief Product Officers, Chief HR Officers, investment analysts, venture capitalists, sell-side firms, and technology buyers.  Coverage Areas: Future of Work Tech Optimization & Innovation  Background: Before joining Constellation Research, Mueller was VP of Products for NorthgateArinso, a KKR company. There, he led the transformation of products to the cloud and laid the foundation for new Business Process as a…...

Read more

Ten Trends For Cloud Computing In 2014 To Dominate Digital Disruption

Constellation's cloud computing research falls under the Tech Optimization and Innovation business theme and throughout other areas where applications are applied.

The trends for 2014 cover across the entire cloud stack. Holger Mueller, VP and Principal Analyst, covers the impact of Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) as well as HR Technologies in the Future of Work. R "Ray" Wang researches the impact of Cloud Computing on business strategy and the application landscape.

Below are the 2014 trends for Cloud Computing. Join the Constellation experience as we set to help our clients dominate digital disruption.

Your POV.

The ROI on hacking Target customers' cards

Steve Wilson

Former Vice President and Principal Analyst
Constellation Research

Steve Wilson is former VP and Principal Analyst at Constellation Research, leading the business theme Digital Safety and Privacy. His coverage includes digital identity, data protection, data privacy, cryptography, and trust. His advisory services to CIOs, CISOs, CPOs and IT architects include identity product strategy, security practice benchmarking, Privacy by Design (PbD), privacy engineering and Privacy [or Data Protection] Impact Assessments (PIA, DPIA). Coverage Areas: -  Identity management, frameworks & governance-  Digital identity technologies-  Privacy by Design -  Big Data; “Big Privacy”-  Identity & privacy innovation Previous experience: Wilson has worked in ICT innovation, research, development and analysis for over 25 years. With double…...

Read more

An unhappy holiday for Target customers

A week before Christmas, Target in the US revealed it had suffered a massive payment card data breach, with some 40 million customers affected. Details of the breach are still emerging. No well-informed criticism has yet to emerge of Target's security; instead most observers say that Target has very serious security, and therefore this latest attack must have been very sophisticated, or else an inside job. It appears Target was deemed PCI-DSS compliant -- which only goes to prove yet again the futility of the PCI audit regime for deterring organized criminals.

Security analyst Brian Krebs has already seen evidence of a "fire sale" on carding sites. Cardholder records are worth several dollars each, up to $44 according to Krebs for "fresh" accounts. So the Return on Investment for really big attacks like this one on Target (and before that, on Adobe, Heartland Payments Systems, TJMaxx and Sony) can approach one billion dollars.

We have to face the fact that no amount of conventional IT security can protect a digital asset worth a billion dollars. Conventional security can repel amateur attacks and prevent accidental losses, but security policies, audits and firewalls are not up to the job when a determined thief knows what they're looking for.

It's high time that we rendered payment card data immune to criminal reuse. This is not a difficult technological problem; it's been solved before in Card Present transactions around the world, and with a little will power, the payments industry could do it again for Internet payments, nullifying the black market in stolen card data.

A history of strong standardisation

The credit card payments system is a paragon of standardisation. No other industry has such a strong history of driving and adopting uniform technologies, infrastructure and business processes. No matter where you keep a bank account, you can use a globally branded credit card to go shopping in almost every corner of the world. This seamless interoperability is created by the universal Four Party settlement model, and a long-standing plastic card standard that works the same with ATMs and merchant terminals absolutely everywhere.

So with this determination to facilitate trustworthy and supremely convenient spending in every corner of the earth, it's astonishing that the industry is still yet to standardise Internet payments! We have for the most part settled on the EMV chip card standard for in-store transactions, but online we use a wide range of confusing and largely ineffective security measures. As a result, Card Not Present (CNP) fraud has boomed. I argue that all card payments -- offline and online -- should be properly secured using standardised hardware. In particular, CNP transactions should either use the very same EMV chip and cryptography as do Card Present payments, or it should exploit the capability of mobile handsets and especially Secure Elements.

CNP Fraud trends

The Australian Payments Clearing Association (APCA) releases twice-yearly card fraud statistics, broken down by fraud type: skimming & carding, Card Not Present, stolen cards and so on. Lockstep Consulting monitors the APCA releases and compiles a longitudinal series. The latest Australian card fraud figures are shown below.

APCA like other regulators tend to varnish the rise in CNP fraud, saying it's smaller than the overall rise in e-commerce. There are several ways to interpret this contextualization. The population-wide systemic advantages of e-commerce can indeed be said to outweigh the fraud costs, yet this leaves the underlying vulnerability to payments fraud unaddressed, and ignores the qualitative problems suffered by the individual victims of fraud (as they say, history is written by the winners). It's pretty complacent to say the systemic benefit exceeds the cost of the fraud; it's would be like meekly attributing a high road toll to the popularity of motor cars. At some point, we have to do something about safety!

Frankly it's a mystery why the payments industry seems so bamboozled by CNP fraud, because technically it's a very simple problem. And it's one we've already solved elsewhere.

Card Not Present fraud is simply online carding.

Skimming and Carding

In carding, criminals replicate stolen customer data on blank cards; with CNP fraud they replay stolen data on merchant servers.

A magstripe card stores the customer's details as a string of ones and zeroes, and presents them to a POS terminal or ATM in the clear. It's child's play for criminals to scan the bits and copy them to a blank card.

The payments industry responded to skimming and carding with EMV (aka Chip-and-PIN). EMV replaces the magnetic storage with an integrated circuit, but more importantly, it secures the data transmitted from card to terminal. EMV works by first digitally signing those ones and zeros in the chip, and then verifying the signature at the terminal. The signing uses a Private Key unique to the cardholder and held safely inside the chip where it cannot be tampered with by fraudsters. It is not feasible to replicate the digital signature without having access to the inner workings of the chip, and thus EMV cards resist carding.

Online card fraud

Conventional Card Not Present (CNP) transactions are vulnerable because, like the old magstripe cards themselves, they rest on cleartext cardholder data. On its own, a merchant server cannot tell the difference between the original card data and a copy, just as a terminal cannot tell an original magstripe card from a criminal's copy.

Despite the simplicity of the root problem, the past decade has seen a bewildering patchwork of flimsy and expensive online payments fixes. Various One Time Passwords have come and gone, from scratchy cards to electronic key fobs. Temporary SMS codes have been popular but were recently declared unsafe by the Communications Alliance in Australia, a policy body representing the major mobile carriers.

Meanwhile, extraordinary resources have been squandered on the novel "3D Secure" scheme (MasterCard SecureCode and Verified by Visa). 3D Secure take-up is piecemeal; it's widely derided by merchants and customers alike. It upsets the underlying Four Party settlements architecture, slowing transactions to a crawl and introducing untold legal complexities.

A solution is at hand -- we've done it before

Why doesn't the card payments industry go back to its roots, preserve its global architecture and standards, and tackle the real issue? We could stop most online fraud by using the same chip technologies we deployed to kill off skimming.

It is technically simple to reproduce the familiar card-present user experience in a standard computer or in digital form on a smart phone. It would just take the will of the financial services industry to standardise digital signatures on payment messages sent from a card holder's device or browser to a merchant server.

And there is ample room for innovative payments modalities in online and mobile commerce settings:

• A smart phone can hold a digital wallet of keys corresponding to the owner's cards; the keys can be invoked by a payments app, ideally inside a Secure Element in the handset, to digitally sign each payment, preventing tampering, theft and replay.
• A tablet computer or smart phone can interface a conventional contactless payment card over the NFC (Near Field Communications) channel and use that card to sign transactions (see also the NFC interface demo by IBM Research).
• Many laptop computers feature smartcard readers (some like the Dell e-series Latitudes even have contactless readers) which could accept conventional credit or debit cards.

Conclusion

All serious payments systems use hardware security. The classic examples include SIM cards, EMV, the Hardware Security Modules mandated by regulators in all ATMs, and the Secure Elements of NFC mobile devices. With well-designed hardware security, we gain a lasting upper hand in the cybercrime arms race.
The Internet and mobile channels will one day overtake the traditional physical payments medium. Indeed, commentators already like to say that the "digital economy" is simply the economy. Therefore, let us stop struggling with stopgap Internet security measures, and let us stop pretending that PCI-DSS audits will stop organised crime stealing card numbers by the million. Instead, we should kill two birds with one stone, and use chip technology to secure both Card Present and CNP transactions, to deliver the same high standards of usability and security in all channels.

Download complimentary research

The FIDO Alliance - by Steve Wilson

The Consumerization of Identity - by Steve Wilson