Providing secure payments and protecting the privacy of an individual’s personal data is critical to the growth of mobile ecommerce, also known as m-commerce. M-commerce may someday provide a true alternative to cash and make purchasing items as easy as hitting a few keys on the keypad of your Wireless Internet device.

One of the most important issues to overcome in the area of m-commerce is fraud. It’s easy enough to prove payment in the physical world—cash works well and credit cards have sophisticated protection schemes to protect both the holder and the merchant from unauthorized use. Over the Internet, it’s quite a bit harder to confirm the identity of the entity that is attempting to complete a purchase—merchants are unable to ask for a photo ID or some other proof that the identity of the person requesting the purchase is correct.

One solution may be biometric identification. Biometrics involve the use of technology that can identify unique attributes of an individual, such as a fingerprint or a scan of the face, to be presented as proof of identity. The user might have a fingerprint scanner built into their Wireless Internet device. This scanned image would be transmitted to the merchant, who would check it against a secure database of fingerprints. If the user has registered in this database, and the information matches, the merchant would allow the purchase to proceed.

SECURITY AND PRIVACY

Technology and the evolution of communications networks have been phenomenal—truly the kind of advancement that can leave users gasping in astonishment. Unfortunately, not all of the amazement is positive. Users are increasingly shocked and concerned about the lack of privacy and security in our increasingly digital world.

Whereas the majority of users are essentially unconcerned about privacy, a growing number of consumers and pro-privacy organizations are pushing for protection. In most cases it’s individuals who want privacy and companies, governments, and other large organizations that want to violate it—even though this is typically done in the name of marketing, law enforcement, or even customer service. Most consumers are unconcerned because they feel they have nothing to hide—as long as there is nobody walking in the front door with a camera crew people feel they have nothing much to worry about.

PRIVACY VERSUS ANONYMITY.  Privacy has historically been something that a consumer could control to a great degree by simply choosing to whom to reveal information. Even the act of leaving your home to go shopping presented a situation where you could control who you greeted and gave your name or other personal information to. Even the time of day you chose to go shopping impacted who you might run into—going to the grocery store late at night limits the type of people who would be likely to see you. I once knew a teacher who would go shopping late at night so that she could avoid having any of her students observe her buying beer and cigarettes: She protected her privacy by controlling her actions.

This attempt at privacy didn’t render my friend anonymous; privacy and anonymity are often confused because their purposes overlap considerably. Dictionary.com defines them as follows:

•   Privacy.

1a. The quality or condition of being secluded from the presence or view of others.

1b. The state of being free from unsanctioned intrusion: a person’s right to privacy.

2. The state of being concealed; secrecy.

•   Anonymity. The quality or state of being unknown or unacknowledged. One that is unknown or unacknowledged.

Anonymity can be used to reinforce privacy, however both are actually very difficult to achieve in today’s society. Even those of us that are not movie stars or well-known celebrities place a high value on our privacy and ability to occasionally be unknown to those around us.

DATA COLLECTION

Often the first stage of an intrusion of privacy is data collection. If the information doesn’t exist it’s hard to violate one’s privacy. Whereas most individuals wouldn’t bother to go out and gather this information, companies do this all the time, often with our help. Grocery store loyalty programs are a good example—we willingly sell our name and other personal info along with a complete record of what we purchase and when. There are many automated forms of data collection today—frequent flyer cards, toll tags, credit cards, and   phone bills. The Wireless Internet will increase the amount of data that can be collected. Initially this data will not be very personal—stock quotes, news, weather—but as devices and networks evolve to enable more sophisticated applications and services, security will become an important concern and impact the growth of the Wireless Internet.

DATA STORAGE

The next stage in the possible invasion of privacy is data storage. Data storage is becoming cheaper and cheaper. This is a great thing when consumers want to store personal content like digital pictures, tax records, and other accounting info. The bad news is that data storage has become so cheap that there is little incentive to throw data away. The majority of these systems are built to collect and aggregate data automatically, without much emphasis on error checking or data correction.
Data, both correct and incorrect, can now live on forever— errors in credit reports, medical histories, purchases, and travel records can all be accessed long after you have forgotten or even knew of them. Trails and histories of what actions took place and what content was accessed or requested become almost permanent. The digital world is unlike the physical world in that it doesn’t forget the past until told to erase it. In the physical world one can be reasonably assured that eventually nobody will remember you ever visited that “unique” store or alternative nightclub back in college. Now, however, there is a digital trail back to those questionable Web sites that lives practically forever. (Or until someone deletes it, which could take even longer.)

DATA ANALYSIS AND PROFILING

Software is getting better and better at slicing and dicing and turning data into information. Databases can help companies build profiles of user behavior based on billions of statistically analyzed data points. Data fusion is also a popular way of adding value to data by combining two or more data sources. Your shopping history could be compared with your medical records to reveal a statistical correlation between your rising weight and your purchases of ice cream and snack foods. Processing the records of others with similar histories could result in a profile that companies could use against you. Imagine, while in line at the checkout counter, you happen to get a wireless email from your health insurance provider threatening to cancel your coverage unless you put the Ben & Jerry’s back where you found it!

The very fact that Wireless Internet use will create another source of consumer data is troubling when we look at the money that is going into creating this system. The cost of new networks and services can be at least partially alleviated with revenue gained from selling this personalized data to companies that are experts in data fusion and profiling and that specialize in processing and selling consumer information.

Wonder why more consumers haven’t revolted and refused to participate or even understand what is happening to their data? We’ve been bought off with the convenience and savings that these loyalty programs and electronic systems offer. Until consumer awareness of the potential dangers increases most will likely continue to sign away bits and pieces of personal data. We believe it will take a series of high profile abuses of personal data before many consumers will trade off that grocery store loyalty card 20 percent discount on soda and chips in exchange for greater privacy.

PERSONALIZATION GOES BOTH WAYS

Personal computers that access the Web open the door to intrusion, but the Wireless Internet will likely produce more valuable data because most devices can be tied to a person and not just a household or fixed work location. The fact that content destined for a wireless device is most often altered and filtered to conform to smaller screens and limited navigation provides even more specific data than PC surfing would generate. A PC data trail may only show a visit to a Web directory page that  contains  listings  for  entertainment;  the  wireless device would likely go a level deeper and reveal that a user was looking at listings for gambling entertainment. Location-based services will also add another layer of very valuable information—the history of exactly where you have been for how long. Because technology and the data generated can be used for legitimate purposes as well as abused, we will likely not see this process of collection, storage, and analysis disappear. It may, however, eventually come under the guidance of laws and regulation that limit the potential for abuse.

Solving consumer privacy and security issues is key to enabling  growth  of  the  Wireless  Internet  as  applications improve and become more personal. The current content accessed most commonly via wireless devices is not very personal—stock quotes, weather, general news, and the like. But future applications will enable transactions and inquiries into personal records like bank accounts and medical records—data that is personal and damaging in the wrong hands.
Surprisingly, the U.S. constitution does not currently guarantee privacy, unlike in Europe where the E.U. constitution actually guarantees a level of privacy. Many other countries have no similar laws, and in an online world where boundaries blur, even the existing laws can be hard to enforce.

FREEDOM OF EXPRESSION

The right to privacy online is linked essentially to one’s ability to control disclosure of personal identity. This ability to control access to your identity is easy in the physical world: We not only decide who we interact with but our personal details are not often in danger of exposure during simple activities such as walking around town. We normally do not even provide our names unless requested (unless at a conference where no one seems to mind wearing name tags with our personal and company info for all to see). In the Internet the opposite is true— almost anyone willing to invest a little bit of effort can easily uncover the digital footprints left on any site you’ve visited at any date in the past.

This ability to control and hide one’s identity is critical in maintaining a society that is capable of protecting freedom of expression. When government or other organizations decide that simply visiting and viewing certain information sites is a threat, the possibility of censorship takes away one of the most important  powers  of  the  Internet—freedom  of  expression. Individuals with differing political, religious, or lifestyle beliefs can use the power of the Internet to protect and educate others without the fear of censorship or punishment only if privacy is allowed. The transparency of the Web can be unforgiving, but never a complete picture of the whole story. Historical data that shows mistakes in an individual’s past may not include enough of the data needed to paint a true picture. (PS: Will someone please tell the insurance company that the Ben and Jerry’s Ice Cream wasn’t for me and that my increased weight is  really in error. They recorded my weight in kg instead of pounds; besides, I really have been hitting the gym, I just haven’t swiped my card every time, OK?)