For Goren’s LapJack, A Sale & Repackaging
Corrections or additions?
E-Commerce Consumers: Do They Think It’s Safe?
This article was published in U.S. 1 Newspaper on February 10, 1999. All rights reserved.
One third of the Internet-savvy people in Mercer County
purchased something from a site on the World Wide Web in the past
year. Twenty percent of those surveyed bought items worth at least
$100, and 13 percent spent less than $100. But 60 percent bought nothing
on the Web. Those who didn’t buy — are they frightened about security?
Or worried about fraud? Or just watching their pennies?
Four MBA students from Rider University distributed questionnaires
at corporate locations, a condominium complex, a gas station, an elementary
school, and Rider, and also by E-mail. More than 400 people responded.
The students’ paper “Electronic Commerce: Finding for American
Consumers” was presented last fall.
“As consumers move onto the web in increasing numbers, questions
arise about the possible occurrences of fraud, and the long-term repercussions
arising from the misdeed,” say the students. They studied consumer
confidence regarding online purchases — whether these concerns
were valid and what consumers need to watch out for. And they described
the technology of secure transactions, an R&D area in which an Independence
Way-based firm, Trintech, excels.
“The validity of concerns varied, based on whom you asked,”
says Drew Procaccino, one of the four student researchers. An
economics and business major at Ursinus College (Class of 1982), he
also earned a B.S. in decision sciences and computers from Rider.
He does desktop publishing and teaches at Rider and Mercer County
College (E-mail: jdproc@aol.com).
“Vendors and reporters tended to compare online transaction safety
as equal to mail order or restaurant purchases. Consumers supplied
some horror stories,” writes Procaccino. “Ultimately recently
formed watchdog web sites work to inform and educate consumers in
online transaction etiquette.” (See following story.)
But like every aspect of the Internet, Internet fraud changes rapidly.
The five most commonly reported frauds for the first half of 1998
are completely different from those for the second half of 1998. As
each type of Net dishonesty surfaces, steps are taken to prevent it.
“Reputable online vendors now take steps to protect their online
customer base,” says the student report. “Financial institutions
and better vendors are employing encryption methods to scramble data.
Additionally, consumers should take steps to protect themselves by
researching the vendor, limiting information they provide, and being
aware of the dangers they face once they make the decision to buy.”
Females were more reluctant to purchase online than males (69 percent
spent nothing), compared to 49 percent of males. Those aged 49 and
younger seemed to spend more money online than those over 50.
The students expected that those who worried about purchasing on the
Web would be the ones who made no E-commerce buys. Wrong. Those with
zero concerns spent less money than those with several or many concerns.
As for gender, males were four times more likely than females to not
be concerned about purchasing online, but all had concerns.
Worry over credit card security affected 75 percent of all those responding.
Unwillingness to give up one’s name and address affected 61 percent,
the same for men as well as women. The vendor’s reliability and the
buyer’s inability to see the merchandise influenced 47 percent and
38 percent respectively. More than one-third (36 percent) were worried
about their ability to easily return the product. More than one-fifth
(23 percent) wished they could talk to the online merchant. The remaining
problems (11 percent or less) involved lack of money, lack of knowledge
of the web, or lack of access to the web. Eight percent of those surveyed,
44 people, expressed no concern at all.
“We found it interesting that 18-29 year-olds (five percent),
whom the conventional wisdom often cites as being exceptionally computer-literate,
were five times more likely to cite a lack of knowledge of the Web
as a `concern’ compared to 30-49 year olds (one percent) and four
times as likely as 50-79 year-olds (four percent),” writes Procaccino.
This 20-something age group were also three times as often as the
over 50 set to cite a “lack of money” as one of their concerns,
and six times as likely as the 30-49 year-olds.
Says the report: “The most common signs of fraud are extravagant
promises of profits, guarantees of credit regardless of bad credit
history, or incredibly low prices or prizes that require up front
payment. Most scams start when a business or individual strikes up
a conversation via E-mail or in a chat room. Many schemes involve
down payment of cash or checks for nonexistent services of products,
such as Internet accounts, general merchandise, credit cards, computer
equipment, and auctioned items. The payments are usually sent to a
post office box, but the products are never delivered.”
“While a consumer may get a telemarketing call and feel that the
voice on the other end of the line sounds shady, or visit a store
and decide that the products being sold really aren’t as great as
the ad claimed, there is no such protection on line.”
The students’ advice: “Checks and money orders are the most common
methods of payment when purchasing goods or service over the Internet,
but they don’t offer the same protection that a credit card does.”
Procaccino’s colleagues include Joanne Celentano-Tziovannis,
a senior sales analyst at Bristol-Myers Squibb on Scudders Mill Road.
She was an accounting major at St. John’s University, Class of 1993
and hopes to receive her finance MBA from Rider.
Bart V. Del Cimmuto
went to Penn State (Class of 1989) and is working on his MBA in finance.
He is a regional credit analyst with Ford Motor Credit in Mahwah.
Lee-Ann Benjamin graduated from Rider in 1997 and works in Warren
for EnableVision as an information system consultant.
They were in the class of Marvin Darter, associate professor of computer information systems.
Top Of PageInternet Fraud Watch
In response to the Internet fraud reports that tripled
in 1997 the 109-year-old National Consumers League has set up Internet
Fraud Watch, dedicated to giving consumers resources to avoid fraud (https://www.fraud.org/ifw.htm).
But fraud tactics change rapidly. The Internet Fraud Watch reported
that for the first six months of 1998 the five most frequent reports
of fraud were for web auctions (undelivered or over-valued items),
general merchandise sales (never delivered or not as advertised),
Internet services (false representations), hardware/software
sales, and pyramid and multi-level marketing schemes.
The next six months showed a radical change. None of top-five frauds
from January to June were in the “first five” list for the
entire year of 1998. That list, as released on January 27:
Telephone cramming, adding extra unauthorized chargesto phone bills.Advance fee loans (moved up from eighth place since June1998), promises of loans contingent on the consumer paying a largefee in advance.Telephone slamming (changing your phone service).Prizes and sweepstakes.Work-at-home schemes.The next five included magazine sales, credit card offers, telephonepay-per call services, business opportunities and franchises, andtravel and vacation offers.National Consumers League’s top tips to avoid Internet fraud, as reportedby the Rider students:Do business with those who know and trust. Be sure youknow who the company or person is and where it is physically located.Understand the offer, the total price, the delivery date,the return and cancellation policy, and the terms of any guarantee.The federal telephone and mail order rule applies: Goods or servicesmust be delivered by the promised time, or, if none was stated, within30 days. Print out the documentation.Check out the track record, calling for complaint recordsand licensing or registration documents, but remember that fraud artistscan appear and disappear quickly, so lack of a complaint record isno guarantee of legitimacy.Never give your bank account numbers, credit card numbersor personal information to anyone you haven’t checked out. Butusing a credit card is preferable to mailing a check or money order;you can always dispute fraudulent credit card charges, but you can’tget cash back.Take your time. High pressure sales tactics are oftendanger signs of fraud.Don’t judge reliability by how flashy the Web site may seem.Know that unsolicited E-mail is often used by con artistsand violates computer etiquette. Report such “spamming” toyour Internet service provider.Don’t download programs from Web sites you are not familiarwith, even if you want to see pictures or hear music. You could unwittinglydownload a virus that hijacks your Internet service, reconnectingyou to the Net through an international phone number, resulting inenormous phone charges.Top Of PageTrintech’s InitiativesAnother aspect of the Rider study dealt with technology-basedsolutions aimed at preserving the reliability and integrity of E-commerce.When the study was published, there were only two major technologies:Secure Sockets Layer (SSL) and Secure Electronic Transaction (SET).Since then, Trintech has come out with two variations on these methods,aimed at making it easier and more secure for consumers to buy onthe ‘Net (https://www.trintech.com).Trintech is based in Dublin, Ireland, but opened a research and developmentfacility here in 1997 and is located on Independence Way. The privatelyowned firm specializes in providing card payment and electronic commercesolutions to bankers and retailers (U.S. 1, December 3, 1997).Kevin McGuire, the oldest of three brothers in Trintech, headsthe Princeton office. He graduated from University College Dublinin 1976 and came to Princeton Plasma Physics Lab in 1979, recruitingfellow PPPL-ers to help him open the R&D office on 1997. Sales, marketing,and customer support for Trintech is provided by a 30-person officein San Jose, and a six-person marketing office is in Austin. Munichis the site of a European office.Trintech is a direct supplier and an OEM (original equipment manufacturer)supplier of payment software https://www.trintech.com.Trintech’s latest and most exciting product is Payware Net. “Werealized that SET (one of the transaction methods) was slow to takeoff,” says spokesperson Richard Martin, “and that peopleon the retail side were asking for a form more secure than offeredtoday under traditional SSL (the alternative transaction method).Our guys in Princeton developed this Payware Net product, and it comesin four different flavors:1. Plain vanilla SSL is described by the students as “NetscapeCommunication Corporation’s handshake protocol.” With encrypteddata transmission it issues a digital certificate and signature toauthenticate both the buyer and the seller. “It uses public keyencryption — a set of mathematically linked numbers, referredto as keys. A message encoded with the public key (widely known, suchas an individual’s address) can be decoded only with the private key(so the message can be read only by the intended recipient),”describes the report.After SSL negotiates the secure connection, the buyer and the sellercan begin to exchange data. It works, but as Martin points out, “PlainSSL messaging doesn’t give the same level of security as SET.”2. SET or Secure Electronic Transaction is the set ofsecurity protocols developed by Visa International and MasterCard.Trintech installed its version on Netscape’s site in 1996. “Itgoes beyond SSL by incorporating credit card authorization, ensuringthat the buyer is authorized to use the credit card (via the digitalsignature) and that the merchant is authorized to accept the card(via verification of the merchant’s relationship with a bank actingas a payment processing intermediary),” says the student report.SET offers a digital certificate at the consumer level, as well asat the merchant level, says Martin. Merchants can post the SET symbolon their home page so that savvy consumers will know their creditcard data will be safe.But using SET can be expensive for merchants dealing with low margintransactions, so Trintech now offers two hybrid versions:3. SSL to SET combination, just released in December.The buyer sends a message in SSL to the online merchant site. Thisis translated to a SET message and sent from the online merchant tothe bank. “One of the big barriers of SET is the whole digitalcertificate that the consumer fills out,” says Martin. “Here,the consumer doesn’t have to apply for the digital certificate, yetthe consumer knows the site is secure,” says Martin. The SET markmeans that the merchant has gone through rigorous third party testing.4. Certless SET, an all-SET messaging system without therequirement of a digital certificate for the consumer; the consumerdoes not have to go through the rigamarole of that application. “Forthe consumer, three and four are identical,” says Martin. “Theconsumer knows the data is more secure because of the SET encryption.It is another step to more secure E-commerce.”Which of the four Payware offerings is preferable? “We arethe technology company,” says Martin. “We leave it to thecard associations and the banks to decide what is the best.”To Martin, a good way to measure fraudulent Internet transactionsis to count the number of “chargeback” complaints to creditcard companies about Christmas purchases. Not all of the complaintswill be due to fraud: “There is a rumor that it is quite high;people are alleging that kids’ are taking parents’ credit card numbersand getting merchandise sent to their address — and these purchasesare being disputed by the parents.”CEO John McGuire and the Trintech crew want to develop the technologyso it is “a transparent exercise of clicking, clicking, and clickingfor payment to be activated, authorized, and completed in a securemanner.””In a few years, consumers will log on, click, and pay with thesame confidence and regularity on the Web as they do today in thephysical world,” says McGuire. “But encryption is ademanding science. We feel that, by making the investment in researchin these early days, we will be rewarded in the near future when theunderlying encryption methodologies need to be upgraded to newer,faster, and more secure encryption techniques.””It’s a very exciting area to be working in. You are going topotential and existing customers who want to embrace the technologyand make it available to the customer base,” says McGuire. “Thisis a push sell, not a pull sell.”Top Of PageFor Goren’s LapJack, A Sale & RepackagingOnce more, Andy Goren is an empty nester. He foundedTV Objects, a company that developed a Java software tool called AppletDesigner, and he sold it off. Then under a different company namehe developed a hardware solution to laptop computer security, Lapjack(U.S. 1, June 10, 1998). In October he sold the license for Lapjackto a multibillion dollar global firm, which will launch the repackagedproduct on March 1. Now the 29-year-old Goren, based at PrincetonOffice Gallery on Independence Way, is contemplating his next contributionto the cause of electronic commerce.”For now I am going to stay around and help out,” says Goren,who had been a theoretical math major at University of California,Berkeley. “But I might work on a new product, a joint venture.”Curtis Computer Products, has bought the worldwide exclusive rightsto Lapjack for marketing and manufacturing LapJack (https://www.curtiscp.com).Curtis is a division of Esselte Pendaflex, a manufacturer of Oxfordfile folders that supplies distribution to office products distributors,computer supplies/VAR distributors, mail order catalogs, mass market,and superstores for computers and office products.LapJack uses an encoded security key that plugs into a parallel printerport on a laptop computer. If a machine is enabled with LapJack itcannot boot up without the key. It can’t be compromised by bootingfrom a floppy. And once the LapJack software is deployed on a laptop,that computer’s hard drive can’t be used in another computer, norcan the hard drive’s data be reformatted. LapJack puts no demand onthe processor or memory, doesn’t corrupt data, and doesn’t use passwords.The new product is getting a new name, Data Defender, and a huge marketingpush. Its software is being translated into 14 languages, includingHungarian, Polish, Finnish, and Swedish, says Ken Bernstein of Curtis.Lapjack had a “street price” of about $90, and Data Defenderwill sell at discounted rates for a similar price, from $89 to $99.Data Defender will be a Qualtec brand and will have tie-ins to otherQualtec products. “We own a printer cable company, and for desktops,laptops, and docking stations, we are providing the Qualtec Data DefenderParallel Port Extender,” says Bernstein. This four-foot “splittercable” can be plugged into the hard-to-reach port of a desktopcomputer and extend to a convenient spot for users to insert theirhardware security keys. It will retail for $29.95.Like TV Objects is now, Lapjack will be a shell company after thelaunch. To develop this hardware product, Goren had worked with JuanRuival, whose name is also on the patent. He had investment capitalfrom David Plimpton of Plimpton & Yang on Chambers Street. What nowfor Goren? “I’m going to look in Internet and security areas forthe next products,” says Goren.Lapjack Systems, 5 Independence Way, PrincetonOffice Gallery, Princeton 08540. Andy Goren, president and CEO. 609-514-5181;fax, 609-514-5176. Home page: https://www.lapjack.com.Next StoryCorrections or additions?This page is published by PrincetonInfo.com— the web site for U.S. 1 Newspaper in Princeton, New Jersey.
