October 2009 Archives
Mobile barcodes are on the verge of becoming a global phenomenon, but what exactly are they, what do they do, and for whom? We became familiar with the original, linear barcodes (or 1D), from our supermarket shopping in the 1980's (although the technology was patented in the 1950's). They comprise a series of vertical black lines and white spaces of variable width, representing numbers, which are read (or decoded) by a barcode reader to extract the information they bear.
However, as barcodes were used in an ever greater variety of environments beyond straightforward stock control, they became longer and longer as people tried to pack more information onto them. A new generation of barcodes was devised in the 1990's, usually referred to as 2D or matrix codes. They are formed by patterns of black and white squares arranged on a (usually) square grid and can encode thousands of alphanumeric and other characters in virtually any language. Immediately the size and capacity problem was solved, opening the way for applications that had never been considered.
Another radical and exciting advancement in barcode reader technology allowed the camera in a mobile phone to act as a reader. Mobile phones can now be enabled to read a variety of 2D mobile barcodes. These include QR codes, Data Matrix, Cool-Data-Matrix, Aztec, Upcode, Trillcode, Quickmark, shotcode, mCode and Beetagg.
The vast majority of symbologies are in the public domain, which means they can be used by anyone without restriction and without payment of a fee or royalty. This public approach gives rise to internationally recognised standards, global interoperability, and creates an economy of scale. This is a great boon for advertisers and consumers (both of whom are the mobile operators' customers) because only one software client is required to read any code. For the operators, this translates to greater choice and more competitively priced equipment.
Unfortunately, some barcode developers have chosen the proprietary route, which means they keep control of their own codes, the information that is permitted to be encoded and charge a fee or royalty for their use. These issues and the lack of interoperability usually means that proprietary barcodes tend to be used in controlled, closed environments, rather than in open, public systems around the world.
The most common use of mobile barcodes is to request information or a service or content from a Web site. It might be details of a promotion, or a discount voucher via SMS or MMS, or to activate a download such as a ringtone, music track or game, or click to call an IVR or human agent, or buy a travel or concert ticket. The advertiser pays the set-up costs as well as its operator partner on a per-click, download, view, redeemed coupon, ticket sale or call, depending on the campaign.
The key is that mobile barcodes are a pull technology, a permission-based way for a consumer to engage with an advertiser or medium. This is a very important attribute since there is a great deal of consumer angst and regulatory concern about intrusive: mobile barcodes are a world away from pushing unsolicited spam via SMS or MMS. Big brands are understandably wary of engaging in any advertising activity that compromises their reputation by alienating their customers and have stayed away from these kinds of push campaigns.
The pull of mobile barcodes overcome these issues and offer a direct, accountable way of connecting with consumers. However, if mobile barcodes are to succeed as an advertising medium, a high level of back-office integration is necessary, which reinforces the importance of open standards for processes and interfaces. Operators will need to demonstrate to the world's biggest brands that the barcode scanning transactions are accurate, reliable and defendable because they are going to charge that brand for every click.
The precedent is there: Google has built a multi-billion dollar, online business on this per click or interaction model with its Google AdWord/AdSense, which provides advertisers with reliable, accountable records of their users' transaction history and an accurate invoice, plus timely and granular revenue share payments to other parts of the ecosystem. In mobile, unlike online, there is the additional challenge that these mechanisms have to work across carriers, across countries and across currencies.
So the stage is set. With 2D barcode scanning, advertisers have a reliable, permission-based mobile channel open to them. Consumers love them as an easy way of using to engage with services and media they are interested in, as has been demonstrated in spades in Japan, where mobile barcodes are part of everyday life. This is because Japan is unusual in having a very dominant operator, NTT DoCoMo, which decided to endorse QR codes and ensured that all new handsets had QR code client software embedded in them. The rest is history, but this approach is not applicable to markets in most other countries, which typically have four or five operators competing against each other.
The challenge now is to ensure that any brand advertiser can run the same ad campaign in Singapore, London and Seattle instead of having to produce and run different campaigns in each country and for every operator. The inability to do this has been another big inhibitor to . Mobile barcodes have the potential to overcome these issues and become the mainstream, global phenomenon that they could and should be. However to attain this goal, the various parties that make up the ecosystem and the various warring factions within the mobile barcode industry need to come together and work on common standards* that will be to everyone's advantage.
New approach shapes how retailers secure private information and consumer confidence against data breaches
With stores located in various states and, in some cases, overseas, chain stores face a unique data security challenge. The plethora of recent State Breach Notification Laws and European privacy laws, as well as industry mandates such as the Payment Card Industry's Data Security Standard, put a lot of pressure on chain store CSOs to come up with foolproof ways to protect consumer information against a data breach.
Many retailers have already adopted localized encryption and follow data security best practices but, for some companies, this may not be the most efficient way to protect credit-card numbers and various forms of personally identifiable information (PII), including customer loyalty data, and employee social security and commercial drivers' license numbers, etc.
With traditional localized encryption, the encrypted data is stored in applications and databases in place of the original unencrypted data, which means it is located in many places throughout the enterprise. Every system that contains encrypted data is a point of risk and remains "in scope" for PCI DSS compliance and audits. What's more, encrypted data takes more space than unencrypted data, requiring costly programming modifications to applications and databases, along with increased data storage costs.
To solve these challenges, a new data security model -- format preserving tokenization -- is beginning to gain traction with retailers. Tokenization reduces the number of points where sensitive data is stored within an enterprise by replacing encrypted data with data surrogates (tokens) and storing the encrypted information in a central data vault. This makes data security easier to manage and provides an extra layer of security, but it also takes systems "out of scope" for PCI DSS compliance.
With traditional encryption, when a database or application needs to store sensitive data, those values are encrypted and the cipher text is returned to the original location. With tokenization, a token -- or surrogate value -- is returned and stored in place of the original data. The token is a reference to the actual cipher text, which can be stored locally ("in-place tokenization") or, as in the newly-emerging model in a central data vault. As long as the token is format-preserving, it can be safely used by any application, database or backup medium throughout the organization. This minimizes the risk of exposing the actual sensitive data and allows business and analytical applications to work without modification.
Format-preserving tokens can either match the expected data type or expose a subset of the original value to simultaneously protect the information and enable applications and job functions to continue unmodified. For example, the token could expose the last four digits of the social security number or credit card number to enable call center operations.
Tokens use the same amount of storage space as the original clear text data instead of the larger amount of storage required by encrypted data. And since tokens are not mathematically derived from the original data, they are arguably safer than exposing cipher text. They can be passed around the network between applications, databases and business processes safely while leaving the encrypted data they represent securely stored in a central data vault. Authorized applications that need access to encrypted data can only retrieve it using a token issued from a token server, providing an extra layer of protection for sensitive information and preserving storage space at data collection points.
Encryption, tokenization, or both: What's right for your enterprise?
There are two distinct scenarios where implementing a token strategy can be beneficial: to reduce the number of places sensitive encrypted data resides or to reduce the scope of a PCI DSS audit. The hub and spoke model is the same for both and contains these three components:
* Centralized encryption key manager to manage the lifecycle of keys.
* Token server to encrypt data and generate tokens.
* Central data vault to hold the encrypted values, or cipher text.
These three components comprise the hub. The spokes are the endpoints where sensitive data originates such as point-of-sale terminals or the servers in stores, various departments at headquarters, a call center or Web site.
In the traditional model, data is encrypted at the stores (spokes) and stored there; or encrypted at headquarters and distributed back out to the stores. Under the tokenization model, encrypted data is stored in a central data vault and tokens replace the corresponding cipher text in applications available to the stores, thereby reducing the instances where cipher text resides throughout the enterprise. This reduces risk because the only place encrypted data resides is in the central data vault until it is needed by authorized applications and employees.
In the second scenario, the model is the same but the focus is on using only tokens in spoke applications thereby reducing scope for a PCI DSS audit. In this case, employees only need a "format-preserving" token where the token provides enough insight for them to perform their jobs. For instance, the token will contain the last four digits of a credit card. In the traditional encryption model, cipher text resides on machines throughout the organization. All of these machines are "in scope" for a PCI DSS audit. In the centralized tokenization model, many of the spokes can use tokens in place of cipher text, which takes those systems out of scope for the audit.
Format preserving tokenization is ideal for some chain store enterprises, while a hybrid approach is better for others. Localized encryption is the default when stores are not always connected to a central data vault. In instances where stores are electronically connected to the data vault, tokenization is often the solution of choice. For many chain store companies, using a combination of localized encryption and tokenization is a practical approach for improving data security.
Format preserving tokenization protects payment-card information and employee information as well as all types of customer PII and loyalty data collected by many chain store marketers. Not only does the technology provide an extra layer of security in an extended enterprise, but it reduces storage space requirements and the scope of PCI DSS audits.
Gary Palgon is VP product management for data protection software vendor nuBridges, and is a frequent contributor to industry publications and a speaker at conferences on eBusiness security issues and solutions. He can be reached at firstname.lastname@example.org.