Security Alarm

With Internet shopping likely to soar, there are fears security could restrict growth.

A science fiction story called The Machine Stops describes a futuristic world in which a pasty-faced and physically wasted woman lives alone below ground in a small cell studded with electric buttons – “buttons to call for food, for music, for clothing. There was the hot bath button. There was the button that produced literature. And there were of course the buttons by which she communicated with her friends. The room, though it contained nothing, was in touch with all that she cared for in the world”.

The isolated life of the character in the story sounds far-fetched, although not as unlikely as it must have sounded to the author’s contemporaries. It was first published in 1909 and written by EM Forster, better known for the likes of A Passage to India and Howards End.

The lifestyle of the story’s heroine is made possible by the machine of the title, which “hummed eternally”. But, “she did not notice the noise, for she had been born with it in her ears”.

Just as the vast majority of people over a certain age find it hard to imagine the Internet ever catching on as a shopping medium, there is already a generation of people who have been born with it humming at their fingertips.

According to a survey, Where People Shop 1995, conducted by RSL and published by property consultancy Healey & Baker, more than a fifth of UK shoppers say they are interested in using electronic shopping and envisage doing so in the next few years – a massive leap from the one in 300 who are using it already.

The survey is based on interviews with 2000 adults aged over 15. Not surprisingly, the youth market is most accessible to Internet retailing (see charts). More than a third of the 16 to 24-year-olds say they are interested in using electronic shopping, primarily for buying clothes, records and other lifestyle goods.

The survey concludes that five per cent of the UK’s shopping spend could be diverted to electronic formats within only a few years. This amounts to some 7.25bn of current annual consumer expenditure. In the US, analysts at Hambrecht & Quist have predicted that Internet transactions could total $50bn (36bn) by the year 2000.

Healey & Baker senior partner Paul Orchard-Lisle says: “Electronic ordering and home delivery will provide what the consumer wants, while simultaneously presenting retailers with the opportunity to reduce operating costs drastically.

“The most successful retailers will view the growth of electronic shopping as an opportunity to expand market share, as opposed to a threat, and will use it to enhance their existing offer.”

For the moment, the Internet offers strictly niche business, but it’s a niche that retailers need to be in. More than half of the world’s largest companies already have a presence on the World Wide Web, and the number of Web sites in existence doubles every 53 days.

Sainsbury’s was one of the first retailers to rent space in Barclaycard’s Internet shopping mall, BarclaySquare, which also houses outlets for Toys R Us and bookseller Blackwell’s among others.

Sainsbury’s Wine Direct service, after a year of operation, accounts for only about 0.5 per cent of the grocery giant’s total wine sales, which a spokesman describes as “not the kind of trade we would normally be happy with”. High-street stores would be opened only where there was an existing demand, whereas a Net presence is seen as essential for the future. “We have to be there,” says the spokesman.

One of the problems hampering the growth of Internet shopping is the perceived fear of handing over credit card details to this nebulous network, one that is by design and definition an environment accessible to all. Some highly publicised breaches of security, notably the cracking of Netscape’s sup posedly secure encryption system last autumn, have compounded these fears.

One of the ways of evading the problem is to shift to other communication methods in the part of the transaction where the card details are being handed over – perhaps using electronic mail or phone.

But this is far from ideal: it complicates the transaction and starts to make using the Web look a little pointless. One might as well have used a telephone ordering service in the first place.

Many practitioners in the industry say the problems have far more to do with perceptions of insecurity than with the reality. Netscape, naturally, is particularly keen to play down the threat.

Since the hacking incident, the company has released a new version of its software, 1.22, which uses far better encryption than the former password system, which relied on a rather obvious time and date code.

Defenders of the Net as a secure medium also point out that the hackers had to use about $10,000 worth of computing equipment, just to crack the equivalent of a single credit card number. Quite an investment when you consider the average credit card limit.

It is still far less safe to read your card details over a phone, particularly a mobile one, and infinitely less so to leave a carbon of your card details and signature in a shop. “A fraudster would be better off getting a job in a restaurant and copying the voucher, ” says Roy Bunyan, who is ICL’s financial services manager at its advanced technology centre.

John Wood, Internet consultant at training and technical support specialist Prince, believes the perception of the Net as an insecure medium will soon wane.

“As time goes on and as more multimedia PCs are sold, use of the Net will grow. Younger onsumers will embrace it. The Internet is where commerce will be done,” he says.

The providers of Net services are working hard to show they are serious about security and Wood insists the code-makers are ahead of the code-breakers. The banks, in particular, are keen to work out a viable electronic cash transfer system, so that the age of virtual banking can begin in earnest, and many US banks are hard at work developing these systems.

However, ICL’s Bunyan says some of the greatest advances are being made by payment services operators, which he claims are more forward thinking than the banks. A flurry of tie-ups towards the end of last year saw Netscape and Mastercard joining forces to develop Netscape’s Secure Sockets Layer into a security standard, while Visa and software giant Microsoft are collaborating on their Secure Transaction Technology. This involves taking information off the Internet onto a private network, where it can be authenticated away from prying eyes.

Airline British Midland, which launched an Internet booking system last month (December), uses Netscape 1.22 (the newer, safer version) and backs it up with some security checks of its own, such as validating card details through an international system that records stolen cards, and insisting that the cardholder must be one of the passengers in any booking.

The added security of 1.22 works as both an advantage and a frustration, explains Desmond Butler, strategic distribution manager, marketing, at British Midland. “Very few people have the latest version of the Netscape software,” he says, “so they can use the site to check flight availability, but they cannot go any further into the system to actually book a flight. Still, it serves as perfect proof that we can determine who can, and can’t, get access and ensures that people are using the most secure environment possible.”

Butler says the airline considered using some sort of registration system, but passing the registration number over the Net would be prone to exactly the same risks as passing any other details. Butler points out customers still have the choice of using the phone to give their card details.

Andy Bailey, server marketing manager at software company Oracle, points to another mistaken perception about security. While we are worrying about evil hackers from far away breaking into systems holding intimate details about us, most data theft happens within organisations. Similarly, it is uncomfortable but true that your wallet is more likely to be taken from your desk drawer by a fellow employee than by someone walking in off the street. With this in mind, Oracle concentrates on the server end of the Internet, making the databases and networks within organisations as secure as possible.

But the risk of fraud is not the main obstacle to the progress of commerce on the Internet, says ICL’s Bunyan: “An awful lot of money is being spent on fixing the problem, but it’s already fixed.”

He claims the issues that do need tackling are those of speed and access. Anyone who has used the Internet will know that it is still quicker to pick up a phone to order something than it is to switch on a personal computer, find your way to the relevant page, and order it. Bunyan says it is very difficult for consumers to find their way around the Net, and this can only get worse as the number of sites increases.

The future, according to him, lies in developing “smart” browsers, which understand your shopping habits and learn constantly, so you have to tell them less each time they go shopping for you. “You tell the smart agent you want to buy a camera, and then you turn off your PC,” he says. “The agent will go and search the world for products that meet your needs.” When you turn on the PC again, it will tell you the results of its search, which model it has ordered on your behalf and the best price it has managed to secure.

ICL Financial Services has also developed HomeView to help people navigate their way around the Net. Rather than having to know what you are looking for, you can go to a picture of a home or study, and click on an object or service to find out about it. There are buttons that provide the latest news, buttons to get hold of tax advice, and buttons to buy a new car… at last, the very lifestyle enjoyed by the heroine of EM Forster’s story.