All About Credit Cards

Byline: Brian Krebs

Schuyler Cole needed an accessory for his Palm Treo 600 smartphone, so the Haleiwa, Hawaii, resident fired up his Web browser last month and ran a Google search.

After scanning the search results, he purchased the inexpensive item -- a USB cable used to synchronize the Treo's settings with his personal computer -- from Cellhut.com, the first online store displayed in the results that looked like it carried the cable. The site featured a "Hackersafe" logo indicating that the site's security had been verified within the past 24 hours.

Later that day, information from Cole's purchase --- including his name, address, credit card and phone numbers, and the date and exact time of the transaction --- were posted into an online forum that caters to criminals engaged in credit card and identity theft. Ostensibly, the data on Cole was posted as an enticement to other fraudsters lurking on the forum who might be interested in buying large numbers of similar records.

Other personal data posted into the fraud forum included the personal and financial information for Shane Galloway, an 18-year-old freshman at Louisiana State University in Baton Rouge. When contacted by washingtonpost.com, Galloway said he purchased a wireless phone from Cellhut.com shortly after midnight on Sept. 6, just minutes after the time stamp on Cole's purchase.

Another individual whose data was found in the online chat channel --- a southern California resident who asked that his name not be used --- confirmed that he bought wireless accessories from Cellhut.com at 9:15 a.m. on Sept. 7, the exact time listed in the entry that was posted into the online forum along with his credit card data and other personal information. Later, he discovered that $6,000 in fraudulent charges were made using his credit card.

While public attention has remain fixed on a series of high-profile data losses or database breaches at federal government agencies, large corporations and universities, experts who study financial fraud say hackers increasingly are targeting small, commercial Web sites. In some cases, criminals are able to gain real-time access to the sites' transaction information, allowing them to steal valid credit card numbers and quickly charge large numbers of fraudulent purchases.

Small e-businesses offer fewer total victims, but they often present a softer target, either due to flaws in the software merchants use to process online orders or an over reliance on outsourced Web site security.

Cole's and Galloway's information was recorded being traded in an online chat room by Dan Clements, co-founder of CardCops.com, a fraud prevention service that monitors underground chat rooms where criminals trade in stolen credit cards and information used to commit identity theft. Clements said many smaller online merchants use generic shopping cart software that they fail to maintain with the latest software security patches.

"Most of these merchants that get hacked do not have updated versions of the software that runs their business, they're just trying to sell widgets," he said.

Nearly 80 percent of all software vulnerabilities discovered in the first six months of 2006 involved Web-based applications produced by hundreds of different software vendors, according to a report released Monday by Cupertino, Calif.-based security vendor Symantec Corp.

"The people writing these applications often don't know very much about Web-based vulnerabilities," said Alfred Huger, a senior director at Symantec Security Response. "Many of these Web vulnerabilities are not that difficult to discover and are very easy to exploit."

Cellhut.com, like many e-commerce Web sites, features the "HackerSafe" seal on its homepage proclaiming that the site "is tested and certified daily to pass the FBI/SANS Internet Security Test." ScanAlert Inc., a Napa, Calif.-based company that sells the service, scans some 75,000 online merchants each day for thousands of known Web site flaws.

ScanAlert is one of many companies providing third-party Web site security audits to online businesses. Other players in this market include Comodo Group Inc. of Jersey City, N.J., which markets its HackerGuardian scanning service; Coral Gables, Fla.-based Xenitel and its HackerFree seal; and the Verified Safe service from Lansing, Mich.-based Periscan.

By and large, the companies offer a range of basic and advanced security services that they say will assure Web customers that a site is doing everything possible to protect their personal data. But computer security experts are quick to question the effectiveness of these services.

"We hear from our assessor contacts who investigate (Web site) breaches that most of the sites had previously passed vulnerability scans," said Avivah Litan, a financial fraud analyst with the Stamford, Conn. research firm Gartner Inc.

Let's face it. Not everyone is a history buff. That's obvious to those who've ever watched an episode of "The Tonight Show with Jay Leno." As he skirts around the streets of Los Angeles during his signature bit "Jay Walking," he gets the most laughable responses to the simplest questions. When asked during one bit when Christopher Columbus discovered North America, a lady studying to be a teacher responded, "1842."

It's a scary thought that a future educator doesn't know when "Columbus sailed the ocean blue." Maybe more people would know their history if it had a more direct impact on their lives. Then again, that statement doesn't always ring true because there are many people who don't have a clue about personal history that affects them greatly--their credit history.

Just as a resume displays your work experience to a potential employer, a credit report provides creditors, and in some cases employers and insurers, with a detailed picture of your credit history. And like a resume, your credit report can influence whether you'll get what you're applying for.

Good credit isn't only useful in getting a loan. Credit checks are often done before a person is able to sign an apartment lease or as part of a background check before being offered a job, said Luther Branham, senior vice president of consumer lending for USAA Federal Savings Bank.

Your credit report provides a snapshot of your credit history and helps lenders make a quick, objective and accurate assessment of your credit risk. Occasionally, however, there are errors on these reports that can adversely affect your ability to get a loan or credit. Therefore, it stands to reason that you want to make sure your report is an accurate, up-to-date reflection of your credit history. Here are five reasons why you should become a history buff when it comes to regularly reviewing your credit report.

Identity theft

In 2003, 9.9 million people became victims of identity theft. A Federal Trade Commission publication titled, "ID Theft: When Bad Things Happen to Your Good Name," points out that identity thieves use a variety of methods--low- and high-tech--to gain access to personal data like social security numbers and credit card account information.

"A thief can secretly run up thousands of dollars in bills using your name and a different or fictitious address, and you may not be aware of this until you are turned down on an application because the delinquent debt was recorded on your credit report," said Michael Jackson, associate director of the Federal Deposit Insurance Corp.'s electronic banking branch.

The best way to catch a thief using your name is to get a copy of your credit report, according to the FTC publication. The report will show all the accounts opened in your name.

Let's assume your wallet has been stolen. The FTC suggests you contact the fraud department of any of the three major credit bureaus to place a fraud alert on your credit file. The alert is basically a request for creditors to contact you before opening any new accounts or making any changes to your existing accounts. As soon as the credit bureau confirms your fraud alert, the other two bureaus automatically will be notified to place fraud alerts, and all three credit reports will be sent to you free of charge.

Inaccuracies and mixed files

Many inaccuracies on a credit report can be the result of simple human error. For example, a New Jersey woman named Norma Cohen was astonished when she was turned down for a loan to refinance her home. She thought her credit was close to perfect.

Apparently, someone mixed her up with her deceased ex-husband. It's easy to see how it happened since his name was Norman Cohen. But Norma and her husband had divorced four years before his death, so she shouldn't have been held responsible for his bad debts. Though she explained the situation to the credit bureaus, it took some doing to correct the problem.

Other inaccuracies aren't so hard to dispute. The important thing to remember is you should correct even the tiniest of errors. Whether the errors relate to payments not credited or to late payments, it's best to contact the credit bureau to dispute the inaccurate information before it does too much damage to your report.

Inquiries

Every time you apply for credit and the credit grantor checks your report, a credit inquiry is placed in your file. Credit inquiries are bad because too many of them can indicate that you're "credit hungry" and may be in financial trouble. For this reason, too many inquiries can actually make getting credit more difficult. Moreover, if you didn't authorize someone to look at your credit report and they did, they may have broken the law. In order to see who's been looking at your credit, you need to read your report.

NEW YORK, NEW YORK, U.S.A., 2000 APR 25 (NB) People who surf the Web looking for credit card offers are more ethnically diverse and also more receptive to online branding than the general online population, according to a recently released study from Cyber Dialogue, a company specializing in Internet customer relationship management.

The study is part of the company's "American Internet User Survey."

Cyber Dialogue also says that it has found online credit card seekers to be younger, primarily male and more likely to carry larger balances than other segments of the cyberspace population.

To date, according to Cyber Dialogue projections, 9.8 million Americans have shopped for credit cards on the Internet.

Newsbytes spoke with Sam Callard, a financial analyst for Cyber Dialogue's Internet Strategies Group about the findings of the study. He said he thinks the study, which traces the offline and online consumer use of financial services, provides important information for credit providers in understanding how online credit card seekers differ from consumers looking for other types of financial services, such as home loans or insurance.

For example, Cyber Dialogue says, online credit card seekers are especially attractive because nearly half of them a projected 4.3 million have actually applied for a credit card directly online. This translates into a reduction in the cost of acquisition to online credit card issuers.

Another positive aspect of online credit seekers, according to the report, is that online credit card applicants have a high conversion rate. This means that more than half of those who applied for credit cards on the Web a projected 2.2 million ultimately acquired a credit card online, and began using it.

"Credit card companies are missing an opportunity to acquire potentially valuable lifetime customers by overlooking such largely untapped groups as ethnic minorities," said Callard. One of the benefits of the Internet, Callard points out, is its ability to reduce both the offline cost and risk of targeting these kinds of small, high-potential customer segments.

But online credit card seekers are also more demanding than the general Internet population, according to the report. They are especially driven by low interest rates as well as the reputation of the credit card issuer.

Cyber Dialogue reports that 90 percent of online credit card seekers list low interest rates as an important feature of a credit card; and, 83 percent list a trusted institution as being important in their choice of cards. The general online population is said to be a third less likely to cite these two factors as important elements in their choice of a credit card issuer.

Among the other findings of the report was the statistic that 35 percent of online credit card seekers are in an ethnic minority group, as compared to 20 percent of the total general online adult population. The primary reason for this, Callard feels, is due to the anonymity of the Internet.

Another figure of importance for credit card issuers is that with an average balance of $3,100, online credit card seekers carry $1,000 more credit card debt than the general online population. This translates into greater merchant fees and more interest income for card issuers, as long as the monthly payments are made.

The findings reported by Cyber Dialogue are from the company's cybercitizen Finance Continuous Advisory Service which is part of Cyber Dialogue's American Internet User Survey (AIUS). According to Callard, the AIUS random measures via telephone 1,000 online adults, age 18 and older, as well as 1,000 non-Internet users.

The event's host, Livermore Research, is one of the leading experts in the credit card industry. It uses a proven methodology to uncover and report new online developments within all the major credit and charge card issuers and it is consistently the first industry source to report new functions, updated capabilities and site redesigns.

edocs provides a complete online self-service software platform for the credit card industry and works with several leading card issuers including GE Consumer Card Services and Target. edocs' Card Manager enables issuers to offer a complete and compelling online service experience for consumer and commercial cardholders and it delivers substantial cost savings and improved customer service levels. With edocs' solution in place at an issuer's website, business and consumer cardholders can view recent activity and account status, request usage alerts, categorize transactions, turn off paper delivery and run spending analysis reports.

About edocs
edocs is the leading provider of customer self-service and e-billing software for Global 2000 businesses. edocs' solutions improve the quality of customer care, reduce support costs and deepen relationships with business and consumer customers. The software enables end customers to manage their accounts, research offerings, buy products and services, review bills and statements, initiate and track payments, and resolve issues online from a single starting point at a company's web site. edocs' products and services are used by some of the world's leading organizations in financial services, energy, government, healthcare, insurance, retail and telecommunications. Customers include BT (British Telecom), Fannie Mae, FleetBoston Financial, GE Capital, Humana, Independence Blue Cross, Target, Telstra, Toyota Financial Services and TXU Energy.

LOS ANGELES, CALIFORNIA, U.S.A., 1999 NOV 19 (NB). Shopping online could become much easier for people without credit cards under a new Internet automatic teller machine plan developed by Cash Technologies Inc. [NASDAQ:CHNG].

According to Cash Technologies Chairman and CEO Bruce Korman, credit cards inhibit much of the potential in the e-commerce market. "Today nearly half of the US population, and one-fourth of those who qualify, do not have credit cards," he said.

In order to turn these cardless customers into online spenders, Cash Technologies today announced that it has reached agreements with MP3.com, [NASDAQ:MPPP], an online digital music Website, and privately held Sensar Inc., a manufacturer of "iris recognition products," to begin a pilot project using ATM cards to purchase music products at MP3's Website.

MP3 customers participating in the pilot project will be able to use their regular bank ATM card to shop securely over the Internet at MP3's Website. The use of Sensar's iris camera attached to the customer's PC will eliminate the need to send personal ID numbers via the Internet, removing the key stumbling block that has prevented the use of ATM cards on the Internet.

Korman also pointed out another possible advantage that this system has over credit cards, saying that "credit card and password fraud has victimized millions of online shoppers."

The pilot project for MP3 customers will begin during the first quarter of 2000. Participating customers will enroll at an iris- enabled ATM supplied by Diebold Inc. Thereafter, when the customer is ready to purchase products from MP3's Website, a small hand-held camera manufactured by Sensar, which plugs into the customer's PC, will take a picture of his or her iris and return the encoded information to MP3 over the Internet.

MP3 in turn will pass the information on to Cash Technologies' EMMA system to authenticate the customer and process the transaction through the ATM networks.

An approval is returned by EMMA to MP3 within seconds, the customer then can receive the requested MP3 product in the usual way. According to Cash Technologies, as far as the customer is concerned, the process is virtually as fast and as simple as using an ATM.

MP3 is particularly pleased with the pilot project's potential, since, according to MP3.com President Robin Richards, "Credit card penetration is particularly low amongst the teenage population despite their tremendous buying power."

Sensar anticipates that eventually the inexpensive hand-held cameras, which also can double as "Web cams" or video conferencing cameras, could be distributed by banks, e-commerce providers, online securities trading firms and even built into computer monitors.

Korman told Newsbytes that initially, Cash Technologies would pay for the cost of the cameras attached to the individual PCs. In the future, he expectes that the cameras would be available at virtually no charge, the cost being born by the online merchants who want to reduce credit card fraud at their sites. Korman also said that if the cameras were not made available for free, he expects the retail cost of the camera to be below $100 when manufactured in quantity.

Cash and credit cards soon may give way to digital money--currency that can be sent over computer networks in the form of digital information. "Shopping on the Internet has prompted the development of a new kind of money," Vary Coates and Steven Bonorris, who made a study of digital money for the Institute of Technology Assessment in Washington, D.C., told the World Future Society, Bethesda, Md. They explained that it may take the form of electronic tokens stored on a computer's hard drive or on "smart" cards that can be loaded with various monetary values.

Millicents is a kind of electronic scrip that carries a signed message, a serial number, and an expiration date. Customers receive millicents from brokers and can then spend it using their modems.

CyberCoins exist as digital tokens that can be purchased from a bank and exchanged for online products that cost less than $10.

CyberCash is a system that utilizes software to create a gateway between the Internet and a credit card company's authorization network. A cybercash system keeps records of transactions and encrypts your payments.

"No one is yet sure what kind of electronic currency, if any, will most appeal to consumers," Coates and Bonorris indicated. Some enthusiasts want digital money to be just like paper money. They want to be able to "make change" electronically, have their new currency widely accepted, and have easy access to funds via computer, laptop, and smart cards. Others want electronic money to have customized features that paper money lacks. Some parents, for example, would like to give their children "conditional" digital allowances that couldn't be spent on cigarettes or liquor.

Some consumers already are using digital money. First Virtual Bank began offering it in 1994 and now has 150,000 accounts. Most Internet merchants, though, are waiting to see which of the competing electronic systems will win out in the marketplace

Discover wants to be your credit card provider. Cash in that average to very good credit rating and join today! Discover has a wide variety of cards aimed at many needs, including anything from gas cards to student platinum cards. They also offer great rebate rewards with any purchases when you use your personalized credit card with. Those rebates can be used for anything from groceries to merchandise, among many other valued goods. Discover prides itself on having a credit card that meets your needs, and that you will be happy to use. All the services Discover has to offer makes having a credit card a joy instead of an unneeded burden. See the terms and conditions for the credit card you choose before you apply to view the specifics of the payment program.

If you choose Discover, you will be choosing the card ranked #1 in customer loyalty among all leading credit card brands in 2006. With 4 million merchant and cash access locations across the United States, it is hard to argue anything else, making their network the largest credit card network in the United States. Discover is thankful for the loyalty and business throughout the years that they give millions of dollars each year to scholarships, non-profit organizations and research grants. Discover believes that you have the power to control your financial condition. They are committed to helping you make the most of the opportunities that may arise. Discover looks forward to any challenge that you may have when looking to improve your situation. Join their national acclaimed network today. With 50 million users you can't go wrong!

JENNIFER, THE ASSISTANT Jennifer treasurer at ABC Corp. in New Orleans, opened an e-mail from a former colleague who no longer worked for the organization. The e-mail read: "Hi Jennifer, there should be a refund of $716 on my old corporate Visa card from the IP Conference. I paid for, but did not attend, the conference and did not turn in the charge to ABC for reimbursement. Can you have Visa issue a refund check to me? Thanks very much for your help."

The e-mail was from Larry, a former ABC executive who had been Jennifer's boss at one time. The message seemed innocuous enough. Larry had legitimately charged a business conference to his corporate credit card, but he had canceled his registration because he left the company. Therefore, he was due a refund.

It would have been very easy for Jennifer to trust her former boss and get him the refund. Instead, because something didn't seem quite right, she chose to check on whether ABC had already reimbursed Larry for the conference.

To make this determination, Jennifer accessed Larry's corporate credit card records online and retrieved his expense reports from the accounts payable file room. The expense reports confirmed that Larry had not expensed the conference fee, but when Jennifer looked at his credit card statement, she saw a couple of odd items.

First, the most recent statement indicated that the former ABC executive had made four payments to his credit card in one month. Second, the statement was two pages long, and Jennifer knew that Larry rarely traveled for business. She scanned the charges and noted that most of them were from local vendors. In addition, none of the items looked like business charges. The charges included dinners at local restaurants, department and grocery store charges, and airline tickets for Larry and his wife that Jennifer knew were for their recent vacation.

Out of curiosity, Jennifer queried the company's checks online to see if any of the payments made on Larry's Visa account matched the dollar amounts of checks written by ABC. Sure enough, she found that all four payments made to Larry's credit card that month equaled amounts on checks that the company had written to Visa. Jennifer increased the scope of her search and observed that every payment posted to Larry's corporate credit card over the previous 12 months was from a check written by the company. She also noticed that of the $88,000 in charges on Larry's card over that time frame, none was for business expenses.

Jennifer printed copies of all of the checks and noted that, although Visa was listed as the payee on all of them, Larry's corporate credit card account number was handwritten on each check. Jennifer approached the director of internal auditing as well as Larry's former manager and requested an investigation into the matter.

While working for ABC, Larry was in charge of making sure that the organization paid delinquent balances on the corporate credit cards of people who had left the company. ABC had an arrangement with the credit card company that it would guarantee payment for certain employees if those employees did not pay the balances on their accounts. Once a month, Larry would provide accounts payable with a list of delinquent accounts on guaranteed cards, and accounts payable would cut the check to the credit card company.

However, on the bottom of every check request in Larry's last year of employment, he had written, "Please deliver the check to me." Typically, accounts payable would mail the check directly to the credit card company, but because accounts payable knew that Larry maintained a relationship with the credit card company, they adhered to his request and delivered the checks to him. When Larry received a check, he would write his own account number on the check, and the bank would apply the payment to Larry's credit card.

Larry did not need to make sure that the delinquent credit card owners listed on his spreadsheet paid their balances, because he had fabricated the delinquency list that he provided to accounts payable. In many cases, the employees with the so-called delinquent balances had left the organization long before, and they had paid their balances in full before departing.

So, where were the control breakdowns? First, Larry had sole authority over the credit card function. He managed the corporate credit cards, reviewed the delinquent accounts, had access to the employee statements, and dealt with the bank's account managers. No one reviewed his work. As soon as accounts payable walked the checks down to his office, he had all he needed to perpetrate the fraud.

The second breakdown was that the accounts payable clerk walked the checks over to Larry. Although not necessarily right, it is understandable that accounts payable would not have the time to audit Larry's delinquency list. After all, accounts payable was processing more than 1,000 checks per week with a staff of six. However, it was unacceptable for the clerk to deliver the check directly to Larry. The check should have gone from accounts payable to the vendor. The vendor invoice--or delinquency data in this case--should have contained all of the pertinent information to allow accounts payable to appropriately route the check.

If you have good to excellent credit, then Citibank has the credit cards for you. It does not matter if you own your own business or a student, Citibank will work for you. The cards come with great point, mile, or rebate rewards. You can use them for anything from free flights or gift cards, to rebates on groceries and merchandise. They are great rewards that you will enjoy getting and using over and over. You may also qualify for elite level status which will entitle you for even better rewards. Let Citibank help you manage your money successfully. Citibank will not just give you a card for their benefit, but will fit you with the best card for your situation and your needs. With manageable interest rates and low fees, Citibank has plenty to offer for anyone who wishes to apply. See the terms and conditions for the credit card you choose before you apply to view the specifics of the payment program.

Since 1812, Citibank has worked to help you manage your money successfully, and for over a decade they have been the largest credit card distributor in the world. Citibank never stops working to improve their business because they know you never stop working to improve your situation. They know the customer appreciates their hard work, and it shows in their great customer service they provide. By improving themselves through years of hard work they have learned the best way to help you. People will then be able to rely on you, the way you rely on Citibank. More than 300,000 employees are there for you, and will work in your best interest. Their goal is not just to be an esteemed global financial services company, but the most respected global financial service company in the world. Citibank is there to help you in all financial related matters.

Bank of America teams up with your favorite aspects of life to bring you a personal credit card that you can be proud to use. Whether it be animal related, sports associated, travel related, among countless others, there is a card out there to suit your needs. Bank of America is dedicated to helping you manage your money successfully. They also believe that you should be rewarded for your hard work in keeping up with your payments. These cards offered great rewards that anyone would love. Paired with a low introductory rate, low annual fees and a low interest rate all set to meet your specific needs, this card perfect for you. Let Bank of America assist you with your money management decisions. See the terms and conditions for the credit card you choose before you apply to analyze the details of the payment program.

Bank of America prides itself on being a part of the local community, and great service within that community. They look to not only help you manage your money, but to help manage your life. With frequent contributions to non-profit organizations in the local area, and well as setting up grants, Bank of America is a local hero. In 2004, Bank of America set up a 10 year plan aimed at contributing 1.5 billion dollars to charities and non-profit organizations during the life of this plan. The goal is to achieve an unprecedented achievement to help a large number of people throughout the United States get back on their feet. Bank of America has given their time, money and efforts for the entire 220 year run of the company to better serve you. This stems from the belief that without the customer, they would not exist. Therefore, the customers and their community should be rewarded for all they have done. Bank of America strives to create better opportunities for those who have helped them greatly throughout the years.

A survey expected to be released soon reportedly found that retailers are more likely to say that online fraud involving credit cards is a problem, even though losses being absorbed by merchants may be down slightly from a year ago.

According to the Wall Street Journal, the survey conducted for CyberSource Corp. by Mindwave Research found that 83 percent of merchants who sell online say fraud is a problem, up from 75 percent who said the same thing a year ago. However, the companies interviewed estimated that they lose, on average, 4 percent of online revenue to credit-card fraud, down from 5 percent a year ago.

Still, the survey of 132 companies, which the Wall Street Journal said including pure e-tailers and clicks-and-mortar operations, discovered that while online shopping accounts for just 5 percent of all credit-card transactions, it was the source of 50 percent of all fraud involving cards. The survey also found that 28 percent of merchants surveyed were not aware that they were responsible for the losses generated by online credit-card fraud.

LIBRARIES ARE AN ESSENTIAL COMPONENT of a nation's information infrastructure, yet often they are invisible to their users and other stakeholders. In the context of this special issue, the paper presents four challenges faced by libraries and proposes research designs to address each of them. The four challenges involve: 1. invisible infrastructure, 2. content and collections, 3. preservation and access, and 4. institutional boundaries. I propose a mixture of research methods that includes surveys, case studies, documentary analyses, and policy analyses. Only with a better understanding of these challenges can libraries find their best fit in the information infrastructure of our networked world.

INTRODUCTION

Computer and communication networks now encircle the globe. Despite the oft-repeated claim that half the world's population has never made a telephone call, we receive daily television, radio, and newspaper reports filed via satellite from Afghanistan, one of the planet's least-developed countries. Many of these reports become available almost immediately on the Internet. Information technologies have become ubiquitous in the developed world and widely available elsewhere.
Advertisement

An increasing proportion of communication and commerce takes place via computer networks. Friends, family, colleagues, and strangers rely on e-mail to maintain relationships and to transact business. Most of the activities of writing, editing, and publishing involve computers and networks regardless of whether the final product appears online or on paper, making "electronic publishing" a misnomer. Even in the "old economy," orders are placed, invoices are paid, and credit cards are verified and charged via computer networks. Individuals turn to the Internet as a primary source for all sorts of information--health, hobbies, homework, news, shopping, music, games, research, and general curiosity.

Libraries are but one of many institutions that could no longer function without computer networks, at least in the developed world. Libraries depend upon computer networks as a means to provide access to local and remote information resources. While physical materials continue to form the core of most library collections, fewer and fewer services require that users physically enter the library building. Even artifacts such as books can be ordered online for delivery to one's home or office.

A paradox of the networked world is that as libraries become more embedded in the information infrastructure of universities, communities, governments, corporations, and other entities, the less visible they may become to their users, funders, and policy-makers. Libraries must be integral components of the information infrastructure of their organizations if they are to provide the most effective, efficient, and appropriate services to their user communities. Independence and isolation are not suitable alternatives.

Historically, libraries have played key roles in information-oriented societies. Yet today, some of their roles are being duplicated by other public institutions such as archives and museums and by commercial providers of content and services. Individuals and organizations now have many information sources alternative to those provided by libraries, which would suggest that the role of libraries is shrinking. However, libraries are expanding to include a wider array of services, such as providing digital libraries and support for distance learning. Despite this broader scope, libraries exist in a competitive environment, facing greater demands for services and often with fewer resources to meet those demands.

Libraries can and should play key roles in the emerging global information infrastructure. To do so, they must address a number of complex challenges. Research on these challenges will assist libraries in identifying and accomplishing their roles in a global information infrastructure. The four challenges for libraries are introduced in a recent book (Borgman, 2000). Here I extend and update those issues, frame them as research questions, and suggest methods to explore them.

INFORMATION INFRASTRUCTURE

A first step in exploring the role of libraries in a global information infrastructure is to consider what is meant by "infrastructure." Familiar phrases such as "national information infrastructure" and "global information infrastructure" are rarely accompanied by clear definitions of the underlying concepts. Star and Ruhleder (1996) were among the first to describe infrastructure as a social and technical construct. Their eight dimensions can be paraphrased as follows: An infrastructure is embedded in other structures, social arrangements, and technologies. It is transparent, in that it invisibly supports tasks. Its reach or scope may be spatial or temporal, in that it reaches beyond a single event or a single site of practice. Infrastructure is learned as part of membership of an organization or group. It is linked with conventions of practice of day-to-day work. Infrastructure is the embodiment of standards, so that other tools and infrastructures can interconnect in a standardized way. It builds upon an installed base, inheriting both strengths and limitations from that base. And infrastructure becomes visible upon breakdown, in that we are most aware of it when it fails to work--when the server is down, the electrical power grid fails, or the highway bridge collapses.

US research company Jupiter Communications and its European survey provider Ipsos have released a new study about the attitudes and behaviour of European Internet users.

The survey, which questioned 19,000 households in France, Germany, Britain and the Scandinavian countries, reveals that 57% of online shoppers are motivated by better prices while just 42% are motivated by better security for their credit cards and/or personal information to purchase products online.

Among Scandinavian shoppers the importance of better prices over increased security seems to be even more marked with 62% citing better prices compared to 50% in France, Germany and the UK.

The study also shows that Scandinavian users more frequently conduct information-related activities. Almost half (49%) of the Scandinavian respondents stated that they had used the Internet to investigate travel arrangements compared to just 24% in Britain, France and Germany.
Advertisement

In addition, 40% of the Scandinavians had visited web sites and online channels about health or medicine and 26% had conducted online personal banking. The corresponding figures for the three other countries were 17% and 14%.

U.K. optical lens vendor Optical Antenna Solutions, working in conjunction with researchers at Warwick University, developed and is trialing an optical device it says will help reduce credit-card fraud. The new optical lens and antenna reportedly can capture data signals from wireless phones more efficiently, over greater distances and at greater capacities. When wireless subscribers are ready to make purchases using their handsets and credit card accounts, the antennas, inserted in mobile phones to read as part of the infrared port, will be pointed toward cash registers, where similar infrared ports are located. Personal security codes are then entered into the phones, at which point the OAS antennas capture light signals carrying the data required to authorize the transactions. When the information is verified, handshakes take place, completing the purchases. South Korea is testing the system, which also will be trialed in Japan, the United Kingdom and the United States

Online brokers were heavily engaged in a game of one-upmanship last year, testing how low they could go. The commission-slashing seems to have settled down for now--at rates unimaginable just a couple of years ago. Commissions at the top ten online firms have plummeted from an average of $32.19 early last year to just $15.77 early this year, according to an analysis by Piper Jaffray.

But even that's high for our winner this year. The cheapest guy on the Net, Brown & Co., will execute your market order for a mere $5.

Although low commissions Create the buzz about online brokers, it's not the only thing to consider when choosing and using one. A firm that's fine for active stock traders who want to do their own research may not fit the needs of buy-and-hold investors who want to keep stocks and funds in the same account or for investors who trade exclusively in their IRAs. That's why we didn't crown a "best overall" among the 16 online brokers in our survey. Instead, we picked the winner in each of seven different categories---not only for commissions but also for fees, margin rates, products and services, mutual funds, IRAs and investor tools.

Because there are more than 80 (and counting) online brokers, we left out the small niche players and brand new firms--some of which are likely to be gobbled up by banks and larger brokers. We also left out discount brokers that haven't made a big foray onto the Internet.
Advertisement

BROWN BEST FOR COMMISSIONS

At Brown, $5 gets you a market order for up to 5,000 shares of any stock listed on a major exchange or on Nasdaq. Add $10 for a limit order and Brown's $15 combo is the lowest for any firm on our list--but only slightly lower than Suretrade's $15.90 for a market and limit order on up to 5,000 shares. George Brown, head of the company that bears his name, keeps costs low by limiting customer perks; for example, his is the only firm that doesn't offer even the most basic research tools on its Web site. (Evidently, overhead is low, too: When we called for an interview, he answered his own phone.) Brown says business has increased 50% since the firm lowered its commission to $5 in March. "But I don't plan on reducing it any more," he says.

The highest trading costs in our survey are at Accutrade and Charles Schwab: Each firm charges $29.95 for each market or limit order up to 1,000 shares.

BEYOND THE LIST PRICE. Ameritrade and Web Street Securities do not set a limit on the number of shares covered by the basic commission, but elsewhere, high rollers can get nicked by additional charges for large trades. The other firms charge for each share beyond the limit, except Datek, which charges an additional basic commission for every 5,000 shares.

Depending on how it is applied, that charge of 1 or 2 cents per share (3 cents in Schwab's case) can sabotage the rates you signed on for. Discover Brokerage Direct and Waterhouse Securities recompute the entire order at the excess share price. So at Waterhouse, for example, a $12 market order for up to 5,000 shares jumps to $50.01 for 5,001 shares. And at E*Trade, the extra commission is figured on the whole order and then added to the basic commission (hiking the cost of a 5,001-share market order from $14.95 to $64.96).

Options traders are out of luck at American Express Financial Direct and Datek. The other brokers trade options at minimum commissions ranging from $14.95 plus $1.75 per contract at Web Street to $40 at DLJDirect.

BEST BETS FOR BONDS. Commissions for buying one Treasury bill range from $25 at Web Street to $60 at American Express. For ten NYSE-listed corporate bonds, commissions range from zero at DLJDirect to $50 at Accutrade, E*Trade, Quick & Reilly and Suretrade. Ameritrade, Bull & Bear, Datek, Discover, National Discount Brokers (NDB) and Waterhouse sell neither Treasuries nor corporates online. American Express and Fidelity will buy Treasuries for you but not corporate bonds.

BULL & BEAR BEST FOR OTHER FEES

The brokers in our survey don't go slap-happy with extra fees. Bull & Bear gets the laurels in this category for applying only one fee out of the seven we checked: $15 for an outgoing wire transfer. Of the other firms that charge only one of the seven fees, Waterhouse charges $25 for the same service; Datek charges $50 to issue a stock certificate--the highest fee for that service, which many online investors aren't concerned about. American Express and E*Trade charge five of the seven fees.

E-TAILERS BEWARE: Internet fraud is alive and well in cyberspace. According to a November 2004 survey about online payment fraud conducted by CyberSource, a Mountain View, California, provider of electronic payment and fraud-prevention solutions, U.S. merchants expected to lose an estimated $2.6 billion to online fraud in 2004, $700 million more than in 2003.

Hardest hit, according to the survey, are midsize companies--those with annual online revenues between $500,000 and $5 million. This group said it expected to lose up to 2.5 percent of online sales to fraud, compared to 1.9 percent in 2003. The reason for this increase is twofold, according to Bruce Cundiff, an analyst at Jupitermedia Corp. "One is the increasing organization among the fraudster community that allows for more efficient fraud perpetration," he says. "In addition, larger businesses tend to be among the first to implement more stringent security measures. Fraudsters will always choose the path of least resistance." Smaller businesses with out sufficient fraud protection mechanisms in place risk being exploited.

You can fight back against payment fraud using a basic fraud-detection service, such as an address verification system, which matches street numbers on a customer's billing address with the address on file with the credit card company. A mismatch may indicate that the person making the transaction is not authorized to use the card.

Another prevention method uses credit card verification codes--the four digits printed on the front of an American Express card or the three digits on the back of a Visa or MasterCard. Buyers enter this code when making purchases, so in theory, buyers need more than just the card number to buy online; they need the actual card to read the code.
Utility Safeguard LLC , a Southampton, Pennsylvania, company that sells construction supplies to industrial companies, distributors and consumers online, has found these solutions to be very effective. Last year, the company had sales of $1.5 million and is on target to reach $3 million in sales this year. Utility Safeguard uses a fraud-detection service called Payflow Pro from VeriSign. The service is integrated into its NetSuite e-commerce software platform.

With this solution, a new customer cannot check out until he or she has entered all the proper credit card information and the card has been cleared. "I have not had one bad credit card transaction since I began using the system in 2002," says founder Jim Graham, 43, who implemented the system.

Many experts, however, say that address and card verification systems are only a first step. Merchants selling valuable products that are easily resold, such as electronics, should also invest in the advanced fraud protection services offered by gateway providers. These services generally use fraud filters to screen for suspicious activity in real time. They cost an additional $30 to $1,500 per month, depending on the level of customization, along with additional setup and transaction fees.

Another logical way to protect your business is to make sure the freight carrier obtains a signature before delivering the product. Graham also insists international customers prepay through wire transfer. Says Graham, "We do not take foreign credit cards because if there is a problem [overseas], it's hard to get your money back."

Smart Design

Before implementing fraud-protection services, however, web merchants should design websites that are more fraud-resistant, says Vic Dolcourt, senior product manager for risk products at CyberSource. He recommends designing the checkout process so that after a consumer presses the "buy" button, the "back" button on the web browser no longer responds. Also, thank the customer for the order without indicating whether the card has been accepted. Says Dolcourt, "This way, the site doesn't serve as a tester for fraudulent account numbers."

American Express is famous for offering two unique credit card types - those with a revolving credit line and those that must be paid in full at the end of the billing period. Cards of the latter type carry a "n/a" value in the Regular APR category as listed with each credit card below, whereas those with a line of credit will have an annual percentage rate listed. Do not mistake a "n/a" to mean that there is no interest rate associated with the corresponding card - this simply means that you must pay your balance in full or you may be subject to a large fee. See the terms and conditions for the credit card you choose before you apply to view the specifics of the payment program.

Credit cards weren't always the defining product/service of American Express; in fact, the company opened its doors in 1850 as a logistics/freight company in New York. This was during a time when the United States Postal Service was unable to deliver packages that were larger than a letter, which presented a business opportunity for companies like American Express to capitalize on a need for a reliable delivery service. Thus, American Express was born - and the relationships they developed with their partner companies early on laid the groundwork for a national financial services firm that would later offer the early versions of credit cards to more than 1 million account holders by the late 1950s. Today, American Express specializes in financial services centralized around a travel-planning background, which gives rise to many of the amazing American Express credit card offers with travel rewards.

In the wake of the 11 September terrorist attacks, the US Congress has become increasingly enamored with the idea of issuing chip-enabled national ID cards that could store all sorts of identifying data, from the carrier's birth date and Social Security number to a DNA sample.

Law enforcement agents and airport security staff could supposedly fight terrorism by using devices to scan the cards and match the card data against a centralized database with the same information to verify the cardholder's identity.

Civil rights and privacy advocates understandably went out of their minds, fearing the abuses that such a system would invite. Under a smart ID card system, the government could easily track a person's travel, purchases, political affiliations and reading material, and correlate that data into a profile for whatever purpose the police saw fit.

Australia is currently having the same debate. Elsewhere in Asia, smart national ID cards have already arrived. Malaysia began issuing smart ID cards with fingerprint data in September last year. Last month, the Macau government launched its own smart ID card plan. Meanwhile, Hong Kong is going ahead with plans to launch its own smart ID card system in mid-2003.
Advertisement

In each case, these cards are expected to double as debit cards and possibly function as driver's licenses or library cards at the cardholder's request. The Hong Kong government plans to issue free digital certificates with each card in a bid to encourage online commerce.

But are smart ID cards a smart move even for countries that have already adopted them, much less for other countries considering doing the same? That depends on what you really want to use them for. The technology behind smart ID cards is pretty reliable now, and is getting better all the time. But like all technology, it's only useful if it accomplishes what you want it to do.

Solutions searching problems

For example, Hong Kong's idea of including free digital certificates with smart ID cards is a novel idea, but whether it would significantly drive e-business is debatable. Just because you have a free digital certificate doesn't mean you're going to trust it or the third-party authenticator that issued it. That will take time. That said, the ID card would serve as a good mechanism for getting them out in the public, so perhaps it's a start.

If you want to use smart ID cards to prevent atrocities like the 9/11 attacks in the US, however, forget it. The terrorists on those airplanes could have had either valid ID cards or faked ones good enough to fool airport security. Smart ID card proponents vehemently disagree with this, but smart cards can be forged. In the US, for example, people working for the state government departments that issue driver's licenses have been caught making and selling fake licenses showing the cardholder is old enough to buy beer. If you wanted to get a smart ID card for the same purpose, one key crony or easily bribed official in the local immigration bureau is possibly all you'd need to get one.

This problem also applies to just about everything else a smart ID card could be used for. Even a digital signature won't prevent someone with the right connections or skills from using a duplicate card (provided the original cardholder doesn't know it's been duplicated) or a card made for "someone" who only exists because the central database says so.

Privacy vs convenience

Of course, none of this is any reason to reject smart ID cards altogether. If we refused to use any technology with a security flaw, the Internet wouldn't exist and we'd all still do all our banking at teller windows. Smart cards work and work well for things like access to campus buildings and prepaid debit cards. I use both types in Hong Kong and mainland China, and they're convenient to use.

The idea of a national ID card may go against the grain of privacy advocates, but in countries that already have national ID cards (which, incidentally, outnumber those that don't) it's less of a concern. The convenience factor alone will probably drive acceptance of smart ID cards for certain things. People routinely give up privacy for convenience or security, which is why we hand out our ID numbers to service providers we want to do business with, or let airport security staff X-ray our bags.

Sure, the potential for data abuse exists, but that's true today with credit card data and existing analog ID cards. That doesn't make it right, but rather than a ban on smart ID cards, what we really need are enforceable privacy policies that require transparent data processing, prohibit unauthorized third-party sales and allow people to access their own files.