ECT587 Wireless ECommerce

1
ECT587 Wireless E-Commerce

• Session 9
• Mobile CRM
• Business to Business Mobile Applications
• Security

2
(No Transcript)
3
Why Now? Why Not Now?

• Wireless Technology
• Converging Standards
• Speed
• Packet-based Networks
• Device Capabilities
• Programming
• Converging Standards
• XML and data exchange

• Coverage
• Unreliability
• Industry Hype
• Device Capabilities
• Data entry
• Battery life
• Fiscal Conservatism
• Shrinking budgets
• Shrinking Headcount
• Too bleeding edge
• No clear ROI

32 mm workers spend more than 20 of their time
away from their primary work environment. This
number will double in the next 5 years. (In-Stat
CSMG - 2003)
4
What do Corps. Care About? 1

• Central device management
• 40 now
• 31 within 18 mo.
• Mobile enabling enterprise apps (CRM, ERP, SCM)
• 8 now
• 43 within 18 mo.
• Importance of extending systems to mobile devices
• 21 critical
• 44 nice to have

• Types of applications
• Email / PIM 21
• Intranet 16
• CRM 12
• Sales Force Auto. 12
• Data Collection 10
• Field Service Auto. 9
• Inventory Mgmt. 8
• Supply Chain 4

Source Synchrologic Survey 2002
5
What do Corps. Care About? 2

• Roadblocks
• Wireless coverage 20
• Comm. costs 16
• Standards 14
• Network speed 14
• Budget issues 12
• Reliability 9
• Value proposition 9

• Business Drivers
• Improving customerservice 24
• Competitive adv. 22
• Reducing costs 13
• Innovation 13
• ROI 10
• Increasing sales 8

Sales to Corporations now represent 25 of
mobile sales and growing. (Gartner 2003)
6
What Must Happen

• Clearly defined ROI
• Reasonable timeframe
• Security
• Integral part of the application
• Robust
• Improved networks
• Coverage, reliability, performance
• Improved devices
• Pilot applications will be used to prove the
  concept, understand the issues and speed adoption

7
Adoption Trends Mobilizing Who?
Very likely to provide
Already provides
Somewhat likely to provide
n 1,154 Source Mobilizing the Enterprise
Handhelds, IDC25707
Top 5 Types of Employees Provided with Handhelds
8
Justifying Mobile

• Questions to ask
• What data is perishable?
• Who needs access to this data?
• Where are they?
• What are the benefits of making it available
  anywhere?
• Does it make sense on a limited capability
  device?
• Does it need to be real-time?
• How is success measured?

• Business Benefits
• Improve customer relationships
• Reduce errors
• Increase productivity
• Strengthen communications
• Reduce latencies
• Faster turnaround
• Provide quicker access to data
• Improve decision-making
• Demonstrate a clear ROI

There are no "wireless" problems, only business
problems!
9
Mobile Workers
Using information closer to the point of
performance

• Always on email
• Messaging (SMS IM)
• Field Sales
• Customer/order data
• Service Technicians
• Asset Management (CMMS)
• Maintenance repairs
• Insurance
• Claims adjusters
• Risk assessors
• Fleet Management

• Public Sector
• Property assessors
• Inspectors
• Construction
• Home health care
• Delivery workers
• Waiters
• Public safety officials
• Surveys
• IT Support
• Warehouse operations

10
Always-On Email

• Pioneered by RIM BlackBerry, PalmOne Treo, others
• Requires "always-on" network connections
• GPRS/EDGE, cdma2000-1X, etc.
• Others moving into this space
• Microsoft Windows Mobile for Pocket PC 2003
• Exchange integration
• Good email push capabilities
• Good Technology
• Vodaphone with IBM/Lotus
• Advantages
• Improved queue/throughput management
• Reduced latency increases usage
• Smooth transition from edge of attention to
  center and back

11
Sales Force Automation

• Customer information
• Product information
• Real-time inventory
• Dynamic pricing
• Placing orders
• Order status
• Trouble ticket dispatch
• Call center
• Expense accounts
• Paperless approvals

12
Hospitals

• Facilities
• Buildings, grounds, physical plant
• Maintenance and repair
• Equipment
• Biomedical, office, other
• Asset tracking, deployment and maintenance
• Supplies tracking and ordering
• Resource usage and billing
• Doctor reference information (treatments,
  dosages, etc.)
• Patient care
• HIPAA Issues Health Ins. Portability
  Accountability Act
• 802.11 wireless LAN or store forward
  synchronization
• Rush spent 100k to save 1.2m annually

13
Public Safety

• Increased push for better homeland security
• Police Fire
• 1st response
• Identify cars, suspects, guns
• Maps
• Hostage situations

• Issues
• Inter-agency communications
• Secure network standards
• Budgets
• Spectrum
• Old technology
• Data organization
• Data currency
• Training
• Privacy Constitution

14
Remote IT Support

• Infrastructure alerts
• Server down
• Router problems
• Hacker attacks
• Storage problems
• Remote login
• Remote tuning
• Remote restarting of servers
• Database Maintenance
• Expand Beyond (www.xb.com)

15
Symbol Technologies

• Customized wireless PDA's
• Business applications
• Palm or Windows CE
• Bar code scanners
• 802.11 Ethernet
• 2.4 GHz
• Portable, wearable, stationary
• Ruggedized

16
Warehouses

• Wireless bar code scanning
• Sends picker/packer to the correct location
• Verifies that the correct product was picked
• Updates inventory
• Updates restocking data
• Route planning for max efficiency
• Removing damaged/substandard parts
• Wireless LAN's
• 802.11b
• Access points to extend coverage

• McKeeson HBOC
• 52 million
• 1,300 pickers
• 31 warehouses
• 8 productivity gain
• 80 drop in incorrect shipments
• 50 drop in product shortages
• 99.5 inventory accuracy rate

17
Retail

• Inventory management
• Company staff
• Supplier sales people (outsourcing)
• Portable cash registers
• Body Shop
• Sams Club
• RFID
• Supply chain management Walmart initiative

18
High Value Tracking

• Heavy equipment
• Building construction
• Road/bridge construction
• Tractors
• Farm equipment
• Pallets
• Trailers

19
Telemetry

• Wireless monitoring of machinery
• Operation
• Throughput
• Inventory
• Tampering
• Continuous
• Small bursts of data
• Event triggered
• Proximity
• Low cost
• Low revenue / device, but millions of devices

• Examples
• Utility meters
• Parking meters
• Lighting
• Vending machines
• Pipeline monitoring
• Nuclear power plants
• Remote farm fields
• Billboards

20
Environmental Monitoring

• Weather
• Water levels
• Water flow
• Pollutants
• Hazardous waste sites
• Volcanoes and fault lines
• Pipelines
• Leaks/breaks
• Pressure
• Corrosion
• Strain gauges

21
Fleet Management

• Dispatch
• Route planning
• Location (GPS), speed
• Cargo/door sensors
• Driver hours
• Engine performance, fuel
• Messaging
• Voice
• Integrate through network center with corporate
  back-end systems
• 500-1000 for hardware
• 10-40/mo, based on services

• Qualcomm Wireless Bus. Sol.
• gt 1250 companies
• 375,000 vehicles
• Sprint CDMA satellite
• Intertrak
• _at_Road
• NavTrak
• Gearworks
• WebTech Wireless

22
RFID

• Radio Frequency ID tags
• Up to 128k of data
• 0.15 ea. in qty. 10mm
• Up to 100 weather hardened
• Emitters or Transponders
• Reader emits a radio wave to scan the chip
• Can read hundreds of items in one scan unlike
  bar-codes
• Can be attached to anything
• Containers, pallets, books, equipment
• Even individual packages or items of clothing
• GemPlus, Savi, Zebra Technologies, Alien
  Technology
• Auto-ID Center at MIT 96 bit Electronic Product
  Code (EPC)
• More than 100 companies are now members

23
RFID Apps.

• Washing Machine
• Correct cycle
• Warn re mixed colors/whites
• 20 million livestock
• Breeding
• Disease tracking
• 50 million pets
• Artwork in museums
• Books in libraries
• Marathon joggers
• Metro AG in Germany
• Top 100 suppliers by 11/04
• Expecting to reduce inventory carry costs by 20
• Walmart
• Every case to every store
• Top 100 suppliers by 1/05

• US Department of Defense
• Pallets of supplies shipped to Afghanistan/Iraq
• 300,000 containers in 40 countries, every day
• In the future every soldier
• Package tracking - DHL
• Refrigerators read food tags
• Running low
• Expired use-by dates
• Manage cholesterol
• Reduce shrinkage in stores
• Esp. for high unit cost items
• Track transaction time

24
RFID Issues

• Volumes of data
• Consider every package in a Walmart store being
  scanned every 30 seconds.
• Front-end software to filter bits
• Privacy
• Stores watch where we browse/stop
• Public Wi-Fi network continues to read tags
• Do items continue to emit after we leave the
  store
• Or is there a kill code ?
• Startup costs
• 100-200 million for a major retail chain
• 400,000 / warehouse and 100,000 / store (A.T.
  Kearney)
• Sensors, wiring, power, servers, etc.

25
Smart Cards Tags

• Credit card sized or smaller
• Embedded with
• Flash memory
• Microprocessor
• Antenna (contactless)
• Access controls
• Card holder with PIN
• 3rd party - eWallet
• Can be embedded in anything!
• RFID 13.56 MHz
• Java on the card (future)
• Cost lt1 to manufacture

• Applications
• Asset tracking
• Containers, shipping
• Mass transit
• Toll collection
• Access Control
• Commercial laundries
• Libraries
• Livestock

26
Telematics IP Client on Wheels

• Build a relationship with the car's owner
• After sale (vs. dealer)
• Sell value add services
• Finding things (gas station, restaurant, mall)
• Call center
• Voice/Data Integrated

27
Telematics Major Players

• ATX Technologies
• CellPort
• Delphi Automotive
• Former GM parts unit
• Visteon
• Former Ford parts unit
• InfoMove.com
• AirIQ
• LoJack
• Early pioneer

• GM OnStar
• GM, Saab
• Lexus, Toyota
• 1.5 million subscribers
• Ford Wingcast
• Lincoln, Volvo, Jaguar, A.Martin
• Recently closed
• Mercedes TeleAid

28
Back-end Technologies

• Web / Application server
• ASP, .NET, JSP, Perl, CGI
• Mobile server
• XML/XSL
• Proprietary format (binary)
• Web / Application servers
• IIS, Apache, iPlanet
• Vendor app servers (eg BEA Weblogic IBM
  WebSphere
• Connectors to back-end DBs
• Connectors to enterprise apps
• ERP, CRM, SCM, SFA

29
Publishing Platforms

• IBM WebSphere Everyplace
• Oracle 9iAS
• Air2Web
• Aether Systems Scoutware
• Novarra Enterprise Suite
• Aligo M-1 Mobile App. Server
• Citrix Metaframe
• AvantGo (Sybase iAnywhere)
• EveryPath
• HiddenMind AnyDevice
• Many others are out of business!

30
Wireless Challenges

• Standardization
• Device
• Configuration
• Support
• Corporate IT departments
• Thousands of devices?
• User-installed software
• Training
• Purchasing Policies
• Software updates
• Data updates
• Backup
• Virus Protection
• Cost 20-30,000 / user ???

• Security
• Identity verification
• Who needs access to what data
• Lost or stolen devices
• Passwords
• Enforcing corporate policies

31
Security

• Six Security Principles
• Authentication
• Identification
• Access Control Authorization
• Resource Management
• Nonrepudiation
• Privacy Confidentiality
• Integrity
• Auditing
• Vs.
• Inconvenience
• Cost
• Performance

• Not just cryptography
• End-to-end approach
• Analysis
• Targets/Threats
• Roles
• Vulnerabilities
• Risks
• Mitigations and Protections
• Hardware
• Software
• Policy
• Education

32
802.11

• Designed to be closely compatible with wired
  networks
• But signals dont stop at the walls!
• WEPWired Equivalency Protocol
• 40 bits (128 bit opt. rarely used)
• Efficient self-contained
• Reasonably strong
• 2001 Defined as breakable
• Airsnort, WEPCrack, Netstumbler
• Wardriving Warchalking
• Often not even enabled!

• Third party solutions
• Cisco, others incompatible between vendors
• WPA Wi-Fi Protected Access
• Authenticator Supplicant
• Integrate with back-end authentication server
  using Radius or LDAP
• Subset of future 802.11i
• Still not a firm standard
• 802.11i will introduce stronger security

33
Security Reliance

• No inherent security built into cellular
  standards
• WAP is vulnerable at the gateway
• Bluetooth security is device enabled
• Therefore, security must be designed into
  applications and devices
• Especially as our devices hold more and more
  confidential data address book, calendar, bank
  account, brokerage, and credit card information.
• Device is a gateway into the network and
  corporate data. Use VPN and strong passwords

34
Vulnerabilities

• Corp. Support personnel
• Application developers
• Users
• Malicious vs. Ignorant
• Service Provider Personnel
• Access to the gateway
• Device Maintenance/Repair
• Software control
• Game vs. Mal-ware
• Server control

• Limit vulnerabilities
• Protect the device
• Secure the UI and data
• PIN, Certificates, VPN, etc.
• Removable smart cards
• Policies
• Approved software
• Auditing removal
• Timeouts Session Mgmt.
• Biosensors
• Thumbprints
• Face scanning
• Voice identification

35
Devices

• Treat your PDA/cellphone like your wallet!
• Easily lost or stolen
• Rapidly evolving
• No standardization
• Enable PIN if possible
• OS and VM environment are important
• Palm
• Pocket PC
• Symbian
• Java

36
Privacy

• Who has access to personal information?
• How is access controlled / managed?
• Laws vary widely around the world
• Privacy policies
• Explicit consent required but is usually buried
  deep within the standard contract
• Surveillance
• What you do
• Where you do it

37
Management Software

• XcelleNet Afaria
• Deploy and manage remote devices
• Versioning (integrates with MS SMS)
• Deploy and update content (push or pull)
• Integrate with databases and email servers
• Track assets
• Data backup and restore
• Supports Win32, Palm, WinCE, RIM, Java
• Others
• Extended Systems OneBridge
• Intellisync Mobile Suite
• Callisto Orbiter
• Mobile Automated Command Server
• On Technology

38
Reading Assignments

• White papers on corporate sites
• Symbol
• Qualcomm
• GemPlus
• Aether
• Air2Web
• IBM
• Brience

• Major Class Project
• Business problem finalized
• Feature set finalized
• In process
• Back-end programming
• Front-end programming
• Business case
• Go to market strategy