There are many ways Information Technology has been misused, it is as prone to fads and foibles as any other human endeavor. One of the chief temptations lies in over-reliance on quantitative approaches. It is only natural that IT started in the business world with the idea of automating bookkeeping - at that time it usually resorted under a CFO. Then came the time that it became fashionable to create a new "C" level position, the CIO, not to mention CTOs and CISOs, all under the banner that businesses began to understand that IT was indeed strategic to their success.
And presently we are coming full circle again, with Sarbanes-Oxley causing many CFOs to try to reassert their control, on the ostensibly logical grounds that they're the ones that go to jail if something goes wrong. Of course it is an illusion that those issues are resolved in any way by demoting or altogehter removing the CIO and putting IT back under the CFO again. In fact, logically that is the same error as thinking that your computers are your IT system, or that security exists by hosting your systems on-site. The illusion of ownership of the physical assets (or people), then masquearades to create the illusion of control over the system (or their work). One way or another there will be adjustments. Some will stick, some won't.
Personally, my experience included getting involved in IT from a base in business management, and taking various roles in IT development. I came to appreciate very quickly how afraid people are of the finite and quantitative aspects of IT, or conversely prone to overuse them once they think they understand them. The following anecdote may serve:
Sometime in the mid 80's there was another oil-price spike, and I had the good fortune of being in charge of corporate planning for a shipping company, and report to a president who was a self-proclaimed "oilman," having come to the job from an oil major. He knew just what to do: hedge our oil price risk, and yours truly was charged with implementing the program, the details of which would need board approval. Naturally also the job included confirmation and official endorsement of the "knowledge," and "expertise" of the "oilman" in charge.
After going to work with a reputable oil industry consulting firm, and obtaining the necessary pricing data, I quickly proved that there was no futures market at the time where we could hedge marine fuel price risks, because the kinds of oil and derivatives that were traded were not statistically correlated to marine fuel and/or diesel. Consequently I advised the President and also the CFO that unfortunately the hedging program (we had already taken positions), was a speculative venture, which increased business risk and consequently would have to be disclosed on the books as an incremental business risk, outside of our main line of business. Naturally this outcome was not acceptable to our "oilman," and he was not going to take it lying down.
I was immediately charged with bringing in some Wall Street talent with proposals for risk management. One of the parties who came through for us and made a presentation to our board, offering a feasible solution to manage this significant finacial exposure of our firm was Merill-Lynch, who showed up complete with powerpoints (in those days I think it was still Lotus 1-2-3), and with a Ph.D. in Mathematics in tow. Needless to say, they delivered an impressive presentation, and a clear solution, which was endorsed by the board, subject to final review by yours truly since I had expressed that I could not reproduce the results they presented, even though they were ostensibly based on the same data series I had used.
Off to the McGraw-Hill bookstore in New York for me, where I bought myself a stack of literature on time-series analysis and options pricing, and locked myself into a room with my own copy of Lotus 1-2-3, until I could reproduce the results of the Ph.D. I found it quick enough. He had dazzled our board with his higher math, by applying a Durbin-Watson correction to two time series that were clearly unrelated, and all the textbooks point out that it should only be used to filter out minor disturbances if there is no doubt otherwise that two time series are correlated. I called the Ph.D. and told him my findings, observing that in fact he had done the equivalent of prescribing acne medication for a case of advanced skin-cancer. The next day the proposal was withdrawn by Merill-Lynch. I would not doubt they, and everyone else on Wall Street did these things routinely, and banked on the fact that nearly no-one checked the math. About a year later Procter & Gamble won a settlement of ca $150 million against ChaseManhattan for being sold inappropriate risk management solutions, which were found on closer inspection to INCREASE business risk, and in fact caused serious losses. I suspect the brother of above Ph.D. probably worked for Chase Manhattan...
The above is one of the many examples where the temptation is to apply quantitative methods because it is easy, and not because it is right. War stories of this nature are endless, the infamous failure of LTCM being merely the biggest one to date, for which we're still waiting for the sequel to come out. Warren Buffet among others has pointed out it is only a matter of time, for these "risk management" instruments are so little understood, it's scary. LTCM essentially went wrong because the continued accuracy of some of the underlying assumptions in their models were never scrutinized, so while the world changed, the fancy mathematics did not keep pace. The result was massive failure and a near melt-down of the global financial system.
It is fair to say that overreliance on quantitative approaches is a very common problem and is perhaps far more dangerous, and potentially costly than the under-use of appropriate IT solutions in other areas. Yet there is a lot of investment here, because it appears to yield "easy money," and it pays film star salaries to a lot of "quants." At this point it is definitely in vogue, and so boards feel important voting for these types of solutions. I suspect that the lesson is to focus on the basics, and the KISS principle in order to deliver solutions that work, for real business problems, not made-up ones that are a distraction. Of course there are many areas where quantitative modeling can be extremely helpful, not to mention the fact that risk-management done well can really work too, but overreliance is a risk whenever the underlying assumptions of such methods are not continually verified, and/or the models are operated by people who do not really understand the process well enough to see if something is out of whack. Too often the reality is that with the illusion of a solution a problem merely goes out of mind for a while, and then comes back to haunt us later.
Copyright © 2005 Rogier F. van Vlissingen. All rights reserved.
The Digital Divide isn't. The implications of this technology generation are greater accessibility, and lower infrastructure costs, and the developing world has been skipping past entire technology generations. It is still going on today. Mobile payments took off in the "developing" world long before the developed world, etc.
Wednesday, December 21, 2005
Tuesday, December 13, 2005
Opportunity in Services for Under-served Markets
When Muriel F. Siebert was banking commissioner for the State of New York she came to realize that the poor pay excessive amounts of money for subpar financial services. Her Personal Finance Program which was developed by the Muriel Siebert Foundation, was the result of that insight. It is a high school curriculum in personal finance that has since become mandatory in the State of New York, and hopefully will be adopted by many other states as well. A link to the program can be found by clicking on the title of this entry.
The thoughts that inspired this book, are also the business case for better financial services for under-served markets. Any smart company that truly has for a business objective to make money providing better financial services could use the notion of education and better consumer information to build a business plan, for the need for basic financial education does not end at high school.
And marketing financial services to under-served markets should be easy with todays technology. Too many providers seem to make their money by misinforming people about financial matters, and getting them into as much debt as possible. They are mostly in the legal loansharking business, including rent-to-own furniture, payday loans, "refund anticipation loans," credit cards, and other forms of "sub-prime lending." Buyer beware seems to be the adage. The opportunity may be in educating the buyer, and providing real solutions.
However, in looking at the alternative of making money on financial services, there is a tremendous opportunity for companies who pull these needs together and provide an easy way to service them. Via the net, no doubt. Looking at the habits of people in under-served markets, there are check-cashers, bill payers, money transmitters, and loan-sharks, some legal, some not. Each and everyone of these over-priced services offers an opportunity for better service at a lower price and can be marketed through effective use of INFORMATION. Education in effective use of these services could be and should be the driver of changing the existing order of business.
Experience proves again and again that people will learn to use effective services overnight. I have experienced that first hand in the phone card business in the mid nineties, when in short order with the appearance of discount phone cards we educated the public to use prepaid phonecards. The big phone companies could not sell a phone card for all their massive advertising budgets, for they had the wrong cards (60 cents/minute) and targeted the wrong people and therefore had to sell expensively in a vain attempt to create the perception of a need. With discount cards all we needed was a handful of $2 cards to give away and simple posters with the rates. A week later people were standing in line for the cards. Presently the success of cellphone-based payment gateways in some of the developing world prove again that effective services will be adopted at the speed of light. Such a payment service when launched by the Philippine post office was overwhelmed when it was still in beta deployment.
The message is clear, effective communication will sell worthwhile products that fill real needs. In those cases guerilla marketing is the order of business. Neighbors telling each other will do the rest. The delivery vehicle for such services definitely is the Internet or future cell (or Voip!) phone services, and the Internet café model may well have a revival, even in the form of kiosks at convenience stores and rest stops. Education is easy. Would you rather send money with Western Union for $10 or with your cellphone for $5, or even $2? People will get that very quickly. In other cases the information maybe more intricate to represent, such as the interest rates on rent-to-own furniture, where people pay $3,000 for that $500 sofa, but the basic logic is always the same. Integration can happen around strong authentication and security, providing meaningful Personal Computing, and he ability to manage one's finances effectively, bypassing a lot of expensive infrastructure (check cashers etc.) and instead perhaps having an Internet kiosk based on a cheap thin client architecture at a convenience store or a coffee shop. Squash the thought of personal computers for everyone. Personal computING for everyone is the motto, and shared infrastructure is what makes cost efficiencies possible.
As in so many cases, the regulatory environment actually creates new business opportunities. The basic business process of money transfer is very problematic, because of today's Know Your Customer requirements. But if strong authentication is built into a cell phone, KYC requirements can be met on a one time basis at enrollment of each new customer. Once that step is done, the rest of the business process is easy. The same goes for other on-line authentication mechanisms.
There are endless possibilities, once the fundamental on-line identity problems are resolved in a satisfactory way. Tontines, Mutual Guarantee Associations, Community Money all potentially become easier to manage, administer and control. Insights from the microfinance industry show the power of these institutions. See for example:
http://www.ilo.org/public/english/employment/finance/download/wpap2.pdf
From a macroeconomic standpoint providing more capable and more fluid financial infrastructures, including certain forms that are self-managed at a community level are better than most forms of aid, and should tremendously help economic resilience and development. Opportunity beckons for all concerned.
Copyright © 2005 Rogier F. van Vlissingen. All rights reserved.
The thoughts that inspired this book, are also the business case for better financial services for under-served markets. Any smart company that truly has for a business objective to make money providing better financial services could use the notion of education and better consumer information to build a business plan, for the need for basic financial education does not end at high school.
And marketing financial services to under-served markets should be easy with todays technology. Too many providers seem to make their money by misinforming people about financial matters, and getting them into as much debt as possible. They are mostly in the legal loansharking business, including rent-to-own furniture, payday loans, "refund anticipation loans," credit cards, and other forms of "sub-prime lending." Buyer beware seems to be the adage. The opportunity may be in educating the buyer, and providing real solutions.
However, in looking at the alternative of making money on financial services, there is a tremendous opportunity for companies who pull these needs together and provide an easy way to service them. Via the net, no doubt. Looking at the habits of people in under-served markets, there are check-cashers, bill payers, money transmitters, and loan-sharks, some legal, some not. Each and everyone of these over-priced services offers an opportunity for better service at a lower price and can be marketed through effective use of INFORMATION. Education in effective use of these services could be and should be the driver of changing the existing order of business.
Experience proves again and again that people will learn to use effective services overnight. I have experienced that first hand in the phone card business in the mid nineties, when in short order with the appearance of discount phone cards we educated the public to use prepaid phonecards. The big phone companies could not sell a phone card for all their massive advertising budgets, for they had the wrong cards (60 cents/minute) and targeted the wrong people and therefore had to sell expensively in a vain attempt to create the perception of a need. With discount cards all we needed was a handful of $2 cards to give away and simple posters with the rates. A week later people were standing in line for the cards. Presently the success of cellphone-based payment gateways in some of the developing world prove again that effective services will be adopted at the speed of light. Such a payment service when launched by the Philippine post office was overwhelmed when it was still in beta deployment.
The message is clear, effective communication will sell worthwhile products that fill real needs. In those cases guerilla marketing is the order of business. Neighbors telling each other will do the rest. The delivery vehicle for such services definitely is the Internet or future cell (or Voip!) phone services, and the Internet café model may well have a revival, even in the form of kiosks at convenience stores and rest stops. Education is easy. Would you rather send money with Western Union for $10 or with your cellphone for $5, or even $2? People will get that very quickly. In other cases the information maybe more intricate to represent, such as the interest rates on rent-to-own furniture, where people pay $3,000 for that $500 sofa, but the basic logic is always the same. Integration can happen around strong authentication and security, providing meaningful Personal Computing, and he ability to manage one's finances effectively, bypassing a lot of expensive infrastructure (check cashers etc.) and instead perhaps having an Internet kiosk based on a cheap thin client architecture at a convenience store or a coffee shop. Squash the thought of personal computers for everyone. Personal computING for everyone is the motto, and shared infrastructure is what makes cost efficiencies possible.
As in so many cases, the regulatory environment actually creates new business opportunities. The basic business process of money transfer is very problematic, because of today's Know Your Customer requirements. But if strong authentication is built into a cell phone, KYC requirements can be met on a one time basis at enrollment of each new customer. Once that step is done, the rest of the business process is easy. The same goes for other on-line authentication mechanisms.
There are endless possibilities, once the fundamental on-line identity problems are resolved in a satisfactory way. Tontines, Mutual Guarantee Associations, Community Money all potentially become easier to manage, administer and control. Insights from the microfinance industry show the power of these institutions. See for example:
http://www.ilo.org/public/english/employment/finance/download/wpap2.pdf
From a macroeconomic standpoint providing more capable and more fluid financial infrastructures, including certain forms that are self-managed at a community level are better than most forms of aid, and should tremendously help economic resilience and development. Opportunity beckons for all concerned.
Copyright © 2005 Rogier F. van Vlissingen. All rights reserved.
Saturday, December 10, 2005
Check21: Progress or More Dysfunctional IT?
The American banks are making progress towards making check clearing electronic, and somehow we're supposed to applaud this effort in making an obsolete process more efficient, with our dollars, for consumers are paying for it. First with bank fees, and then with taxes for legislators to legislate all this nonsense. This is a typical example of what not to do in IT, making an obsolete process marginally more efficient instead of re-engineering the process.
At a recent Ziff-Davis conference on Real Time Web business, this particular piece of progress was being touted as a proud accomplishment. I modestly made some comment about the Dutch postal bank where I worked ca. 1975 and where two day clearing was a reality then, so that I have wondered to this day about the ridiculous inefficiencies of the American banking system. The real point of my question obviously was not to repeat that particular solution, which is now also obsolete, but that there would be in fact other ways to solve the problem, which are more effective: a paradigm shift, or at least a re-engineering of the business process. The meteoric take-off of cellphone based money transfer in the Philippines, Vietnam and other developing countries may have more to teach us than is generally realized.
Likewise, what Kofi Annan needs to do is not support the illusion of computer literacy with $100 computers, which only creates more posters with pictures of kids happily staring at computer screens instead of learning something useful. It is tantamount to repeating the dumb mistakes of the West (the "personal computer revolution") at a lower price and relabeling it progress. In the process Nicholas Negroponte unwittingly becomes a lackey in the palace Bill Gates' silly delusion that a computer for every person somehow would bring world peace. Or, to put it differently, the focus on cheaper computers, or computer literacy per se, is similar to the focus of many managements who confuse their computers with their IT-systems, focusing on the 15% of their budget they can see, and ignoring the 85% they can't see (people and licenses), but which make it work. The real mission is educating enough people in IT to develop a local industry in every country, and to teach them to really think, i.e. study the mistakes of the developed world first, and stop repeating the mistakes of the early adopters, and instead create real solutions that mean something based on the realities on the ground. The developing world potentially has the edge in IT for the future for one reason only: they do not have to fight the enormous sunk cost of the first generation infrastructures which the developed world has to write off, no different from AT&T writing off enormous amounts of obsolete switching gear in the course of the breakup of the Bell system.
To underscore the above observation, suffice it to say that anyone who has worked in IT, knows that most of our "computer literate" users barely know how to turn on the switch, and can only just about complete a few simple tasks without screaming for help or having to reboot their dysfunctional Windows PCs. And the better part of people in IT are focused on the maintenance of the T and not the I, let alone are allowed to apply any real intelligence to their solutions. Thus computer literacy is largely an illusion, and mostly an exercise in futility. People will however learn very fast to utilize any technology that truly helps them. the rip-roaring success of cellphone based payment gateways in the developing world is indeed a case in point.
The direction for the solution is to make electronic banking, safe, secure, convenient and reliable, up and to including mobile solutions, voip solutions, etc., but the banks by and large have resisted it under the perception that security is a cost, not a business opportunity. So security solutions are not looked at as business opportunities. The resulting situation means that the slow adoption rates of electronic banking are at least in part a self-inflicted wound, while lots of dollars are being spent on creating an electronic version of the hopelessly fraud prone (more so with copiers and laser printers) system of checkwriting.
As solutions involving strong authentication and advanced security become a reality countries who have not gone this route have an opportunity to skip generations of useless technology. In short the "developing world," may indeed have several opportunities to skip some expensive stages of financial infrastructure development, and do things far more efficiently than the developed world, and have the last laugh in some of these areas, potentially ending up with advanced infrastructure at a fraction of the cost. Unfortunately, as per usual most so-called development aid is focused on exporting obsolete technology, and charging future generations of indigent tax payers in the developing world for them, in order to provide a steady stream of the indentured servants, also known as illegal immigrants. For that is the upshot of the current geopolitical system.
As far as Check21 is concerned, doing it was probably a necessity after all,
but major progress it isn't. Like all IT projects which fail to reengineer the basic business process, it probably just means making the same old mistakes except faster. So that checkfraud besides being easier on account of digital printing, will now also be faster courstesy of real time processing. The rationale that electronic banking did not take off as fast as expected is mostly a self-inflicted wound, caused by not making that alternative more compelling, as it easily could be. So now we'll first have check21, and then we still have to make e-banking viable anyway. So much for the "developed" world.
Copyright © 2005 Rogier F. van Vlissingen. All rights reserved.
At a recent Ziff-Davis conference on Real Time Web business, this particular piece of progress was being touted as a proud accomplishment. I modestly made some comment about the Dutch postal bank where I worked ca. 1975 and where two day clearing was a reality then, so that I have wondered to this day about the ridiculous inefficiencies of the American banking system. The real point of my question obviously was not to repeat that particular solution, which is now also obsolete, but that there would be in fact other ways to solve the problem, which are more effective: a paradigm shift, or at least a re-engineering of the business process. The meteoric take-off of cellphone based money transfer in the Philippines, Vietnam and other developing countries may have more to teach us than is generally realized.
Likewise, what Kofi Annan needs to do is not support the illusion of computer literacy with $100 computers, which only creates more posters with pictures of kids happily staring at computer screens instead of learning something useful. It is tantamount to repeating the dumb mistakes of the West (the "personal computer revolution") at a lower price and relabeling it progress. In the process Nicholas Negroponte unwittingly becomes a lackey in the palace Bill Gates' silly delusion that a computer for every person somehow would bring world peace. Or, to put it differently, the focus on cheaper computers, or computer literacy per se, is similar to the focus of many managements who confuse their computers with their IT-systems, focusing on the 15% of their budget they can see, and ignoring the 85% they can't see (people and licenses), but which make it work. The real mission is educating enough people in IT to develop a local industry in every country, and to teach them to really think, i.e. study the mistakes of the developed world first, and stop repeating the mistakes of the early adopters, and instead create real solutions that mean something based on the realities on the ground. The developing world potentially has the edge in IT for the future for one reason only: they do not have to fight the enormous sunk cost of the first generation infrastructures which the developed world has to write off, no different from AT&T writing off enormous amounts of obsolete switching gear in the course of the breakup of the Bell system.
To underscore the above observation, suffice it to say that anyone who has worked in IT, knows that most of our "computer literate" users barely know how to turn on the switch, and can only just about complete a few simple tasks without screaming for help or having to reboot their dysfunctional Windows PCs. And the better part of people in IT are focused on the maintenance of the T and not the I, let alone are allowed to apply any real intelligence to their solutions. Thus computer literacy is largely an illusion, and mostly an exercise in futility. People will however learn very fast to utilize any technology that truly helps them. the rip-roaring success of cellphone based payment gateways in the developing world is indeed a case in point.
The direction for the solution is to make electronic banking, safe, secure, convenient and reliable, up and to including mobile solutions, voip solutions, etc., but the banks by and large have resisted it under the perception that security is a cost, not a business opportunity. So security solutions are not looked at as business opportunities. The resulting situation means that the slow adoption rates of electronic banking are at least in part a self-inflicted wound, while lots of dollars are being spent on creating an electronic version of the hopelessly fraud prone (more so with copiers and laser printers) system of checkwriting.
As solutions involving strong authentication and advanced security become a reality countries who have not gone this route have an opportunity to skip generations of useless technology. In short the "developing world," may indeed have several opportunities to skip some expensive stages of financial infrastructure development, and do things far more efficiently than the developed world, and have the last laugh in some of these areas, potentially ending up with advanced infrastructure at a fraction of the cost. Unfortunately, as per usual most so-called development aid is focused on exporting obsolete technology, and charging future generations of indigent tax payers in the developing world for them, in order to provide a steady stream of the indentured servants, also known as illegal immigrants. For that is the upshot of the current geopolitical system.
As far as Check21 is concerned, doing it was probably a necessity after all,
but major progress it isn't. Like all IT projects which fail to reengineer the basic business process, it probably just means making the same old mistakes except faster. So that checkfraud besides being easier on account of digital printing, will now also be faster courstesy of real time processing. The rationale that electronic banking did not take off as fast as expected is mostly a self-inflicted wound, caused by not making that alternative more compelling, as it easily could be. So now we'll first have check21, and then we still have to make e-banking viable anyway. So much for the "developed" world.
Copyright © 2005 Rogier F. van Vlissingen. All rights reserved.
Friday, December 09, 2005
How Food Stamps Pay for Crack, and What to Do About It
Under the title of this article is a link to an article in CIO Insight on how Business Intelligence beat back food stamp fraud in Louisiana. Very interesting reading is also contained in the following report:
http://www.fns.usda.gov/oane/MENU/Published/FSP/FILES/ProgramIntegrity/Trafficking1999-2002.pdf
While this all is fascinating information on a common sense use of statistics in crime fighting, in the end it is a demonstration that a paradigm shift is required, and that bringing in the heavy (statistical) artillery is not a solution but a stopgap measure until better technology arrives.
Bank cards (and EBT cards are merely a manifestation of that phenomenon, riding the same infrastructure) are ridiculously unsafe as payment instruments, and it is a wonder the level of fraud is not higher than it is. So this is an example of inappropriate technology, and particularly developing countries, which today do not have a developed infrastructure to support this technology, should probably bypass it as obsolete, except for a few ATMs for foreign tourists. Mechanisms can and will be developed for secure transfers of money via cellphone and even on-line, and all of those have a lower infrastructure cost associated with them than private banking networks, except if they're already paid for (i.e. they are a sunk cost). Yet at the moment development of ATM networks in the developing world is still counted as progress, and little attention is paid to the fact that it is perhaps an exportation of over the hill technology, and little better than the recycling of used computers which end up in toxic dumps in the third world.
Back to EBT abuse. In terms of the study from Louisiana, while it appears fair and balanced, I would suggest that it gravely underestimates the problem in other ways, for lack of on the ground-level observation. In fact food stamp fraud is only one element in a crime wave, that unsurprisingly involves the usual culprit: drugs. To demonstrate this point, I offer following example, which from personal research I would suggest is very typical:
It starts with a struggling convenience store, which in many places means either every single one or every other one. One day the local crack dealer stops in and befriends the owner, suggesting that he sell crack paraphernalia. The profit margins are terrific, like 80, 90% and there is no risk since these items are sold under neutral names, and only become crack paraphernalia in the presence of crack cocaine. But wait a minute, it goes on, for once the local crack addicts get wind of where to buy the paraphernalia, they also go to the same store with their foodstamps, and engage the owner of the same struggling store in discounting of foodstamps, usually with 40-50% profit margins for the store, the "discount." But it doesn't stop there either, for the same desperate store owner is a great informal fence, particularly if the addicts can steal some merchandise, or other necessities, equipment, etc. and offer it for sale to the struggling store. This, roughly speaking is the pattern.
It does make it very clear why statistical methods are going to be very effective in catching the discounting of benefits, since there are obviously strong statistical correlations to both stores and users. But it also underscores the fact that if the fraud was $28 million in one state, there was probably an associated $100 million crime wave, of which the discounting of benefits was merely one of the pillars. The EBT fraud by the way manifests in multiple levels of crime, e.g. the real user illegally withdrawing cash, the store illegally issuing cash from foodstamps, or someone using a stolen EBT card (you only need to know the pin).
Moreover, in terms of the EBT fraud element, it is all fine and dandy that there are statistical methods to find it and fight it, which are surely more effective than prosecuting it at the store level, but it is still a dysfunctional stopgap measure to support an inappropriate technology, which is simply not fit for the purpose.
Simply put, strong authentication is the word, and the technologies that support it are increasing in number. Most of the conversation seems to be around the internet, some is around bank cards, but the emerging field is cellphone based payment gateways, and soon VOIP based payment gateways. Banks are doing some lame experiments with smart cards, and other derivative technologies, all of which cannot conclusively solve the problem, unless they involve strong authentication and encrypted transactions.
This is an area however where high security actually represents a business opportunity. Clearly if one small state has $28 million in annual fraud in EBT alone, nationwide the fraud is far larger, by simple extension in the billions. With Social Security due to go the EBT route sooner or later, the numbers will be staggering. Rather than fighting a rear guard action with tools that reduce the problem but don't solve it -- the intellectual acumen and prowess of the folks who came up with this solution notwithstanding -- perhaps a more rigorous solution would be in order. The time for secure transactions has surely arrived, and countries that have the least infrastructure may realize the transition faster than mature countries with a lot of sunk cost parked in paid-up infrastructure.
A similar paradigm shift is in the works on another side of banking. Just as the banks finally put the finishing touches on the Check21 process, strong authentication will finally end up making internet banking potentially more secure than any check based transactions, and the transition can start to get going for real. Again my point is that some of the worst failures of appropriate use of IT are here not there, and we have a whole digital divide to worry about in the developed world, since we often can't see the forest for the trees. Very often the sunk cost of inappropriate solutions stands in the way of progress, and with proper analysis the developing world might just learn from and bypass our mistakes. Some of the early cellphone payment gateways may be a little rickety, but the direction has been set, and efficient and secure banking and financial services may do more for development in the long run than a lot of other things. Moreover, if it's done right, it should pay for itself, and quickly, which is quite an innovation in development.
Copyright © 2005 Rogier F. van Vlissingen. All rights reserved.
http://www.fns.usda.gov/oane/MENU/Published/FSP/FILES/ProgramIntegrity/Trafficking1999-2002.pdf
While this all is fascinating information on a common sense use of statistics in crime fighting, in the end it is a demonstration that a paradigm shift is required, and that bringing in the heavy (statistical) artillery is not a solution but a stopgap measure until better technology arrives.
Bank cards (and EBT cards are merely a manifestation of that phenomenon, riding the same infrastructure) are ridiculously unsafe as payment instruments, and it is a wonder the level of fraud is not higher than it is. So this is an example of inappropriate technology, and particularly developing countries, which today do not have a developed infrastructure to support this technology, should probably bypass it as obsolete, except for a few ATMs for foreign tourists. Mechanisms can and will be developed for secure transfers of money via cellphone and even on-line, and all of those have a lower infrastructure cost associated with them than private banking networks, except if they're already paid for (i.e. they are a sunk cost). Yet at the moment development of ATM networks in the developing world is still counted as progress, and little attention is paid to the fact that it is perhaps an exportation of over the hill technology, and little better than the recycling of used computers which end up in toxic dumps in the third world.
Back to EBT abuse. In terms of the study from Louisiana, while it appears fair and balanced, I would suggest that it gravely underestimates the problem in other ways, for lack of on the ground-level observation. In fact food stamp fraud is only one element in a crime wave, that unsurprisingly involves the usual culprit: drugs. To demonstrate this point, I offer following example, which from personal research I would suggest is very typical:
It starts with a struggling convenience store, which in many places means either every single one or every other one. One day the local crack dealer stops in and befriends the owner, suggesting that he sell crack paraphernalia. The profit margins are terrific, like 80, 90% and there is no risk since these items are sold under neutral names, and only become crack paraphernalia in the presence of crack cocaine. But wait a minute, it goes on, for once the local crack addicts get wind of where to buy the paraphernalia, they also go to the same store with their foodstamps, and engage the owner of the same struggling store in discounting of foodstamps, usually with 40-50% profit margins for the store, the "discount." But it doesn't stop there either, for the same desperate store owner is a great informal fence, particularly if the addicts can steal some merchandise, or other necessities, equipment, etc. and offer it for sale to the struggling store. This, roughly speaking is the pattern.
It does make it very clear why statistical methods are going to be very effective in catching the discounting of benefits, since there are obviously strong statistical correlations to both stores and users. But it also underscores the fact that if the fraud was $28 million in one state, there was probably an associated $100 million crime wave, of which the discounting of benefits was merely one of the pillars. The EBT fraud by the way manifests in multiple levels of crime, e.g. the real user illegally withdrawing cash, the store illegally issuing cash from foodstamps, or someone using a stolen EBT card (you only need to know the pin).
Moreover, in terms of the EBT fraud element, it is all fine and dandy that there are statistical methods to find it and fight it, which are surely more effective than prosecuting it at the store level, but it is still a dysfunctional stopgap measure to support an inappropriate technology, which is simply not fit for the purpose.
Simply put, strong authentication is the word, and the technologies that support it are increasing in number. Most of the conversation seems to be around the internet, some is around bank cards, but the emerging field is cellphone based payment gateways, and soon VOIP based payment gateways. Banks are doing some lame experiments with smart cards, and other derivative technologies, all of which cannot conclusively solve the problem, unless they involve strong authentication and encrypted transactions.
This is an area however where high security actually represents a business opportunity. Clearly if one small state has $28 million in annual fraud in EBT alone, nationwide the fraud is far larger, by simple extension in the billions. With Social Security due to go the EBT route sooner or later, the numbers will be staggering. Rather than fighting a rear guard action with tools that reduce the problem but don't solve it -- the intellectual acumen and prowess of the folks who came up with this solution notwithstanding -- perhaps a more rigorous solution would be in order. The time for secure transactions has surely arrived, and countries that have the least infrastructure may realize the transition faster than mature countries with a lot of sunk cost parked in paid-up infrastructure.
A similar paradigm shift is in the works on another side of banking. Just as the banks finally put the finishing touches on the Check21 process, strong authentication will finally end up making internet banking potentially more secure than any check based transactions, and the transition can start to get going for real. Again my point is that some of the worst failures of appropriate use of IT are here not there, and we have a whole digital divide to worry about in the developed world, since we often can't see the forest for the trees. Very often the sunk cost of inappropriate solutions stands in the way of progress, and with proper analysis the developing world might just learn from and bypass our mistakes. Some of the early cellphone payment gateways may be a little rickety, but the direction has been set, and efficient and secure banking and financial services may do more for development in the long run than a lot of other things. Moreover, if it's done right, it should pay for itself, and quickly, which is quite an innovation in development.
Copyright © 2005 Rogier F. van Vlissingen. All rights reserved.
Sunday, December 04, 2005
EWD: A Personal Reflection
Here is a link to the EWD archives at the University of Texas, a bit superfluous perhaps, for the same link is in the links section of this blog, but it's there for the reader's ready reference.
I want to quote here one sentence from the opening page of that site:
I made a visit to Austin on April 3rd 1985 to do an interview with EWD for a now defunct magazine, HollandUSA, which was distributed by KLM in its executive class. My own interest was then very acute because I was struggling daily with a company where the management completely misunderstood both the potential and limitations of IT. This is the territory I explored in depth with Dijkstra for what was presumed to be an executive magazine. In personal correspondence Dijkstra later called this interview the best of his life. Unfortunately the magazine never saw fit to publish it, even though they paid for the rights including for my trip to Austin. Quite evidently they did not understand the importance or the relevance of this brilliant countryman of theirs.
My visit with him was a fresh breeze. It was everything I expected and more, including the discovery that we went to the same high school, the Gymnasium Erasmianum in Rotterdam, and one of his early nostrums was that if you want to become a programmer, learn Latin.
I am writing this note simply as one of these life experiences that seems worth sharing, and as an invitation for the reader to explore Dijkstra's work, be it through the archives at UT, or through his books. He taught from a profound understanding that programming was a branch of applied mathematics, and it was this understanding that made him very perceptive in terms of the opportunities and limitations of programming in the business world, because many meaty business problems are quite intractable from a mathematical point of view, and simplification is done at the user's risk, and usually at the expense of profitability.
Dijkstra's life in the deeper sense was spent in the pursuit of making people think. Making people think through a problem before they put pen to paper. He was popular, but his students sometimes disliked him as much as they--grudgingly one would think-- respected him, because he insisted on handwritten papers and would not accept output from a word processor. His reasoning: by the number of corrections he could see if the person was thinking before they wrote, something he considered an essential skill in programming. So he lived what he taught, and made his students do the same. His extensive notes that can be found in the archives are often almost an equivalent of zen koans for the world of IT, and one could only hope that future generations of IT architects keep EWD's dedication to the basics high on their list of priorities, for otherwise IT solutions are bound to wander down the path towards irrelevance and early obsolescence.
For me personally, it was Dijkstra's sense of what computer science and programming are and what they aren't which served to define the near end of the digital divide, and keep a clear focus on the effective, reasonable and functional use of computing in business. It helped me understand the difficulties of implementation (the digital divide at home - full of executives who fight IT all the while supporting it in name) to the risks of over-promising and pursuit of inappropriate--for not mathematically tractable--applications.
Copyright © 2005 Rogier F. van Vlissingen. All rights reserved.
I want to quote here one sentence from the opening page of that site:
In addition, Dijkstra was intensely interested in teaching, and in the relationships between academic computing science and the software industry.While I was a long time reader of Dijkstra's books, this was where I connected with him some time in the early 80's as I was in the middle of developments in architecting a series of strategic transaction processing and Decision Support tools for the ship-owning company where I worked. After leaving the company I was finally recognized as the architect of all their strategic systems, which were in operation for some 27 years in the end.
I made a visit to Austin on April 3rd 1985 to do an interview with EWD for a now defunct magazine, HollandUSA, which was distributed by KLM in its executive class. My own interest was then very acute because I was struggling daily with a company where the management completely misunderstood both the potential and limitations of IT. This is the territory I explored in depth with Dijkstra for what was presumed to be an executive magazine. In personal correspondence Dijkstra later called this interview the best of his life. Unfortunately the magazine never saw fit to publish it, even though they paid for the rights including for my trip to Austin. Quite evidently they did not understand the importance or the relevance of this brilliant countryman of theirs.
My visit with him was a fresh breeze. It was everything I expected and more, including the discovery that we went to the same high school, the Gymnasium Erasmianum in Rotterdam, and one of his early nostrums was that if you want to become a programmer, learn Latin.
I am writing this note simply as one of these life experiences that seems worth sharing, and as an invitation for the reader to explore Dijkstra's work, be it through the archives at UT, or through his books. He taught from a profound understanding that programming was a branch of applied mathematics, and it was this understanding that made him very perceptive in terms of the opportunities and limitations of programming in the business world, because many meaty business problems are quite intractable from a mathematical point of view, and simplification is done at the user's risk, and usually at the expense of profitability.
Dijkstra's life in the deeper sense was spent in the pursuit of making people think. Making people think through a problem before they put pen to paper. He was popular, but his students sometimes disliked him as much as they--grudgingly one would think-- respected him, because he insisted on handwritten papers and would not accept output from a word processor. His reasoning: by the number of corrections he could see if the person was thinking before they wrote, something he considered an essential skill in programming. So he lived what he taught, and made his students do the same. His extensive notes that can be found in the archives are often almost an equivalent of zen koans for the world of IT, and one could only hope that future generations of IT architects keep EWD's dedication to the basics high on their list of priorities, for otherwise IT solutions are bound to wander down the path towards irrelevance and early obsolescence.
For me personally, it was Dijkstra's sense of what computer science and programming are and what they aren't which served to define the near end of the digital divide, and keep a clear focus on the effective, reasonable and functional use of computing in business. It helped me understand the difficulties of implementation (the digital divide at home - full of executives who fight IT all the while supporting it in name) to the risks of over-promising and pursuit of inappropriate--for not mathematically tractable--applications.
Copyright © 2005 Rogier F. van Vlissingen. All rights reserved.
Subscribe to:
Posts (Atom)