Review on Blooming.com.my

Blooming.com.my is a local e-commerce site that selling flower and other small gifts such as cards bears, gourmet baskets and etc. They provide up to 100 pieces photos of hand bouquets and many other product listing. This will be convenient to customers for reviewing their products and easily understand the business of Blooming Florist. In contrast, customers who prefer touch n feel to products before purchase can visit Blooming Florist’s physical store which is located in LG level of Mid Valley.



Homepage
Similar to other e-commerce site, Blooming.com.my provide member registration and log in, shopping cart, search engine and so on. However, they provide some services that only members are able to read through, such as order tracking, gift reminder, address book and online payment.

Site navigation and paying method
One of the fascinating point is Blomming.com.my not only provides delivery services to Selangor (where their physical store is located), but to all major towns area, including Sabah and Sarawak (with extra charge on certain area). Furthermore, they do accept online credit card payments, online banking and mobile payment.

Extra services and convenience screenshot
For consumer convenience purpose, Blooming.com.my has provided order tracking service where u can trace your order on the delivery status. In addition, live support is also provided so that customer could make enquiries on the spot, without wasting money to make a call. Many useful corners are also provided at the left hand site of the website like customer service corner, country selection for international delivery, info corner, “Tips corner”, and currency converter.

Conclusion and suggestion
In conclusion, although features in Blooming.com.my are simple, but it is enough for a basic internet user to deal with e-commerce. Basic internet user would not need too much or complicated steps in ordering and searching in the website. Nevertheless, Blooming.com.my has to make further improvement in their hand bouquets and also others product’s picture. Indeed, they are providing good services but the photos are not attractive enough. We believe after making this amendment, more visitor and customer will shop through Blooming.com.my for guarantee.

E-Government in Malaysia: Its Implementation so far and Citizen's Adoption Strategies

Implementation and strategies

The implementation of Electronic Government (e-government) started since the initiation of Multimedia Super Corridor (MSC) by the Malaysia Government. It was launched to lead the country into the Information Age. The migration from paper-based services to electronic version has opened wide the potential of e-government application. It has improved both how the government operates internally as well as how it delivers services to the people of Malaysia. It seeks to improve the convenience, accessibility and quality of interactions with citizens and businesses. Simultaneously, it will improve information flows and processes within government to improve the speed and quality of policy development, coordination and enforcement.

The vision of Electronic Government is a vision for government, businesses and citizenry working together for the benefit of Malaysia and all of its citizens. The vision focuses on effectively and efficiently delivering services from the government to the people of Malaysia, enabling the government to become more responsive to the needs of its citizens.

The myGovernment Portal (www.gov.my) acts as the one-stop source of Malaysian government information and services for the citizens.

The 7 pilot projects of the Electronic Government Flagship Application are as follows:
1. Project Monitoring System (SPP II)
2. Human Resource Management Information System (HRMIS)
3. Generic Office Environment (GOE)
4. Electronic Procurement (EP)
5. Electronic Services (E-Services)
6. Electronic Labor Exchange (ELX)
7. E-Syariah

1. Project Monitoring System (SPP II)
Online system that monitors the entire lifecycle of national programs. For example, from project application to approval to implementation, mid-term review and completion.

Objectives:
• To support and monitor entire lifecycle of Malaysia’s 5-Year development program.
• To have a quality projects
• To provide a platform for exchanging ideas and demonstrating best practices models in project implementation.
• To have an effective decision making based on analysis/forecasting of project information and auto-alert on problem projects (e.g. Budget overrun)

2. Human Resource Management Information System (HRMIS)
HRMIS is an integrated, technology enabled Human Resource Management
Information System for the Malaysian Public Service, incorporating Global Best Practices in HR that would enable the Public Service to successfully deal with the Challenges of the K-Economy.

Objectives:
• Effective staffing and right-sizing of civil service
• Up-to-date consolidated HR data for effective information planning.
• Automate human resource managerial and operational processes
• Improve paperless HRM capabilities
• Open and flexible system
• Better communication, horizontal integration, streamlined processes and single window access.

3. Generic Office Environment (GOE)
Powerful document and office management solution that enables users to manage their office environment effectively and efficiently. It is fully web-based and has been customized based on local developed package.

Objectives:
• Efficient preparation and storage of documents
• Fast search and retrieval of documents
• Effective and productive collaboration and sharing of information
• Secure and traceable access to documents

4. E-procurement
An electronic procurement system, which enables suppliers to sell goods and services to the Government through the Internet. Suppliers “open shop” on the World Wide Web, advertise their goods, present their pricing, process orders and deliveries.

Objectives:
• Enables accountability and transparency
• Creates more skilled and knowledgeable workforce.
• Equips the workforce with the latest technology at minimum cost.

5. Electronic Services (E-Services)
E-Services is one of the pilot projects under the Electronic Government Flagship within the Multimedia Super Corridor (MSC) initiative. With E-Services, one can now conduct transactions with Government agencies, such as the Road Transport Department (RTD) and private utility companies such as Tenaga Nasional Berhad (TNB) and Telekom Malaysia Berhad (TM) through various convenient channels such as the eServices kiosks and internet. No more queuing, traffic jams or bureaucratic hassles and one can now conduct transaction at one’s own convenience.

6. Electronic Labor Exchange (ELX)
ELX is one stop-centre for labor market information, as supervised by the Ministry of Human Resource
(MOHR), to enable employers and job seekers to communicate on the same platform.

Objectives:
• An effective and integrated job matching process
• Provide an effective center of labor market information and references
• To improve mobilization of the nation’s human resources and to ensure that manpower utilization is
optimized.

7. e-Syariah
e-Syariah is the seventh project under the Electronic Government flagship application of the Multimedia Super Corridor (MSC). A case management system that integrates the processes related to management of cases for the Syariah Courts.

Objectives:
• To improve the quality of services of the Syariah Courts
• To improve the effectiveness of JKSM in coordinating and supervising related agencies under its jurisdiction
• To improve the productivity and efficiency of the management of the Syariah courts throughout the country
• To uphold the splendors of Islam through the use of ICT

Trends

The first trend is that, after a period of rapid expansion, the pace of e-government advances is slowing and hit a plateau of e-government maturity. This is showing that the e-government implementation is just making a great impact during the early stage of the implementation.

The second trend is that most of the government leaders are making tangible savings by being able to deliver enhanced government services while making operations more cost effective. Rather than realizing the public benefits on e-government services, the government leaders are more concerned on getting popular by their achievement in implementing e-government services.

The third trend is that promoting e-government is becoming a main priority in order to increase the citizen usage of e-government applications. Citizens rarely take advantage of the e-government services. Thus, promoting the services has become a priority.

The fourth trend is that the countries face new challenges in integrating the e-government services as they are growing. While government seek to integrate services across their own agencies and departments, leaders in e-government are tackling the more complex challenges of integrating local, state, federal and even international services.

The last trend in e-government is the growing interest in offering personalized services to the individual citizen. By identifying and segmenting their citizen or user base, government are able to provide citizens with relevant services and information, quicker and more cost effectively.

Citizen’s adoption

According to Wasade University World e-government ranking released, the best ranking of Malaysia is placed on 9th of the world in year 2005. However, Malaysians are concerned about the security of doing transaction over the internet and this resulted in low usage of e-government services. In accordance with that, the younger Malaysian who are under 34, are the primary users of e-government services. Household with high incomes and higher levels of education use e-government services more actively.

Conclusion

In conclusion, the main challenge in e-government in Malaysia is the technological challenge, which includes issues like standards, data integration, legacy maintenance, privacy and security. The key priority is to improve the core government application and integrating more services across agencies, At the same time, market the e-government services to the public and business.

In order to make the right decisions and avoiding falling behind, governments must identify and resolve the different issues that have arisen from the transition period during which traditional and e-government co-exist. Rather than just focusing on introduction of ICTs, government should decide on, guide and control the transformation of government into e-government.

Things to Take Note to Prevent E-Auction Fraud when a Consumer Participating in an E-Auction

E-auction is an electronic auction that done through the internet. It can be defined as a market mechanism by which sellers place offers and buyers make bids which conducted online and is characterized by the competitive and dynamic nature by which the final product is reached. There are many information available to both buyers and sellers in this market such as prices, product, current supply and demand.

E-auction fraud is a growing epidemic worldwide, as online shopping has grown significantly every year that online shopping has been available. Since the buyers cannot look at the items directly, they may get defective items. The fraud rate are become higher and higher. Most e-auction fraud cases involve straightforward scams where consumers allegedly win merchandise by being the highest bidder. All sounds good until they send the payment and never receive the merchandise.

There are many types of e-auction fraud. For example:

• Shilling: It is a place where placing fake bid on auction items. The main purpose is to rise up the bidding price.



• Bid shielding: There is some phantom bidders bid at a very high price at the start of an auction and pull out at the last minute and this will cause a bidder of a much lower price to win.

Beside that, there is also a lot of way of fraud can happen. Some will charge with a high shipping costs and handling fees, misleading the description like put on the fake picture of the products, failure to ship to the products and many more.

From the above statements, it is important for everyone to prevent e-auction fraud.


Prevention method
To protect the buyers and sellers in the e-auction, there are several measures in an effort to reduce fraud. Following are actions to prevent e-auction fraud:

• Authentication service is used to determine whether an item is genuine and described appropriately. Authentication is very difficult to perform because it needs training and experience. So, only the experts can detect the counterfeits based on subtle detail.



• Escrow Services is a licensed and regulated company. They collect, holds, and send a buyer’s money to the seller according to instructions agreed on by the buyer and seller. Once the buyer receives the items and approved, the escrow service will sends the payment to the seller within the agreed time frame.

Example for an escrow services is http://www.iescrow.com/

• User identify verification is a program that use to verify the user identity. For example, eBay uses Equifax services to verify the user identities. Verified eBay User is a voluntary program that encourages users to provide eBay with the information for online verification. By offering their MyCard number, driver’s license number, and date of birth, users can qualify for the highest level of verification on eBay.
  


• Feedback forum is to allow the buyers and sellers to build up their online trading reputation. It also provides the user with ability to comment on their experiences with other.



• Nonpayment punishment is to protect the sellers. For example, eBay implemented a policy against those does not honor their winning bids. There will be friendly warning for the first time nonpayment. In the second time, they will issue sterner warning. There will be 30-days suspension for the third offense and the indefinite suspension for the fourth offense.



• Appraisal services are a variety of methods used to appraise items. This including expert assessment of authenticity and condition and reviewing what comparable items have sold for in the marketplace in recent months. However, it is only useful at the time appraisal done since the market products changing rapidly.



• Verification is a way to confirm the identity and evaluate the condition of an item. Neutral third parties will evaluate and identity an item through a variety of means.

Buyers also need to take note when they are dealing with e-auction. Buyers are advise to read the company reputation whether the company can be trusted before making any transaction with them. Some of the company who deals with the e-auction will provide some forum to let users to read on the other users comments towards their company image and products.

Nevertheless, check the courier services provided by the company to make sure the delivery are delivered on time without any problems. On the other hand, buyers should be smart enough and bear in mind never bank in money to other people account easily caused there are some fake accounts created to cheat buyers.

“Caution to users: Never give out your bank account and your personal information”

Corporate Blogging: A New Marketing Communication Tool for Companies

Weblogs are frequently modifying web pages in which dated entries are listed in reverse chronological sequence. They have emerged as an important new digital medium in the last few years, with internet-based blogs growing exponentially.

A Corporate Weblog is published and used by an organization to reach its organizational goals. The advantage of blogs is that posts and comments are easy to reach and follow due to centralized hosting and generally structured conversation threads.

Although there are many different types of corporate blogs, most can be categorized as either internal or external.

Internal Blogs
It is generally accessed through the corporation's intranet, which are only accessible by people within the firm. It is a weblog that any employee can view. Many blogs are also communal, allowing anyone to post to them. Internal blogs may be used in lieu of meetings and e-mail discussions, and can be especially useful when the people involved are in different locations, or have conflicting schedules. Blogs may also allow individuals who otherwise would not have been aware of or invited to participate in a discussion to contribute their expertise.

The informal nature of blogs may encourage:
· Employee participation
· Free discussion of issues
· Collective intelligence
· Direct communication between various layers of an organization
· A sense of community

External Blogs
It is a publicly available weblog where company employees, teams, or spokespersons share their views, which can be read by people outside the corporation. External blogs is often used to announce new products and services, to explain and clarify policies, or to react on public criticism on certain issues. It also allows a window to the company culture and is often treated more informally than traditional press releases, though a corporate blog often tries to accomplish similar goals as press releases do. In some corporate blogs, all posts go through a review before they are posted. Some corporate blogs allow comments to be made to the posts.

External corporate blogs, by their very nature are biased, though they can also offer a more honest and direct view than traditional communication channels. Nevertheless, they remain as public relations tools. Marketers might expect to have product influencers among the audience of an external blog. Once they find them, they may treat them like VIPs, asking them for feedback on exclusive previews, product testing, marketing plans, or customer services audits.

One of the successful corporate weblog in Malaysia is Exabytes network. Exabytes Network Sdn Bhd is a leading web hosting company based in Malaysia that was founded on the principal of providing the best webhosting solutions to their customers.

Benefits of corporate blogging
The benefit of corporate blogging can be separated to direct benefits and indirect benefits.

Direct benefits of corporate blogging:

1. Increase credibility
   Corporate blogs can provide additional value by adding a level of credibility that is often unobtainable from a standard corporate site. The informality and increased timeliness of information posted to blogs assists with increasing transparency and accessibility in the corporate image. Business blogs can interact with a target market on a more personal level while building link credibility that can ultimately be tied back to the corporate site.
   


2. Build rapport with customers
   Right now, there are more than 100 million blogs worldwide. Publish of a corporate blog is giving customers a channel to interact and get to know the brand and organization in a format that they are familiar and comfortable with. Plus, corporate can earn extra points from them because of speaking their language.
   


3. Free feedback and suggestions from key constituents
   Corporate blogging gives corporate insights to what people are saying about their products, brand, competitors, and marketing. These insights come in the forms of comments on the corporate blog or commentary and discussions that take place on other blogs.
   


4. Increased website traffic from higher search engine rankings
   Because blogs are so easy to publish, corporate can add new content to their blog more frequently. Search engines favor websites with fresh content and ranks the blog higher in search results, which in turn results in a greater number of referrals from search engines to corporate website and blog.
   


5. Position your business as a thought leader
   One of the most effective marketing strategies is “Show, don’t tell”. Corporate can use their blog to take advantage of this strategy by demonstrating expertise and experience in their industry through commentary, guides, and analysis. The quality of corporate blog content reflects the quality of organization.
   


6. Lead generation.
   Having high-quality content on corporate blog goes further to reinforce the value your organization can provide and reduces the need to “hard sell”. Make sure that the contact details are easily accessible and corporate will be getting leads from their blog in no time.

Below are types of reported Indirect benefits from a research on corporate blogging, which can be divided by 3 aspects:

1. Informational aspect:
   Getting and sharing information
   Journaling
   Problem solving
   Getting and giving feedback
   


2. Social aspect:
   Engaging in dialogue
   Building community
   Communicating
   Collaborating
   Gaining perspective
   Gaining company pulse
   Networking
   Developing Reputation
   Building Career
   


3. Other aspect:
   Managing upwards
   Working efficiently
   Self expression
   Replacing technology

In conclusion, the real benefit of corporate blogging may thus be create an informal mechanism that links disparate, less contacted parts of the organization into constructive contact. Blogs appear as an important way for employees to develop their relationships and reputations over time.

By the way, the online community may reinforce the sense of belonging to the organization. It may create community benefits to the organization beyond informational and social benefits they created for individual participants. For large organizations, this could be especially important.
These sense of belonging, may also reinforce the information gathering aspect of blogs. The community and organizational aspects of blogging could similarly enhance knowledge sharing within the organization, not just by creating ties, but enhancing employee’s sense of organizational citizenship.

Besides that, corporate blogging also be found appears to create significant social benefits as well as informational benefits for users of the system. The community benefit and the connections created begin as weak ties with values of perspective and information. Over some time, stronger ties had developed and social benefits are augmented. The persistence of information in blogs provides a valuable tool for members of the organization, including managers and executives to evaluate and learn about employee concerns, emerging issues, and important moving trends in the corporation.

In summary, corporate blogs are a new, powerful marketing communications tool for any organization.

The Application of Prepaid Cash Card for Consumers

Prepaid cash card is considered a convenient substitute to conventional credit cards for secure commercial transactions between users and merchants. Rather than having to deal with the tedious and time-consuming process of writing and approving checks, prepaid cash cards have revolutionized the retail industry, making it more safe and efficient. It is virtually the same as using cash, just that it is a convenient way to spend money without having to carry large amount of cash all the time. It is also a method for making purchase transactions over the World Wide Web without personally identifying information, such as telephone number, social security number, date of birth, annual income and others that are associated with traditional credit cards. Prepaid cash cards are accepted generally at places of businesses. If you have a Visa prepaid cash card, it will be accepted at any places where regular Visa credit cards can be used. Prepaid cash card can be purchased from any credit card companies. A consumer send a check for the amount of money he would like to place on the card and a card worth that amount will be sent to him.

Prepaid cash cards are linked to a consumer’s checking account, and when they are used, the amount spent is automatically deducted from the bank balance. Prepaid cash cards can also be linked to actual credit cards, allowing a consumer to spend more than what he have in his account. The cards can be used to make purchases online or to rent cars or make airplane reservations and are excellent for people who have low credit ratings and those whose credit cards cannot be approved.


How prepaid cash card works on Internet
A prepaid card is purchased having a unique identification code, and a predetermined cash balance. An obstruction, such as a peel-away strip, covering the identification code is removed after purchasing the card.

An account is activated or created by providing the identification code to a card service system. Typically, only the identification code is provided to the card service system in order to protect the purchaser of the card from uninvited sales calls, junk mail, theft of personal identity, etc. The activating step may comprise calling the card service system by telephone and providing the identification code, such as by inputting the identification code via keystrokes of a keypad of the telephone when prompted by an automated system, or providing the identification code by voice when the automated system has voice recognition software. Alternatively, the card holder may enter the identification code into a designated field of a cards service web-site to activate or create an associated account.

In order to purchase goods or services, the card holder selects one or more goods or services offered by a seller through its web-site. The identification code of the card is provided to the seller, typically by entering the identification code into a designated field of the web-site. The seller then transmits the identification code to the card service system for verification. The card service system determines if the identification code is associated with the valid and active account, and if there is sufficient cash balance in the account to purchase the selected goods or services. This is done by searching a database of activated accounts.

An approval code is transmitted to the seller if the identification is valid and a sufficient cash balance is available in the associated account to purchase the selected goods or services. The seller is credited the value of the purchase price of the selected goods or services, and the purchase price of the selected goods or services are debited from the cash balance of the account. If it is determined that the identification code is invalid, or there is insufficient cash balance in the associated account to purchase the selected goods or services, a denial code is transmitted to the seller.

The card holder can determine current card account cash balance by contacting the card service system, such as by telephone or World Wide Web connection. It is contemplated that the cash balance from one card account can be transferred to another card account when contacting the card service system so that meaningless low cash balances do not remain in an account.

Credit Card Debt: Causes and Preventions

Credit card debt results when a client of a credit card company purchases an item or service through the card system. Debt accumulates and increases via interest and penalties when the consumer does not pay the company for the money he or she has spent.Credit card debt is one of the major causes of bankruptcies in almost every country in the world.

Most credit card holders did not realize is that when banks approved their credit card and established their credit limit, the banks is using the applicant's name and signature to create the money to fund the card. Thus, generates future incoming profit to the bank.

The followings are the four factors that will lead to credit card debt

1.Poor Money Management

Poor money management is one of the best reasons why so many families accumulate lots of debt. Not having a monthly spending plan and not keeping track of your monthly bills makes you unaware of where your money is going. You might be spending hundreds of dollars every month towards items that are useless and have no value in your life, yet you do not realize it. While your money is going towards purchasing useless items, you might also be charging your necessary purchases on your credit card, forcing you to pay interest on these purchases every month.

2.To Many Credit Cards

Many peoples believe having too many credit cards in the wallet is an essential sign of prosperity. Some think, the larger the number of credit cards the more money is at their disposal. But, both of these facts are clearly false, and having too many credit cards is the number one factor that drives a person towards credit card debt. The hard fact to remember is that every single penny used from credit card has to be repaid and that too with interest. So, too many credit cards translates into too many credit card debts. With the repayment dates varying with the credit cards the repayment of credit card debt becomes messier and difficult to keep track of. Eventually, credit card debt consolidation comes into picture which consolidates the various debts into one. To avoid credit card debt the first thing to keep in mind is to have only those credit cards which are absolutely essential.

3.Taking Cash Advances

Next important factor that leads to credit card debt is taking cash advance from credit cards. Credit cards are there to make payment for goods and services and should not be used as debit cards. The simple reason that should stop a person from taking cash advances is that credit card companies charge heavy interest rates on cash advances and there is a penalty also to be paid. The high interest rates make the repayment scenario even tougher.

4.Repaying the minimum

People think that by repaying the monthly minimum they are doing their part towards paying the credit card debt. But, this is simply not the case. By paying only the monthly minimum the credit card debt starts accumulating at a rapid rate. And coupled with high Annual Percentage Rate (APR), this amount can throw a person into debt trap. Those who pay only the monthly minimum land up paying 3-10 times the money they borrowed. The credit card debt can be avoided if the entire amount due is paid with the next billing cycle. This will help establish a good credit history too.

Below are a few Prevention methods for credit card debt that suggested by many professional financial counselors:

1.Debt Counseling

Go through a counseling session with financial experts before you choose to go for any particular kind of credit card debt service. The experts will thoroughly examine your case and offer you expert advice on the best mode of getting credit card debt relief. You will see that the modest fee they might charge for such a service will be well worth it. There are also some companies which offer free counseling.

2.Control Your Spending

Once you get the credit card, be extremely careful with your spending. If you not able to pay the whole balance each month, then try to pay the highest amount possible. Otherwise you will get into a vicious circle and your credit card debt will grow so much that you will find yourself unable to pay the minimum in a short time. Also, if you have multiple cards, try to pay the maximum amount possible in the credit card with the highest interest rate and leave the others with the minimum required till you pay it off completely. Then carry on with the next higher rate credit card and so on.

3.Choose Your Credit

Wisely You should choose your credit card cautiously. The main item to look at is the interest rate, try to find the lowest rate available. If you can find a credit card with a better rate, do not hesitate and transfer the balance to the new card, this way you will be paying less in interests and whatever you pay will go mainly to reducing the capital.

Electronic Currency

Electronic currency refers to money or scrip which is exchanged only electronically. In a more simple way, it means the money used over the internet. Electronic currency allows its holder to buy the goods and the services that the vastness of the Internet offers. Typically, this involves use of computer networks, the internet and digital stored value systems. Electronic Funds Transfer (EFT) and direct deposit are direct examples of electronic currency. Electronic funds transfer (EFT) refers to the computer-based systems used to perform financial transactions electronically. Direct deposit refer to certain systems used to transfer money.

There are a lot of company that provide electronic currency services in the world. One of the example is Click and Buy, a company that provides payment systems on the internet. It is currently used by Apple iTunes, Skype, msn, T-Online, Electronic Arts, Meetic, Playboy, SanDisk, Yamaha, UNICEF and many more. The second example is Paystone, a company that provides micropayments and money transfer solutions. It is an online, real-time payment solution that allows user to send funds to anyone who has an email address, pay for online purchases, cash out to your bank account or ATM card and receive payments for goods and services.

Now let's look at the tern electronic currency trading. It simply means buying and selling of this internet money. Just like the money currencies we use in normal everyday, electronic currencies are varied. Each one of them is backed by an underlying monetary currency or even valuable or precious metals. People profit by trading on these electronic currencies. It requires strategies especially when it come to buying the currencies in low prices and selling them in the higher prices.

Now let's identify the benefits of electronic currency trading. One of the primary benefits that electronic currency trading brings is that it allows you to do business and earn with only a few dollars of investments. Experts suggest that beginners should start with only a few dollars so that they can first learn the ropes about electronic currency. It does not demand much and it is up to the trader if he wants to increase his investment. Traders are give many opportunities to profit without spending much on investment.

Another benefit is that electronic currency is versatile and convenient to the persons involved. Since people do business online, they are given much leeway on how to schedule their day. People can work with any electronic currency trading market that best suits their needs for any time of day. The business does not sleep in night or day, so the world is merely at fingertips. Besides the schedule flexibility, electronic currency traders can also conduct business anywhere, whether at home, regular work place, parks, coffee shop or virtually anywhere, so long as there is an internet connection, electronic currency can be done. It is not only very profitable, but also convenient.

Furthermore, electronic currency trading is that is it has low transaction cost. Unlike other businesses that consumes profits with exorbitant fees, it allows people to do business with minimal fees, which results in more profit and more money.

However, there are many potential issues or disadvantages with the use of digital cash. The transfer of digital currencies raises local issues such as how to levy taxes or the possible ease of money laundering. There are also potential macroeconomic effects such as exchange rate instabilities and shortage of money supplies, there is basically a possibility that digital cash could exceed the real cash available.

Desirable Properties for an Electronic Currency System

There are several requirements for an electronic currency system, which are: Security, Anonymity, Scalability, Acceptability, and Interoperability.

Security: Forging paper currency is difficult.Unfortunately, electronic currency is just data and is easily copied. Copying or double spending of electronic currency should be prevented or detected. Ideally the illegal creation, copying, and reuse of electronic cash should be unconditionally or computationally impossible. Some systems rely instead on post-fact detection and punishment of double spending.

Anonymity: The identity of an individual using electronic currency should be protected; it should not be possible to monitor an individual’s spending patterns,nor determine one’s source of income. An individual is traceable in traditional transaction systems such as checks and credit cards. Some protocols are unconditionally untraceable, where an individual’s spending can not be determined even if all parties collude . For some transactions,weaker forms of anonymity may be appropriate, e.g. traceability can be made difficult enough that the cost of obtaining such information outweights the benefit.

Scalability: A system is scalable if it can handle the addition of users and resources without suffering a noticeable loss of performance. The existence of a central server through which transactions must be processed limits the scale of the system. The mechanisms used to detect double spending also affects scalability. Most proposed e-cash protocols assume that the currency server will record all coins that have been previously spent and checkt his list when verifying a transaction. This database will grow overtime, increasing the cost to detect double spending. Even if the life of a coinis bounded, there is no upper bound onthe amount of storage required since the storage requirement depends onthe rate at which coins are used, rather than on the number of coins in circulation.

Acceptability: Most e-cash proposals use a single bank . In practice,multiple banks are needed for scalability,and because not all users will be customers of a single bank. In such an environment, it is important that currency minted by one bank be accepted by others. Without such acceptability, electronic currency could only be used between parties that share a common bank. When currency minted by one bank is accepted by others, reconciliation between banks should occur automatically

Interoperability: Users of the Internet will select financial instruments that best suit their needs for a given transaction.It is likely that several forms of electronic currency will emerge, providing different tradeoffs for security,anonymity, and scalability. In such an environment it is important that funds represented by one mechanism be easily convertible into funds represented by others.

Mobile Payment System in Malaysia: Its Potentials and Consumers' Adoption Strategies

Mobile payment is new and rapidly adopting alternative payment method especially in Asia and Europe. Instead of paying with cash, check or credit cards, a consumer can use a mobile phone to pay for wide range of services and digital or hard goods such as music, videos, ringtones, online game subscription, wallpapers, transportation fare, parking meters, books, magazines, tickets and other services or digital/ hard goods.

Mobile payment has been well adopted in many parts of Europe and Asia. Combined market for all types of mobile payments is expected to reach more than $600billion globally by 2013.

There are four primary models for mobile payments:
1. Premium SMS based transactional payment
2. Direct Mobile Billing
3. Mobile Web Payments (WAP)
4. Near Field Communication (NFC)

1. Premium SMS based transactional payments
This is where the consumer sends a payment request via an SMS text message to a shortcode and a premium charge is applied to their phone bill. The merchant involved is informed of the payment success and can then release the paid for goods.

Since a trusted delivery address has typically not been given these goods are most frequently digital with the merchant replying using a Multimedia Messaging Service to deliver the purchased music, ringtones, wallpapers etc.

A Multimedia Messaging Service can also deliver barcodes which can then be scanned for confirmation of payment by a merchant. This is used as an electronic ticket for access to cinemas and events or to collect hard goods.

2. Direct Mobile Billing
This is where the consumer uses mobile billing option during checkout at an ecommerce site such as an online gaming site to make a payment. After two-factor authentication involving PIN and One-Time-Password, the consumer's mobile account is charged for the purchase. It is true alternative payment method that does not require use of credit/debit cards or pre-registration at online payment solution such as PayPal, thus bypassing banks and credit card companies altogether.

This type of mobile payment method, which is extremely prevalent and popular in Asia, provides the following benefits:

• Security - Two-factor authentication and risk management engine prevents fraud.


• Convenience - No pre-registration and no new mobile software is required.


• Easy - It's just another option during a checkout process.


• Fast - Most transactions are completed in less than 10 seconds.


• Proven - 70% of all digital content purchased online in some parts of Asia uses Direct Mobile Billing method.

3. Mobile web payments (WAP)

This is where the consumer uses web pages displayed or additional downloaded application and installed on mobile phone to make a payment. It uses WAP (Wireless Application Protocol) as underlying technology, thus inherits all the advantages and disadvantages of WAP.

However, using a familiar web payment model gives a number of a few proven benefits:

• Follow on sales - where the mobile web payment can lead back to a store or to other goods the consumer may like. These pages have a URL and can be bookmarked making it easy to revisit or share with friends.
  
• High customer satisfaction - from quick and predictable payments.


• Ease of use - from a familiar set of online payment pages.

Mobile web payment methods are now being mandated by a number of mobile network operators, use of credit/debit card or pre-registration at online payment solution such as PayPal is still required unless mobile account is directly charged through mobile network operator.

4. Near Field Communication (NFC)

NFC is a short-range technology used mostly in paying for purchases made in physical stores or transportation services. A consumer uses a special mobile phone equipped with a smartcard waves and moves his/her phone near a reader module. Most transactions do not require authentication, but some require authentication using PIN before transaction is completed. The payment could be deducted from pre-paid account or charged to mobile or bank account directly.

Mobile payment method via NFC faces significant challenges for wide and fast adoption, while some phone manufacturers and banks are enthusiastic, due to lack of supporting infrastructure, complex ecosystem of stakeholders, and standards.

NFC vendors in some Europe countries use contactless payment over mobile phones to pay for on and off street parking in specially demarcated areas. Parking wardens may enforce the parking by license plate, transponder tags or barcode stickers. End users benefit from the convenience of being able to pay for parking from the comfort of their car with their mobile phone. NFC enabled payments are far easier and less costly to handle than cash itself including other traditional payment methods. Also, as an added advantage, users can have a complete trail of all payments they make.

The first example of mobile payment system available in Malaysia is Hong Leong Mobile Credit Card using the concept of Mobile Money. Mobile Money is a new payment system to facilitate payments with only the mobile phone via SMS with a Security PIN. Plastic cards and merchant terminals are not required. All payments are made via mobile phone and a Security PIN. Hong Leong Mobile Credit is a proprietary virtual credit card to allow payments via SMS. Hong Leong Bank works in partnership with Mobile Money to allow credit card payments via SMS. In this regard, Mobile Money is like MasterCard and Visa Card, which are payment systems or gateways offered in partnership with the banks. Before any payment can be made, customer is required to approve payment by entering a 6-digit Security PIN on the mobile phone to authorize payment via SMS. It is highly secure as it uses a PIN-based authentication process compared with the signature-based credit card payment process. The entire payment process is both internally and externally audited and is approved by Bank Negara Malaysia.

The second example of mobile payment system available in Malaysia is Mobile Money. It is also a PIN-based Mobile Payment Solution designed by Mobile Money International Sdn Bhd to address the limitations and bottlenecks created by cash, cheques and credit cards. It unlocks the power of the mobile phone to make payments, allowing registered users to pay for goods and services at anytime, anywhere using only a mobile phone coupled with a 6-digit security PIN via SMS. This gives the freedom to shoppers to buy products online and pay the merchant using his/her mobile phone without being physically present at the store.

Below is one of the payment mode in Mobile Money Payment System:

Currently in Malaysia, many of us are already familiar with making payment using contactless smartcards, namely, Touch ‘n Go to pay our tolls, LRT fares, bus fares and parking. Currently there are about 2.6 million active Touch ‘n Go cards in Malaysia and over 3,000 payment points in Rapid KL’s LRT, Monorail and bus systems, KTM Commuter, toll plazas and 25 parking sites in Kuala Lumpur. It is a kind of Radio Frequency Identification cards (RFID) contain an embedded memory, control circuitry and an antenna. They have no power source of their own and so are powered by electromagnetic induction by an unlicensed 13.56MHz signal from the card reader, which acts like an electricity generator and temporarily energizes cards brought within 10 cm of it, enabling it to read and write to the card’s memory such as when making deductions in these micro transactions.

However, emerging type of RFID technology is Near Field Communications (NFC). NFC provides a simple and secure way for handsets to communicate over distances of a centimeter or two. NFC is emerging as a leading standard for applications such as mobile payment, with successful trials conducted in several countries. It also has wider applications, such as "touch to exchange information" (for example, to transfer an image from a handset to a digital photo frame, or for a handset to pick up a virtual discount voucher). In Malaysia, NFC is likely to become important sooner in emerging markets, it seemed will untie the potential of mobile payment and become common after 2010.

Another expectation is Mobile Money will encourage more consumers to shop online, and this will definitely be a great boon to the e-commerce industry in Malaysia.

The Application of Third Party Certification Programme in Malaysia

BSI Management Systems Malaysia the wholly owner subsidiary of BSI Management System (MS) which is an operational organisation within the British Standards Institution (BSI) Group offering more than 20 accredited certification activities in Third Party Systems Assessments. BSI MS has clients in countries all over the world.

BSI Management Systems is one of the world’s largest certification bodies, with over 60,000 certified locations around the world. We provide management systems assessment, certification and training services to clients for recognised international and national / industry standards, including ISO 9001, ISO 14001, OHSAS 18001, ISO 27001, ISO 20000, ISO 13485, ISO 22000, TS 16949, TL 9000 as well as many more industry specific standards such as the BRC standards, CE Marking, CMDCAS, KITEMARK, and also a provision of RSPO Certification Body.

Established in Jan 2005, the aim of BSI Management Systems Malaysia is to assist its clients to maximize business advantage and reduce their risks through helping them to improve their operational effectiveness, reduce costs, increase customer focus and satisfaction and continually improve.

BSI, which is a global brand, is also a founder and leading member of European and International Standards Organisation.

Since its foundation in 1901 as the Engineering Standards Committee, BSI Group has grown into a leading global independent business services organization. BSI Group is a Royal Charter organisation and the world’s oldest National Standards Body. Today BSI is made up of 3 groups: Bristish Standards, Management Systems and Product Services, with services aimed at raising standards in more than 110 countries worldwide including Asia Pacific – Greater China, Hong Kong, Taiwan, Japan, Korea, India, Singapore, Malaysia, Thailand.

BSI's other offices in – Brazil, Canada, Dubai, France, Iran, Mexico, Poland, Russia, South Africa, Spain, Turkey, UK, USA and etc..

BSI maintains its independence and impartiality through the Royal Charter and an organisation and management system which is monitored by external accreditation bodies worldwide as being in conformance with international standards including ISO/IEC 17021:2006. However, in order to ensure its impartiality, BSI MS does not provide consultancy services.

BSI operates to a Code of Conduct, and makes its services accessible to all applicants limited only by BSI’s scope of accreditation or notification and willingness for clients to comply with the relevant conditions of contract.

Assessment and Certification
BSI MS is a leading global provider of management systems assessment and certification solutions across a broad range of business areas and standards, including:

Quality
The framework for effectively managing your business. ISO 9001:2000

Information Security
Protect sensitive company information with ISO/IEC 27001:2005 (BS 7799)

Food Safety
Ensure safe food with ISO 22000:2005

Automotive
Driving excellence in the automotive supply chain. ISO/TS 16949:2002

SA 8000 Social Accountability
Demonstrating responsible business

Medical Devices
ISO 13485:2003, CMDCAS, US FDA 510k Review

Complaints/Satisfaction
Ensure customer care equals customer loyalty with ISO 10002:2004 and CMSAS 86:2000

GreenHouse Gas Emissions Verification
Ensuring the accuracy of environmental information GHGEV

CCA Contact Centre Management
Best practice framework for contact centres

Market Research
Best practice for market researchers ISO 20252:2006

Environment
Manage environmental impacts with ISO 14001:2004

IT Services
Effectively manage IT Services with ISO/IEC 20000:2005 (BS 15000)

Telecommunications
Enhance performance with TL 9000

Business ContinuityManagement
Minimizing disruptions - Maximising recovery BS 25999

Occupational Health & Safety
Promote a safe working environment with OHSAS 18001:2007

Aerospace
Reaching new heights in the aerospace industry AS9100, AS9110, AS9120

Oil & Gas
Fuelling best practice in the oil and gas industries ISO 29001

Integrated Management
Growing together - an integrated approach to management systems.PAS 99

BRC Global Standard - Consumable Products/Food/Packaging
Consumer Products along with the BRC Food and Packaging standards

HACCP
Managing Food Safety Risks

MSC Trustgate.com Sdn Bhd is a licensed Certification Authority (CA) in Malaysia since 1999. It provides complete security solutions and leading trust services that are needed by individuals, enterprises, government, and e-commerce service providers using digital certificates, digital signatures, encryption and decryption.

Trustgate operates within the Multimedia Super Corridor. It was incorporated in 1999 to meet the growing need for secure open network communications and become the catalyst for the growth of e-commerce, both locally and across the ASEAN region. At present, MSC Trustgate has 12 million in paid up capital.

Trustgate is licensed under the Digital Signature Act 1997 (DSA), a Malaysia law that sets a global precedent for the mandate of a CA. As a CA, Trustgate’s core business is to provide digital certification services, including digital certificates, cryptographic products, and software development.

It is committed to provide the finest Public Key Infrastructure (PKI) to assist all types of companies and institutions conducting their business over the Internet. The state of the art back-end infrastructure that costs RM 14 million is one of the best in the region.

Product and services offered by Trustgate:

1. SSL Certificate for Internet, Intranet and Server Security
Trusgate offers two SSL Certificates for server security due to increasing phishing and spoofing attacks on the Internet to make sure customers are trusting that they are dealing with trusted parties when they conduct business online. The two certificates are Global Server ID and Secure Server ID. Global Server ID adopts today's strongest encryption commercially available for secure communications via Server Gated Cryptography (SGC) technology. Secure Site SSL Certificates protect the transfer of sensitive data on Web sites, intranets, and extranets using a minimum of 40-bit and up to 256-bit encryption. It includes VeriSign Secured Seal.



2. Managed PKI for Enterprise Trust Services
Managed Public Key Infrastructure (MPKI) service is a fully integrated enterprise platform designed to secure intranet, extranet, and Internet applications by combining maximum flexibility, performance, and scalability with high availability and security. The service allow enterprise to quickly and cost-effectively establish a robust PKI and Certification Authority (CA) system with complete control over security policies, PKI hierarchies, authentication models, and certificate lifecycle management.

Linked to Trustgate’s robust, high-availability certificate processing services, the service enables faster deployment and lower operating costs while providing an open platform that integrates with off-the-shelf solutions.


3. Digital ID for Secure Transactions, Documents & E-mails
Digital ID is used to sign & encrypt transactions. Digital ID is an electronic credentials that uses private key and public key to facilitate the following operations:

-Authentication – you are who you claim you are
-Privacy – your confidential data remains private
-Authorization – control user access rights to important data
-Integrity – be sure data is not altered behind your back
-Non-repudiation – have the evidence in the event of a dispute



4. MyTRUST for Mobile Signature
With MyTRUST
SIM card can be turned into a Mobile Digital Identity for secure mobile banking and other financial services. Mobile digital signature provides non-repudiation on transactions under the Digital Signature Act, 1997. It runs on Wireless PKI platform and Mobile Operator infrastructure. PKI-enabled SIM cards are preloaded with MyTrust application and a digital certificate from a licensed Certification Authority. Users are able to digitally sign any transaction with ease and convenience via their mobile phone.


MyTRUST for Government


MyTRUST for Banks


MyTRUST for Enterprise




5. MyKad PKI (MyKey)
MyKey, is the MyKad PKI solution that works with your physically MyKad, allowing you to authenticate yourself online and to digitally sign documents or transactions and is accepted by the Malaysian government


6. SSL VPN for Remote Access Services
SSL VPN solution provides secure remote access based on the web security standard SSL (Secure Socket Layer). This award winning SSL VPN can be configured to access multiple intranet sites with single sign-on. Using a standard browsers and an Internet connection, people can get access to their intranet, e-mail and business system from wherever you are and whatever device you choose.SSL VPN solution provides an advanced policy management component to authenticate users and type of device they are using. The security feature may be extended to including two-form authentication with the choice of tokens, downloaded Java applets, challenge-respond or static password stored in your device, or one-time password sent via SMS.


7. Verisign Certified Training
MSC Trustgate has been appointed as Asia's first VeriSign Authorised Training Centre. Under this partnership, MSC Trustgate.com and APIIT (Asia Pacific Institute of Information Technology) jointly facilitate the delivery of VeriSign’s high-end Security and E-Commerce programmes.Other security courses available include Watermarking and Wireless hacking, sniffing, penetration testing through tools. All IT professionals who are involved in designing, evaluating, or implementing Internet security are encouraged

How to Safeguard Our Personal and Financial Data?

Security threats are still haunting Internet and the world of information techlology, causing countelss people being victims by those cyber attackers, causing their personal informations, financial datas and other confidential identities stolen. These security threats represents vulnarabilities or wekanesses of operating systems and programs. Malicious hackers attempt to use these vulnerabilities to run programs on you computer, performing spying, stealing and damaging your datas. Thus, taking protective safeguard actions is neccesary. What can we do to protect ourselves against these attacks?


1. Intall an antivirus program
What is an antivirus program? Antivirus is a protective software designed identify and remove computer viruses, as well as many other types of harmful computer software, collectively referred to as malware. which includes: viruses, Trojans, keyloggers, hijackers, dialers, and other code that vandalizes or steals your computer contents. In order to be an effective defense, your antivirus software needs to run in the background at all times, and should be kept updated so it recognizes new malicious software.

How does an antivirus works?
Virus definition files tell the anti virus software what code characteristics to look for while monitoring your computer. When a certain file type or activity occurs that matches a characteristic, the anti virus software blocks the execution of code and alerts you that a virus has been found. The virus is then isolated and destroyed.

Hundreds of new computer viruses are introduced onto the internet each week, and as antivirus software developers find these new viruses, they create updates of the virus “definitions” in order to provide the antivirus software with a way to identify and destroy even the newest of viruses. It is extremely important to update your antivirus software every day in order to make sure you have the most current virus definitions available. Fortunately, most modern anti virus software comes with an “automatic update” feature that makes this task a one time “set it and forget it” kind of thing.

It is important to keep antivirus definitios up-to-date and renew its subscription. New viruses, worms, and Trjan horses are developed everyday. Antivirus companies allow you to download updated virus definitions for free or some might require a subscription fee. Antivirus definitions should be updated daily or at least once per week to make sure you have the most recent definitions. Many people make the mistake of purchasing 12 months of updates, and forget to renew their subscription, when the antivirus update subscription runs out, automatic updates stop, leaving computers vulnerable to all new viruses.

Remember to run through virus scan at least once a week. Many antivirus programs can automatically run in the background to watch for new bugs before they have a chance to cause damage. However, it is still recommended to run a thorough virus scan of your entire system at least once per week to make sure your computer is always safe and clean.

Besides that, remember to scan all e-mail attachments before you send or receive them to ensure that you are not unknowingly spreading a virus. Any files received through an chat or Instant Messaging program should be scanned too especially when you do not know the sender. Also, remember to scan any floppy disk or removable media before opening files on the disk and do not leave a removable disk anywhere as the datas inside by be stolen by people. Always keep it close to you, especially if the datas inside is confidential.


2. Install an anti-spyware.
Spyware detection programs, also known as anti-spyware programs, spyware cleaners, and spyware removers, are designed to search out and remove spyware and adware from your computer. Depending on what spyware cleaner you use, it will detect, deactivate, and remove spyware from your computer. Plus it will immunize your computer from spyware it has already destroyed by blocking that spyware from accessing your computer in the future.

Why anti-spyware is needed？
A spyware has all privileges of the user who installed it. Spyware cause conflict with an operating system and applications. It can slow down the system, delete, read, write, download, install another software, change or edit users' preferences, even formattng hard drives.

There is no 100% secured Operating System or browser (software in general) - if you visit security related sites or forums, you'll learn that everyday a security hole is being discovered and reported. Most of this security holes can be exploited by many method and one of which is to bypass some security programs and even you're security, program and operating system settings.

Most freebies or goodies are too good to be true - Ever wonder what is the catch of installing a freeware? Some program that is free to a user is truly free but not free from spyware. The above definition of spyware are some of the catch. Most of the spyware can't be controlled by the user. You say no already but it keeps showing or installing itself after you've removed it.

Anti-virus alone is not enough, not all anti-virus will prevent installation of spyware! A program that is bundled with spyware can't be detected by your anti-virus program as “infected with spyware“. It is because the setup file is not infected. When the user execute the exe file and agreed with those many license agreements or terms of use of the software during installation, you gave your permissions away in just a snap by allowing the said application to spy on you or gather your private data. Persistent spyware application does not only spy on you but can caused instability with your programs or system

How anti-spyware works?
Spyware remover actively scans your computer for spyware by analyzing the codes of all of your programs and files and comparing these to its database of known spyware definitions. Because spyware is a program and it is installed like any other application, it has a "signature" or "fingerprint". This signature is comprised of the entries in the operating system's registry (for Windows users - the Windows Registry) that are changed and the files that are created on your hard drive. The spyware cleaner will look for evidence of any files or changes that look like those related to known spyware. If it finds a match, it will disable the file and alert you. You will then be given a choice to quarantine the file or delete it.


3. Install a firewall
A firewall is a system designed to prevent unauthorized access to or from a private network. You can implement a firewall in either hardware or software form, or a combination of both. Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet (i.e., the local network to which you are connected) must pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

Why a firewall is needed?
To help determine whether or not you need a firewall all you need to do is answer one question - do you connect to the Internet? If your answer is yes, then you need to protect your personal files & privacy at all times.A common misconception is that only broadband/high-speed users need firewall protection. However the truth is that all users, including dial-up users, should have a firewall installed to protect themselves from unwanted scans and unauthorized applications attempting to send data out to the internet. Not having a personal firewall installed on a computer that is connected to the internet, even for a short period of time, risks are high and very real. You stand a chance to potentially lose all data on your PC from harmful viruses.

Internet connection leaves you vulnerable to hackers who want to access your financial and personal information. Some hackers may be after your high-speed connection so that they can send malicious viruses and worms, blackening your reputation. Other intruders have the power to destroy your operating system on a whim. How can you lock that computer door but still have the freedom to do your business online?

How does firewall work?
Once a hacker get access to your files malicious codes spread through your computer retrieving your personal information that the hacker can use to steal your identity or charge items with your credit card numbers.

A firewall not only stops this from happening but keeps the malicious file out of your computer so it can't spread to your other files. That's why it's called a firewall because its job is similar to a firewall that keeps a fire from spreading from one area to the next.

If a hacker tries to invade your computer files to get your passwords and credit card numbers you've used for online purchases he simply can't get access. Computer firewall software will allow good data in but blocks all bad data from entering your computer.

Good data is when you are surfing the Internet, visiting web sites, downloading photos or data files. But bad data, like hacker programs, or anything that spies on your Internet habits without your knowledge is not allowed. s

When computer firewall protection is enabled, everything that goes in and out of your computer is monitored. With the amount of malicious programs on the Internet today it's also a way to prevent spyware and adware from getting into your computer.

To round it up, a solid firewall will help you stop intruders from accessing your system. You keep your Internet link to the outside world but the outside world can't view you unless you want them to. With a firewall in place you will still have typical email access, but chat and other interactive programs will require you to take an extra step to grant access before you can use them. A firewall is powerful, but unobtrusive-just like a deadbolt lock inside a door.

4. Applying biometric controls.
Biometric contol is an automated method of veryfyinig the identify of a person, based on physiological or behavioral characteristick. Most biometric systems match some personal characteristic of a person against a prestored profile. A comparison of the characteriscs against the prestored template produce a matching score, which indicates how closely the actual and prestored data match. Common biometric controls include the followings:

Facial recognition
Facial recognition records the spatial geometry of distinguishing featuresof the face. Different vendors use different methods of facial recognition,however, all focus on measures of key features of the face. Because a person’s face can be captured by a camera from some distance away, facial recognitionhas a clandestine or covert capability (i.e. the subject does not necessarily knowhe has been observed). For this reason, facial recognition has been used inprojects to identify card counters or other undesirables in casinos, shoplifters instores, criminals and terrorists in urban areas.

Iris Scan
Iris scanning measures the iris pattern in the colored part of the eye,although the iris color has nothing to do with the biometric. Iris patterns areformed randomly. As a result, the iris patterns in a person’s left and right eyesare different, and so are the iris patterns of identical twins. Iris scanning can beused quickly for both identification and verification applications because the irisis highly distinctive and robust.

Retinal Scan
Retinal scans measure the blood vessel patterns in the back of the eye.The device involves a light source shined into the eye of a user who must bestanding very still within inches of the device. Because users perceive thetechnology to be somewhat intrusive, retinal scanning has not gained popularity;currently retinal scanning devices are not commercially available.

Voice recognition
Voice or speaker recognition uses vocal characteristics to identifyindividuals using a pass-phrase. A telephone or microphone can serve as asensor, which makes it a relatively cheap and easily deployable technology.However, voice recognition can be affected by environmental factors such asbackground noise. This technology has been the focus of considerable efforts onthe part of the telecommunications industry and the U.S. government’s intelligence community, which continue to work on improving reliability.

Fingerprint
The fingerprint biometric is an automated digital version of the old inkand-paper method used for more than a century for identification, primarily bylaw enforcement agencies. The biometric device involves users placing theirfinger on a platen for the print to be electronically read. The minutiae are thenextracted by the vendor’s algorithm, which also makes a fingerprint pattern analysis. Fingerprint biometrics currently have three main application arenas:large-scale Automated Finger Imaging Systems (AFIS) generally used for law enforcement purposes, fraud prevention in entitlement programs, and physicaland computer access

Hand/Finger Geometry
Hand or finger geometry is an automated measurement of manydimensions of the hand and fingers. Neither of these methods takes actual printsof the palm or fingers. Spatial geometry is examined as the user puts his hand onthe sensor’s surface and uses guiding poles between the fingers to properly placethe hand and initiate the reading. Finger geometry usually measures two orthree fingers. Hand geometry is a well-developed technology that has beenthoroughly field-tested and is easily accepted by users. Because hand and finger geometry have a low degree of distinctiveness, the technology is not well-suitedfor identification applications.

Dynamic Signature Verification
We have long used a written signature as a means to acknowledge ouridentity. Dynamic signature verification is an automated method of measuringan individual’s signature. This technology examines such dynamics as speed,direction, and pressure of writing; the time that the stylus is in and out of contact with the “paper,” the total time taken to make the signature; and where thestylus is raised from and lowered onto the “paper.”

Keystroke Dynamics
Keystroke dynamics is an automated method of examining anindividual’s keystrokes on a keyboard. This technology examines such dynamicsas speed and pressure, the total time taken to type particular words, and the timeelapsed between hitting certain keys. This technology’s algorithms are still beingdeveloped to improve robustness and distinctiveness. One potentially usefulapplication that may emerge is computer access, where this biometric could beused to verify the computer user’s identity continuously.