The Last Wave

Remember the hype? Personalization technology will change the consumer experience by knowing what we want to buy, exactly when we want to buy it. It would take us back to a simpler time. Back to the grand old days of The Greatest Generation complete with the proverbial corner hardware store and the friendly old-man proprietor. Where everybody knows your name.

That familiar feeling, while personal and friendly in meat space, also know as the real world, is far from desirable and often darn right creepy online. We were hoping for something taking us back to small town 1954 but ended up with a consumer’s 1984.

The problem with the corner store old-man analogy that was used is that it was missing the human variable. People interact with each other differently than they interact with machines.

The internet is not about personal service; it’s about self-service.

Using technology to change the way customers interact with companies is happening now more than it ever was in the late 90’s. There are great examples of how companies in two industries, Banking and Travel, are fundamentally changing the interaction between customer and company.

Just Like The Real Bank, but Hold the Colonnades and Arches Facade

A recent study from the Pew Internet & American Life Project showed that 44% of internet users say they use online banking. This represents a 47% increase in just two years. And you know if banking is doing it, this internet thing must be mainstream. Considering banks are about the last type of retail institution that thinks Neo-Classicism is the hottest thing in architecture, this is a pretty big deal.

The real shift in banking is not the number of people taking advantage of these online tools, it’s that consumers are selecting banks based on the quality of their online offerings:

This press release from the keynote group discusses the shift in more detail and is titled “Online Banking Critical to Bank Selection and Brand Perception, Reports Keynote”:

“Online banking has become an increasingly important factor for consumers in
determining where to open a new bank account. More than 56% of consumers in the
study said online banking and bill payment services were a very important factor
in choosing a bank; ahead of considerations such as the physical location of
bank branches (45%) and ATMs (52%). Over the course of Keynote research in the
industry, online banking has continued to climb as a key consideration, closing
in on the two leading considerations: free checking (68%) and fee and service
charges (67%).”

It seems somewhat counterintuitive. The trend is pointing away from local service oriented personal banking and is pointing towards massive and cold but functional online tools.

Travel Agents; Need Job, Will Travel

The travel industry more than any other has seen a rapid movement to impersonal consumer self-service.

Consumers and business travels today can book entire trips including airfare, transportation and lodging online. And it doesn’t stop with order entry. Once at the airport the consumer will check-in using a credit card and unmanned kiosk. By the time the consumer gets to the destination city the rental car will be waiting in the parking lot with the keys in the ignition waiting to be driven off the lot. The hotel check-in, much like the flight, is a quick swipe of the credit card at a kiosk in the lobby.

There are few times that you may talk to a real live person: either ordering room service or handing your boarding pass to a ticket agent, and even those are vanishing:

“[The International Air Transport Association] … also wants to replace boarding
passes' magnetic strips with bar codes and swap bar-coded baggage tags for
automatic radio frequency identification tags, even though they are currently an
expensive option compared with paper bar-codes.” (From cnn.com: The Rise
of Self-Service Travel)

Travel agents are packing up and moving to more fertile ground. Specifically the agents are moving to the more lucrative group travel and complex multi-hop business travel.

"... online travel, comprising companies like Expedia.com, Travelocity.com, and
AAA.com. The www generation can't seem to get enough of the wide range of travel
options, immediate availability confirmations, immediate price comparisons, and
outrageous deals that are available on most online travel companies' Web sites."
(From: DestinationCRM.com: Customer Self Service: Are You Ready?)

Looking Forward

Companies that historically would be proud of their customer service must make the shift to incorporate the impersonal self-service model in order to compete in the web-enabled world.

Consumer and business users alike demand easy, always-available and deep access to company’s resources and processes over the web. Companies must avoid the hiding information and capabilities from users for fear of loosing a customer interaction, that human element. At the end of the day it's better to keep the customer than chase them away to your competition.

Who’s next to fall under the weight of the self-service monster? I don't know but I think that professional service firms, law firms and ad agencies had better watch their back. Hourly billing is about to run into a little trouble.

Marketing programs are boring. Boring from an execution perspective. They just don't change enough to make the execution interesting.
Regardless, if you're creating a web banner ad campaign, driving traffic to your website using postcards or are just wanting to know what your conversion rate on your newsletter is the guts of the execution, the infrastructure, remains the same.

Boring jobs are prime candidates for computers. And being their overlords we can tell them to do these tasks until we tell them to stop. Besides, computers like doing repetitive tasks. That's what they were bred to do.

Before we go into how frameworks can help marketing let's take a short journey to the land of software development for a little grounding and perspective. Part #1 of this series talks about the benefits of software development frameworks. Enjoy.

Did We Ever Buy a House for the Plumbing?
Don't get me wrong, plumbing is important. But, would it ever be the number one reason you buy a house? Would it make the top five?

First, software development teams have learned long ago that business people only pay for business value. This creates quite the dilemma for software development teams since all projects involve a certain amount of behind the scenes work that will never be directly reflected in business-facing features. This back-end work is often called plumbing. Plumbing is critical component of a smooth software development and the inevitable ongoing maintenance project.

Second, another nightmare beast lurking around the corner of mid to large software development efforts is the -ilities (e.g. scalability, customizability, usability, extensibility). In addition to greasing the skids of the software development effort, plumbing also ensures that special care is taken to keep the ilities in line. A good portion of plumbing in a software development project is dedicated to addressing these ilities.

Third, constancy and readability the software code facilitates code reuse. A framework constrains the way developers can accomplish a task. A rough scenarios would be that outside of using a framework a developer may have 10 or 15 different ways of solving a particular problem, but within the Framework they have to select 1 or 2. This purposeful reduction in available options greatly enhances the readability and potential reuse of the planning, coding and testing processes.

Throughout the project teams must constantly balance resources between creating features and creating plumbing. No plumbing, and the project falls apart. No features, and the project has no value to the business.

Flavors of Frameworks
Frameworks range from extremely lightweight (Struts, Servlets, command line) to elephant-heavy (EJB, CORBA, RDBMS). The weight of a framework refers generally to the amount of work that it performs in the application. The fewer functions the framework performs the lighter it is considered.

There is no correct weight for a framework. Like most things involving tons of people there are endless debates on the pro's and con's of each style. The most recent trends in software development have been leaning towards the lighter models, but that's neither here nor there.

Mitigating the Cost of Plumbing
There are two ways that the costs for plumbing are absorbed in software development projects.

Front-End Loading: The first option is true to its name and involves loading a bunch of extra time on a project to working on a development framework for the remainder of the project. This approach only makes sense in an R&D environment or where the problem domain is not well explored (e.g. NOT a web shopping cart application).

COTS: The second option is to use Common Off The Shelf (COTS) frameworks that provide the structure and guidelines for developing a specific type of software. These frameworks are often open source project that are well supported by the open source community.

Technology Framework Wrap Up
Hopefully all that technical stuff didn't force you to click the little grey x in the corner of the browser window (or the red dot for all you OSX users out there). Here's a summary of what technology frameworks have to offer:

1. Focus the Team on Business Needs. By focusing on business needs and not plumbing the team's creative and emotional energy is spent solving the real problems. The goal is to minimize the amount energy spent on low-business-value activities
   
   
2. Allow for Asset & Knowledge Re-Use across Projects. If a project was important enough to do once it will often be done twice or more. Reuse is often held up as an efficiency saver but in my mind it more importantly creates a foundation of knowledge for the team. If a group is reinventing the wheel each project, then they are not properly leveraging the similarities between projects. Reuse also allows for managers to create a set of baseline metrics for evaluating past project success and for creating pro-forma success metrics for newly envisioned projects.
   
   
3. Codify Best Practices. Best practices start with the best intentions but are often ignored in the heat of development. Frameworks provide real constraints that can't be ignored by the development teams. By having the best practices be woven into the framework software managers don't have to worry over weather or not the team members have read the some dusty standards document.

Same Bat Time, Same Bat Channel
Frameworks are very popular in the technology world. In my opinion the single most important aspect of frameworks is that they provide a way for knowledge workers to invest energy in an asset that will pay off immediately.

In part #2 of this series I'll go into more detail about how the software development concept of a framwork can be applied to the marketing process.

The only truly secure computer is one that is turned off. As our misguided comrades at the MPAA and RIAA have found out, access and security are mutually exclusive. Since computing devices must be used in order to justify their existence we must find a better way to secure our digital world.

The second most secure computing devices one that is locked in a thick lead vault, disconnected from networks hidden from view. This is almost as useless as a powered off device, but at least allows for Mission Impossible style access.

The third most secure computing device is one that is not connected to a network. Over the last couple hundred thousand years humans have been perfecting the art of limiting or denying physical access to other humans. Physical security is old hat for us, so we can handle it. When it comes to shuffling around electrons we have much to learn.

The next best thing to turning off every electronic device you own is to create air-gaps between networked devices, as in unplug your computer from the network, or unplug your network from another network. And then came the Internet, which makes unplugging undesirable. So much for that. The network effect on the security space is exemplified by the recent news that the Lexus nav onboard computer may be vulnerable to BlueTooth virus attacks from up to 15 feet away. Before BlueTooth, the network in this example, one would have to physically break into the Lexus in order to gain access to the onboard computer systems. And once you gain access to the onboard computer you own the car. Game Over.

Security in a networked world is a balance between safety and access. The more access you allow the more risks are involved on the security front.

What About Passwords?
Password security is like hanging a blue tarp up as a door to your fortified castle. Passwords are small, human readable and often easy to remember keys to most of our computing devices. But nothing is worse for security than the password. The fundamental reasons that passwords are bad are as follows:

1. Information can't be created out of nowhere. If you have a 2 character alphabetic password, there are 26 letters in the alphabet, 52 letters including lower and upper case, 2-spaces for the characters giving us 2704 unique password combinations. No matter how many layers of encryption and obfuscation you add on to this two character password it only takes at most 2704 guesses to break the password and gain access to th system. Now in the real world passwords are much longer, more like 8 or 10 characters, but this doesn't slow computers down. Passwords like these can be cracked in minutes.
   
   
2. Passwords have to be remembered. To be remembered passwords need to not look like j2h3LWicmJ234. This severely limits the number of probable combinations for a human readable password, and this knowledge can be used to accelerate the password cracking process.
   
   
3. Passwords should not be reused. How many passwords do you have? 10? 20? 50? How can anyone be expected to come up with a strong and unique password for each of the computing devices that they access.
   
   
4. Passwords should change often. The more you change passwords the faster you will run out of memorable passwords. This forces people to store passwords on secondary media (e.g. dead trees on unencrypted files) in reach of their computer; check the side of your monitor for sticky notes, please.

The shortcomings of passwords is well known and there are many solutions to today's password dilemma. One of the approaches coming from the Microsoft camp is the excruciatingly long password approach. While novel it still only addresses one of the two password issues outline so far.

In my opinion passwords are doomed to be forgotten in the dusty pages of history along side blood letting and human sacrifice. My hope is that my children will laugh at me when I tell them that I used to type a password to gain access to computing systems.

Other type of password-based security systems used passwords generated from dedicated password devices such as products developed by RSA or CryptoCard. These products allow users to generate one time passwords that are unique and generated once every period (e.g. once per minute). The passwords are used once to initiate a session and then put away until a new session, such as a web browser login to an email system, needs to be initiated by the user.

The security devices work by having universally unique pairs of the devices one with the sender and one with the receiver. Think of the device as being a random number generator which takes two inputs: the current time and a secret number that is very large. Every minute a new password gets calculating and displayed to the user, and at the same time the same password is generated at the server or receiever side. As long as the shared secret number between the two parties is kept secret and the clocks between the two parties remain synchronized the two systems will be able to produce millions or billions of identical one-time passwords.

Shared secret systems like these are usually weak. However, these password devices don't give up their shared secret easily. Crack the case on one of these puppies and the system will wipe its self clean. These type of devices remove most of the weakness of passwords and move security back into known space: physical security. So hold on to that password generating device.

Still, one problem remains. The single use passwords can still be intercepted and used somewhere else without the sender knowing what happened. Also, once initiated the session between the sender and receiver can be highjacked and used for other purposes.

Who Says The Military is Out of the Innovation Game?
The solution to the password problem is not a better password, it's billions of passwords changing faster than the flicker of flash bulbs at a red carpet event. This spread spectrum approach, long used in military radio communications is starting to be used by commercial enterprises in more mundane applications. We're mainly interested in its security characteristics.

"Spread-spectrum radio communications, long a favorite technology of the
military because it resists jamming and is hard for an enemy to intercept, is
now on the verge of potentially explosive commercial development. The reason:
spread-spectrum signals, which are distributed over a wide range of frequencies
and then collected onto their original frequency at the receiver, are so
inconspicuous as to be 'transparent.' Just as they are unlikely to be
intercepted by a military opponent, so are they unlikely to interfere with other
signals intended for business and consumer users -- even ones transmitted on the
same frequencies. Such an advantage opens up crowded frequency spectra to vastly
expanded use."

We can learn some things from our military brethren. Spread spectrum gains security by having the sender and receiver of a message quickly hopping from one frequency to the next in a deterministic way. The next frequency is hop to is determined by a shared secret using a symmetric encryption algorithm such as RSA. Only data sent on the correct frequency at the correct time is deemed valid both the receiver of the message.

Back to Cyber-Space
This same type of approach can be duplicated on a computer network using cryptographic algorithms. The shared secret between the sender and the receiver would be calculated in a dedicated device such as an RSA USB fob. While the frequencies can be simulated by using a new key as a seed to the trasnport layer cryptographic algorithm.

The fob is a small device dedicated to storing and generating cryptographic information that we talked about earlier. The only way to predict the next "frequency" that will be used for communication is to access the guts of the fob and extract the shared secret. Again, good news for us that the fob, being a dedicated device has Multiple layers of security that thwart both physical and electronic attack.

Limiting the number of potential attacks to a security system is the best that we can do. The more that digital security can be moved back into the physical security domain with devices such as the one-time password generators, the more we will have a chance to get a grip on security in the digital, connected world.

Given the threat of identity theft, the blowback from increasingly invasive advertising tactics and the proliferation of advertising messages on everything from coffee cups to every square inch of anything NASCAR-affiliated the relationship between advertisers and consumers is strained, to say the least.

In the rush for the consumer's attention and their all-might dollar advertisers have resorted to louder and more invasive tactics to get the message through to consumers. This coupled with increased data gathering by advertisers of consumer information has created quite a violent backlash.

The backlash is everywhere but it is easiest to quantify online. The new version of loved-but-hated king of the web browser Internet Explorer comes activated with pop-up blocking software. The master of online advertising, Google, packs pop-up blocking software with the Google Toolbar. Added to that this phenomenon can be seen in the proliferation of sites such as www.BugMeNot.com that help consumers circumvent the registration pages so common on the front pages of news sites everywhere. The backlash has been well covered in the news in Wired articles such as "We Don't Need No Stinkin' Login."

Relief From Canada in a Non-prescription Form
A new service from our friends over at the Canada Post makes advertising act more like an online dating service. This new offering is changing the way consumers relate to advertisers.

The service is called Fetch. The service starts with a logo and/or a sound effect that is attached to mass advertising communications such as TV ads and billboards from affiliated brands. The Fetch call to action is accompanied by a Fetch code, which is a unique code for the advertiser or program, such as GOAOL for America Online.

Consumers then rush to their favorite pull-media device such as their cell phone SMS (Shart Message Service) or web browser, enter the fetch code and get access to the advertiser's message, offer and additional materials. The consumer can ask for electronic of physical supporting materials all anonymously through the Fetch media outlets.

If and when the consumer wishes to deepen the relationship with an advertiser the Fetch program passes the consumer's information on to the advertiser, but only with explicit consumer consent.

The power of this system is that it allows a safe environment for a consumer to retrieve deep information about an advertiser without fear of being put on a mailing or phone list. And unlike other atempts at services like this it requires no bulky external hardware device such as the CueCat barcode reader. The Fetch FAQ on their web site sums it up in a single sentence:

Use fetch because it is the easiest way to get information, samples, coupons,
and other stuff from marketers without directly contacting them. Only fetch lets
you "test drive" a marketer.

... and advertisers are being test driven all the way to the bank.

Advertisers: Give Consumers Something for Nothing
The way that consumer advocacy groups talk about advertisers it is as if advertisers are only after one thing, the consumer's profile. Not true, first they want consumers to buy thier stuff and second they want know who is buying so they can find like-cosumers to sell to. Any other information gathered from other consumers is used to further hone advertising, but is often not critical.

Fetch: Bringing in a New Interaction Model
Every single dollar spent on TV advertising is delivered to an anonymous consumer. Advertisers don't mind. In fact, most advertising is sent to anonymous consumers.

Services like Fetch provide a bridge between the mass messaging and a direct interaction with consumers.

The power in this type of service from the advertisers perspective is quite clear. The message gets out, the responses get counted, the offers get delivered and if wanted by the consumer the profile data flows in.

At the end of the day the advertising companies get more data on response rate than was ever possible in the past. All this data is willingly and lovingly handed over by consumers who think they are getting the better end of this bargain.

Have you ever seen Google, Amazon.com or EBay crash? I don't mean be unavailable for a few minutes, I mean crash, dead, hard stop, gone, *fizzle*!

Now contrast that to how many times your home computer has crashed or how many times you've lost a document you were editing due to the software flashing, gurgling and kicking the bucket. The Google gods, Amazonites and EBayitizens are not writing better software or creating more stable hardware but their stuff just doesn't break.

The reason: rooms full of people collectively holding, patching and keeping the sites live, functioning and up to date. Not to mention people to migrate data as specifications change or data sources evolve. Tim O'Reilly put it very clearly in his open source paradigm shift article, which by the way has really very little to do with open source:

"Sites like Google, Amazon, or eBay -- especially those reflecting the
dynamic of user participation -- are not just products, they are
processes

I like to tell people the story of the Mechanical Turk, a 1770 hoax that
pretended to be a mechanical chess playing machine. The secret, of course, was
that a man was hidden inside. The Turk actually played a small role in the
history of computing. When Charles Babbage played against the Turk in 1820 (and
lost), he saw through the hoax, but was moved to wonder whether a true computing
machine would be possible."

Thank you Tim, someone had to say it. Now if we can just remove it from the pages and pages of Open Source hubbub in the first 3/4 of the article. behold, the process.com.

Software as a Service From a Software Perspective
The reason why I poo-poo'd the open source spin in the previous article is that the real secret to the success of these process.com's is as simple as proper allocation of responsibilities. This is known in the software field as 'encapsulation' that is grouping of responsibilities and knowledge into defined units. Or for all your Adam Smith-ites out there it's a simple division of labor.

People within the process.com companies are responsible for creating, maintaining, patching and enhancing the product that they produced. And because they built it they are also the most able to operate it.

Yes, yes, I know, what about patching? Doesn't the process.com model apply to auto-patched systems like Windows XP SP2? Well, no not really. The reason is that things change too often. And when things change, data changes.

The bane of software development is legacy, and the prince of the legacy kingdom is data. Did anyone have to create a new account when EBay or Amazon.com came out with a new user profile system? Did you have to convert all your old orders to the new database? No way Jose. Someone else did it for you -- and thank you for that.

The Integration Silver Bullet
Each new integration technology announced comes out claiming an end to integration nightmares. This silvery bullet fed to us often come in strange acronyms like WSDL, SOAP, CORBA and XML. Each of these are the silver bullet we are told. Alas, the technologies are never able to live up to the hype.

One of the key problems with integration is the same as it always has been: change. Things change, interfaces evolve, data formats grow and stuff breaks. The only way to solve integration is to solve the people and process problem behind it. You guessed it, the perfect companies for the task are those wiley process.com-ers. Other issues in integration such as process model missmatch will be topic of a future article, so stay tuned.

A great example of why process.com companies are the answer to integration enigma is at a bank. Banks are not known for their innovation or risk taking but one bank has proven that they understand why their online banking service (not just software) is so powerful.

As of January 1st 2005 Wells Fargo Online has released a new section on their banking site that allows users to browse and view all of their spending automatically broken down by category (e.g. grocery, retail, travel). Wells Fargo has taken all of the finacial data from your banking records and merged it with Visa's merchant database and come up with a killer offering. Since the data feed from Visa, which may potentially be hand created by Wells Fargo, will evolve Wells Fargo must continually adjust their software to compensate.

Did I mention that Wells Fargo is also connected with Northwest Airlines so you can check your miles from your online bank account? Not only has Well Fargo created a promising solution but they have also created a foundation for a new way to look at your own consumer spending (not that most of us want to know how much we spend on candy bars and coffee shops).

Imagine Wells Fargo connecting up to point of sale systems from major retails? Imagine if you could click on the spending category "travel" in the bank report, click on your flight from Miami, click to see what meal was served on the flight and be able to see what your seat number was. Take it one step further and allow Wells Fargo to calculate how much money you have saved by using coupons? What about mapping your spending on a MapQuest map to see where you drop the most dough? The opportunities are limitless.

Well, What are We Waiting For
Unfortunately, it seems like we're waiting around for a technology or software product to solve this for us. The data is there, it just needs to be connected.

Software as a Service is not just another way of distributing software. It's a completely different way of doing business. Stay tuned for the second coming of the killer .com's.

Reading a recent article over at the McKinsey Quarterly it is starting to become clear that IT is working its self right out of a job. And it's about time.

The article, titled "Managing Next Generation IT Infrastructure" drills into the "factory" approach for IT infrastructure as apposed to the "build-to-order" model. The premise is that built-to-order systems that support a single or small set of applications are grossly inefficient. Inefficiencies come from a few places:

1. Each software application or set of applications has a dedicated hardware and OS support infrastructure leading to increased management and service costs (read: too bad infrastructure is an economies-of-scale game).
   
2. The dedicated hardware/software stacks are bought and built for peak load, which rarely if ever happens. The net result is a huge amount of wasted capacity (read: $$$$$).
   

A New Home
Somewhere between the utilities companies and the facilities management companies is where IT as we know it will live out the rest of its years.

"With this model, filling an IT requirement is rather like shopping by catalog.
A developer who needs a storage product, for instance, chooses from a portfolio
of options, each described by service level (such as speed, capacity, or
availability) and priced according to the infrastructure assets consumed (say,
$7 a month for a gigabyte of managed storage). The system's transparency helps
business users understand how demand drives the consumption and cost of
resources."

In the above example above what strategic value does IT provide? The loss of strategic value to the company of one of the primary reasons why IT deserves as much focus and energy as the building management team. The IT department could be outsourced overnight, the servers shipped to China or down the street, the applications moved to new infrastructure and the network replaced with new routers, switches and hubs. No one would notice.

Up Next
We can look at this two ways. From one side it's the end of core-IT services as a competitive differentiator. From another angle it's the beginning of an entirely new class of IT service companies: Common Infrastructure Providers.