Digital Transaction Management Standard Begins To Take ShapeBy: xDTM News
Post by Roger Kay originally appeared on Forbes.com
Digital Transaction Management (DTM) — the administration of business deals in digital form end to end— is working its way toward standardization. The benefits of all-digital transactions are now well understood. Such dealings are faster, easier, more pleasant, less fallible, more accurate, more secure, and more auditable than manual processes involving paper, which introduces error-prone steps (i.e., printing, signing, and at least scanning and emailing, if not copying, enveloping, paying postage, and trusting to the vagaries of various haulers).
So, DTM? We’re going there. It’s better, and everybody knows it. And so the industry is gathering together to create a set of standards that comprise best practices in DTM for doctors, lawyers, tailors, sailors, soldiers, spies, and pretty much anybody who transacts online. The standard itself is actually called xDTM, and it will create a level field for everyone in this game to play on. The “x” refers to what will become a variety of industry-specific groupings of — or emphases on — the eight principle areas that the standards cover: security, privacy, compliance, enforceability, availability, openness, scalability, and universality.
For example, medical DTM (which could end up with the name mDTM) is likely to have a greater emphasis on privacy, whereas financial DTM (fDTM? — these designations haven’t been finalized) might have a higher mix of enforceability. All flavors would presumably contain heavy doses of security, compliance, availability, and universality (that last gaining in importance for international operations).
The openness pertains to who can play, and the implication is everyone.
However, standards are a funny thing with respect to openness. In theory, standards lay out an arena where all competitors have an equal starting point. They also benefit consumers, who can buy a product from any supplier and know that it will work with any related kit that they already have.
In practice, the term “standard” has covered a wide range of political maneuvering over time, such as Microsoft MSFT -0.12%’s clever waiting game wherein it called Windows a de facto standard for half a decade or so to indicate the dominance of the company’s flagship operating system and then quietly dropped the de facto in its literature and messaging to indicate that Windows had become a real standard when no one other than Microsoft had agreed on its provisions and operation.
To be even-handed about this, Apple AAPL +0.84% has tried for years to wall off its garden from the broader market and outmuscle everyone else. On a number of occasions it has succeeded. The new(ish) iPhone “Lightning” connectors are only the latest in a series of moves to prevent Apple customers from mixing and matching with other vendors’ products. This proprietary approach hurt Apple when it was “out of the money” in the 1990s and is helping it now that it is dominant in several markets. Apple argues that it is trying to ensure the best experience for its customers by insisting on its own version of each component, but really the main beneficiary of this scheme is Apple. Apple also resisted USB as long as possible, promoting instead 1394, which was used for high-speed connections by Apple and Sony. When USB speeds improved and the momentum behind it became overwhelming, Apple capitulated.
If you need a further example of Apple’s perfidy with respect to standards, here’s another one: the Server Message Block (SMB) protocol, a Sun Microsystems version of which was called “Samba,” was created by IBM IBM -0.32% and adopted by Microsoft in the early 1980s as a means for computers on a local area network (LAN) to discover each other and exchange files. Sounds useful, right? Apple, the other major force in personal computing at the time, refused to play. Apple machines could not share resources with PCs on the same network. That one ended badly for Apple, which was summarily run out of corporate networks as a result. Nearly two decades later, Apple quietly slipped SMB into a revision of its OS X stack.
However, even accounting for the political nature of some standards, there are many examples of successes, including USB and 802.11. The former covers universal physical connectors for computers and accessories while the latter deals with wireless connections everyone can use. The whole computer industry and the public have benefited greatly from having standards that don’t lock them in to a particular vendor.
A happier story is how the Payment Card Industry Data Security Standard (PCI DSS) was broadly adopted by credit card companies, banks, and merchants to reduce credit card fraud. Among five major credit card companies — Visa V +0.26%, MasterCard MA +0.01%, American Express AXP -0.28%, Discover, and JCB — an agreement was reached in the mid-2000s to unify their varying approaches to security. At that time, there had just been a number of high-profile breaches, and the industry needed to do something. All five firms had their own security schemas, but it was obvious that unification was necessary.
Eduardo Perez, senior vice president for risk strategy at Visa, explained that they all agreed to use Visa’s protocol as an initial baseline and build from there. “We gave that over. Our requirements formulated PCI 1.0,” he said. Although Visa contributed its intellectual property to the group to get things going, further developments were considered common property. Nine years later, PCI DSS is in its third revision, and the whole world adheres to it.
Now Perez is contributing his experience with Visa to the xDTM Board of Governors, which is bringing together senior players from business, academia, and the legal profession to hammer out the details.
Board members include Brett Arsenault, chief information security officer at Microsoft, and Rick Echevarria, vice president of Intel INTC -0.38%’s Security Group. In an email, Echevarria said his interest in xDTM is in the efficiencies it will bring to business process transformation. He noted that his position on the board is personal rather than corporate, but that Intel is considering joining officially. He pointed to Intel technologies “in new areas like multi-factor authentication and biometrics that can enhance the security of transactions” in an all-digital world.
The move to standardize xDTM was initiated by DocuSign (an Endpoint client and number 42 on the Wall Street Journal’s Billion Dollar Startup Club), which is a leading player in the digital signature space, a cornerstone of all-digital transactions. However, DocuSign’s main rivals — Adobe and Silanis — could become members. The purpose of a real standard, after all, is to allow interoperation at any point along the way. If a standard works, the greater good is enhanced, not just the fortunes of one company.