Account Watcher helps individuals protect their own online financial and personal assets. It is a service that is an electronic agent that watches account activity and takes appropriate action when anomolous transactions or attempted transactions occur. It will be offered as a generic white label product by organisations who currently hold online assets for other people.Once a person gives data about themselves to an organisations they have few ways of protecting it. Account Watcher provides a tool to help people protect and monitor information about themselves after they have supplied it to others. This protection can take many forms and acts as a supplement to, rather than a replacement for, protection measures installed by organisations.
Currently account watching services are run by the organisations holding online assets. Account Watcher provides an independent third party watcher to complement current services. Account Watcher is needed because some organisations do a poor job of account watching, there is an increase in online fraud activity, organisations with good systems can use extra help, and because Account Watcher will increase the confidence individuals have with using Electronic Transactions.
Account Watcher facilities are difficult for individual organisations to implement and there is a strong business case for outsourcing these functions to specialised suppliers. Of equal importance is the ability of Account Watcher to Watch many accounts for the same person and through cross referencing detect more attempts at fraud. Because of the way Account Watcher is built and organised this is possible whereas it is difficult for organisations holding assets to offer an integrated service with other organisations. The innovations in Account Watcher are the integration, different ways of identifying individuals, concepts of sharing responsibility with others, individuals acting on behalf of organisations electronically and visual representations of electronic happenings. To our knowledge there are no other companies offering Account Watcher services in the way envisaged.
The initial target markets are second tier financial institutions with inadequate account watching facilities in their existing systems and who require account watcher services both for regulatory and marketing reasons.
Account Watcher builds on the existing Edentiti data entry and signatures services.
This project is a proof of concept implementation to prove that the concept is practical. The approach is an extension of an existing application where individuals take control of their own information before they give it to others.
The features for this proof of concept grant are:
- Account Watcher functions of issuing of alerts and tracking information
- Different methods for individuals to prove who they are when asking account watcher to perform actions on their behalf and to act as two factor authentication methods
- The development of the concept of organisational identities where individuals act on behalf of organisations.
- Visual representation of electronic approvals
- Cooperative protection mechanisms where others are invited to share in the responsibility for protecting information
- Ways of allowing the electronic equivalent of a signature witness where the signature is electronic
- Ways of showing the real world representations of electronic approvals
Account Watcher Functions
There are many issues involved with the implementation of account watcher functions. The starting point will be the functions that are used by organisations to protect data. The major difficulties for Account Watcher are deciding what to watch for, how to give the end user control over what to watch for, how the end user can understand what is happening, how to reduce the amount of information so that it will be noticed, how to escalate investigations once there appears to be a problem, how to coordinate information across organisations in a privacy friendly and understandable way. Many of the issues are ones of human perception and how people organise their lives and their interactions with technology and a major part of the work involved with Account Watcher is understanding how people can use the Account Watcher Tool. For example, how can people use the system if they do not have direct browser access to the Internet but have to work through other communication media.
Proving who you are
Most Internet systems depend on passwords or secrets for people to prove who they are and to give authority for transactions. To successfully deploy Account Watcher it is believed that other authentication methods will be needed to cater for people who have difficulty remembering passwords or who do not have Internet access. Account Watcher believes voice authentication and/or soft tokens may help overcome this problem. Other schemes such as fingerprints on smart cards will also be considered if they become commercially available.
Account Watcher can watch organisation accounts just as well as accounts owned by individuals. The issue is how to designate that you are an officer of an organisation and wish to watch a company account. This part of the project will develop the idea of an individual acting in an account watcher role for organisational accounts.
Visual Representation of Electronic Actions
A human factor issue with electronic systems is how to represent electronic happenings in a way that people can understand and manipulate. This part of the project will explore different ways of visually representing such actions as approved transactions and electronic alerts.
Cooperative Protective Mechanisms
In the real world we invent ways of helping each other protect our property. We should have ways that people can help protect each other’s data in the electronic world. One simple approach is the concept of multiple signatures before an action is initiated. Other methods might ways of giving others “power of attorney” over some or all transactions in our name. The project will investigate electronic ways for people to help protect each other’s data. One possible way is to have an Account Watcher that watches other Account Watchers.
An important part of many signature systems is the concept of a witness. The project will attempt to answer and implement an electronic equivalent of a signature witness. The purpose of doing this is to make many legislative and regulatory functions immediately applicable to the electronic world. Many regulations are now written in terms of “in the presence of”. Can we have “in the presence of” with video or can we do it asynchronously.
Showing Electronic Approvals
A related question to Witnessing Signatures is how can an approval be recognised and displayed to others so that they will accept and understand that approval has been given.