Trust and Risk in Internet Commerce
L. Jean Camp
MIT Press
279 pages, bibliography, $32.95, ISBN 0-262-03271-6

Reviewed by:  Robert Bruen, MIT Laboratory for Information and Decision Systems.  May 17, 2000.

In spite of the fact that many, old time net purists cringe when they see marketing material as the peruse the web, commercial activity is really a natural evolution of network use. The use of such a marvelous communication medium for any communication should not be such a surprise nor cause dismay. Given that business as usual is taking place over the net, there is lots of adjusting for the business world to do. Although business can be conducted almost as usual, the net offers some features that have tremendous consequences that must be taken into account in order for success to be achieved.

Think about be the extent of network - it's everywhere. And it's fast, not just when you send out something, but when that something generates a response. It's convenient - put up a web site and your customers come to you. Make a change and it is there immediately for everyone to see. What more could a business want?

For starters, trust and risk are elevated as concerns. Knowing you customer is more difficult. Keeping track of them is bit harder. And by the way, understanding the technology is a bit beyond opening that little lemonade stand. The issues go beyond just security, not that security is a small feature of internet commerce, because without secure transactions there will be no internet commerce. However, security is about trust and risk. As Bruce Schneier puts it, "security is a process." Nothing is totally secure, but rather one engages in a constant assessment and management of risk, making tradeoffs every day. Underneath this approach is the problem of trust.

Trust is a fundamental piece of our interaction with other people. When it is broken, it is very hard to repair. Think about money for a moment. The US currency has been off the gold standard since Nixon. The money in your pocket is only worth as much as there is trust in the US government to back it up. Of course money is important to any business venture, so trust requires procedures, rules, regulations and laws to govern how the exchange of money for goods and services happens. For the most part, this is all well understood. Now, enter business on the net - not so well understood.

Jean Camp has pulled together the technology, commerce and the ideas of trust into a wonderful, readable book. She clearly understands the technology as she explains the basics of TCP/IP and cryptography, but she also explains money, commerce and how trust works in relation to the technology. She delves into privacy, security and data with insight that comes from extensive research. The book is detailed without being boring and the switching between the topics is smooth, so that the reader does not have stop to ask how she jumped to some point from another point.

I hope that lots of people will benefit from reading this book. It is an intelligent presentation of one of the most far reaching changes in our way life today. This is contribution to help us understand the problem, as she obviously does. I highly recommend it.