About HKTDC | Media Room | Contact HKTDC | Wish List Wish List () | My HKTDC |
Save As PDF Email this page Print this page
Qzone

IT & E-Commerce(HKTDC Hong Kong Trade Services, Vol 02,2004)

Vol 2, 2004











IT & E-Commerce

Linking The Virtual Logistics Supply Chain

Weaving A Watertight Web

Going Electronic

Linking The Virtual Logistics Supply Chain

Old technology: the humble barcode could soon become a thing of the past if RFID technology takes off as expected

Hong Kong and Chinese mainland businesses including small- and medium-sized enterprises (SMEs) should begin planning immediately for the next big revolution in the modern supply chain.

The advent of the Electronic Product Code (EPC) that combines radio frequency identification (RFID) with an Internet backbone is about to take the business world by storm.

Developed at the Massachusetts Institute of Technology's Auto-ID Centre in Boston, EPC was formally unveiled in 2003 as the global standard for RFID applications that enhances end-to-end supply chain visibility.

Leading companies such as Wal-Mart, Tesco and Metro as well as the US Department of Defence have announced plans to adopt EPC as the standard to integrate RFID into their supply chains by January 2005.

They perceive tremendous benefits in the 50-year-old RFID technology, which has tremendous potential to deliver new-century solutions to improve the way manufacturers, distributors and retailers do business.

However, it is only when RFID is implemented with international standards and a global open-information network that its potential to revolutionise the industry and global supply-chain operations is truly unveiled.

The EPC standard provides the missing link by providing much cheaper adaptation and better support as much higher value will be added to the global supply chain by a combination of key elements.

The major building blocks of EPC are:

  • EPC - which is being used to uniquely identify items down to serial level
  • RFID-radio frequency identification involves tags which combine silicon chips and antennas that communicate with readers by radio waves
  • the EPC backbone - which communicates product-specific information such as an item's origin or production date with pointer-like protocol via the RFID tag

The EPC backbone comprises:

  • ONS - object name service, which is used to locate databases containing product-specific information
  • EPC information service, which is used to store item characteristics and movements
  • PML - physical mark-up language that is used to represent item characteristics and movements
  • EPC middleware that sits between readers and the back-end information system for passing information across the network

EPCglobal Hong Kong, formed under the auspices of the Hong Kong Article Numbering Association, is charged with facilitating and overseeing the adoption of EPC- related technologies, standards and applications in the local business sector.

The new organisation believes there are several advantages to implementing EPC's vision to create an Internet of Things, which is a concept for storing a wide spectrum of information about the supply chain in an open and distributed architecture.

By providing real-time inventory visibility, EPC offers numerous potential benefits including:

  • anti-counterfeit capability (especially in drugs and high-end consumer goods)
  • safety and security
  • improved product forecasting
  • increased on-shelf stock availability
  • warranty and after-sales service
  • helping reduce theft, administrative errors and costly product recalls

Industries such as logistics, information technology, packaging and printing and electronics are among those that have the best potential for EPC development, with logistics particularly well suited given Hong Kong's status as an international trading hub.

The EPCglobal Network, an open global system that allows trading partners to improve their ability to track and share supply-chain information, should therefore ideally be linked with the Digital Trade and Transportation Network (DTTN) due to be launched in Hong Kong next year.

Together these two systems would provide:

  • real-time, automatic location of objects throughout the supply chain
  • increased responsiveness to customers' needs
  • increased visibility at all points along the supply chain
  • facilitation of an open, collaborative environment with trading partners

EPCglobal Hong Kong is exploring various EPC implementation pilots with the local logistics industry, including an EPC global track-and-trace pilot that aims to help track and trace products flowing from the mainland's manufacturing facilities, their shipment through Hong Kong and export to overseas markets.

Other companies have also expressed strong interest in participating in pilot implementation projects in such diverse areas as production control, warehouse management and asset management.

In addition, the new technology could help boost Hong Kong's efforts to establish itself as the regional supply-chain hub by accelerating and further enhancing the integration of the mainland's manufacturing base with the rest of the world.

A common EPC data platform, together with other infrastructure such as DTTN, would further boost the integration of logistics operations and increase the volume of goods and information flow between Hong Kong and the mainland. EPCglobal Hong Kong is now working closely with EPCglobal China to further integrate the two areas via EPC development.

Mutually beneficial, the collaboration would bring progressive growth to the local software industry through developing information technology solutions to support different EPC applications, creating new business opportunities and employment and positioning Hong Kong as the EPC pioneer and leader for technology exports.

Seeing the benefits of EPC

Several overseas EPC/RFID pilot implementations have already provided solid examples of the benefits that can be provided by the new technology.

The logistics industry test schemes included:

  • the truck-loading pilot at a food manufacturer's warehouse which showed that EPC and RFID for pallet-level tracking could possibly help drive down the cost of a single warehouse by 16,000 euros per year and save an average of 20 euro cents per pallet
  • Global Foods' truckload assembly and truck-loading test scheme indicated that approximately 7-30 seconds per pallet could be saved for 300,000 pallets shipped using RFID scanning, giving a potential saving of 25,000 euros in labour costs per year and 25 euro cents per pallet
  • AIDC Freightways' fleet has 1,250 tractors, of which 750 are used for pick-up and delivery operations. With the implementation of EPC-enabled inventory tracking, the company cut the number of pick ups and deliveries by 10% while simultaneously reducing labour costs by US$4.5m per annum

Weaving A Watertight Web

Simple steps: use secure passwords and change them regularly to protect against technology crime

The Internet has been a boon to business. However, it has also given criminal elements new possibilities for crime.

While some of these are traditional crimes committed through the Internet, others use computers to commit new offences or target the computer system itself.

There are several main areas of concern for small- and medium-sized enterprises (SMEs) including:

  • hacking (unauthorised access, access with criminal intent)
  • criminal damage comprising website defacement, Denial of Service Attack (DoS) or viruses
  • Internet fraud such as bogus websites and commercial fraud
  • misuse of accounts
  • online theft including abuse of passwords (theft of personal identity numbers or PINs), theft of corporate information and Internet banking

However, detective senior inspector Kevin Leung of the Hong Kong Police says technology crime is not as daunting as it may seem. "Most SMEs have nothing to worry about if they are aware of the potential problems and implement some commonsense steps to safeguard themselves, their staff and their businesses," he insists.

The first concern, Leung says, is hacking, or the abusive use of and unauthorised access to computer systems. "This often involves gaining access by using a number of different hacking programs to exploit the vulnerability of a computer system and the abuse of account IDs or passwords," he explains.

Hacking activities vary but can be summarised as:

  • browsing information on computer systems for "fun"
  • misuse of the computer system to launch further cyber attacks
  • disruption or destruction of computer data and files
  • obtaining sensitive information such as personal data, passwords and credit card account details to commit further offences such as Internet banking theft

Most hacking activities are unsophisticated and often involve young people who are either unaware of the implications of their illegal activities or are unconcerned as to the consequences of their actions. "To date, there is little evidence to suggest that organised criminals are using hackers in support of their criminal activities in Hong Kong," Leung says.

He warns there is no simple solution to deter hackers. "Viable solutions involve a combination of firewalls, an intrusion detection system and virus detection software, physical security and incident response procedures and high security awareness," Leung advises.

Criminal damage is, he says, of much more concern to local SMEs because they involve the use of programs written to disrupt or destroy computer data and files. "The three most commonly encountered malicious programs are computer viruses, Trojan horses and logic bombs, which work in several distinct ways," Leung explains.

These include website defacement or the change of content - usually the front/main page - of a website with hacker messages or a virus. "The other, and far more serious effect from an SME's point of view, is a denial of service attack or DoS," Leung says.

A DoS uses a networked computer or computers to bombard another networked computer or server communication traffic to disrupt, cause the server to break down or enable unauthorised access. "These attacks often result in significant financial loss as a result of down time, damage to computer systems and loss of reputation," he adds.

The final malicious program is a computer virus, which takes its name from its biological counterpart.

"A computer virus replicates itself or inserts copies or new versions of itself in other programs when executed within the infected program," Leung explains.

The virus can manifest itself in several ways including signs on the screen regarding its existence, erasure of memory or destruction of hard drive contents. "Viruses can be written for all platforms, including PC, Macintosh and UNIX," he warns, adding, "Estimates of the total number of computer viruses vary dramatically."

Internet fraud includes the same scams that have been conducted by mail and phone, as well as new cyber scams.

"It's sometimes hard to tell the difference between reputable online sellers and criminals," Leung admits.

"But it is important you know who you're conducting business with, what security features they offer, their privacy policy, and their return or refund procedure."

Bogus websites that use domain names very similar to genuine websites are another area of potential concern to SMEs. "Examples include bogus cyber banks and investment houses that create a fake website and then solicit potential victims throughout the world by email," Leung says.

Similarly, criminals advertise their services or products via the Internet, using anonymous or false registration information to commit commercial fraud. "They often ask victims for down payments and then never deliver the promised service or products," Leung explains.

Internet fraud also encompasses scams such as the '419' advance fee racket in which culprits (usually from African countries such as Nigeria) send out emails claiming to have a huge sum of money that needs to be moved to foreign accounts but requires an advance fee. "Thankfully, this is very rare in Hong Kong," Leung adds.

More common is the misuse of Internet access accounts, where criminals obtain users' accounts on the Internet. "The main purpose is to avoid billing for goods or services or identity or password theft," Leung reveals.

"Abuse of passwords or theft of PINs lets criminals take over the victim's financial life, including opening new bank accounts, transferring bank balances, applying for credit cards and loans, buying property or taking luxury vacations."

Theft of corporate information, however, is more likely to involve an ex-employee who steals company secrets before leaving. "There have also been cases where ex-employees have hacked into the companies' computer systems to look at confidential emails," Leung says.

Finally, Internet banking theft occurs when the victim's bank PIN or password is misappropriated. "In some overseas countries, the victim's computer system was infected by Trojan horse programs that allowed criminals to capture user IDs and passwords," Leung reveals.

"Users have to be extra careful when using online banking in offices especially if a computer is shared with other colleagues."

But, he advises, there is no guarantee that technology crimes such as these will not increase in future as Internet use becomes even more widespread and criminals become more sophisticated.

"The most important thing for SMEs to remember is to be aware of technology crime and implement basic precautions," Leung concludes. "If SMEs continually monitor their technology and upgrade their computer protection systems, there is no reason why they should not utilise the Internet to build profitable businesses."

Basic security tips

There are several simple steps that small- and medium-sized enterprises (SMEs) can take to protect themselves from technology crime including:

  • install a personal firewall and Intrusion Detection System (IDS)
  • upgrade anti-virus protection software frequently
  • upgrade operating systems and applications files frequently using the security patches provided by the developer
  • back-up critical data files regularly
  • use secure passwords and change them regularly
  • scan all email attachments for viruses before opening them
  • do not give out personal information to any caller or email recipient unless they are known or the company they claim to represent is trusted
  • monitor the activities of all underage computer users and teach them how to avoid security breaches
  • shred all paper files, bills, correspondence and personal documents before placing them in the trash for disposal
  • do not use pirated software or software from untrustworthy sources
  • don't play with hacking tools

Services security tips

The careful SME should follow these essential tips to remain free from technology crime:

  • don't invest or purchase a product or service without carefully checking out the investment, product, service, and the company
  • don't be afraid to request further documentation from the marketer so you can verify the validity of the company
  • don't be pressured to send money to take advantage of a special offer or deal
  • don't be hurried into sending money to claim a prize that is available for only a limited period
  • don't disclose information about finances, bank accounts or credit cards - not even the credit card expiry date

Technology crime statistics in Hong Kong

Title of offence
2000
2001
2002
2003
2004
Jan-Jun
Unauthorised access to computer by telecommunication
275
33
26
47
6
Access to computer with criminal dishonest intent

-

81
138
356

152

Criminal damage
15
27
16
16
8
Obtaining property by deception
29
32
45
86
56
Obtaining services by deception
-
33
19
17
7
Thefts (E-banking related)
0
8
6
8
3
Others *
49
21
22
58
48
Total
368
235
272
588
280

* Others include traditional offences such as criminal intimidation, using a false instrument etc

 


Going Electronic

Computerising commerce: various applications are available to facilitate the entire process and allow SMEs to perform certain tasks automatically

Hong Kong may be one of the most advanced cities in the world in terms of e-commerce technology, but there are still opportunities for small- and medium-sized enterprises (SMEs) to make significant cost savings and productivity gains by integrating it further with their businesses.

So says Peter Yan, chief executive officer of Global e-Business Services Ltd or GO-Business, who points to the flourishing import/export sector as proof.

"Hong Kong has around 70,000 import/export companies, a much larger trading community than other Asia Pacific economies - for instance, Singapore has approximately 10,000," he says. "The Hong Kong government has adopted the approach of accepting only electronic submissions, so basically all of them have the capability, and are required, to submit electronic documents."

The Hong Kong government's Commerce, Industry and Technology Bureau granted GO-Business a licence in April last year to provide front-end Government Electronic Trading Services, or GETS, for processing official trade-related documents. (The company also operates the government's Logistics Department's Electronic Tendering Systems (ETS).)

GETS alone handles around 17 million electronic documents per year, and the company is accordingly deeply involved in electronic commerce between business and government.

Submitting these documents is a statutory requirement rather than a part of a company's core business, and Yan advocates using e-commerce technology creatively in this area as it also lets companies achieve significant operating benefits in other sections of their operations.

"SMEs should focus on their core business - submitting electronic documents to government should be an automatic step within the trade flow and not a separate manual process taking up valuable time and resources," he insists.

"SMEs can work with us to have their entire trade process automated, or if it is already automated they can easily integrate that trade documentation submission process with their systems using our tools, so that processes are handled automatically with a minimum amount of human intervention."

According to Yan, a number of large corporations, such as Samsung and DHL, and SMEs alike have used GO-Business's services and experienced dramatic benefits from the technology.

Yan says GO-Business has been rather successful in terms of penetrating the enterprise segment of the trade community. "Take DHL as an example," he says. "By integrating the whole electronic document process with its in-house system, we allowed DHL to achieve substantial savings in terms of costs and operational resources and redeploy these resources to other higher-value tasks."

Now the company is trying to replicate the success with SMEs, which Yan asserts can achieve comparable benefits at highly competitive costs despite being generally more risk averse.

"We have covered different industry sectors - for example, DHL is a logistics service provider, Samsung a manufacturer and Edward Keller a trader," he says. "They're easily recognisable representative cases in their industry sector, so when we replicate this to SMEs they feel comfortable and can recognise the benefits and advantages of our system."

GO-Business regards the integration of electronic trade documentation with an SME's other computerised functions as a "holistic" approach to business administration, allowing the organisation as a whole to operate more effectively.

"By focusing largely on making the entire trade process electronic we let customers' operational staff focus on the main line duties related to their business," Yan explains.

GO-Business offers SMEs various applications or solutions to facilitate the entire trade process, as a result of which the SME is able to perform certain tasks automatically.

"We believe there is enormous room for growth in those areas and that we shouldn't only focus on trade documents - even though the trade document is a very good entry point to introduce people to other ways of doing things," he believes.

To this end, GO-Business has begun to cooperate with software houses whose systems are widely used to integrate its e-commerce technology with other applications that can then be sold as a package, or incorporated as an upgrade in an existing system.

"We guarantee an SME will be paying less than it is paying to its existing service provider - not to mention all the other things we provide," he explains. "They subscribe to our basic service and our value-added services, and the total cost is invariably less than what they used to spend."

According to Yan, using GO-Business' services is more cost-effective than its competitors and the system has the advantage of guaranteed recorded delivery - something its competitors cannot offer in electronic trade processing.

This can be invaluable for avoiding government penalties for failure to declare trade declarations within 14 days, Yan notes. "If you submit your declaration after 14 days you are subject to a penalty charged by government, and guaranteed transmission then becomes important," he notes.

Yan notes that one company incurred a fine of HK$120,000 for non-submission of electronic documents it thought had been delivered.

"It finally negotiated it down, but it still had to pay a substantial sum - then it switched to using our service," he adds.

Electronic efficiency

The Hong Kong government's policy of encouraging businesses to use e-commerce as a channel for important documents in general and for the tendering process in particular has lead to a number of tangible efficiency gains.

These include:

  • electronic tendering is a secure and confidential process
  • electronic tendering is faster, more responsive and virtually free of wasteful paper work
  • electronic tendering is possible round-the-clock and, because no physical delivery is involved, is free of geographical constraints
  • electronic tendering can be integrated with other functions of a business, greatly enhancing efficiency in generating tenders based on up-to-the-minute information
  • online tendering vastly increases the procurer's supplier sources and thereby enhances business competitiveness
  • e-commerce technology greatly reduces dependence on repetitive tasks such as re-keying text and data, freeing staff for more productive purposes
  • because e-tendering.com is linked to tdctrade.com the process gives procurers access to the TDC's vast network of suppliers.

E-tendering is the first step on the path to fully integrating e-commerce practices with business operations, and as such is a key initiative in preparing businesses for the fast track of the future when paperwork, courier deliveries and many day-to-day clerical duties will be obsolete.