Analysis of Japanese Loyalty Programs Considering Liquidity, - - PowerPoint PPT Presentation
Analysis of Japanese Loyalty Programs Considering Liquidity, Security Efforts, and Actual Security Levels June 24, 2014 @WEIS 2014 Bongkot Jenjarrussakul, and Kanta Matsuura Institute of Industrial Science The University of Tokyo Outline
Institute of Industrial Science
Introduction
Loyalty Programs Security Incidents
Japanese Loyalty Programs Security-Liquidity Implications Conclusion
The University of Tokyo
2
– The rewards usually take the form of Reward currency or Point. – Locates between online games and Bitcoin.
– Allow their customer to exchange points between different LPs.
The University of Tokyo
3
etc.
The University of Tokyo
4
USA Canada
North America
to at least one LP.
two or more LPs.
least one LP.
Japan ← has more than 200 LPs Europe ← Newbie to LP
20 40 60 80 2006 2008 2010 2012 2014
Number of household (%) Year
household with possession of e-money
household with possession of point card 0.973 1.335 1.796 2.089 2.647 0.0 1.0 2.0 3.0
Year
(Billion)
’00 ’06 ’08 ’10 ‘12
26.7%↑
116.22 120.72 119.97 50 100 Year
bershi ship p (Million
’08 ’10 ‘12
Slightly decrease due to demographic factors.
The University of Tokyo
5
USA
security incidents related frequent flyer program (FFP) on alert sites from
Canada
used fraudulent credit cards.
redemption of the credit card point for gift cards.
North America
redemption at many LPs such as
voucher .
security incident related to FFP from British airways.
Japan Europe
– Liquidity – Operating firms’ security efforts – LP systems’ actual security levels
– Linear regression analysis
The University of Tokyo
6
Introduction Japanese Loyalty Programs and Their Network
The Network of Japanese LPs Liquidity of the Japanese LPs Security-related Data of LP Operating Firms
Security-Liquidity Implications Conclusion
The University of Tokyo
7
– Information of existing LPs in Japan – Estimated real-currency values of LP Points – Exchange/conversion rates between systems – Query of possible routes – Required duration for exchange process
– From 9 industries (refers to METI’s list of industries) – Industries with high interaction with customers
The University of Tokyo
8
METI : Ministry of Economy, Trade and Industry
The University of Tokyo
9
30 days Point: 20,000 (30US$) 21 days Point: 20,000 (20$) Matsumoto KiYoshi Point: 14,000 (14$) (Point exchange site) 7 days (Railway smart card) 1 days Point: 14,000 (14$) Point: 7,000 (7$) (Drug store) Total require Time 59 days.
Miscellaneous manufacturing (13)
The University of Tokyo
10
Coming in only Going out only Both directions Type of flow (edge) Group 2: Having 2 types of flows between 2 nodes Group 3: Having only 1 type
Group 1: Having all types of flows between 2 nodes
Electricity, gas, heat supply and water (16) VDO picture, sound info., broadcasting & commu. (17) Information Services (19) Transportation & Postal activities (20) Retail trade (22) Finance & Insurance (23) Miscellaneous non- manufacturing (26) Manufacturing of Electrical Machinery (09)
– No. of corresponding type of edge (x) – Average no. of partners (y) – Then separate the score into 4 levels
: Low (L)
: Medium-Low (ML)
: Medium-High (MH)
: High (H)
The University of Tokyo
11
The University of Tokyo
12
Industry (ID) Liquidity
LPs Average size of damage from security incidents Average size of expense on countermeasure Manufacturing of electrical machinery (09) L 12,740$ (0.04%) 70,970$ (0.20%) Miscellaneous manufacturing (13) L 4,696$ (0.03%) 74,118$ (0.45%) Electricity, gas, heat supply, and water (16) L 2,450$ (0.01%) 112,006$ (0.26%) VDO picture, sound information, broadcasting & communication (17) H 2,940$ (0.02%) 70,155$ (0.51%) Information services (19) MH 47,367$ (0.43%) 151,341$ (1.38%) Transportation & postal activities (20) H 7,525$ (0.05%) 47,753$ (0.31%) Retail trade (22) ML 8,003$ (0.05%) 40,286$ (0.26%) Financial & insurance (23) MH 12,658$ (0.02%) 235,716$ (0.32%) Miscellaneous non-manufacturing (26) ML 2,975$ (0.03%) 60,422$ (0.62%) The University of Tokyo
13
% in () is percentage of the average size to average capital size. Data of 2012 by Ministry of Economy, Trade and Industry (METI).
The University of Tokyo
[Pt] ] 1 [Yen] 0.67
ANA Mileage eage Club (IND 20) Yamada ada Denk nki (IND 22) 22)
[Pt] ] 0.09 [Yen] 0.9
QooPo
(IND 13) Sony ny Point nt (IND 09) TEPCO (IND 16)
[Pt] ] 2.5 [Yen] 0.75 [Pt] ] 0.1 [Yen] 1
Softba bank nk Mobile ile (IND 17) 17)
[Pt] ] 1 [Yen] 0.67 [Pt] ] 0.25 [Yen] 3.75 [Pt] ] 0.025 [Yen] 0.375
JAL L Mileage eage Bank (IND 20) Pont nta (IND ND 26) 26)
[Pt] ] 0.5 [Yen] 0.75 [Pt] ] 1 [Yen] 0.67 [Pt] ] 0.1 [Yen] 1 [Pt] ] 0.029 [Yen] 0.43 [Pt] ] 0.1 [Yen] 1
Matsum umoto Kiyosh
(IND 22)
[Pt] ] 1 [Yen] 0.67 [Pt] ] 0.2 [Yen] 0.3 [Pt] ] 0.7 [Yen] 0.7 [Pt] ] 1 [Yen] 0.67 [Pt] ] 0.5 [Yen] 0.75 [Pt] ] 0.85 [Yen] 0.85 [Pt] ] 0.85 [Yen] 0.85 [Pt] ] 5 [Yen] 1 [Pt] ] 3 [Yen] 0.9 [Pt] ] 0.33 [Yen] 0.5 [Pt] ] 1 [Yen] 1 [Pt] ] 4 [Yen] 0.8 [Pt] ] 5 [Yen] 1 [Pt] ] 0.2 [Yen] 1 [Pt] ] 4.95 [Yen] 4.95 [Pt] ] 1 [Yen] 1 [Pt] ] 3 [Yen] 0.6 [Pt] ] 0.33 [Yen] 0.5
PeX PeX (IND 19) 19) T Point nt (IND 19) Suic ica Point nt (IND 20) Mitsui i Sumit itom
Card rd (IND 23) G-Poin Point (IND 19)
14
The University of Tokyo
15
The University of Tokyo
16
Introduction Japanese Loyalty Programs Security-Liquidity Implications
Linear Regression Analysis The Results and Implications
Conclusion
The University of Tokyo
17
– Average size of expense on security countermeasures – Average size of damage from security incidents
– Rank of Japanese LPs (April 2014) – Number of partners belongs to each LP – Exchangeable type of flow (belongs to each LP)
– Investigate security-related requirements in 3 processes
The University of Tokyo
18
Liquidity Liquidity Impa Impact ct fr from
secur securit ity y incidents incidents Secu Securit rity y scor score Proxy Variables
The University of Tokyo
19
where i the index of each selected LP (i = 1,2,…,82) INDi the industry ID of the industry LPi belongs to damageINDi the average amount of damage from incidents in industry INDi ranki the ranking score of LPi
accounts, we focus on the “Origin LP” ranking.
points are exchanged to its partner system.
The University of Tokyo
20
where x the edge types between LPi and 9 industries where only the 82 selected LPs are considered y number of exchange partners of LPi
The University of Tokyo
21
– Registration – Authentication (login) – Back-up authentication (password recovery)
# of requirements about which we can obtain data
regarding LPi
The University of Tokyo
22
Registr trati ation
Login Back-up up authent enticati ation
Trusted information Physical card
Implementation
techniques Data which increases difficulty Trusted information Physical card
LP1 1 1 1 1 1 LP2 1 n/a 1 LP3 LPn 1 n/a n/a n/a
Note: n/a means that data is unavailable. 1 indicates that the corresponding requirement is satisfied. 0 indicates that the corresponding requirement is not satisfied. Trusted info : certified information, security code, etc. Data which increase difficulty : mobile number, system generated ID, etc.
LP1 → secscore1 = 5/6 = 0.83 LP2 → secscore2 = 2/5 = 0.40
The University of Tokyo
23
The University of Tokyo
24
impact from security incidents
average size of expense on countermeasures in the industry LPi belongs to. (industry-wise value)
LP-wise liquidity score
security score of the LPi
Very y low correla lation tion coeffi fficien cients ts among expla lana natory tory variables ables
The University of Tokyo
25
– Satisfying more security requirements would reduce the impact from security incidents – Support our Hypothesis 1.
– Higher liquidity would increase the impact from security incidents. – p-value is extremely low. – Support our Hypothesis 2.
Variable Coef. p-value Intercept 4311.9120 0.6401 expense 0.1938 0.0027*** liquidity 643.6897 3.49e-09*** secscore
0.0115**
p-value tells significance of the data. ** indicates significance at 5% level *** indicates significance at 1% level
Explanatory variables are significant.
Introduction Japanese Loyalty Programs Security-Liquidity Implications Conclusion
The University of Tokyo
26
The University of Tokyo
27
The University of Tokyo