-Caveat Lector- from: http://www.customtracks.com/Conference.htm <A HREF="http://www.customtracks.com/Conference.htm">http://www.customtracks.com/ Conference.htm </A> ----- [Opening Statement - Conference Call 7/7/99] [By: David Cook, CEO of CustomTracks] [Start] Good afternoon - CustomTracks recently announced two new products - ZixCharge and ZixMail. These products take a radically different approach to the Internet e-commerce transaction market and to the Internet secure messaging market. The purpose of this conference call is to help our shareholders understand these products, how they work, and what they mean to CustomTracks. Prior to the completion of our ZixMail patent filings last week, we had maintained a very tight-lipped policy regarding the system architecture. That changed on June 29th when we opened the ZixMail informational Web site. We have received many calls since then - and many of those calls have asked similar questions. This opening statement provides answers to the most asked questions. We had hoped that the ZixCharge informational Web site - similar to the ZixMail informational Web site - could be made public by the end of June. I will outline, as best I can before the ZixCharge patent filings are completed, the ZixCharge architecture and features. My intention had been to read this entire statement at the start of the call today, but because of the length and the complexity of the statement - and in an effort to conserve everyone's time during the business day - I decided to pre-post the entire statement on the CustomTracks home page at �www.CustomTracks.com�. This should have afforded all interested shareholders the opportunity to review the statement prior to the conference call and to formulate questions for the question and answer session. [Live Session - go to:[Recap - Both]] [ZixCharge Start] Now, before I discuss ZixCharge � let me give some background on the problems with Internet e-commerce: [Background] A major problem regarding Internet e-commerce is that purchasers are generally required to provide personal and confidential information, such as charge card information and charge card billing data, to an Internet merchant when purchasing goods or services from that merchant. The merchant, in turn, uses this information to obtain a transaction approval through a charge card processor. The transmission of data from a purchaser�s terminal to the merchant Web site is generally protected by encryption. This point-to-point type of encryption is currently considered adequate for protecting that data from interception or tampering. However, once under the control of a merchant Web site, this personal data can be sold, rented, leased or otherwise distributed for commercial gain. Further, the storage and handling of this sensitive data by computer personnel at the merchant site may lead to intentional or unauthorized distribution of the data. As mentioned frequently in the press, Internet merchant sites have been targets for hackers who may be able to obtain access to this data. In certain instances, even accidental release of the data has been made by errors in the software programs that operate a given Web site. A purchaser who has had personal or charge card information compromised may then be the victim of unauthorized use of their charge cards or, in more severe cases, complete theft of their identity. Another problem in Internet commerce is the fraudulent use of charge cards. Since it is difficult to determine the identity of an Internet purchaser, particularly as it relates to ownership of a given charge card, fraudulent charge card use has become popular on the Internet. One related problem is the use of email addresses or billing addresses obtained by a merchant during a purchase transaction. The merchant may continue to send unwanted email solicitations to the purchaser long after a transaction is completed. In some cases, the abuse of the email address may include sending the email address to other parties, who may also send unwanted solicitations or �spam� to the purchaser. [Architecture] With that as background, I will now describe the ZixCharge architecture � an architecture that solves all of the problems I have just mentioned. First: [Central Repository] ZixCharge uses a central repository of consumer charge card information. Each charge card is linked to a specific email address and digital signature. This information is provided not by consumers - but by card issuing financial institutions and others. It is important that this data be provided by a reputable source that can irrefutably link a consumer's identity with their charge card information. The main use of this central repository is to obtain a charge authorization without providing any personal information to the merchant. The centralized data is not used for any other commercial purpose and is not made available to any third party. Second: [Charge Slip Interface] ZixCharge uses a charge slip interface that allows the consumer to digitally sign for a purchase � just as the consumer would do in a retail store. The charge slip is initiated by the merchant site, and can include - the merchant logo, detailed purchase information, merchant advertising, and so on. The charge slip then allows the consumer to select the payment method, shipping address options, and the method for merchant communications regarding the purchase. Once digitally signed, the charge slip, including a certified time-stamp, is returned to the merchant Web site, but it cannot be opened or read there. It is fully encrypted so that only the ZixCharge central repository can read it. Third: [Merchant ZixCharge Object - ZAPI] The ZixCharge system includes a ZixCharge Applications Processing Interface � known as �ZAPI� that resides on the merchant Web site. ZAPI provides all ZixCharge communication services between the merchant and the consumer � and � between the merchant and the ZixCharge central repository. ZAPI is able to go back to a consumer who has failed an authorization � due to credit limits or other causes � and to offer that purchaser the opportunity to select a different payment method in order to complete the transaction. After a transaction is approved, ZAPI provides the merchant with the approval and shipping information. This information is in the E-Commerce Modeling Language or �ECML� format. If requested by the merchant, this information can be provided in an alternate format. The merchant system then completes the transaction and fulfillment just as if the approval had been obtained directly by the merchant. ZAPI also ensures the transaction's validity by first combining three items - a certified time-stamp, the �hash� of the charge slip and the returned encrypted charge slip itself � and then signing the combination with the merchant's digital signature before sending the transaction to the ZixCharge central system. Note that ZixCharge does not change the merchant's existing settlement and charge-back processes. Fourth: [Centralized Approval Services] ZixCharge provides charge approval services at the central repository. All incoming charge slips are decrypted, validated by the previously mentioned �hash�, and authenticated by verifying the digital signatures of both the merchant and the consumer. The ZixCharge central repository then formats a new authorization message containing the required information to obtain a charge card authorization on behalf of both the purchaser and the merchant - and then - forwards the message to the merchant�s charge card processor over dedicated communication lines. Upon receiving approval, or not, for the authorization, the central repository sends the authorization information back to ZAPI at the merchant Web site. If a successful authorization has been obtained, the returned information will include any consumer authorized shipping information. Email communications for any transaction specific information is sent through ZixCharge and then forwarded to the consumer. The merchant is also given a ZixCharge customer ID. This enables the merchant to aggregate transactions for marketing purposes and to communicate with the consumer through the ZixCharge ID - but still protects the consumer's actual identity. The consumer can optionally block the forwarding of messages sent to the ZixCharge customer ID. Fifth: [The Mall � ZixMall] ZixMall will be the ZixCharge Internet shopping portal. Merchants who accept ZixCharge will be in the ZixMall (or in malls affiliated with ZixCharge). When consumers shop through ZixMall � they are assured that the merchant respects their privacy and is willing to sell merchandise to them without collecting unnecessary personal information. Sixth: [Worldwide Signature Server] ZixCharge uses the same worldwide signature server that ZixMail uses. This allows ZixCharge to instantly authenticate both the merchant and the purchaser in a transaction. It further ensures that a given digital signature has not been revoked, suspended, changed or deleted. [Partners - Financial Institutions] Now, to discuss partners. We are currently in discussions with various financial institutions and others regarding participation in the ZixCharge system. The discussions have been progressive and, I believe, will lead to announcements later this year. Each financial institution has between a few million and many tens of millions of issued charge cards. Additionally, some of the possible non-financial partners have as many as 15,000,000 charge cards. I further believe that certain financial institutions will offer their �checking account� customers the ability to pay for goods and services over the Internet directly from their checking accounts by signing with their digital signature on the ZixCharge charge slip � and - without issuing debit cards. This is possible due to the unique architectural design of the ZixCharge system. Card issuing financial institutions will receive a percentage of any transactions charged to their issued cards or paid from their "owned" checking accounts. [Merchant Benefits] Now, to discuss merchant benefits. To merchants, ZixCharge is a customer delivery and fraud prevention system. Merchants accepting ZixCharge will have access to large numbers of Internet consumers who are members of the ZixCharge system. Many of the ZixCharge members will be new to Internet shopping - in fact - shopping only because ZixCharge protects their confidential information. Also, fraudulent charge card usage is a major problem for merchants on the Internet. The enhanced cardholder authentication in ZixCharge virtually eliminates losses due to fraud. Merchants will be able put their corporate logo on the ZixCharge charge slip and there is an area on the charge slip for promotional messages. Merchants will pay a referral fee for ZixCharge consumer purchases. [Cardholder Benefits] Now, the benefits to the consumer. ZixCharge usage by the consumer is free. Consumers will benefit by having personal and credit card information, and purchasing histories kept confidential. Also, because fewer Web sites will have the consumer's information, there will be less chance of their identities or their credit cards being used by others. Consumers will also have the convenience of only having to "sign" a charge slip in order to complete a purchase. [ZixMail - General] Now, ZixMail. ZixMail is a new approach to the problem of insecure email communications over the Internet. ZixMail enables Internet users worldwide to easily send and receive encrypted and digitally signed email communications. This means that only the intended recipient of an email message can read it, that the email message is protected from tampering, and that the sender is always positively identified. I am going to talk about the ZixMail technology - then I will address the markets - and finally the revenue potential. The first technology feature is the centralized public key architecture: ZixMail uses a �worldwide signature server.� The worldwide signature server is a secure, world-class computing facility in Dallas with the capacity to store and to distribute public keys for every email address in the world. The public keys are distributed for both encryption and for digital signature verification purposes. The second technology feature is the certified time-stamp: ZixMail messages always include a Certified Time-stamp that is obtained from the worldwide signature server. The time-stamp can be self- authenticated and is impossible to tamper with or change. This is important now, and will become even more so for future Web applications requiring an accurate and verifiable time-stamp. Current encryption programs primarily rely on the date and time from the user�s computer, which can be pre- or post-dated, or simply wrong. The third technology feature is the automatic retrieval of the email recipient�s latest public key at the same time a message is sent: This ensures that a ZixMail user anywhere in the world will know instantly when any public key has been revoked, deleted, or suspended. Many other public key encryption methodologies do not have this feature. A related feature is that ZixMail also checks the "status" of the sender's digital signature at the worldwide wide signature server in order to determine if it has been changed or revoked. ZixMail will not allow the sending of a message without a currently valid digital signature. The fourth technology feature is the HTTP/SMTP relay: An HTTP/SMTP relay enables all email addresses - even those HTTP-based email addresses like Yahoo�, WebMail�, or HotMail� - to send and receive encrypted and digitally signed email. ZixMail operates redundant HTTP/SMTP relays (East and West Coasts) to allow users who are not�t able to reach their current SMTP mail server to automatically send the encrypted email by using an HTTP-posting method. There are more than 380,000,000 email addresses in the world now. This total is growing by 50,000,000 per quarter. Of the total, approximately 115,000,000 are HTTP-based email addresses. The fifth technology feature is the compressing of attached files: All ZixMail file attachments are not only encrypted, but also compressed. This generally cuts transmission time by 75%. The sixth technology feature is worldwide encryption export approval: ZixMail uses very strong 1024-bit public key and Triple-DES encryption. The U.S. Department of Commerce has issued worldwide encryption export approval for the product. This means that if you have offices in London, Tokyo, and New York � all of the offices can use the same strong encryption offered by ZixMail. The seventh technology feature is signature portability: ZixMail offers secure and convenient portability of a digital signature from one computer to another. This allows a user to use the same digital signature on their office, home, portable, or other computer. The eighth technology feature is ease of use: ZixMail is remarkably easy to use. Digital signatures can be created in about 60 seconds and anyone who currently uses an email program can operate the ZixMail program. The ninth technology feature is digital signature recovery: At the time a digital signature is created � ZixMail offers the user an opportunity to create an encrypted signature recovery file that will be stored at the worldwide signature server - but that we are unable to open or to read. This recovery file is encrypted using a novel method which will allow the recovery of encryption keys and the establishment of a new signature phrase without compromising the security of the keys themselves. [Additional features that I won�t detail:] Additional features that I won�t detail include return and certified receipts, an address book, and a draft area. ZixMail even prevents viruses that are delivered by "spoofing" a sender's email address � like the recent �worm� virus. The ability to email encrypted and digitally signed documents directly from inside applications, such as Microsoft Word� or Microsoft Excel� will be available this year. Additional detailed information, including some screenshots, may be obtained at www.ZixMail.com. Now, the Markets: The market for ZixMail is basically every email address that uses the Internet. Note that ZixMail works with any MIME-compliant email system, including AOL�, Microsoft Outlook�, Eudora�, Netscape Communicator�, and Lotus Notes�. There is one segment of the email market - the HTTP-based systems such as Yahoo� or Hotmail� - that have no currently available, interoperable, hard encryption system. For those of you who would like to determine the size of the HTTP-based email market - I recommend that you go to "www.emailaddresses.com" and view the link labeled "HUGE LIST" - which is shown on the left-side menu. We are targeting certain types of businesses for intensive marketing efforts - such as the legal and securities brokerage businesses. As an example of a securities brokerage application - documents such as stock confirmations can be sent with ZixMail. The digitally signed message would include text regarding the trade - and - the actual color �graphic� confirmation form which could then be printed and saved by the recipient. This would represent a substantial saving in time and money versus sending the confirmation by regular mail. ZixMail will send a digitally signed certified return receipt back to the securities brokerage house. ZixMail also intends to create entirely new markets for new services. An example would be the ZixMail "encrypted forwarding" service. This service allows a user to create an alias email address - such as "[EMAIL PROTECTED]". All email messages arriving at the alias address would be forwarded to the user's regular email address - such as "[EMAIL PROTECTED]". The added service is that the forwarded message would be encrypted using the latest public key for "[EMAIL PROTECTED]" and digitally signed by the ZixMail forwarding service. This service would allow a user to receive encrypted email at their main email address without actually divulging that address to the sender and without the sender needing to have encryption software. The user could simply redirect the forwarding address in the event that the regular email address was changed - through job loss or otherwise. There are a number of these extra cost services that we intend to implement. Now, for Revenue: ZixMail costs $1.00 per month. This price covers: - unlimited certified time-stamps on ZixMail messages you send - unlimited use of the ZixMail encryption program � including free updates - unlimited retrievals of public keys used to encrypt messages for others - unlimited use of your digital signature to sign out-going ZixMail messages - unlimited verifications of your signature by those receiving your messages - unlimited retrievals of your public key by those sending messages to you - unlimited verifications of other�s digital signatures on messages you receive This is a remarkable value for $1.00, but even better - for personal use - the monthly charge will be waived until January 2001. While not making predictions, it is easy to construct scenarios in which 10,000,000 to 50,000,000 email addresses would use ZixMail. This equates to annual revenues of $120 million to $600 million. There will be additional revenues from the various special services that have been mentioned - such as the HTTP/SMTP relay, the "brokerage confirmation" type of service, and the "encrypted forwarding" service. [ZixMail Summary] Now, to summarize ZixMail: The ZixMail architecture succeeds in converting the Internet into one giant closed-loop intranet for the purpose of sending and receiving encrypted email. We believe that this product not only changes the paradigm in secure email messaging, it creates an entirely new framework � one that is compatible with today�s communication and computing capabilities. We believe that ZixMail will become an extremely popular Internet product � one that will become part of the fabric of the Internet. [Recap - Both] Let me recap before taking questions: In January of this year � CustomTracks undertook the enormous task of building an Internet transaction system and a digital signature and encryption system. We have made remarkable progress in a very short period. This I believe, in large part, was due to our strategy of employing outside resources to work on the project during a very tight labor market. Since January, more than 150 consultants or other non-employees have worked on these projects. CustomTracks has also been building up its staff during this period, and, as of July 12th, we will have 48 full-time employees. Now, as we near the launch of our first product, ZixMail, I would like to thank all of the shareholders for their confidence and patience during this development time. Further, I would like to invite all shareholders who would like to see our secure data center to come to Dallas either next Wednesday or Thursday morning. We will have tours for shareholders, analysts, and fund managers (no press or competitors). This will be the only time that public tours will be available. Once the systems go live, no public tours will be held. Call Beverly Fuortes at (972) 702-7057 or email to Beverly at "[EMAIL PROTECTED]" to join one of the two tours. [Stock Issue] On a personal note � I have been asked several times whether I have sold any of my CustomTracks stock � or whether I am going to sell any. I want to state unequivocally that I have not sold and will not sell any CustomTracks stock this year. I will, of course, revisit this issue in the event of a merger or acquisition of CustomTracks. [Live Session - go to:[Finish]] [Questions] Now as we start the question and answer session, there are a couple of specific questions that are asked frequently - but have not been specifically covered in this statement. First, Isn�t ZixCharge just another wallet system and what about ECML? Wallet systems are primarily designed to make it easy for your personal and credit card information to be given to the merchant. Wallets normally reside on your local personal computer. ZixCharge, on the other hand, is designed to keep your confidential information from being given to the merchant. ECML, or �E-Commerce Modeling Language�, is a data format that will be used primarily by wallet technology vendors to submit consumer personal and credit card information to a merchant Web site. Because ZixCharge will use the ECML format to deliver shipping information to merchants - we hope for widespread adoption of ECML by merchants and e-commerce software vendors - thus reducing our systems integration work at each merchant�s Web site. I believe that once consumers use ZixCharge, they will request that all merchants respect their privacy and confidentiality by accepting ZixCharge - or they will take their shopping elsewhere. Second, Is there a key escrow for ZixMail? In order to obtain worldwide encryption export approval from the Commerce Department - for encryption that the National Security Agency cannot break - there is a requirement that a secure key escrow be established, normally with a "trusted third party". This escrow can be accessed only by court order from a federal court of competent jurisdiction. CustomTracks has been approved to be its own �trusted third party�. The escrowed keys, however, are encrypted by public key cryptography and can only be decrypted by a private key that is unknown to CustomTracks or ZixMail. Third, Are you going to change the name of the company? Yes. We will ask shareholders at the CustomTracks annual meeting to change the corporate name - probably to �ZixIt Corporation�. Fourth, When will revenues start? For ZixMail, we expect our first commercial customers by year-end. For ZixCharge, we are not going to make a forecast at this time. [Finish] I hope the opening statement answered most of your questions. For those questions that remain, please feel free to ask them at this time. [End] "Safe Harbor Statement" The following is a "Safe Harbor Statement," made under the Private Securities Litigation Reform Act of 1995. This document includes forward-looking statements. These statements involve management assumptions, risks, and uncertainties, including, but not limited to, the following: (1) the ability of the company to successfully develop its ZixMail and ZixCharge systems and to marshal the resources to complete the development of these systems in a timely fashion; and (2) the ability of the company to gain market acceptance from consumers, web merchants, financial institutions, and others for its systems. Consequently, if such management assumptions prove to be incorrect or such risks or uncertainties materialize, the company's actual results could differ materially from the results, if any, forecast in the forward-looking statements. ----- Aloha, He'Ping, Om, Shalom, Salaam. Em Hotep, Peace Be, Omnia Bona Bonis, All My Relations. Adieu, Adios, Aloha. Amen. Roads End Kris DECLARATION & DISCLAIMER ========== CTRL is a discussion and informational exchange list. Proselyzting propagandic screeds are not allowed. Substance�not soapboxing! These are sordid matters and 'conspiracy theory', with its many half-truths, misdirections and outright frauds is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRL gives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credeence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://home.ease.lsoft.com/archives/CTRL.html http:[EMAIL PROTECTED]/ ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om
