Patenting Software Security Fixes

The Register reports on a company called Intellectual Weapons, which offers to patent fixes for newly discovered security vulnerabilities, weaknesses, or technical flaws in software. Then the company will seek to license the fixes to vendors of the vulnerable products and other security providers.

Intellectual Weapons describes their process:

  1. You submit vulnerabilities you have discovered, without telling anyone else.
  2. If we accept them, we work together to develop a fix.
  3. We develop intellectual property relating to the fix, and license or enforce it
  4. You share in the profits

The company acknowledges enforcement may be tough:

Enforcing the IP may not be straightforward-we fully anticipate major battles. . . .We only want people who dare to play for high stakes.

Consumers Empowered?

A patent targeted by EFF’s patent busting project caught my eye. A company called NeoMedia claims:

the general concept of reading an “index” (e.g., UPC number1) off of what it calls a “data carrier” (e.g., consumer product) and crossreferencing that index in a database in order to find the necessary information to look up and connect to a remote computer (e.g., URL fetched out of a database which is then inserted into a web browser).

The November 15, 2006 edition of the EFF’s Effector email newsletter summarizes the patent:

NeoMedia claims to have invented the basic concept of any technology that could, say, scan a product on a supermarket shelf and then connect you to price-comparison website.

This technology has the potential to empower consumers and force prices to reflect real-time supply and demand. Think about scanning the bar code of a product at a retail store with your phone. The information is transmitted to a price-comparison site and the results display on your phone. Now you know instantly whether the price there at the retail store is the best price.

This technology has the power to put some real teeth into those lowest-price-guarantees. What if the price-comparison surveyed not only online retailers but also traditional retailers? So you could scan a product at Circuit City and find out it is available for $50 less at the Best Buy store one mile down the road?

A company called Scanbuy already provides a free service that allows consumers to enter a bar code into their cell phone and receive: best price, other online prices, product reviews, and information about the product. This service will probably only really catch on when it is easy to use, i.e., when the users cell phone scans the barcode instead of requiring the user to manually enter the number.

Will retailers honor their lowest-price-guarantee when a customer shows the retailer the price comparison results on their phone? Some guarantees do not apply to prices of online retailers, and some match only in-print advertisements from competitors. The cost of redeeming a lowest-price-guarantee has been described as a hassle cost. Can retailers afford to continue providing guarantees when the consumer’s search cost incurred in discovering a lower price is virtually eliminated? Will this technology be the death of low-price guarantees? Or will retailers just retreat to price matching only in-print advertisements from competitors? If they retreat will the guarantees loose their effectiveness (if they are effective in the first place)?

Price-guarantees aside, a service like Scanbuy, should offer the option to “buy it now” that lets the user purchase a product using their phone from the online retailer with the lowest price. E-commerce continues to expand. The ability to purchase products with your phone while standing in a retail store maybe the next step in the evolving way we purchase goods.