The ever expanding number of applications that link the physical and digital worlds provide wide ranging opportunities for industry and its insurers but with the potential for systems failure on an un

Pervasive or ubiquitous computing is the term used to describe the way various information and communication technologies are linking the physical and digital spheres in an ever expanding number of applications.

It is hard to think of any normal daily or economic activity that will not change as a result of pervasive computing. Insurance is no exception. It is, therefore, in the insurance industry's interest to address this new technology as a matter of urgency, to exploit the benefits of pervasive computing, foresee any potential hazards and initiate appropriate risk mitigation measures.


Computer chips are becoming smaller and cheaper; they can also communicate with each other wirelessly, making them suitable for embedding in everyday objects, such as appliances and vehicles. Such computerised objects, thus, acquire the ability to process and share information via computer networks, such as the internet. Radio frequency identification (RFID) tags are a crucial component of this new technology.

Pervasive computing is, however, more than just RFID tags. It is a combination of various technologies resulting in a network of objects capable of receiving, processing and relaying information over computer networks. This gives computers the capacity to work and make choices on their own, which opens up a whole new range of potential applications.

The innovation potential of pervasive computing especially applies to the management of supply chains, product life cycles and customer relationships. Many work processes are now much more efficient thanks to pervasive computing. In an insurance context, it would be possible to adopt dynamic cover concepts, meaning that the sum insured would automatically be adjusted to reflect changing value constellations, thus mitigating the problem of over and under insurance.

The automobile and transport sector can benefit greatly from pervasive computing. In fact, transport companies are already using it to manage their fleets. RFID tags in vehicles connect with global positioning systems (GPS) via communication interfaces to provide regular updates on their location. This allows the company to coordinate the vehicles' routes, and even avoid adverse road conditions.

In addition, pervasive computing can offer new approaches to preventing or minimising losses on the roads. A black box with a global navigation system, sensors and mobile communication technology records data about the driver, time of departure, route taken, speed, acceleration, where the journey ends etc.

Pervasive computing applications are also being used to improve logistical processes. The aim is to optimise storage periods and supply chains. Big parcel companies, for example, use fully integrated RFID systems every day. All parcels are given an RFID tag on receipt, which is used for automatic transportation in the distribution centres. This makes it possible to track the parcel's progress over the entire logistical chain.

The same technology can facilitate new insurance solutions based on dynamic data capture, which when transmitted periodically can be used by the insurer to adjust premiums to bases such as 'pay-per-use', 'pay-as-you-drive' and 'pay-per-risk,' so they are tailored to the individual. Preliminary field studies involving these applications were conducted in Texas in the 1990s.

Pervasive computing can also offer new opportunities to property insurers. Today, most risk related information is either gathered before granting cover or through periodic inspections and maintenance work. Pricing is, therefore, based on historical data and any sudden, or even gradual, changes are not reflected in the premium. Real time data, made possible by pervasive computing, can give more up to date and comprehensive information, allowing insurers to calculate risk more accurately. As a result, they can tailor products more closely to the actual risk.

Tailor made insurance product needed

Insuring data processing systems, both hardware and software, has traditionally involved risks with which insurers are familiar. These include computer loss through fire or natural peril, data or data integrity loss, theft or unauthorised access to confidential business data and the shortage or unavailability of data systems and their associated services.

Some of the risks related to pervasive computing are already covered by insurance products, for example property, product liability and professional indemnity insurance. However, traditional insurance concepts were not originally designed for industries whose very survival depends on a functioning IT system. Coverage was developed for individual systems - not networks. Hence, wordings available in the market may not adequately address risks that arise out of the combination of various technologies resulting in a network of objects capable of receiving, processing and relaying information that is typical for pervasive computing systems.

In principle, pervasive computing and its associated networks will not do much to change this situation. They do, nevertheless, bring one new and major consideration to the equation - globality of losses. Whereas system failure used to be limited to a single computer system or a few companies, cumulative and series claims are now possible on a scale unprecedented in the history of insurance. This presents a major challenge for insurers to provide the commensurate cover. It is a kind of vicious circle: as data processing systems and communication networks grow in economic importance, the harder it becomes to find cover for them.

However, insurers can only underwrite these risks if they understand them, which means being able to describe and quantify them. Technological progress invariably involves some unwanted side effects, which have no loss history, and pervasive computing is no exception. Insurers need to be vigilant for any unwanted, unexpected factors that could trigger claims. The first question to ask is: what harm can this new application cause?

Insurance questions

Insurers and reinsurers need to monitor their total exposure to risks connected with pervasive computing, in order to amend their insurance conditions, premiums and underwriting policy as more experience with the risks becomes available.

Liability issues within pervasive computing are extremely complex, particularly in view of its globality. There are some fundamental questions still outstanding in relation to network risks: Which jurisdiction applies in the event of a liability claim? Where did the loss occur? Where was it caused? Who is liable?

Insurance, in a nutshell, means consolidating individual risks of the same type into risk communities according to economic criteria. The members of the risk community then share the burden of any insured losses (solidarity principle). The contribution of each member of the risk community (premiums) may be either higher or lower than the losses they personally incur. Insurance adds value by allowing individuals to plan their ongoing finances without having to factor in the possibility of incurring a major loss.

However, risks are now becoming more distinguishable. Pervasive computing, by generating more information, will accentuate this trend and make the risk breakdown within the same community more apparent. Will this jeopardise the solidarity principle? Probably not. In fact, a more precise categorisation of risks could actually reinforce the solidarity principle. And many policyholders stand to benefit from improved risk differentiation as it will lead to fairer pricing for their own individual risk.

One principle which will remain unaffected by pervasive computing is randomness, which is as important as solidarity in insurance terms. Technology may match premiums more closely to risk, but whether an individual policy actually incurs a loss or not will remain a random science.

Pervasive computing will change the nature of property and IT insurance and product liability and professional indemnity insurance. It will lead to new cover concepts. Insurers must make the most of this opportunity.

- Andreas Schraft is head of risk engineering services at Swiss Re. Email: Website: The internet and today's requirements

In traditional insurance the focus was on protecting people and tangible assets. So it comes as no surprise that the cover offered by traditional insurance policies fails to provide sufficient protection against the threat posed by the internet. These risks normally do not turn out to be in the form of bodily injury or damage to tangible assets, yet are pure and simple property damage - which is not generally covered under the terms of a company's liability insurance policy. In some countries, like Switzerland, damage to software and data is expressly excluded from liability policies.

Business interruption insurance would be of particular interest to companies who sell at least part of their goods and services over the internet. However, business interruption always assumes traditional property damage and, therefore, does not apply in most internet related cases.

Some insurers have developed wordings which are tailored specifically to the dangers of the internet. As there is currently no reliable data available on the loss frequency and possible extent of such damage, this cover represents the industry's first tentative attempt to come to terms with this new risk. Only the future will tell how far these products have to be developed further.

The cover available ranges from pure liability policies to pure business interruption policies, while combined products are being offered on the North American and Anglo-Saxon markets in particular. Some insurers are limiting their products to a special target group, for example, to private clients, small businesses who have information-only websites or web server providers. Other providers are making their cover contingent on the insured's co-operation with a well known IT security company.

An as yet unresolved problem for insurers and reinsurers is accumulation risk, the risk that one event will trigger a number of policies. This would apply to the global proliferation of a virus (or 'malicious code'), which could potentially cause considerable damage and trigger all insurance covering damage to data and the resulting business interruption at the same time. Unlike earthquakes, floods and other natural perils, the damage caused by viruses is not limited to a specific geographical area. Insurers still do not have models with which to estimate the full scale of the accumulation risk arising from the boundless dimensions of the internet.

The insurer is left with only two options if it wants to limit its accumulation risk: exclude damage caused by viruses or limit the sum insured for accumulation risk.