Pignerol Antoine recently asked some questions about VRM and I thought I’d answer them publicly.

Is VRM really different from social CRM ?

Yes, although exactly how depends on how you define social CRM. Based on my understanding, I would suggest that VRM is first and foremost about providing value for the user with any vendor, as opposed to using social networking tools with a particular vendor. VRM is vendor agnostic and silo-adverse. The goal is to catalyze the development of tools for individuals through protocols and standards that let them work with any vendor seamlessly, without loss of functionality or services.

Does VRM work with a CRM ?

Sure. A CRM is a company-centric system. Every company should pay attention to its customers and CRM is currently the best-of-class thinking on the enterprise-side for how to do that. Different VRM services act on behalf of the individual, yet still require connecting to enterprise systems. For things to be seamless, VRM services should marry into CRM services for fulfillment.

Can VRM be implemented in all kinds of business?

Yes. Any business can support VRM services and be compliant with general VRM principles. Ultimately, it will be as easy for a small company to be VRM compliant as it is for a small company to run a blog or a wiki today. That takes some level of technical sophistication, but it is within grasp of any company that wants to invest a small amount of effort using freely available open source tools. Eventually, VRM will be available in the same way.

What’s needed for VRM to work ?

We need to work through electronic marketplace issues from customers’ perspectives, with attention to the full power of relationships, finding consistent ways to create new value through the network. For the Standards Committee, that means a public conversation starting with users and requirements. Once that is vetted in an open source manner, we can explore particular implementations. We believe that with a well defined, high quality requirements specification, service providers will emerge to deliver those services.

As customers are looking for lower prices, don’t you think that Personal RFPs are gonna cost more for customers (because they are personalized offers) ?

Two things here. First, I don’t think customers are just looking for lower prices. They are looking for better value.

http://blog.joeandrieu.com/2008/03/07/pricing-markets-and-demand-vrm-style/

One of my favorite examples of this is Shopatron’s business where they sell everything at 100% manufacturer suggested retail price, no discounts, no rebates:

http://blog.joeandrieu.com/2007/01/19/shopatron-redefines-vendor-relationships/

Second, the personal RFP is designed to eliminate transaction costs in the marketplace. Currently, product and vendor discovery is slow, expensive, and uncertain. That means buyers waste time and vendors waste advertising and lead generation dollars seeking the right match between needs and solutions. Any time transaction costs are reduced, you have an opportunity for better prices.

At the same time, Vendors will be discovering ways to provide more value to customers and the net result could easily be that customers will end up paying more for enhanced services or products. Ideally, this will mean that commodity products continue to drop in price while value-added customizations are welcomed by buyers and voluntarily paid for at a premium over the commodities.

What do you expect from VRM?

I expect it will take longer and be more work than any of us would prefer. However, I think that the concepts behind VRM, and hopefully our work developing standards and catalyzing working solutions, will enable a fundamental shift in the marketplace. As Doc Searls has said more than once, the industrial revolution is over: industry won. There is an incredibly powerful legacy of using computers and networks to help companies make more money (and create more value as they do so). Unfortunately, companies tend to think for themselves first, often to the detriment of overall economic benefit.

I see a world where every individual is engaged and empowered to get the most out of their relationships with vendors–vendors of all sizes. In that world, not only are individuals and vendors each getting and creating more value directly, the entire economy is operating at a higher efficiency as less money is spent on wasted advertising and product development and more is spent on fulfilling verified demand. This would supercharge Adam Smith’s invisible hand and provide a significant increase in aggregate global wealth for everyone. It takes the benefits of the zero-distance network and extends it efficiently into the domain of user-driven commerce.

At last month’s Internet Identity Workshop and the subsequent DataSharing Summit, Markus S and Drummond Reed unpacked several ideas about r-cards, which, to a certain extent, are an evolution of the Information Card at the heart of CardSpace.

Going into IIW, I understood r-cards simply as a hybrid of InfoCard’s managed and personal card models. Managed cards are issued by another party–all the data associated/transmitted with that card is controlled by that managing party, while personal cards are self-asserted, allowing individuals to serve as their own card provider, controlling all of the associated data. R-cards then, allow a managing party to co-control a card with the user–with some data controlled by the managing party and some controlled by the user.

However, during the IIW demo of r-card, I had an epiphany about how powerful the r-card is, once we actually allow the user to manage the personal claims through multiple, dereferenceable links.

One issue that came up during the demo was that if the “personal” side of the r-card is manually entered claims, such as contact information, then the user is creating a management nightmare: duplicate claims would need to be entered and maintained across many different r-cards. The more r-cards, the worse the problem.

The “obvious” solution discussed at the session was to allow the user to specify specific claims that are served by other IdPs, such as a Personal Address Manager. And for completeness sake, let’s note that such claims could be mashed up from multiple other IdPs, not just a single one. Thus, any number of claims from a particular IdP could act as a sort of sub-card, combining with other subcards at presentation time.

The net result of this is a realization that that perhaps the most interesting thing about r-cards is their use as dynamic cards or aggregate cards or mashup identity cards.

That’s pretty cool in itself.

However, it also struck me that this also potentially fixes usability problems around authorizing a bunch of vendor’s (M) access to identity claims at a variety of different identity providers (N). This potentially requires N points of authorization and authentication for each M vendors (or relying parties). Sub-cards (or r-cards) may combine that task at the point of presentation for much greater user understanding and simplicity.

Since the Card Selector is itself a trusted point of authorization, we should be able to use the “mashup” gesture as explicit authorization for relying parties to access the claims specified in the sub-cards. That is, the UI of creating the r-card/mashup card/dynamic card also explicitly approves access to specific claims from multiple IdPs, since after all, the selector is where you select which claims to present to relying parties.

This adjustment to the Information Card ceremony greatly simplifies the user experience, while retaining all the power of distributed claims at appropriate IdPs. For example, it would allow me to specify my Passport # to United Airlines, as a verifiable claim served by the US Secretary of State IdP (which should be trusted by UA), streamlining any international travel I might do, while retaining my contact info at my Personal Address Manager. All with the same authorization ceremony I use with any information card relying party.

This realization was, for me, the most surprising insight into the power of the r-card. In fact, I’m wondering if the name “r-card” captures it best.