1996-02-01 - Visa & MC Std

Header Data

From: ponder@mail.irm.state.fl.us (pj ponder)
To: cypherpunks@toad.com
Message Hash: 3a6d1ce229edf7eba164653f0b0da77709f1c511e7c2c143c9c6bf4faf192ffa
Message ID: <199602011325.AA30614@mail.irm.state.fl.us>
Reply To: N/A
UTC Datetime: 1996-02-01 14:04:30 UTC
Raw Date: Thu, 1 Feb 1996 22:04:30 +0800

Raw message

From: ponder@mail.irm.state.fl.us (pj ponder)
Date: Thu, 1 Feb 1996 22:04:30 +0800
To: cypherpunks@toad.com
Subject: Visa & MC Std
Message-ID: <199602011325.AA30614@mail.irm.state.fl.us>
MIME-Version: 1.0
Content-Type: text/plain


just heard this on NPR Friday 
am on the east coast of NA.
http://www.nytimes.com/library/cyber/week/0201internet-safety.html



February 1, 1996

Group to Unveil Industry Standard for Electronic Payments
----------------------------------------------------------------------
Forum
Join a discussion on Computers and Society: On-Line Economics. 
----------------------------------------------------------------------

By JOHN MARKOFF
AN FRANCISCO -- Hoping to remove a major impediment to credit card  
transactions over the Internet, a business group led by Mastercard  
International 
and Visa International plans to announce an industry-standard technology  
Thursday for protecting the security of electronic payments. 

The new technical standard brings together previously warring camps --  
one led by the giant Microsoft Corp., the other by an Internet software  
upstart, Netscape 
Communications Corp. 

The standard, which industry executives expect to go into commercial use  
before the end of the year, is intended to give merchants of goods and  
services in 
cyberspace the convenience of a single, universally employed means for  
protecting the privacy of on-line credit card transactions. 

And for customers, the new technology promises a much higher level of  
security for electronic purchases than has previously been available on  
the Internet. 

The new approach "is more secure than the system in use in the physical  
world in which you give your card to a waiter in the restaurant," said  
Mark Greene, vice 
president for electronic payments for the Internet division of IBM,  
which is one of the companies endorsing the new standard. 

To the extent that the end of this technology face-off gives a lift to  
electronic commerce, Netscape can only benefit, since it is the provider  
of the leading 
software used for "browsing" the Internet's World Wide Web and for  
conducting on-line transactions on the Web. 

Netscape is already on a financial roll, announcing fourth-quarter  
revenue Wednesday that was nearly double the level of the previous  
quarter and profits that 
exceeded analysts' expectations. 

"This will make it a lot easier for consumers to buy and sell things  
electronically," said Taher Elgamal, chief scientist of Netscape. "We  
won't have to face the 
issue of competing standards." 

Netscape will be working to incorporate the new technology into its  
Navigator Web-browsing software. Microsoft, in turn, will be adding the  
technology to its 
Explorer software, which competes with Netscape's Web browser. 

The software standard, called Secure Electronic Transactions, or SET,  
will permit a user to send a credit card account numbers to a merchant  
in a scrambled 
form. 

The scrambled number is supposed to be unintelligible to electronic  
eavesdroppers and thieves -- and even to the merchants receiving the  
payment. 

But a special code is supposed to enable the merchant to check  
electronically and automatically with the bank that issued the credit  
card to make sure that it is a 
valid card number and that the customer is the authorized user of the  
card. The number-scrambling part of the system is based on a well-known  
and widely used 
national software standard known as the Data Encryption Standard. 

Besides being added to Netscape's and Microsoft's Web browser, the SET  
technology would need to be incorporated into Internet server computers  
-- the 
machines that function as storage terminals and gateways that individual  
users' computers interact with on the global computing network. 

Testing of SET will begin this spring, according to Dick Lonergan,  
executive vice president of Visa, who said that commercial service was  
expected to begin late 
this year. 

Currently, many powerful types of encryption technology are barred from  
export because the government fears that foreign enemies or terrorists  
may be able to 
conspire electronically. But the new credit card security standard will  
not be subject to such strictures, its developers said, because it is  
designed to protect only 
financial information -- not electronic messages or other types of  
computer documents. 

In addition to Mastercard, Visa, IBM, Microsoft and Netscape, the other  
big organizations endorsing the new SET standard include GTE Corp. and  
Science 
Applications International Corp., a technology and military consulting  
business. Two other backers include Terisa Systems Inc. and Verisign  
Inc., both Silicon 
Valley companies that have developed some of the underlying technology  
for the SET standard. 

Last September, Microsoft and Visa together proposed a security standard  
known as Secure Transaction Technology, which would have competed  
directly with 
a system being developed by a group led by Mastercard, IBM and Netscape. 

Shortly afterwards, however, Visa and Mastercard -- the two largest  
credit card associations -- said publicly that they would pursue a  
single standard to avoid 
forcing merchants and consumers to choose between competing  
technologies. 

"We took the best of both technologies," said Edward Hogan, senior vice  
president for electronic commerce at Mastercard International. "There  
was a blip in the 
road, but both associations realized that their memberships wanted a  
single standard."

Home | Sections | Contents | Search | Forums | Help

Copyright 1996 The New York Times Company 
----------------------------------------------------------------------





Thread