The Secure Electronic Transaction system backed by the major credit card players will never come about according to a leading internet security consultant that advises some of Europe’s biggest banks, including the Bank of England and National Westminster. Guildford, Surrey-based Hyperion Systems director, Dave Birch said yesterday that the system hailed as a future standard […]
The Secure Electronic Transaction system backed by the major credit card players will never come about according to a leading internet security consultant that advises some of Europe’s biggest banks, including the Bank of England and National Westminster. Guildford, Surrey-based Hyperion Systems director, Dave Birch said yesterday that the system hailed as a future standard by Visa International Inc and MasterCard International Inc would never happen, and added, You don’t have to be a reckless maverick to predict SET isn’t doing so well. It’s too complicated and too expensive to implement. Ask Barclays when their date for implementing SET is if you want to cause a bit of mischief, and he went on to predict that Virgin which has gone on record as planning to set up the the first UK based SET site would not stick to its plans. Ask them when their first UK banking customer has set up an SET certificate? he teased. Instead Birch sees the future of secure electronic transactions lying with the Public Key Infrastructure. This process of electronic transaction is based on the existing X509 certificate authentication standard and the Secure Sockets Layer 3 standard for secure transactions. The process is based on public key cryptography enabling authorized buyers and sellers to check other public key certificates to see if the person is who they claim to be. Digital signatures appear on certificates issued by a trusted third party, such as large organizations. Certificates exchanged between the browser and the server enable the users to take advantage of the SSL protocol, which is present in both Netscape Communication Corp and Microsoft Corp’s browser. Birch anticipates this system – which Hewlett-Packard Co pledged its support for a couple of week ago (CI No 3,325) – will be widely used within four years. However, the likes of Visa disagree that SET will not take off. Visa spokesperson Colin Baptie says SET already has the backing of 80% of the worlds banks that deal with credit card transactions, and pilot schemes are already under way in 15 countries including the US. Baptie sees one of the main advantages of SET being its transparency to the user, and describes the digital certificate issued in this process as the virtual credit card. But Netscape spokesperson Tim Nicholls does see a future for the PKI model, and argues that it is far simpler to implement, largely because it is based on existing technology. Netscape, and Microsoft, already have the facility to enable the use of the new technology, but although Nicholls sees a bright future for PKI, he believes SET will get off the ground – if not in the imminent future – mainly because it has received such fierce backing from the likes of Visa, MasterCard and IBM Corp. Nicholls said: If we wait for SET a lot of organizations will miss the electronic commerce boat. While he sees SET as appealing to bigger organizations, Nicholls believes smaller operations will do better to go with PKI. Hyperion is a privately held IT consultancy, that started trading in 1986. Birch is one of the founders of the company, most of whom came from Logica Plc. Birch anticipates his 30-man operation will see a revenue of 2.2m pounds this year.