Internet transaction security tiptoed another step forward yesterday after Visa and Mastercard – the two largest credit card providers – chose Terisa Systems Inc to implement their Secure Electronic Transactions (SET) protocol reference implementation (CI No 2,946). Currently the vast majority of transactions use channel security, which means that the encryption ends when the session ends. Document level security allows digital signing of documents so that both ends can verify who they’re dealing with, a method proponents claim will be necessary for more sophisticated transactions such as online banking and stock trading. Visa International Inc and Mastercard International Inc are expected to publish the SET specifications on their Web s ites next month. Los Altos, California-based Terisa Systems, which sells the SecureWeb Toolkit, will offer a commercial grade SET implementation to the kit in the fourth quarter of this year. Terisa is using the attention to promote two new initiatives. First, it’s getting into the Web transaction applications building business and says a signed document application will be its first offering. It’s also aiming to become a one stop shop by offering tools, applications and certification authorization. Terisa is in talks with a number of firms which offer certification and expects to announce a deal in the next few weeks. Terisa says it’s interested in speaking with IBM Corp after Big Blue’s announcement that it’s signed up 15 banks for a new Internet banking transaction service (CI No 2,995). IBM is expected to adopt the SET standards, after all, it was on the board which hammered them out, but so far has only said it’s evaluating the protocol.
