Associations Plan Joint Internet Security Standard

Article excerpt

Suppressing their competitive instincts for yet another matter of mutual concern, MasterCard and Visa have agreed to produce a joint security standard for transactions over the Internet and other personal computer networks.

Their decision to cooperate, announced last week, came seven months after Visa began working with Microsoft Corp. on what it called Secure Transaction Technology, and five months after MasterCard entered a similar alliance with Netscape Communications Corp.

The card associations' leaders had been saying for months that their separate efforts would likely converge in this way for the benefit of their owner-members in the banking community.

"If there was any concern in the industry that MasterCard and Visa were going in different directions, this announcement should put it to rest," said Richard M. Lonergan, executive vice president of Visa International's point of transaction group.

The associations expect to publish specifications in September and to begin using them with card transactions on the Internet by early next year.

Mr. Lonergan and his counterpart at MasterCard International, senior vice president Edward J. Hogan, stressed that their common desire for transaction security and reliability would not diminish - and could actually enhance - competition between the two brands and among their thousands of card-issuing banks.

The bank card groups, among other corporate entities, anticipate an explosion of buying and selling over the Internet and interactive networks like America Online and Compuserve.

The lack of security is widely believed to be inhibiting electronic commerce. Mr. Hogan said "significant roadblocks are eliminated with this announcement."

"MasterCard and Visa have agreed to support one standard specification for electronic transactions on open networks," Mr. Hogan said in a conference call with journalists. "We are creating a set of standards that many vendors would implement."

Several startup companies - notably Cybercash Inc., Digicash Corp., First Virtual Holdings, and Open Market Inc. - are selling commerce systems complete with payment methods designed to overcome the security shortcomings of public computer networks. (See article on page 20.)

Most rely on data encryption, the use of complex mathematical formulas to scramble the account numbers and other sensitive data in transmission. The intended recipient has a key to decipher the code.

The MasterCard-Visa standard will be based on encryption products of RSA Data Security Inc. of Redwood City, Calif., a leader in the field.

Visa hooked up with Microsoft, the world-leading software company, and MasterCard with Netscape, provider of a popular "web browser" and other software for the Internet, to pave the way for bank cards to be accepted without fear of security or privacy breaches. Both efforts used RSA technology. …