Internet Advocates Face Consumer Worries about Safety of Payments

Article excerpt

Frustration abounds in the tight community that views the Internet as the next great banking and payments frontier. These advocates are convinced that the requisite security measures are within reach, if not already in place, to make financial transactions as safe in cyberspace as they are in the physical world.

Yet consumers -- and probably many traditionalists and risk managers within the banking industry -- aren't ready to take the experts' assurances.

The high-tech proponents have data encryption, digital signatures, and firewalls in their arsenal, but the public holds the real power over their ability to succeed. Which puts the onus on the technology providers to get their message out.

"Security is the No. l reason given by people saying why they don't use the Internet more -- ahead of bandwidth and usability," said Mark Greene, an International Business Machines Corp. vice president who is part of a recently created Internet division.

"I would say that by the end of 1996, there will be no remaining security obstacles to widespread use of the Net for transactions," Mr. Greene said in an interview. "But we're far away from resolving the security perception problem."

"Security is king," said Roger Bertman, vice president and general manager of Verifone Inc.'s Internet commerce division. "The security obsession is good," added Mr. Bertman, who like the IBM officials and many other security and payment-system luminaries gathered in San Francisco last month for a conference sponsored by RSA Data Security Inc., the leader in commercial data encryption technology.

"Transactions will be more secure than they are in the physical merchant space today," Mr. Bertman said.

He conceded there is still a critical need for an Internet payments infrastructure, but RSA Data Security, Verifone's Enterprise Integration Technologies unit, the bank credit card associations, and a host of others are working feverishly to put the necessary pieces together.

"Thousands of banks are looking at how they will continue to exist after 2000 as brick-and-mortar becomes less important to them," said Stratton Sclavos, president and chief executive of Verisign Inc., a digital authentication company that RSA Data Security spun off last year. "The most forward-thinking banks are looking at RSA public key [encryption] technology."

"I'm anxious to get out of the spec wars," said Mr. Sclavos, referring to the protracted negotiations between MasterCard and Visa on the secure payments protocol. "Once a standard is in place, communications will really take off."

"The fact is, there is less risk on the Net than in a restaurant when you give your credit card to a waiter for five minutes," said William Powar, vice president of Visa International.

The bank card industry, Mr. Powar and others pointed out, has spent more than 20 years building the confidence that results in cardholders' surrendering possession to waiters and reading account numbers over the telephone.

"Cardholders have confidence because they know their liability is limited" in case of loss, theft, or fraud, said IBM security technology specialist Kathy Kincaid. That perception has yet to carry over into on-line systems.

Mr. Powar noted that ever since a burst of counterfeiting around 1980, the bank card industry has taken a succession of actions designed always to keep it ahead of the next big crime wave. …