Information Security Rating Program Gives Top Marks to Mondex System

By Kutler, Jeffrey | American Banker, September 10, 1999 | Go to article overview

Information Security Rating Program Gives Top Marks to Mondex System


Kutler, Jeffrey, American Banker


As much as it might struggle to sell smart cards, Mondex International Ltd. will always have the satisfaction of knowing that it was the first to reach one of the world's highest technological summits.

The MasterCard International subsidiary said Thursday that the Mondex electronic cash system had achieved the top rating under a rigorous, internationally recognized testing program known as ITSEC -- Information Technology Security Evaluation Criteria.

Mondex executives will cite the certification as proof that their form of virtual cash approaches the level of security assurances that would be expected of a national defense or intelligence installation. The rating can be used to answer some skeptics or critics who have raised questions about the vulnerability of smart card programs, including Mondex.

Mondex-Multos System Wins Top Security Rating

That may or may not translate into a competitive advantage against companies such as Visa that have serious security aspirations of their own. But one thing cannot be denied: Mondex attained level E6 in the ITSEC methodology, and no other commercial-sector product has gone higher than E4.

"It is hard to emphasize enough the scale of this success," said Mondex chief executive officer Michael Keegan. The E6 level "allows card issuers to manage product risk with the greatest degree of understanding as to where that risk lies, which remains fundamental to any financial product."

The London-based executive called the evaluation "the ultimate accolade for any high-security product." He added that despite reaching the milestone, "Mondex's security continues to evolve to ensure that it remains at the forefront of smart card security going forward."

Mr. Keegan conceded in an interview that there is still no guarantee that "our own or any smart card product can't be broken into." But certain claims can now be made for Mondex and its Multos multiple-application operating system "that can be mathematically proved."

"A purchaser should be assured that Mondex and Multos have been developed to the highest possible standards available in the commercial world," he added.

ITSEC, one of several such evaluation schemes that a company can use to measure itself against world-class benchmarks, evolved out of a few national efforts to become a European Community standard in 1991. At the time, Mondex was a research and development project within National Westminster Bank.

The inventors toiling in Natwest's credit card unit -- Tim Jones, now the London institution's top retail banking officer, and Graham Higgins, head of an offshoot venture called Platform Seven -- reasoned that "global electronic cash" had to be beyond reproach, and they aimed for ITSEC level E6.

Mr. Keegan said the ITSEC evaluation with a United Kingdom-sponsored agency took more than two years and was based on work going back to 1991.

A few electronic commerce companies have disclosed achievement of E3 or something equivalent under an increasingly accepted global methodology, drawing in part on ITSEC and known as the Common Criteria for Information Technology Security Evaluation. Common Criteria Evaluation Asssurance Levels, or EALs, go from 1 through 7; ITSEC numbers run from E0 to E6. …

The rest of this article is only available to active members of Questia

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
One moment ...
Default project is now your active project.
Project items
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

(Einhorn, 1992, p. 25)

(Einhorn 25)

(Einhorn 25)

1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

Note: primary sources have slightly different requirements for citation. Please see these guidelines for more information.

Cited article

Information Security Rating Program Gives Top Marks to Mondex System
Settings

Settings

Typeface
Text size Smaller Larger Reset View mode
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

Help
Full screen
Items saved from this article
  • Highlights & Notes
  • Citations
Some of your highlights are legacy items.

Highlights saved before July 30, 2012 will not be displayed on their respective source pages.

You can easily re-create the highlights by opening the book page or article, selecting the text, and clicking “Highlight.”

matching results for page

    Questia reader help

    How to highlight and cite specific passages

    1. Click or tap the first word you want to select.
    2. Click or tap the last word you want to select, and you’ll see everything in between get selected.
    3. You’ll then get a menu of options like creating a highlight or a citation from that passage of text.

    OK, got it!

    Cited passage

    Style
    Citations are available only to our active members.
    Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn, 1992, p. 25).

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences."1

    1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

    Cited passage

    Thanks for trying Questia!

    Please continue trying out our research tools, but please note, full functionality is available only to our active members.

    Your work will be lost once you leave this Web page.

    Buy instant access to save your work.

    Already a member? Log in now.

    Search by... Author
    Show... All Results Primary Sources Peer-reviewed

    Oops!

    An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.