August 29, 1996 7:30 PM PDT

Amex puts faith in CyberTrust

American Express (AXP) today chose GTE (GTE) CyberTrust over market leader VeriSign to issue digital certificates to American Express cardholders.

VeriSign five weeks ago signed a similar pact with the largest card issuer, Visa International. MasterCard, the number-two credit card company, also will use GTE's service. American Express is the third-largest credit card company.

Digital certificates are used to prove the identities of cardholders making purchases over the Internet, much as a driver's license does in the physical world. Digital certificates are a key part of the infrastructure for electronic commerce and an integral element of the Secure Electronic Transactions (SET) protocol used for making credit card purchases on the Internet.

SET, to be finalized later this year, is backed by Visa, MasterCard, American Express, and their technology partners, including Netscape Communications and Microsoft.

GTE said its certification authority services will be available by year's end after SET is finalized. Northern Telcom (NT) also has announced credit authentication services, and the U.S. Postal Service is running a trial issuing digital certificates at some post offices.

"If you were to look at what's needed to provide a secure environment for transactions, encryption is where most of the focus has been until now," said Abdullah Asim, executive director of CommerceNet, a consortium of companies pursuing electronic commerce. "The other piece is authentication, and digital certificates provide an excellent mechanism for authentication."

Today most Web server vendors offer authentication to their customers, often through VeriSign's digital IDs. Server certificates vouch for the identity of Internet sellers; the digital certificates will do the same for buyers.

VeriSign has clearly dominated the digital certificate market and played down the significance of the lost MasterCard and American Express contracts.

"Our Visa relationship, with the competition between (credit card companies), puts us at somewhat of a disadvantage with the others," said Stratton Sclavos, VeriSign CEO.

With the three largest credit card companies now signed up, Stratton said, competition among the certificate authorities for new business is likely to focus on the thousands of banks that issue credit cards and the hundreds of banks and financial intermediaries that process credit card purchases, all of which may need digital certificates to ensure the security of their transactions over the Net.

Related stories:
VeriSign shows its true colors
Software must prove itself
Digital certificates planned for Java

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.