CNET también está disponible en español.

Ir a español

Don't show this again

Christmas Gift Guide
Tech Industry

SET pilots to scale into rollouts

Although the secure credit card payment protocol for the Internet is nearly ready, Visa and MasterCard aren't expecting U.S. adoption in 1997.

Although the first version of a secure credit card payment protocol for the Internet is nearly ready, sponsors Visa International and MasterCard International aren't expecting widespread adoption by U.S. consumers in 1997.

Instead, banks in Europe and Asia are far more aggressive than U.S. banks in pilots of the Secure Electronic Transactions (SET) specification, with some trials already under way in Europe and more beginning this summer.

Both MasterCard and Visa expect pilots will simply grow into full-scale rollouts as their bank sponsors feel ready.

"Just as MasterCard's Denmark pilot expanded into Norway, we expect the trials will evolve and expand," said MasterCard spokesman Ed Dixon. "In Japan, with the Fuji Bank trial that has 10,000 people on it, we expect the number will go to 100,000 by the end of the year. That's how we see it spreading."

Visa's Steve Herz, executive vice president of Internet commerce, concurred. "I think you will see a continual growth, not the start of a trial with 1,000 people, then stop, then full deployment." Neither Visa nor MasterCard has firm plans for a widespread ad campaign to boost use of credit cards on the Net, but both indicated the topic is under discussion.

SET's biggest boost to Internet commerce will likely come when Visa and other card issuers cut the "interchange rate" for Net transactions, the percentage charged merchants for each card purchase.

If, as widely anticipated, the rate is cut below what's charged on telephone transactions, catalog merchants and others will have a financial incentive to get their customers to order and pay through the Internet.

Herz declined to say when Visa would reduce Internet "interchange rate" but indicated it probably won't happen in 1997 because of Visa's focus on pilot tests. But if a competitor--smaller and sometimes more aggressive MasterCard, for example--cuts its Net charges, Visa might be forced to match the rate or lose business.

Herz, Visa's top e-commerce executive, thinks SET trials will produce market information, but the technical specification is "fully baked."

"I'm not expecting to learn a lot on the SET spec itself, but much more on [whether] it starts to fulfill expectations we have for a higher degree of confidence and trust on the Internet. How much and how fast will it be adopted?" he said in an interview.

"We want to leverage the experience in the trials and be able to share that with other merchants, members [banks], and cardholders."

Technical aspects of SET version 1.0 were frozen this week, but it will take until June 1 to publish thousands of pages of documentation both on the Net and in print.

SET, in Visa's view, was designed to address the now oft-discussed trust issue from its inception more than two years ago, according to Herz, who calls trust the "core requirement" of Internet commerce.

"Trust is the essence of what SET will enable us to do," he said.

Widespread adoption of SET credit card payments over the Net requires so-called "wallet" software for buyers to make purchases. Like a real wallet, a software wallet contains an individual's various payment methods--credit cards, e-cash, electronic checks, microtransactions--and digital IDs to vouch for the person's identity.

Software vendors are creating wallet software, which Herz believes will be distributed in Web browsers, on hard drives of new PCs or downloaded via the Net.

"I personally think the download process will be the most widely used," he added. "Software providers can provide the download. Financial institutions may want to make it available by hyperlinking to other sites; merchants may want to do it direct. Even Visa, MasterCard, and American Express [which also backs SET] may be able to drive people to sites to download software."

Once a cardholder gets the software, he or she will register the card with their bank for Internet shopping, as today credit card users activate new cards by calling an 800 number.

Although SET uses digital certificates to authenticate the identity of users, consumers don't necessarily need one, although merchants and banks must have them.

But Herz thinks digital IDs will build consumer confidence, too. "If consumers have a certificate, something from a financial institution, it will give them a greater sense of confidence. We are dealing with consumer perception and trust."

Card-issuing banks can issue their own digital IDs to customers, and Visa has an agreement with certificate authority VeriSign to provide certificates to consumers for Visa's member banks. MasterCard and American Express have similar deals with another certificate authority: CyberTrust, a GTE spin-off.

"In essence, we're rarin' to go," said Herz. Visa has already begun issuing digital certificates for some of its SET trials, which have been announced for 30 banks in Japan, Taiwan, Korea, and Singapore plus another to launch this summer involving 50 European banks and card issuers. But Visa isn't offering digital IDs yet to the general public, pending publication of the SET protocol in June.

Herz is unsure whether merchants or consumers will be the driving force behind wide adoption of SET. "You almost have to do them simultaneously but do them differently."

He disputed press accounts several months ago that Visa is less aggressive than MasterCard in implementing SET, noting the large number of banks announced for Visa trials this year.

"I think it had a lot to do with style," he added. "Visa is more focused on getting SET in place, getting it to work; then demonstrating success on the back end. Sometimes that style is not fully understood."

This summer Visa, MasterCard, and their technology partners will begin to work on the next version of the specification.

Use of debit cards that require personal identification numbers (PINs), smart cards, and new forms of payment or encryption will likely be added. Just when version 2.0 will be ready depends on how many new elements are added, Herz noted.