Certicom's Elliptic Curve Engine, which the Canadian company says is faster than RSA cryptography, will be used in VeriFone's consumer smart card readers, dubbed Personal ATMs. They will be designed for home use through a phone connection. The technology also will be used in the VeriSmart server that handles transactions at the other end.
RSA encryption is considered the de facto encryption standard. VeriFone's decision to use Certicom encryption shows that RSA might not have a lock on the market.
VeriFone's system is designed to download e-cash onto smart cards that consumers could use both for Internet purchases and in retail shops equipped with smart card readers.
Certicom will provide both software and hardware components for VeriFone's smart card products, and VeriFone will utilize Certicom's Security Builder toolkit.
Kim Morningstar, Certicom corporate communications manager, said her company's encryption technology is well-suited for devices such as smart cards, smart card readers, and cellular phones, that have low memory and low processing power.
The company is also lobbying to get its cryptography included in the next version of the Secure Electronic Transactions protocol for secure credit card transactions over the Net. The first version, just released, includes only RSA cryptography.
In recent months, Certicom has announced deals with smart card chip makers Siemen's Semiconductor, Schlumberger, and Motorola, which last month also made a $13.5 million investment in Certicom.
Other Certicom customers include e-commerce software provider Sterling Commerce for cryptographic key management software; Research Development and Manufacturing for an electronic checking project; Atalla, a security hardware arm of Tandem Computers; and Terisa Systems.