CNET también está disponible en español.

Ir a español

Don't show this again

Visa, Mastercard try to revive SET

The duo turn to member banks and major technology companies to revive their secure transactions protocol, which has been sitting on the sidelines of the e-commerce boom.

Visa and MasterCard are turning to their member banks and major technology companies to revive SET, their secure transactions protocol, which has been sitting on the sidelines of the e-commerce boom.

Pioneered and once promoted loudly by Visa and MasterCard, SET has won some adherents overseas, but adoption in North America has been low.

Version 1.0 of SET was finalized in May 1997, after nearly two years of work. Visa predicted at the time that use of the protocol would be widespread in the United States by mid-1998--and its Web site actively discouraged cardholders from buying over the Internet using credit cards until then. But virtually nothing has been heard about SET since July 1998, when a pilot test of smart cards and SET over the Internet was announced.

"I don't know of a single bank in the United States that has any serious plans for implementing SET in the near term," said Steve Mott, formerly MasterCard's top SET executive and now an independent consultant.

"And that's 75 percent of the Internet market," Mott said.

Consumers in the United States bought billions of dollars worth of goods over the Net last year--virtually none with SET. Most used the Secure Sockets Layer (SSL) encryption built into Web browsers, encrypting their credit card number to keep it from being stolen as it passed over the Internet.

Still, SSL encryption cannot address the other bugaboo of Internet commerce: fraud. In fact, SET was created to address the very problem by using digital IDs as a means to vouch for the identity of both merchants and buyers on the Net.

According to a study by Visa's European division, 50 percent of its disputed charges came from Internet transactions, but Net transactions account for only 2 percent of Visa's European volume, said Visa International spokesman Ryan Mikolasik. Disputed charges stem from a variety of sources, including fraud, but Mikolasik said that in other regions Visa has experienced lower rates of Net-related disputes.

Said Mott, "Criminal activity is going from dial-up phone and mail-order catalog orders over to the Internet, but it suggests very strongly that authenticating who's on the end of the transactions is important."

Authentication is SET's strong suit, but the way it's done is cumbersome, which is the chief knock against the payment protocol. It requires that buyers place "wallet" or "electronic purse" software on their PCs and then obtain a digital ID from their credit card issuer to vouch for their identity. The logistics of distributing so many digital certificates and wallets have stumped SET's backers.

But now SETco, the all Visa and Mastercard board that governs the SET protocol, is calling for help from bankers. The first meeting of a SETco Business Advisory Council is set for today in New York, where representatives from 21 companies in 14 nations will discuss how to promote SET adoption around the world.

Significantly, since SET has been adopted in parts of Europe and Asia more quickly than in North America, most of the bankers on the new council are from other regions. The group will advise Visa and MasterCard on marketing SET as well as changing the protocol to fit evolving business requirements.

SETco has set up a parallel technical advisory group. John McGuire, chief executive of Trintech, a payment software firm that has embraced SET, sits on that body.

"We as a vendor are encouraging the card associations to get their acts together on this, to stop the technical polishing of the protocol and go for some market launches," McGuire said. "Get the marketing and the business folks involved."

So far, "We are witnessing the floundering of SET," McGuire said.

He urged the card companies to charge lower fees for SET transactions than for the "mail order, phone order" rates that are used for catalog firms when the charge card is physically not present. Lower rates for SET transactions would give merchants a financial incentive to implement SET, which requires special merchant "cash register" software and a digital certificate to authenticate the merchant's identity.

Although some argue that the boom in Internet commerce today means SET isn't necessary, financial analyst Gary Craft of e*Offering thinks SET is critically important.

"First, it addresses the issue of fraud in a very elegant way," Craft said.

"Second, it preserves the existing economics of the physical world for payment processors and authorizers and middlemen. You have to get their buy-in and give them incentives. Third, it forces payment authorizers and processors to compete more on the basis of brand and services, not technology."

But Gartner Group analyst Avivah Litan thinks other technologies that are easier to implement will address the fraud issues. She cites Falcon software from HNC, an artificial intelligence system that has been offered to merchants for free, in return for use of their data. On Monday, HNC announced eFalcon, its fraud-detection service for online retailers.

"With Falcon coming onto the Internet, competitors are nervous about it," she said. "It's easier to implement than SET."

SET vendors are already working to make SET easier to implement. Last year GlobeSet created a "server wallet," which lets a bank store a consumers payment data and digital certificate on its server. Buyers access their wallet by password, thus eliminating the logistical hassle of getting wallet software and certificates to every online consumer. Other SET vendors quickly followed suit.

GlobeSet has now announced similar server-based software for merchants. Likewise, vendors are talking up "merchant-only SET" or MoSET, which lets consumers use a standard Web browser, without a wallet, but has merchants and credit card processors use SET-based software.

"We are providing a smooth evolutionary path," said Steve Herz, Visa's vice president for SET implementation. The goal: Get consumers using secure browsers first, then graduate to SET wallets and certificates. Major SET vendors like IBM and Verifone, now a unit of Hewlett-Packard, tout similar strategies for online merchants.

Meanwhile, SET advocates like MasterCard's Art Kransley, senior vice president of electronic commerce, are fond of citing adoption rates for bank ATM machines, which weren't fully embraced by consumers until 8 to 10 years after the technology was created.

"We're only seeing 1 percent of all transactions on the Internet today, and we at MasterCard think that will be 20 percent or more in 5 to 7 years." Today less than 30 percent of Internet users are comfortable using credit cards on the Net, he says, so new technology like SET can boost that percentage.

Scott Smith, an e-commerce analyst who has followed SET for years, marvels that it has taken Visa and MasterCard so long to push SET hard, if that's what this week's SETco activity indicates. SET is, he notes, their own invention.

"They need a cheerleader badly," he said.

Close
Drag
Autoplay: ON Autoplay: OFF