Credit card giant Visa International
and security software maker VeriSign
will today introduce a digital encryption scheme aimed at tightening the security of online shopping.
The two companies have devised an online payment system that scrambles credit card numbers and makes it possible for merchants to validate a shopper's identity for more secure Net commerce.
Using the new system, merchants never receive a credit-card holder's entire account number. Instead, users making online purchases transmit a message to merchants that contains a special decoder key, a list of items being purchased and their prices, and a digital certificate authenticating the user's identity along with a partial credit card number and the issuing bank. Merchants use the key to decode the message, record the purchases, and debit the credit card.
The company claims the system is "100 times safer" than off-line, mail-order, and telephone-order purchases. To falsify a purchase under the scheme, a thief would have to obtain users' credit card numbers?which are never transferred online--and then crack the digital encryption.
The new system is gaining backers and is on its way to becoming an industry standard. Microsoft and Netscape Communications plan to incorporate the payment system into future software.
Firms try to lock up security market
Firms hope smart cards make cents
Credit cards strengthen security