SET finally ready for testing

Rohit Khare (khare@www10.w3.org)
Mon, 6 Jan 1997 19:08:46 -0500


The IBM promise of SuperSET at the end is especially amusing, from the SE=
T
marketing and 'industry-wide consensus' angle :-)

Rohit
-----------------------------------
January 6, 1997 10:00 AM ET=20

Encryption technology SET for final testing=20
Applications, tool kits increase trust for secure commerce=20

By Michael Moeller And Jim Kerstetter=20

=A0A cadre of technology vendors and financial institutions is set to jol=
t
Internet commerce to life with applications and systems based on the SET
specification.

IBM, MasterCard International Inc. and RSA Data Security Inc. will be amo=
ng
those leading the way, with products and pilot projects based on Version
1.0 of the Secure Electronic Transaction spec, as well as partnerships th=
at
extend the commerce standard into international markets.

SET-based electronic commerce, which will be a central theme of the RSA
Security Conference in San Francisco this month, will bring an added
measure of trust to Internet commerce, given the backing the standard has
already garnered from Visa International and MasterCard, said one World
Wide Web merchant.

"Right now, there are users that think using their credit cards on the
Internet is not safe," said Terry Jones, president of Saber Interactive
Inc., in Dallas, one of the largest electronic commerce Web sites in
Travelocity. "Provided that Visa and MasterCard both provide a good deal =
of
marketing and backing of SET, that will go a long way toward removing tho=
se
fears."

But SET, although nearly complete, is still a work in progress. The SET
code, which has been frozen for five months, is in limited compatibility
testing, but only in a laboratory setting, said officials at MasterCard, =
in
Purchase, N.Y.

Testing interoperability between competing SET products is the "Holy Grai=
l
of SET development," said Steve Mott, senior vice president of electronic
commerce and new ventures at MasterCard. Testing is slated to begin at th=
e
end of the month, Mott said.

The final SET 1.0 spec, due by March, is expected to be similar to the
current draft, with minor tinkering to follow for interoperability and ne=
w
digital certificates, Mott said. One more round of commentary is expected=
,
which will be followed by a gold-code document to be published in May or
June.

RSA Data Security will use its conference to announce the release of its
SET tool kit, one of the first SET applications to be tapped for
interoperability testing by Science Applications International Corp. and
the Open Group, said RSA officials in Redwood Shores, Calif.

In addition, RSA will announce that it is working with NEC Corp. to help
create a Japanese version of SET, called JSET, sources said.

The first Japanese end-to-end SET transaction will take place Jan. 20. By
midyear, the Japanese projects should reach more than 100,000 users, Mott
said. MasterCard, IBM and Danish Payment Systems launched a similar SET
transaction in Denmark last week.

RSA, MasterCard and IBM are working with a consortium of banks, computer
vendors and merchants in Japan called the Secure Electronic Commerce
Environment, said IBM officials in Armonk, N.Y. The19-site project is bei=
ng
funded with a $300 million grant from the Japanese government.

To date, most U.S. banks are lagging behind in SET deployment, although
Novus Services Inc., provider of the Discover credit card, is due to
partner with IBM on a SET project this year, IBM officials said.

IBM will reveal at the RSA conference two "major" banks planning to launc=
h
separate SET pilots in the United States, officials said. The company als=
o
plans a number of extensions to SET in the second quarter, said Mark
Greene, vice president for electronic payments and certification at IBM's
Internet division.

IBM extensions, dubbed SuperSET, will provide a framework for a variety o=
f
payment methods, including debit cards, bank-to-bank transfers,
micropayments, electronic checks and digital cash, Greene said.