Were it not for the fact that its staff is bigger than that of its corporate forebear, Verisign Inc. might be called mini-RSA.
Spun off 12 months ago by RSA Data Security Inc., Verisign has similarly established its credentials throughout the electronic commerce realm. It aims, according to president Stratton Sclavos, "to be to digital authentication what RSA is to data encryption."
Verisign may not have equaled the reach or influence that RSA achieved over 14 years, but it took less than a year to surpass RSA's modest employee count of about 40.
Mr. Sclavos expects to have 100 on board by the end of this year.
Verisign has the technology that many observers consider the missing link in on-line transaction security. Bankers and other interested parties from around the world have been beating a path to the Mountain View, Calif., company's doors.
Aside from RSA and some prominent venture capitalists, Ameritech and Visa International are among Verisign's investors. It counts IBM, Microsoft, Netscape, and Oracle among its alliance partners.
Using the brand name Digital ID, Verisign underscores that it is "the only company focused 100% on digital authentication products and services." They provide, in electronic commerce, the assurance of a digital signature and notarization - verifying the source of a transmitted message and the receipt of intact data.
RSA had a long history with authentication. RSA chairman Jim Bidzos, who is also Verisign's chairman, recalls selling a digital certificate to Citibank in April 1986. Three years later, RSA provided a pioneering certification system for mortgage pools.
Mr. Bidzos set the spinoff in motion after concluding that it would take a dedicated, stand-alone enterprise to create and promote the needed infrastructure for digital identification.
The process involves public key cryptography and requires trusted certification authorities to issue IDs, which could be banks or credit card associations.
Mr. Sclavos, 34, who joined Verisign last August after several years at Silicon Valley companies like Go Corp. and the IBM-Apple venture Taligent, has built a prestigious management team. It includes vice president Michael Baum, an expert in electronic commerce law; chief architect Peter Williams, who has built secure systems for NASA, the U.S. Postal Service, and others; and vice president George Ziemba, who had payment systems sales and marketing experience at Tandem Computers' Atalla division.
"Digital ID is like a driver's license and a passbook, and bankers are going to want a digital bank book," said Mr. Sclavos.
While Verisign systems are being embedded in numerous electronic commerce systems, banks will be a key to actually generating transactions. Mr. Sclavos has predicted digitally protected money would be moving on the Internet by June.
"We are actively involved with about a half-dozen banks and talking to 25 or 30 more," he said recently. "Everybody is worried about their competitors, about who will be first."
The company is taking a global view, and Mr. Sclavos suggested the future is taking shape in Japan, where Verisign formed a company with the NTT Group to pursue several electronic commerce projects.
In March, Verisign publicly demonstrated the power of the Digital ID product for notaries, auditors, and others who will be concerned about the trusted certification procedure. For four classes of Digital IDs, the encryption keys must be a minimum of 1,024 bits. This is twice the size of the maximum RSA key that could be exported for privacy uses, but there is no key-length limit on an authentication product.
Verisign and RSA calculated the 1,024-bit key is 300 trillion times more difficult to crack than a 512-bit key, which would take a number of months with a $1 million computer investment.
