On-Line Banking: UPS Hopes Electronic Security System Delivers

United Parcel Service is putting a new electronic certification system to a crucial test.

UPS, the Atlanta-based package delivery system moving into the electronic commerce realm, has said it will use NetDox Inc.'s ePackage to ensure security and reliability of Internet transmissions.

The agreement is a credibility builder for NetDox, a Chicago-area company with ambitions to serve as a guarantor of electronic mail and other digital documents.

Banks and other financial services companies have been in NetDox's sights since the company's founding more than a year ago. An undisclosed investment bank has queued up as one of its "beta" customers, as have the Hale & Dorr law firm in Boston and Deloitte & Touche, one of NetDox's founders and original backers.

NetDox, also backed by the Thurston Group, a Chicago merchant banking firm, wants to pioneer the notion of secure electronic messaging by standing as a trusted certifying agent.

The Deerfield, Ill., company says its package of encryption and related technologies would secure, authenticate, and guarantee delivery in ways not currently available on open public networks. NetDox hopes to be far enough in front to set a de facto standard that leads to a ubiquitous digital alternative to regular and overnight mail and facsimiles.

The UPS tie, hailed by NetDox as a breakthrough, indicates how physical mail-delivery concepts are crossing into the virtual world-something the U.S. Postal Service also has been exploring.

"The Internet is dramatically changing the way of doing business, and UPS is part of the process to bring to the Internet a delivery service with the same level of trust, reliability, and security that our customers expect in other delivery services," said Mark Rhoney, UPS vice president of strategic marketing. "By engaging the services of companies such as NetDox, which are developing new standards for Internet document delivery, we will provide secure, instantaneous delivery options."

Although the Internet shows great commercial promise because of low cost and easy accessibility, businesspeople are nervous about security and reliability-"especially when it comes to confidential documents like legal briefs, contracts, and insurance forms," said Patrick Haynes 3d, senior managing director of Thurston Group and NetDox chairman.

"By combining digital certificates and public key cryptography with a centralized tracking system and notarized digital document delivery, NetDox ePackage provides the assurance businesses need to use the Internet as a medium for the exchange of confidential information," Mr. Haynes said.

Mr. Haynes and vice chairman Thomas J. Friedman, his NetDox co-founder and a Deloitte & Touche consulting principal, said earlier this year that confusion and uncertainty could burgeon in parallel with electronic commerce. They contended someone will have to make sense of the expected proliferation of certificate authorities, or CAs, the "trusted parties" that will be crucial to negotiating the Secure Electronic Transactions protocol and other aspects of the Internet commerce infrastructure.

"There will be many public CAs and many private CAs," Mr. Friedman said while unveiling NetDox's business plan in January at the RSA Data Security Inc. conference in San Francisco. "Somebody has to sit above those to promote commerce and allow them to interoperate."

NetDox would act as a global clearing house, or hub, for certificates issued by the various authorities. Users would routinely route E-mail messages through the hub. NetDox would maintain comprehensive information about the transmissions and would verify message status, content, and delivery with digital "hashing" and other cryptographic techniques to ensure documents are not compromised.

"There will be more than one CA," Mr. Haynes said. "One certificate might be issued by Verisign, another by, say, First National Bank. How do they talk to each other?"

NetDox wants to assure that a publicly issued certificate is as reliably secure as one that a bank might issue to its own, known employee.

"This is over and above what you get from a digital certificate today," Mr. Friedman said. "An inside and outside party can talk to each other, relying on NetDox as trusted third party. It's similar to a Moody's rating. It gives assurance."

And NetDox will have financial guarantees to back it up.

The concept is new and in need of the kind of endorsement UPS can bring. Some Silicon Valley observers have wondered who other than the principals will champion the notion of "certifying the certifiers." But digital certification vendors have seen it in their interest to keep lines of communication open.

NetDox on June 10 announced a strategic agreement with GTE Corp.'s Cybertrust unit-which has been working closely with American Express and MasterCard-to use its digital certificates in ePackage pilots. GTE vice president Tom Carty said NetDox's combination of centralized tracking and guaranteed delivery "has established a new standard in business-to-business communications."

NetDox puts a premium on being open and "seamless," accessible via any device, browser, or E-mail software, said president Michael D. Sohn.

Trade confirmations and home banking are logical applications in the banking industry, he said, adding that financial institutions would be more comfortable providing a full range of transactions to homes if they could attach digital signatures to customer activity.

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER