The American Bankers Association has become the first banking trade group to declare itself a certificate authority for Internet commerce.
Aiming to begin the function in the second quarter, the ABA is sending a strategically significant message: that the need for security in cyberspace is important enough to warrant the attention of the industry's biggest association.
As yet, little demand is evident for the service. The ABA surprised some observers by acting before the Bankers Roundtable's technology affiliate, of which it is a member, had taken a position on certificate authorities.
But the sources said that the ABA's move could help focus attention on a potentially huge business that experts in certification technology see as a natural outlet for banks.
The certificate authority, or CA, would offer financial companies a cryptographic method for authenticating on-line transactions and the people taking part in them. For the underlying technology, the association will rely on one of the few banks to stake out a position in this emerging market-Digital Signature Trust Co., a subsidiary of Zions First National Bank in Salt Lake City.
The trade group and some hired advisers assessed various vendors and felt comfortable with a bank and its risk management expertise, said ABA payment systems coordinator Anne Livingston. The fact that the trust company recently won approval from the Office of the Comptroller of the Currency as an operating subsidiary of a national bank worked strongly in its favor, Ms. Livingston said.
"We will work on education and how we present this to the marketplace," said Kawika Daguio, payment systems and technology consultant at the ABA. "The back-office work and infrastructure will be theirs," meaning Digital Signature Trust's.
Timing its announcement to coincide with two meetings-last week's financial technology forum sponsored by Sen. Robert Bennett of Utah and this week's National Automated Clearing House Association conference in Seattle-the ABA gave sketchy details of its intentions.
A short press release indicated it wants to be a root certificate authority, a high-level function in the certification hierarchy that governs the encryption keys filtering down through a network of participants. Digital Signature Trust would likely be delivering Root CertAuthority, a program for root key management from Certco of New York, a data security spinoff of Bankers Trust New York Corp.
The ABA also said its CA activity follows a long "trusted third party" tradition that includes its management of the routing number system for checks, the CUSIP securities numbering system, credit card identification numbers, and other standards.
The ABA as CA both intrigued and puzzled electronic commerce watchers. They liked the idea of a high-level coordinating body but some wondered if even the ABA is high enough.
"This is something somebody should step up to do. We'd like to work with them," said Nacha executive vice president William Nelson.
"Any industry root is a good thing," said Mark Greene, vice president- electronic commerce, International Business Machines Corp. He noted that the credit card industry has had one-the SET specification-for six months.
"It is necessary but not sufficient for e-commerce," Mr. Greene said. "We have to build on that."
Certco senior vice president Jay Simmons said he wonders for what purposes the ABA will issue certificates, but he applauded the message. "Anything that gets this concept out and understood at the highest levels of the industry is a very good thing."
Officials at the ABA said it has been studying CA concepts at least two years and wants to help set a framework for individual banks' authentication efforts. The ABA is "putting a stake in the ground so it is ready to go" when certificates catch on, Ms. Livingston said.
She said there was no conflict with the Bankers Roundtable division, the Banking Industry Technology Secretariat, which has been trying to get bankers up to speed on CAs.
William Randle, chairman of a BITS committee on security, said it was disappointed that the ABA acted "without waiting for a more comprehensive study and approach involving BITS and the Bankers Roundtable, which of course represents the largest banks in the country.
"We will continue to move forward with our study," including a forum on the subject March 20 in Washington, said Mr. Randle, executive vice president of Huntington Bancshares, Columbus, Ohio.
