Working ever harder to shake the upstart label, Certicom Corp. has announced several international alliances with potential smart card implications.
The company, which started in Canada but bases its sales and marketing efforts in San Mateo, Calif., offers security technology based on elliptic curves, a mathematical approach that requires less computing power than standard cryptographic methods.
In challenging the industry leader, RSA Data Security Inc. of Redwood City, Calif., Certicom has touted the elliptic curve cryptosystem, or ECC, as ideal for "constrained environments" like personal digital assistants or cell phones. Licensees include 3Com Corp., maker of the Palm Pilot, and Verifone Inc. for its Personal ATM smart card device.
In recent announcements, including several at the Public Key Solutions conference it sponsored last month in Toronto, Certicom said it added to its partnership list Baltimore Technologies Inc. of Ireland, NTT Electronics Corp. of Japan, Sapher Services Ltd. of the United Kingdom, and Xcert International Inc. of San Francisco.
Endorsements from RSA partners may hold symbolic importance: NTT is an investor in RSA's Japanese subsidiary, and RSA used technology from Baltimore in its JSAFE Java commerce tool kit.
The Sapher and Xcert licensing deals had particular relevance to smart cards, the companies said. (Chip card makers Motorola, Schlumberger, and Siemens are also Certicom licensees.)
Xcert, a provider of certificate authority systems for on-line commerce, was drawn to ECC because it can combine "performance benefit and compact size," said Xcert chief technology officer Pat Richard. "Customer demand for processing efficiency and scalable solutions in enterprise security is increasing."
Scott Lowry, president of Digital Signature Trust Co. of Salt Lake City, an Xcert strategic partner, said: "This allows us to implement and support ECC-based smart card solutions. Previously we weren't able to do that."
Sapher Servers, a provider of commercial and government cryptography in Europe, said at the Cardtech/Securtech conference in Washington last week that it will use ECC-based smart cards with its Secrets secure messaging system for Microsoft Windows software.
Baltimore Technologies of Dublin, provider of the Unicert certificate authority system and a leader of the Eurotrust electronic commerce security project, said it intends to provide an ECC tool kit to Java software developers.
Tokyo-based NTT Electronics said it will add ECC to its NSAFER development kit by the fall. This introduction of ECC to Japan is "a major milestone for both companies," said Lisa Pretty, Certicom's vice president for international business development.
