1st Union Decides to Bank on Verisign's Latest Public Key Encryption

First Union Corp. said Monday that it plans to rely heavily on digital certificates for data security in both internal operations and customer dealings.

Though not spelling out specific plans and schedules, First Union has laid the groundwork for one of the most extensive public key encryption infrastructures, or PKIs, to be publicly acknowledged by a U.S. banking company.

Charlotte, N.C.-based First Union will be one of the first users of Onsite 4.0, the latest version of a PKI system from Verisign Inc. of Mountain View, Calif., which was introduced Monday. BankAmerica Corp., also of Charlotte, is another major Verisign customer.

Verisign will maintain the root key for the certificates that authorize and authenticate people with system access. Certificate registrations, digital signatures, and other functions will be controlled by the bank.

The $229 billion-asset bank has 16 million customers, presumably the maximum number of "external" certificates it may be driving at. Industry sources say one larger bank has contemplated an eventual 40 million or more, but no PKI has yet been put to these kinds of tests.

Bank of Nova Scotia in Canada, with Entrust Technologies Inc. as PKI, is approaching 100,000 certificates in what may be the biggest on-line customer security system of its kind.

Relying on Verisign "provides speed to market and scalability while maintaining maximum control, security, and flexibility for First Union," said Tony Suarez, its certificate authority director.

"Our intent is to provide certificates for many types of users and customers and employee IDs for internal uses," said vice president of electronic commerce Parker Foley. "We are large enough to do this ourselves, but we would need a lot of effort, education, and physical security to duplicate what Verisign has in California."

Onsite centralizes the infrastructure, he said, so that each business unit does not have to apply for separate Verisign server certificates. For international operations, Verisign has assembled a round-the-clock "backbone" with partners around the world.

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER