The American Bankers Association is in the cyberspace security business, effective today.
With an announcement set for its annual convention in Orlando, the ABA is launching a subsidiary, ABAecom, to provide digital certificate services for Internet commerce.
It may be on to something big: There are signs that nonbank trade associations will climb aboard this bandwagon. The banking association hopes to encourage on-line business growth and help its members keep pace by offering electronic certificates. Analogous to verified signatures in bank offices, electronic certificates give assurance that parties to a transaction are who they say they are.
Whether this method of authentication proves to be an attractive business proposition for the ABA or its banks remains to be seen. Profit considerations aside, the trade group has decided this is a logical extension of historical responsibilities that include its administration of routing numbers on checks, CUSIP numbers on securities, and account numbers on credit cards.
"The hope is that we as an industry can coordinate these activities in electronic commerce," said ABA executive vice president Donald G. Ogilvie.
In the "trusted third party" role of root certificate authority, ABAecom would sit atop a hierarchy of data encryption codes that authenticate and secure buyers, sellers, and financial institutions.
Looking beyond banking, Mr. Ogilvie said ABAecom is in "preliminary discussions" to extend its certificate authority, or CA, through other trade associations. At least two-the American Council of Life Insurance and the Investment Company Institute-have gotten well into the exploratory stages through participation in the ABAecom policy board.
ABAecom's charter is to "create a transparent, interoperable system for financial companies, broadly defined," Mr. Ogilvie said last week. "We believe the ABA name and reputation are critical, and people will want to rely on it."
"This project is new to ACLI and, I suspect, to most of the members," said the insurance group's counsel, David Leifer. Like many lawyers, Mr. Leifer has been following digital certificate developments for several years. He said he and a colleague will participate in ABAecom "to the extent we can, and at some point we may introduce it to the members."
For ICI, which has been following electronic commerce trends in the mutual fund market, the initiative "has the potential to help rationalize this world to be more readily adopted by users," said Larry Maffia, senior vice president, management. "Adoption rates will be affected by the general public's sense of security."
Besides the policy board now being formed-it oversees the CA operations, rules and technical standards, and the public key infrastructure for data encryption-ABAecom also has a corporate board headed by William T. McConnell, the ABA's outgoing president and chairman of Park National Corp., Newark, Ohio.
The ABA first announced its CA intentions March 6. The new venture has been run by staff members such as chief economist James Chessen, associate general counsel Thomas Greco, payment systems coordinator Anne Livingston, and technology consultant Kawika Daguio.
In March they had already decided to rely for technology support on Digital Signature Trust Co., an affiliate of Zions Bancorp. of Salt Lake City. An encryption technology provider and strategic ally of Digital Signature Trust, Xcert International of Walnut Creek, Calif., will also play a role.
The trust company's president, Scott Lowry, has been outspoken in calling for banks to keep their "trust relationships" from moving to nonbank certificate providers such as Verisign Inc.
ABAecom's first service is Web site authentication, with the brand name SiteCertain. Visitors to a financial institution's Web site would click on that icon for assurance that the site is genuine.
"The next step will be to offer a simple and convenient way for banks to become CAs, issuing digital certificates to their customers and communities," Mr. Ogilvie said.