An international data security concept proposed in 1996 by Hewlett- Packard Co. has won U.S. government approval.
HP announced Friday that it had obtained the coveted right to export strong forms of data encryption as part of its Versecure technology. Previously known as ICF-International Cryptography Framework-Versecure can immediately be offered in the United Kingdom, Germany, France, Denmark, and Australia, as well as the United States and Canada.
More countries are expected to be added. HP is in discussions with the Japanese government, for example.
The influential group of companies associated with HP in the effort- International Business Machines Corp., Microsoft Corp., Motorola Inc., Certco, RSA Data Security Inc., and Trust Information Systems-could help raise interest in secure electronic commerce among banks and their customers.
"Versecure provides a vital part of the infrastructure for building electronic commerce solutions on a global scale," said Lewis E. Platt, HP chairman, president, and chief executive officer. He called Versecure "the most comprehensive and advanced encryption technology available in the world. We are making the digital age both pervasive and safe."
A crucial aspect of HP's proposal is the choices available to users. On the basis of their preferences and local laws, they can use any type of encryption code, from weak forms up to those with 128-bit keys and the Triple-DES standard that are extremely hard to crack.
The product also accommodates a key recovery option, which allows access to encrypted data and messages when keys are absent.
Peter Freund, chairman of New York-based Certco, which contributes its Root CertAuthority infrastructure to the Hewlett-Packard framework, pointed out that banking and financial activities have not faced the cryptography constraints that Versecure is designed to overcome. But Versecure has implications for financial institutions' dealings with corporate customers.
Those most interested in Versecure would be multinational corporations for use in their internal communications systems, Mr. Freund said. "A financial institution that wants to deal with its corporate clients," he added, "can now leverage this framework and communicate more straightforwardly."
"Most banks use a private line," said Ray Rahamin, director of payments and consumer credit for HP's financial services business unit in Stamford, Conn., "but encryption provides them with the ability to go out to the public network. It's an opportunity for financial institutions to lower their costs."
"Banks may be able to expand into new lines of business and take advantage of (Versecure) to secure global transactions in whatever the application may be," said Kathy Kincaid, director of information technology security programs at IBM.
"This cooperative effort shows our commitment to interoperability," she added.