Round two in the battle of security technology for credit card payments over on-line networks is under way.

MasterCard International has posted draft specifications on its World Wide Web home page in response to a decision by Visa International and Microsoft Corp. to publish a standard last week without the New York association's input.

"This was the piece that we were going to take to the table to work to integrate" with Visa and Microsoft's version, said MasterCard spokeswoman Jana Weatherbee.

The 200-page document is open to public comment, which Ms. Weatherbee said was the next step in developing an open standard.

MasterCard and partners Netscape Communications Corp., IBM Corp., Cybercash Inc., and GTE Corp. have been collaborating on an encryption- based standard for credit card payments over the Internet and other on-line networks since January.

Visa and Microsoft got a head start, working toward the same goal since November 1994.

But the associations announced in late June that they would work together to create a single standard, which would speed the advent of electronic commerce by offering consumers and merchants a safe way to make and accept credit card purchases over computer networks.

MasterCard expressed disappointment over Visa's decision last week to forge ahead without it, saying that Visa's Secure Transaction Technology, or STT, was not complete and would not allow software vendors to "write transaction processing code for the purposes of interoperability."

Other companies, such as Netscape and IBM, were far more biting in their criticism. Netscape's Michael Homer, vice president of marketing, claimed that Microsoft was trying to "exact a toll for every payment over the Internet" from banks. He said Microsoft withheld important "source codes" that are crucial to building security programs.

Though source codes are not available in MasterCard's document, Ms. Weatherbee said software vendors can write programs that can accept any credit cards at any merchant location.

Ms. Weatherbee said MasterCard believes the proper way to develop standards is "to collaborate, publish for comment, modify, and then publish the final document."

She said MasterCard would continue the process, with or without Visa, but the ultimate desire is cooperation. Visa representatives were not available for comment.

"Ultimately both (associations) need to come together," said Paul Lambert, director of interactive services for Jacksonville, Fla.-based Barnett Banks Inc. "Whether a month from now or 10 years from now there will be one version. Consumers will demand integration."

Even so, Lee Stein, chief executive of First Virtual Holdings Inc., a company that developed a safe payment system for Internet purchases, said, "Whatever reasons they couldn't come to agreement over the past 90 days, this announcement brings no new information to the table that would lead me to the believe that they will collaborate."

The recent cracking of Netscape's security system, he added, "reinforces the concept that one never knows where the problem is going to arise as it relates to encryption-based standards."

Mr. Stein questioned whether any standard would lead to safer electronic commerce.

Subscribe Now

Access to authoritative analysis and perspective and our data-driven report series.

14-Day Free Trial

No credit card required. Complete access to articles, breaking news and industry data.