Identrus LLC, formed to put banks at the center of the digital certificate business, said four of its 21 bank partners expect to finish testing the system shortly and begin issuing the security identifiers to their business customers this summer.
ABN Amro Bank NV, HypoVereinsbank, Bank of America Corp., and Deutsche Bank AG would become the first members of the bank consortium to deploy the certificates commercially. Identrus technology would mostly be used to verify the identify of parties in business-to-business transactions.
"All 21 member institutions are at some stage in the deployment process," said Paul Donfried, chief marketing officer of New York-based Identrus. "They are operating today in preproduction, using Identrus certificates in their pilots."
Corporate customers use smart cards to put digital signatures on communications that include Identrus cobranded digital certificates. Through public key infrastructure, or PKI, these digital certificates can identify parties in a communication, ensure that the communications are private, and prove that data have not been altered in transit.
The pinnacle of Identrus' trust hierarchy is called the root certificate authority. Though the Identrus hierarchy is expected to eventually encompass thousands of financial institutions and millions of corporate customers, every Identrus digital certificate would be verifiable through the root. Identrus has selected Baltimore Technologies to provide its root certificate authority.
Last week Identrus announced that it had gotten the security systems of 18 vendors to work together in its pilot network. Identrus is the first example of a global public-key system that uses digital certificate authorities from multiple vendors, real-time certificate validation technologies, and smart cards to secure business communications and transactions.
"Banks are free to choose PKI from any vendor," said Patrick Holahan, executive vice president of Baltimore Technologies in Dublin. Identrus provides the overarching umbrella of trust to facilitate secure electronic commerce, he said. "It's a pretty good demonstration of PKI hierarchy, and yet it allows people to communicate on a branch level," he said.
Vendors participating in the pilot include Baltimore Technologies, Chrysalis ITS, Computer Associates, CyberTrust (recently acquired by Baltimore), Datakey Inc., Entrust Technologies, Gemplus, iD2 Technologies, Litronic, nCipher, Oberthur Card Systems, Rainbow Technologies, Schlumberger, Setec, Spyrus, TC TrustCenter, ValiCert, and Verisign.