Royal Bank of Canada has begun to implement what it says may become one of the largest deployments of public-key infrastructure at a financial institution.
Public-key infrastructure, or PKI, uses digital certificates to provide confidentiality, authentication, verification, and auditing of transactions. Royal Bank aims to give digital certificates to its retail customers so they can execute digitally signed electronic commerce transactions with the bank and with merchants when buying goods over the Internet.
"It will be a new way of maintaining our relationships," said John Black, business project manager at Royal Bank of Canada. "We have great interest in getting digital certificates out as quickly as we can."
The $178 billion-asset bank initially plans to use the technology, which is being provided by Entrust Technologies Inc., to secure applications in foreign exchange, cash management, and consumer banking, Mr. Black said. Internal departments also will use the certificates to share documents through secure e-mail and other applications.
Royal Bank currently uses Secure Sockets Layer 128-bit encryption to protect the transactions of its 500,000 on-line banking and brokerage customers. The smart card security it has used since 1985 to protect cash management applications will be upgraded to incorporate digital certificates.
"We were not interested in implementing PKI until it was ready for prime time and of value to our 10 million customers," Mr. Black said.
He said he expects Royal to offer the certificates as a free service to customers. The certificates, which should be fully deployed within two years, are protected by passwords and serve to lock encrypted files on a customer's hard drive or smart card.
Royal Bank evaluated other PKI vendors, including Baltimore Technologies Inc. and Verisign, before signing a multi-million dollar agreement with Plano, Tex.-based Entrust. "Entrust has an off-the-shelf tool," Mr. Black said. "We were also impressed with its professional services arm."
Financial services companies account for 35% to 40% of Entrust's revenues, said Robert Heard, senior vice president of marketing and business development at the company. Of the more than 25 financial institutions that are deploying Entrust's PKI technology, Royal Bank's project "is one of the biggest," he said.
At the RSA Data Security conference in San Jose, Calif., this week, Entrust announced an alliance with Cash Tax Inc., a subsidiary of First Data Corp., to offer Entrust@YourService, a managed outsourced service of PKI software to financial institutions hosted at Cash Tax's secure facility in Denver.