Security alert is bad for business
OPINION: Internet traders are being held back by scare stories about credit card risks, protests Nick Rosen
Monday 22 April 1996
The computer security industry and the credit card companies have been getting away with self-serving scare stories about Internet security. "Russian hackers steal millions via the Internet", the Sunday Times reported recently, for example. Not a shred of proof was ever produced.
The security companies want to sell more security, and the credit card companies want to keep a stopper on Internet trading until their own Secure Electronic Trading (SET) standards have been finalised. This will not be before the final quarter of 1996.
Last year saw about $200m in Internet retailing. This year the figure could be $800m. The credit card companies particularly dislike the arrival of a dozen new, competing ways of doing business securely on the Net.
Many companies, including my own, have launched secure Internet trading services. The Intervid Commerce Server offers the facility to buy and sell over the Internet in a secure computer environment. No hacker will be able to steal your card number. Buyers can be sure that merchants are who they claim to be, and merchants can make the usual checks on customers. We accept Visa and Mastercard (with the knowledge and permission of our bank). We also accept Digicash, and E-cash and Cybercash. If we wanted we could even launch our own currency.
Yet the credit card companies advise their customers against doing business this way. They should be ignored. Different levels of security suit different products (or different people) at different times. We should resist the urge to set universal, expensively high security standards, and then impose them on the whole market. Eventually that would allow the card companies too much control.
The argument against systems such as ours is that they use a technology called Public Key Encryption with 40 bit encryption. The strongest version uses a 128 bit version, but the US Defense Department will not allow non- American companies to use this.
It is true that French hackers with a supercomputer managed to crack the 40 bit version after a week's solid processing. But for all practical purposes it is powerful enough. That is not to say the UK and EU should not lobby against the US restriction - perception is all, and most people would feel safer using the most sophisticated system there is.
Security is as weak as the weakest link in the chain, which often does not lie in the technology but in management decisions and human factors. The easiest way to penetrate our secure server would be to break in to the office and steal the password. And that is something a million bit encryption system could do nothing about.
Nick Rosen is managing director of Intervid. He can be contacted at email@example.com
Life & Style blogs
Revenge porn: What is it – and how big is the problem?
Teenagers irritable because early school hours mess with their biological clocks
Windows 10: Microsoft bypasses 'Windows 9' to unveil latest operating system
The Fappening: After the third wave of leaked celebrity photos, why can't we stop it?
The truth about student sex workers: it's far from Belle Du Jour
Isis, we are told, is a 'clear and dangerous threat to our way of life'. I’m sorry, but I just don’t buy it
Exclusive: 'Putin's Russia has been my biggest regret,' says Nato's outgoing Secretary General
The Osborne Ultimatum: Chancellor’s benefits freeze bombshell will affect ten million households
There’s no excuse for Dave Lee Travis’s behaviour, but we need to keep a sense of proportion
Should gay sex be illegal? 16% of Britons think so
Mark Reckless becomes second Tory MP to defect to Ukip in a month
- 1 Sainsbury's '50p challenge' poster telling staff to encourage customers to spend more placed in shop window instead of staff room
- 2 Five-year-old Iris Grace is raising awareness of autism through her extraordinary paintings
- 3 Isis an hour away from Baghdad - with no sign of Iraq army being able to make a successful counter-attack
- 4 Yes, the iPhone 6 is a miracle, but it's Apple's tax affairs that deserve a double take
- < Previous
- Next >
Very Competitive Salary: Austen Lloyd: NORTH HAMPSHIRE NQ to MID LEVEL - An e...
Highly Attractive Pakage: Austen Lloyd: MANCHESTER - A highly attractive oppor...
£40000 - £50000 per annum: Ashdown Group: Marketing Manager (Campaigns, Offlin...
£90000 - £135000 per annum: Ashdown Group: Head of Marketing (B2C, Acquisition...