STRATEGIC PARTNERS
February 21, 2002
HERNDON, Va. -- Participants in NACHA's Internet Secure ATM Payments (ISAP) Pilot have successfully sent a digitally signed payment through an EFT network, the first time this has been accomplished in the U.S.
The payment was made during a series of technical tests to enable ATM/debit cards to be used to pay for Internet purchases, part of a continuing pilot program coordinated by NACHA's Internet Council.
"The benefit of this pilot is the development of a convenient and secure Internet payment option that would meet the payment needs or preferences of many consumers and e-tailers," said Elliott C. McEntee, president and CEO of NACHA -- The Electronic Payments Association.
In the technical tests, a digitally signed payment request was sent from a simulated merchant Web site through the STAR electronic payments network to Citishare Corp., a subsidiary of Citibank, which verified the digital signature to complete the transaction.
A collaboration of ActivCard, AmeriNet Inc., ANI Services, A-OK Network, Certicom and UTM Systems Corp. developed the technology and protocols to enable a consumer to digitally sign a payment request that includes his or her ATM/debit card information. These companies have also acted as merchants and payment processors receiving the digitally signed transactions.
The STAR network received the transactions in a standard message format, which was modified for this pilot by STAR and eFunds to support digital signatures. Both STAR and Citibank use processing support provided by eFunds.
"The success of this pilot clearly demonstrates the viability of utilizing the existing secure infrastructure of the STAR network for all future applications of electronic payments with new access channels," said Ronald V. Congemi, president and CEO, Star Systems, Inc.
A full pilot is scheduled for later this year. In the full pilot, a consumer making an Internet purchase using an ATM card would use his or her card number, but instead of using a PIN, the consumer would digitally sign an electronic payment request. The digital signature is generated by a private key, which will be issued by the consumer's bank and is securely stored in a chip on a device such as a smart card, token or software storage device.
The payment request is then sent to the consumer's financial institution, via an electronic payments network, where the digital signature is verified. The merchant would then receive authorization, and the consumer's checking account would be debited. The funds would be settled through the Automated Clearing House (ACH) Network, as all POS transactions using ATM cards are today.
Other members of the ISAP pilot workgroup include Concord EFS, Inc., owner of the MAC Network; Cybergold; Equifax and MerchantOnline.com. More information is available on the Internet Council's Web site.
