The U.S. Senate passed a bill making digital IDs legal “e-signatures” last week. Senator John McCain, whose Commerce Committee is the Senate’s Internet law gatekeeper, said the measure will cut costs and boost consumer confidence in web security. The president has said he’ll sign a clean bill.
What does this mean to you?
If you’re selling to consumers, it doesn’t mean a lot right now. For five years the credit card industry has been talking up a technology called Secure Electronic Transactions (SET), but it hasn’t really gone anywhere.
The group that manages the standard is still testing it but don’t expect SET to come out of the lab anytime soon, even though it would lower merchant costs and greatly reduce fraud.
There are three reasons for this.
First, SET is difficult to set up in the nation’s transaction-processing networks. The costs to processors are still small, when compared to the benefits.
Second, SET takes a lot of computing power if you want to do it right, because you’re dealing with encryption and decryption of millions of personal keys, not to mention a second database look-up on every transaction. Again, this raises costs to processors without a big financial pay off.
Third, putting hundreds of millions of personal keys into the hands (and computers) of Americans is a huge task, one for which even the leading firms in the space aren’t totally prepared.
Until SET happens, merchants serving consumers still live in a “card not present” environment. No one is passing a credit card across the counter, and there’s no signed credit receipt. Recent changes in transaction programming mandated by Visa and MasterCard were mainly devoted to identifying Internet merchants separating them from “safer” telephone merchants” so the banks can crack down on y’all.
I’ve written about this before, but if you don’t use a fraud screen like those offered by such commerce service providers as Cybersource and ICOMS, it’s now a business necessity. If that’s a problem for you, staying in business may also be a problem for you.
If you’re in the B2B space, however, digital IDs and legal e-signatures are big news. There are several reasons for this, too.
First, support for the IDs can be implemented fairly easily in corporate procurement systems using XML.
Second, the transaction volume for business transactions is relatively modest (compared to the consumer space), and since there are only a few million businesses out there, the IDs should be simpler to pass out. However, be aware that all those authorized to sign contracts in your business need a separate ID. You can’t get away with a single signature as you can with your merchant server.
Finally, the need for such signatures in B2B commerce is real. Anyone who signs a contract, or even signs off on a requisition, now has to go back and forth to paper in order to be safe and legal. With legal authority now a given for your Digital ID, vendors can deliver solutions that will save some serious money fast.
There’s a second lesson here, one that deserves repeating as we get into more complex and controversial areas of Internet politics. That is, when big Internet and big business get together on something, things happen.