NationsBank’s First SET Tx

NationsBank announced Tuesday the successful execution of the bank’s first SET Secure Electronic Transaction, which enables a customer to securely use their credit card over the Internet without fear of another party intercepting, monitoring or changing the transactions.

This transaction differs from others announced in the United States in that it uses the 1.0 production specification and software from different technology providers.

NationsBank has been working with the 1.0 production specification for the past six months.  In conjunction with IBM and MasterCard, NationsBank conducted a SET enabled transaction to purchase items from a MasterCard promotional web site.  The 1.0 specification is the industry-approved standard for transmitting credit card information over the Internet.

“This SET initiative underscores our commitment to electronic commerce, the Internet and addressing customer concerns about security,” said Rick Collins, vice president of New Product Development for Card Services at NationsBank.  “Our successful completion of an end-to-end SET transaction represents the first step towards offering a solution to our customers who want to securely shop on the Internet.”

Currently, the technology is available only in pilot projects.  Future initiatives include expanding the technology to consumers, although no timetable has been established.

NationsBank used a branded IBM CommercePOINT Wallet(TM) and the IBM Registry for SET(TM) certificate services, which enables a consumer to securely store and transmit their credit card information to a merchant web site over the Internet.

MasterCard, working with GlobeSet(TM), provided a merchant server and payment gateway.  This combination of software allows transactions to flow securely over the Internet from the customer to the merchant to the bank and back, thereby fully authenticating interoperability.

“Ensuring security is a key aspect of IBM’s focus on e-business — using the Internet to improve business efficiency,” said Mark Greene, vice president, Internet payments and certification for IBM.  “IBM is delighted to work with NationsBank and MasterCard to enable secure Internet transactions for their customers.  As the first SET 1.0 launch in the U.S., this is a landmark accomplishment.”

“While there has been a lot of worry lately about SET interoperability, efforts like these with leading banks like NationsBank go a long way to showing the path forward to secure and efficient Internet commerce,” said Steve Mott, senior vice president for Electronic Commerce/New Ventures at MasterCard.

“GlobeSet congratulates NationsBank on their groundbreaking achievement in the SET arena,” said Dennis Jolly, vice president of sales and operations for GlobeSet.  “We look forward to more milestones in the future, helping to develop SET business solutions that further demonstrate our full interoperability with other SET vendors and customers.”

As the industry’s leading provider of electronic business solutions, IBM was the first company to bring to market in 1996 a comprehensive suite of secure end-to-end electronic commerce solutions, the CommercePOINT family of products and services.  In April, IBM announced the first merchant server in the industry to use the SET protocol, Net.Commerce.

MasterCard International, a payments company with one of the world’s most recognizable brands, is dedicated to helping more than 23,000 financial institutions around the world offer consumers a variety of payment options.

MasterCard remains focused on helping shape the future of money by expanding acceptance of its global brands (MasterCard(R), Maestro(R), Mondex(R), and Cirrus(R), the world’s largest ATM network) and maintaining reliable, secure networks facilitating global value exchange.

GlobeSet is a leading developer of comprehensive, SET software solutions for secure payment card transactions over the Internet, with applications for the buyer, merchant, financial processor, and certification authority.  The company is part of the SET design team and serves as a charter member of the SET Business Review Panel.

NationsBank Corporation (NYSE NB), headquartered in Charlotte, N.C., is a bank holding company that provides financial products and services nationally and internationally to individuals, businesses, corporations, institutional investors and government agencies.  NationsBank has primary retail and commercial banking operations in 16 states and the District of Columbia.  With its completed acquisition of Barnett Banks on January 9, 1998, NationsBank has total assets of $310 billion.


MBNA Dividend

MBNA’s  Board of Directors approved an increase of 12.5% in the quarterly dividend rate to $.09 per common share, which will increase the annual rate to $.36.  The cash dividend is payable April 1, 1998, to stockholders of record as of March 16, 1998.

MBNA Corporation, a bank holding company and parent of MBNA America Bank, N.A., a national bank, has $49.4 billion in managed loans.  MBNA, the largest independent credit card lender in the world and one of the two largest overall, also provides retail deposit, consumer loan, insurance, and card acceptance services.


Diversinet Enters E-Security

Diversinet Corp. announced Tuesday at the 1998 RSA Conference, the premier international cryptography event of the year, its plans to launch an all-new product line as the company changes its strategic direction to offer ground-breaking technology for secure electronic commerce-enabling servers.

Diversinet’s technology will provide businesses with efficient and versatile turnkey security solutions for Intranet, Extranet and Internet applications. Compared to the more cumbersome products available on the market today, a Diversinet-enabled system is much more scalable. It can service several hundred users or several million users, without frustrating lag times.

“The key advantage of the Diversinet technology is its simplicity,” said Dr. Taher Elgamal, Chief Scientist for Netscape Communications Corp. “It is a flexible, effective and efficient security solution for e-commerce applications,” added Dr. Elgamal, who also serves on Diversinet’s board of directors.

Complete anonymity and security

Diversinet’s certification server, the company’s core product, issues on-demand `D-certificates’ and distributes public keys in an anonymous and trusted manner. Unlike current systems where the certificates include additional personal information that is irrelevant to the user’s need for access to the system (e.g. name, address, phone number), D-certificates only carry the user’s alpha-numerical ID. This reduces process time and the amount of memory required to store the certificate, making it more efficient and significantly less expensive to encode on a smart card. Diversinet products can be either software-based or can use hardware smart cards for authenticating users.

There is also no need for a revocation process since the owner of the certificate controls the certificate public key. The certification server distributes the certificate but does not attest to any knowledge of the owner.

The certification server, which is scheduled for release in May, will include client software to retrieve, store and maintain D-certificates as well as a toolkit to allow developers to use D-certificates within their applications. The product will include a “light authentication” system that will allow companies to simply integrate the certification process into existing and/or new systems.

Streamlined authorization process

Diversinet’s authorization server works with the certificate server to increase the security of applications by enabling them to determine the level of permitted access for any user. Unlike other authorization servers, the Diversinet product will allow access to users without prior setup within the applications. The authorization server utilizes D-permits – portable credentials that are carried by the users and presented when needed, eliminating the need for an application database. The authorization servers will be available in the third quarter of this year.

“Diversinet is poised to revolutionize the burgeoning e-commerce security market with its flexible, efficient, and effective products,” said Nagy Moustafa, President and Chief Executive Officer of Diversinet Corp. “Our patented authorization and authentication technology positions Diversinet to be an industry leader.”

“Diversinet is working with OEMs to license the technology for future product development so that it becomes a standard for secure, corporate e-commerce solutions”, Moustafa added.

About the company

Diversinet Corp., (), is a developer of products based on public-key infrastructures (PKI) and technologies required for corporate networks, Intranets and electronic commerce on the Internet. The Toronto, Canada based-company’s proprietary PKI technology offers customers ease of use, as well as efficient and flexible implementation for a variety of diverse security authentication applications.


Security Dynamics & Schlumberger Partner

Security Dynamics Technologies, Inc. and Schlumberger Limited announced a partnership whereby Security Dynamics plans to use Schlumberger technology to provide SecurID(R) smart cards as part of its new SecurSight product portfolio announced yesterday.  The addition of smart cards to Security Dynamics’ family of SecurID solutions is designed to provide customers with additional choices for implementing strong user authentication in enterprise security solutions.

Security Dynamics is adding Schlumberger’s RSA cryptographic smart cards to its existing line of SecurID authentication devices, including hardware tokens and SoftID(R) software tokens.  As part of its SecurSight product roadmap, Security Dynamics is providing customers with a migration path that outlines the opportunities and transition issues for companies looking to implement next-generation security technologies, such as public key and digital certificate technology.   To protect customers’ existing security investments, SecurSight solutions will work with both SecurID tokens and smart cards.  Additionally, SecurSight will support Security Dynamics’ traditional time-synchronous authentication method as well as public-key authentication simultaneously.

“As digital certificate technology and smart card readers become more prevalent, smart cards will become an alternative form factor for customers implementing user authentication,” said Dave Power, senior vice president of marketing and corporate development at Security Dynamics.  “Through its partnership with Schlumberger, Security Dynamics plans to deliver a broader range of options for its smart card customers who want to deliver information to their users anytime, anywhere, securely.”

“Public Key Infrastructure is recognized by the IT community as the cornerstone of future network security, and smart cards are a natural multi- application token for large scale deployments,” said Lou Bisasky, general manager of Schlumberger Smart Cards North America. “We are pleased and excited to work with Security Dynamics, a pioneer and a leader in network security solutions.  Together, we plan to deliver to our mutual customers higher utilities thanks to the combination of Public Key and smart card technologies.”

The partnership between the companies is designed to allow Security Dynamics’ customers to leverage Schlumberger’s leading portfolio of smart card technology and applications, worldwide manufacturing and distribution channels.  Conversely, Schlumberger’s Corporate Campus customers will have the opportunity to migrate to enterprise security solutions offered by Security Dynamics’ SecurSight solutions.

Schlumberger was first to introduce state-of-the-art 1024-bits RSA crypto smart cards required for public key operations such as dynamic two-factor user authentication or document and message signing.  Schlumberger’s cryptocards are integrated as plug-ins in such solutions as Microsoft’s Internet Explorer and Netscape’s Navigator and Communicator browsers.  Schlumberger is also the leading provider of smart card-based multi-application campus cards particularly targeted at Corporate Campuses.  Schlumberger’s cards are designed from open systems and industry standards, such as the RSA crypto- algorithm, the PKCS#11 specification and the PCSC specification.

About Schlumberger

Schlumberger Electronic Transactions offers a flexible portfolio of smart card-based solutions for businesses and communities of all kinds.  The company provides cards, terminals, development tools and support in open configurations for operators, developers, integrators and distributors worldwide.  Under the Smart Village brand, the Schlumberger product offering includes the milestone Cyberflex card, the industry’s first Java-based smart card.

The Electronic Transactions group employs over 5,000 people and operates 45 facilities. Among dedicated facilities in 34 countries, the group has nine research and development centers strategically located in Europe, Asia and North America.  Schlumberger Electronic Transactions is a business segment of Schlumberger Limited, a $9 billion global technology service company providing oilfield services, natural resource management, transactions-based technology and associated systems, and semiconductor test equipment.  More information can be found at .

About Security Dynamics

Security Dynamics Technologies, Inc. is the leading provider of enterprise network and data security solutions that help companies conduct business securely, protect corporate information assets and facilitate business-to- business electronic commerce.  With more than two million users of its SecurID authentication technology, Security Dynamics is the world leader in two-factor user identification and authentication.  RSA Data Security, Inc., a wholly owned subsidiary of Security Dynamics, is a leading supplier of software components that secure electronic data, with more than 300 million of copies of RSA encryption and authentication technologies installed worldwide.  RSA technologies are part of existing and proposed standards for the Internet and World Wide Web, ISO, ITU-T, ANSI, IEEE, and business, financial and electronic commerce networks around the globe.  Security Dynamics and RSA can be found on the World Wide Web at and , respectively.

This press release contains forward-looking statements relating to the planned introduction by Security Dynamics of SecurID smart cards incorporating Schlumberger technology, and such statements involve a number of risks and uncertainties.  Among the important factors that could cause actual results to differ materially from those indicated by such forward-looking statements are delays in product development, undetected software errors or bugs, competitive pressures, market acceptance of Security Dynamics’ SecurSight products and Public Key and smart card technologies, technical difficulties, changes in customer requirements, government regulations, general economic conditions, and the risk factors detailed from time to time in Security Dynamics’ periodic reports and registration statements filed with the Securities and Exchange Commission, including without limitation Security Dynamics’ Registration Statement on Form S-3, as amended (File No. 333-35035), filed on September 5, 1997.


Flat Fleet

Fleet Financial Group’s fourth quarter was essentially flat compared to the third quarter according to Bankcard Update/CardData. Fleet’s receivables grew a mere $42.2 million and its credit card customer base increased slightly less than 8,000 accounts. The issuer is in the process of absorbing the Advanta portfolio and installing a new card czar.

               FLEET FINANCIAL FOURTH QUARTER 1997 STATS (12-31-97)
          RECV      Q-VOL     YTD-VOL   ACCTS     ACTVS     CIF
Fleet     $2.7b     $1.0b     $3.4b     2.3m      1.4m      N-R
     recv-receivables; vol-volume; accts-accounts; actvs-actives;
     Source CardWeb, Inc.’s Bankcard Update/CardData


ValiCert Service Global Pilot

ValiCert, a company delivering encryption technology and services for assuring the validity of digital certificates, today announced it has expanded its global field trials of the ValiCert Service with several leading digital certificate product partners.  The ValiCert Service — a unique service which provides an intelligent clearinghouse for checking the validity of digital certificates — will now be supported by Baltimore Technologies, Entegrity Solutions, Entrust Technologies, GTE CyberTrust, and Xcert International, Inc. Initial field trials for the ValiCert Service were announced in late 1997 with international CAs Belsign (Europe) and Thawte (South Africa/USA).

The field trials are now being opened up to organizations worldwide as a unique opportunity for application developers, enterprises deploying a public key infrastructure, and users of certificate-enabled applications and services to test certificate validation in a real-world setting using the first available global validation service.  The trial will be capable of managing an average transaction rate of more than 30 million certificate validation requests per day.  For more information about the ValiCert field trial, see .

ValiCert’s global field trial validates digital certificates using live data by aggregating an array of Certificate Revocation List (CRL) data from ValiCert’s CA service and product partners.  The CA service partners feed all live data from their CRLs into the ValiCert Service in order to provide scalable validation services that assure the validity of their customers’ certificates across the global Internet, intranets and extranets.  The service partners who also market CA products can now incorporate the ValiCert Service Plug-in which will give their customers the option to participate in the ValiCert Service for communicating and conducting commerce across the Internet and enterprise intranets.

Expanded Field Trial Partnerships

ValiCert’s newest partners in the field trials include global leaders in products and services for encrypted communications and Internet commerce infrastructure.  “We are very pleased with the success so far of our ValiCert service and the high interest level in the field trials,” said Chini Krishnan, chairman and chief technology officer of ValiCert.  “Our expanded partnerships with the industry’s premier partners is an indication of our commitment to work with the top organizations who are focused on meeting the information security needs for today’s electronic environment.”

Baltimore Technologies is a global leader in the provision of cryptographic software solutions securing electronic commerce and Internet business.  From their headquarters in Dublin, Baltimore Technologies operate the EuroTrust Trusted Third Party (TTP) infrastructure for electronic commerce throughout the EU.

“Baltimore Technologies are excited about integrating ValiCert’s products into our UniCERT Certification Authority system,” commented Fran Rooney, CEO of Baltimore Technologies.  “The inclusion of ValiCert’s products allows our customers worldwide to perform truly secure cross-realm validation for electronic commerce.”

Entegrity Solutions is the leading provider of a Public Key Infrastructure (PKI) Security Development Platform (SDP) to rapidly deploy secure applications.  “Supporting ValiCert’s validation services in our Security Development Platform and Certificate Authority enables our customers to have access to a higher performance global validation service,” said John Weinschenk, vice president of marketing, Entegrity Solutions.  “We believe that a global validation service will also play a key role in Certificate Authority interoperability and assurance in the global Public Key Infrastructure.”

Entrust Technologies is a leading provider of Certification Authority (CA) and public-key management products for both Internet and intranet applications.  “There’s no doubt that certificate validation is an important value-added service for electronic commerce,” said Brian O’Higgins, chief technology officer, Entrust Technologies.  “Entrust provides an open platform that allows third parties and customers to provide additional certificate validation processes or technologies that are appropriate for business processes.  We will support ValiCert’s product and service development in this area.”

GTE offers a suite of high assurance certification authority products and services for use with public key-enabled security applications.  “GTE CyberTrust is committed to providing customers with the strongest security solutions available.  To accomplish this, GTE is working closely with industry pioneers like ValiCert to ensure that a comprehensive infrastructure is available,” said Tom Carty, vice president of marketing and business development for GTE CyberTrust Solutions Incorporated.  “Certificate validation is a critical component in this infrastructure and GTE is proud to participate in field trials of the ValiCert Service.”

Xcert International provides secure electronic business solutions to the global financial services market.  Xcert technology is based upon an interoperable Public Key Infrastructure that is cryptographically independent. “We believe that ValiCert’s pioneering efforts in certificate validation are an important part of the framework for global expansion of electronic commerce,” said Thomas Nolan, president and CEO of Xcert.  “Xcert is pleased to be a part of this expansion and to help define the infrastructure for secure online commerce.”

The ValiCert Service

The ValiCert Service is a scalable and network efficient system for users, merchants and enterprises that are conducting communications and commerce across the Internet.  The service enables certificate issuers to distribute all revocation data confirming the validity of a digital certificate in a timely, secure manner and to make this data — traditionally associated with unscalable, network-intensive Certificate Revocation Lists — easily available to applications and people that they wish to conduct business with around the world.  It enables any application, server or person accepting certificates, regardless of its source, to be assured of the certificate’s validity.  The ValiCert Service is targeted at enterprises that are conducting broad-based Internet communications and commerce, as well as individuals using public certificate authorities (CAs).

Digital Certificates

Digital certificates are gaining momentum and acceptance for use as electronic credentials for identification (comparable to a driver’s license or employee ID badge), for payment (comparable to a credit card), and for other communications or business transactions conducted over the Internet or corporate intranets.  As with the credit card industry, which developed a way to electronically validate the millions of credit card numbers issued by any bank in the world, the use of digital certificates requires its own clearinghouse network for certificate confirmation, so that individuals and businesses can assure the validity of any certificate.

About ValiCert

ValiCert was established in 1996 by a group of leading cryptographers and executives from the Internet services industry to build a broad validation infrastructure for the net economy.  Utilizing technology based on an innovative cryptographic technique called certificate revocation trees, ValiCert delivers an efficient, scalable and transparent solution for checking the validity of digital certificates in any Internet or intranet transaction. ValiCert is headquartered in Palo Alto, Calif. and is available on the World Wide Web at , or by e-mail at


Citi 98-2 Card Bonds Rated

Citibank Credit Card Master Trust I’s (CCIMT I) $500 million 6.05% class A credit card participation certificates, series 1998-2, are expected to be rated ‘AAA’ by Fitch IBCA.  The corresponding $32 million 6.20% class B certificates are expected to be rated ‘A+’.  In addition, Fitch IBCA expects to affirm its master trust ratings indicating that the issuance of series 1998-2 will not result in a reduction or withdrawal of current ratings assigned to outstanding trust certificates.

The expected ratings reflect the quality of the receivables generated from Visa and MasterCard credit card accounts, the available credit enhancement, the servicing expertise of Citibank (South Dakota), and transaction’s sound legal and financial structures.

Class A’s enhancement, equal to 11% of the total initial invested amount, is derived from a 5% shared cash collateral account (CCA) and the subordination of the 6% class B certificates.  The shared CCA will first support class A then class B, covering losses not paid by excess finance charge collections. Class B’s enhancement, equal to 7% of the total initial invested amount, is derived from a 2% CCA dedicated just to class B, along with the 5% shared CCA.

Credit enhancement levels were determined by stressing portfolio steady state yield and payment rate assumptions to determine the level of defaults the enhancement could sustain.  Class A is able to support a 35% decrease in yield, payment rates dropping in half, and defaults increasing to a level above 30%, and still make full and timely payments to investors.  Class B can sustain a 25% decrease in yield, along with a decline in payment rates by more than 40% and defaults increasing to a level above 25%, while meeting all investor principal and interest obligations.

Class A and B investors will receive the semi-annual interest payments based on the aforementioned respective annual interest rates throughout the revolving and accumulation periods and on the scheduled final payment date. If an early payout occurs, class A and B investors will receive principal on an accelerated schedule, along with monthly interest payments.  Following the variable accumulation period, principal is expected to be paid in January, 2008.

Series 1998-2’s terms contain an accelerated payout feature to protect investors from deteriorating collateral or a servicer default.  If certain triggers are breached, the amounts available in the 5% shared CCA will be drawn upon and immediately distributed to class A investors.  In addition, the 2% CCA dedicated solely to class B will be drawn upon and immediately distributed to class B investors.


Outsourcing Picks Sherman Financial

Outsourcing Solutions Inc. (OSI), the nation’s largest receivables management company, announced that it has selected the Sherman Financial Group, LLC of New York as its exclusive agent for the purchase of distressed consumer debt.

Under the terms of the affiliation, Sherman Financial will manage the acquisition of debt and OSI will purchase and service it, primarily through its Account Portfolios, Inc. division. The firm will purchase consumer debt from a variety of industries, including credit card, health care, student loans, telecommunications and utilities.

Bryan Faliero, OSI Senior Vice President of Portfolio Operations, noted that the joint effort would further expand OSI’s already significant portfolio management capabilities. “Sherman has extensive experience in capital markets and asset acquisition. Its expertise, combined with OSI’s receivables management capabilities, make this affiliation an important part of our continuing growth. Together we will be better able to structure transactions for various types of distressed assets with flexible terms that recognize sellers specific needs,” Faliero said.

Sherman Financial’s managing director, Benjamin Navarro, said that as OSI’s exclusive debt acquisition affiliate it would develop and manage relationships with financial companies nationwide. “Sherman specializes in structuring transactions that address the unique situations faced by sellers of distressed debt,” Navarro said. “Our affiliation with OSI enhances our ability to focus on client needs and offer competitive pricing and superior service.”

OSI was formed in September 1995 by McCown De Leeuw & Co., a private equity firm with offices in New York and Menlo Park, California, to become one of the leading companies in the highly fragmented and rapidly consolidating credit collections industry. In addition to Atlanta-based Account Portfolios, Inc., it has acquired The Continental Alliance, Seattle, a contingent collection agency; A.M. Miller, Minneapolis, a contingent collection agency; Payco American Corp., Milwaukee, a multi-line firm providing contingent collections and outsourcing services to credit grantors in a wide range of industries; Accelerated Bureau of Collections, Englewood, Colorado, a contingent collection agency; and North Shore Agency, Great Neck, New York, one of the largest providers of letter series collection and billing services to direct marketers, utilities and cable companies. OSI also has initiated a tender offer to acquire The Union Corporation, Charleston, South Carolina, which operates collection agencies and provides credit usage and receivables management outsourcing services to major corporations.


AT&T Surge

‘); } else { document.write(“); } //–> AT&T Universal is exiting the card issuing business with an impressive year-end surge. According to fourth quarter portfolio data gathered Monday by Bankcard Update/CardData, Universal’s receivables grew nearly 8% in the fourth quarter to $15.3 billion. For the first three quarters of 1997 AT&T posted a meager 5% YTD increase. Universal also posted a 4% quarterly gain in gross accounts and a 7.5% increase in cards-in-force.

               AT&T UNIVERSAL FOURTH QUARTER 1997 STATS (12-31-97)
          RECV      Q-VOL     YTD-VOL   ACCTS     ACTVS     CIF
AT&T      $15.3b    $8.0b     $27.7b    19.7m     N-R      24.2m
     recv-receivables; vol-volume; accts-accounts; actvs-actives;
     Source CardWeb, Inc.’s Bankcard Update/CardData


PinnacleSET Expands Security

Hypercom Corp. Monday announced plans to provide hardware-based security engines from Atalla Corp. with Hypercom’s PinnacleSET software.

Hypercom’s Pinnacle suite of Internet electronic commerce software products incorporates software-based security based on the Secure Electronic Transaction (SET) Protocol, the emerging standard spearheaded by Visa and MasterCard.

Hypercom also plans to make available Atalla’s PayMaster/PCI Internet Security Processor. Atalla, at Booth 222, RSA Data Security Conference, is a leading provider of hardware-based security products for private networks, the public networks and the Internet/intranet arena.

Introduced in September by Hypercom, the PinnacleSET suite leverages Hypercom’s client/server software product line, the Pinnacle Transaction Environment. PinnacleSET, built on Release 1.0 of SET, will work with a greater range of payment cards and SET applications than any other SET product now available. PinnacleSET runs on platforms such as Windows NT, Sun Solaris, HP-UX and Tandem NSK.

Hypercom is a leading supplier of point-of-sale (POS) payment systems, enterprise networking solutions and client/server software.

“As electronic commerce grows, security is crucial to establishing and maintaining confidence of all parties involved, including banks, merchants, processors and consumers,” said Ted Cole, vice president, Hypercom’s Pinnacle Software Group.

“This hardware solution significantly increases the performance of encryption operations of SET transactions. As a result, customers can achieve new levels of transaction throughput and speed for financial payments.”

“This step brings together leaders in their respective markets,” said Gary Sabo, vice president, marketing, Atalla Corp. “We are excited about working with Hypercom because of the significant merchant acceptance of its products, worldwide presence, quality of products and commitment to providing customers with the lowest total cost of ownership.”

Atalla PayMaster/PCI Internet Security Processor

Atalla’s PayMaster/PCI Internet Security Processor provides a full onboard crypto-subsystem that fortifies and accelerates all SET security processing. Specialized hardware security engines from Atalla off-load the burden of public-key cryptography from the server CPU and free up additional cycles for the SET payment application.

Atalla products enhance PinnacleSET performance, while also helping safeguard sensitive information such as cryptographic keys using physically secure hardware. In addition, Atalla’s PayMaster/PCI adds robust key management and key typing for SET transactions. These capabilities help eliminate the possibility of keys being used for more than one purpose and minimize the risk of a so-called “backdoor” attack on the system.


Atalla’s PayMaster/PCI Internet Security Processor will be available with the PinnacleSET software suite by the second quarter of 1998.

The PinnacleSET Suite

Merchants using PinnacleSET client/server software products gain advantages for the use of the Internet for transaction modes such as loyalty, chip card and stored-value applications.

PinnacleSET applications currently include

— PinnacleSET Wallet, which resides on the cardholder’s computer.     The Wallet can carry the logo of banks, financial processors or     merchants, which can provide additional branding and     advertising opportunities.

— PinnacleSET POS, a point-of-sale application linking merchants     to their customers and financial processors for quick, secure,     easy payments.

— PinnacleSET Gateway, a gateway application, which connects the     merchant to the payment processing system for credit card     authorization.

— PinnacleSET CA, a certification authority server, which helps     generate and manage digital ID certificates for secure     electronic financial transactions and digital rights     management.

Atalla Corp.

Atalla (a Tandem Company) brings nearly 25 years of experience securing commerce over private networks to the public networks and the Internet/intranet arena. The company’s products include industry-leading hardware-based security processors for the Internet, intranet and the bank transfer networks, POS/POE (point-of-sale/point-of-entry) credit/debit payment terminals, customer authorization and PIN selection terminals, and secure enrollment products for banking and government applications.

An estimated 70 percent of all ATM transactions in North America (estimated value $1.4 trillion daily) are secured by Atalla’s specialized security processor products. Atalla has headquarters at 2304 Zanker Road, San Jose, Calif. 95131. Phone 408/435-8850.

Hypercom Pinnacle Software

The Hypercom Pinnacle Transaction Environment high-performance, client/server software operates under Microsoft Windows and UNIX. Pinnacle preserves host integrity while providing advanced payment capabilities and value-added services for networks.

Hypercom Corp.

Hypercom Corp. is a leading supplier of point-of-sale (POS) payment systems, enterprise networking solutions and client/server software. Phoenix-based Hypercom sells its products in more than 50 countries worldwide.


MultiCom Signs Greenleaf

Greenleaf Technologies Corp. announced that it has entered into an agreement with MultiCom Services LLC , an Austin, Texas privately held service bureau and call receipt center for product orders.

MultiCom will provide GLFC with a basic, turnkey platform for credit card billing, capturing customer order information and verifying credit card purchases on-line. In addition, MultiCom’s Customer service division will interact with software supplied by GLFC to generate unlock codes to access PC based games initially distributed via the Internet that will be provided to customers upon approval of credit card purchases.

Allan King, president and CEO of MultiCom, stated, “Our initial relationship with Greenleaf will primarily entail building and maintaining customer databases for customer calls and orders. However, we believe that as this strategic relationship grows we will promote, market and incorporate Greenleaf’s proprietary high tech line of products and services to our existing and expanding client base of companies and organizations on behalf of Greenleaf.”

MultiCom Services provides a high quality, comprehensive package of turnkey telecommunications solutions for full customer support for its clients.

GLFC owns three high tech products to be marketed through various strategic relationships CommShield(TM), DIGITREK(TM) and MusiKey(TM), CommShield(TM) provides access protection for telecommunications networks. DIGITREK(TM) encrypts and decrypts information on CDs and DVDs. MusiKey(TM) allows major music distributors to control and secure the electronic distribution of new song titles.

GLFC, which is not presently a “reporting” company, intends to file a registration statement with the Securities and Exchange Commission as soon as practicable following the completion of the company’s audited financials.

For more information, please call Richard Margulies or Eric Low at CMI Public Relations Services Inc., a wholly owned subsidiary of Creative Media International Inc. (OTC BB CTVM), at 732/225-1234; fax 732/225-1230; Email; or via the Internet [][1].



Beyond SET

A global consortium of Internet commerce firms released a complete specification for the ‘Open Trading Protocol’ yesterday. The specification has been posted at for public comment and pilot implementations. The ‘OTP’ standard enables a consistent framework for multiple forms of e-commerce, ensuring an easy-to-use and consistent consumer purchasing experience regardless of the payment instrument or software and hardware product used. The protocol builds on ‘XML’ and supports ‘SET’.