Open Market provides a StoreBuilder toolkit for firms that want to
conduct business on the Internet. Its scheme works with existing Web
clients and uses a payment URL (Uniform Resource Locator) that encodes
price and other data in the information sent to the client program.
When a consumer selects an item, the URL is sent to a payment server,
which authenticates the user and processes the payment. The payment
server then redirects the client program to use an access URL. The
model supports ordering of information goods such as delivery of
magazine or database excerpts on demand as well as traditional hard
goods. Open Market's partners include the Lexis/Nexis service and
Digital Equipment Corp.
New security technologies and alliances are being announced at a
breathtaking pace. For example, Microsoft has announced an alliance
with Visa International. Microsoft recently announced its own online
information service (called Marvel) and purchased Intuit, the leading
maker of PC personal finance software.
Other new ventures such as First Virtual aim to provide transaction
services without a need for security-enhanced software (see Section
4.1). Purchases are authenticated off-line via a relatively
simple e-mail confirmation instead of more complex schemes.
During 1995, we probably will see many more alliances out to provide
secure Internet transaction technologies. A shakeout also is likely as
the market settles on technologies and players within and outside the
Advocates of commerce on the Internet maintain that the more
complicated schemes are essential for the Net to replace conventional
means of conducting business. To prevent a Tower of Babel of complex
new schemes, the newly formed W3 Organization is trying to foster
cooperation among technology vendors. Tim Berners-Lee, the chief
architect of the World-Wide Web, has convened meetings of major players
on behalf of the consortium.
Berners-Lee is optimistic that there will be some convergence. He also points out that HTTP was designed under the assumption that multiple schemes would coexist. According to Berners-Lee, the top layer of Secure HTTP transactions will negotiate the level of security and the exact scheme to be used. This will allow users and vendors to take advantage of future encryption schemes that have not yet been invented.