B of I takes lead with facility for Internet credit card transactions

Bank of Ireland will become the first Irish financial institution to offer widescale support for Internet credit card transactions.

From May, it will offer Irish Internet traders and Internet service providers a facility to secure credit card payments on Internet purchases. At the moment Irish trading websites rely on foreign banks, mainly in the UK, to authorise and clear online credit card transactions.

The long-awaited decision has not been officially confirmed, but its advent will be welcomed by Internet service providers and Government officials who have sought support from financial institutions here for e-commerce.

Mr Nick Fahy, programme manager for Internet business at Bank of Ireland, said: "We are going through a stage of ensuring certain compliancies are add ressed, but announcements can be expected in the near future."

The Irish Times has learned that Esat Net will be one of the first Internet service providers to offer its mainly corporate customers credit card payments approved by Bank of Ireland. The bank would not confirm whether it had reached agreement with other Irish Internet service providers, but said it was talking to several organisations.

Until now the conservative Irish banking community has been widely viewed as a major obstacle to the widespread take-up of e-commerce here. Bank of Ireland started providing a credit card validation service through the new GoIreland portal site last month, but its initiative will be the first time the service has been made available to the wider e-commerce community.

Ireland's largest Internet service provider, PostGem/IOL, says it has spoken to financial institutions but it appeared there was "nothing on the horizon" at the moment.

Ms Mary Mangan, managing director of PostGem/IOL, said she would be delighted if any of the Irish banks entered into such an initiative. "We're interested in looking at any offering from the financial institutions, but there would be a number of financial regulatory issues the banks would have to go through before that can happen."

The regulatory issues surrounding Bank of Ireland's new service concern compliancy agreements with the Central Bank and the Director of Consumer Affairs to meet basic security requirements. The final offering will most likely be a product package, which Bank of Ireland would expect several organisations to sign up to.

The initial product will feature certain associated risks for online merchants, because the technology supporting the online transactions will be based on the less secure of two global Internet transaction security standards - secure sockets layer (SSL).

The online credit card authorisation facility will be afforded the same support as standard "cardholder not present" transactions - such as mail order and telephone credit card payments. In the event of transaction discrepancies, the merchant has to provide a refund service.

The SSL standard is currently the most popular technology supporting Internet payments. It is quite flexible, and less complex than the global secure electronic transaction (SET) standard. While SET is accepted as more secure than SSL, there have been teething problems with its adoption owing to country-specific issues.

Bank of Ireland's validation service will be primarily SSL based, but, once SET becomes "globally workable for e-commerce", it is understood it will shift to the new standard. SET authenticates both parties in the electronic transaction via digital certificates independently verified as valid. These would be deemed "cardholder present" transactions, taking the cost risk out of the hands of online merchants when discrepancies arise.