E-mail: Is it safe yet to shop?

The next big venue for electronic commerce could be as close as your e-mail inbox.At least that's the hope of Web executives, such as Jody Sherman, vice president of business development at Xoom.

The next big venue for electronic commerce could be as close as your e-mail inbox.

At least that's the hope of Web executives, such as Jody Sherman, vice president of business development at Xoom.com, the soon-to-be partner of the NBC television network. Xoom.com last week launched a service, dubbed MightyMail, that makes it easy to incorporate template-style e-commerce offers into personal e-mail messages.

Indeed, Xoom.com already has partnered with United Media to offer ways to integrate the Dilbert cartoon into personal e-mail, and Sherman is eyeing other partners to use the e-mail system as a venue for promoting a new breed of e-commerce.

"This is a way to get fans to be affiliate marketers for you," Sherman says of the prospects of combining online selling and e-mail. "If you are in the e-commerce business, this is a way to sell more products with no additional cost."

No additional cost, maybe. But certainly plenty of added risk. That's because when it comes to handling online transactions, many commonly used consumer-oriented communications systems can hardly be described as "mighty."

Take, for instance, Microsoft's troubles during the past month in protecting the security of passwords used on its Hotmail service, or the comparable password snafus encountered by America Online's ICQ instant messaging service.

The collision course between commerce aspirations and security needs is rapidly bringing e-mail to a crossroads that could determine how big a role e-mail ultimately will play in enabling online commerce.

As the interest increases in promoting e-mail as a forum for high-value e-commerce transactions, the technology infrastructure of most e-mail systems needs to evolve in a way that makes it easy and secure to transmit sensitive information such as credit card numbers and personal billing addresses.

Or so says the growing group of entrepreneurs emerging with an array of techniques ranging from encryption to digital certificates that aim to meet the need that they perceive for making e-mail sturdy enough for consumer commerce applications.

"In two years, there won't be anybody sending e-mail that is not secure," says Leo Scheiner, chief executive of Global Market, a London company launching a service this week at www.1on1mail.com that aims to provide a way for consumers to send secure, encrypted e-mail to online merchants.

But even Scheiner acknowledges that the days of secure e-mail have yet to arrive.

Indeed, despite Hotmail's ongoing password problems, the Web's masses are not clamoring for secure solutions.

"If one wants to be first out with a product, you have to be there before the demand is there," Scheiner says. "I'm really very comfortable offering a product that nobody really wants yet."

Over time, encryption technology vendors paint a picture of a Web-based e-mail network that will be used to exchange intensely personal information, such as financing information needed for a car loan or a patient's medical records.

As the messages sent via e-mail become more sensitive in nature, the demand for secure systems will increase, according to Mike Ross, program manager at CyberTrust, the security technology unit of GTE.

"The exchange of information online is entering a red zone," Ross says. "It's more imminent because of the type of information that is being exchanged."

The evolution of e-mail mirrors the development of other key communications systems, according to David Cook, chairman of Dallas-based ZixIt.

People started using envelopes to keep others from prying into messages scribbled on postcards, Cook says. Likewise, party lines shared by telephone users originally allowed anyone in the neighborhood to eavesdrop on private telephone conversations. As the use of telephones expanded, however, consumers had more reasons to buy dedicated private line service, Cook says.

"Did anybody recognize at first that people would want to have private conversations on telephones?" Cook asks. "It's an evolution, and that evolution is driven by problems that people encounter."

Global Market's Scheiner, for instance, foresees a time when users will want to use their e-mail software to store all types of information that would typically be stored in an electronic wallet.

Such a setup would make it possible to execute one-click transactions directly from a user's e-mail box, he says.

Do you want information sent to you related to an advertised product? Just click on the e-mail-based advertisement and have your shipping address automatically retrieved from your personal information storehouse within the e-mail software. Then that information can be forwarded automatically to the marketer in the form of an encrypted e-mail message.

Just when such applications will become commonplace, however, is anyone's guess.

A raft of proposed legislation regarding digital signatures now is circling Washington, D.C., and a host of state capitals.

If any bills are passed, they could spur demand for secure online messaging - particularly after concerns about year-2000 issues pass, CyberTrust's Ross says.

"Once the Y2K thing winds down, people are going to turn their attention to security and digital signatures," Ross says.

Another factor that could drive increased use of secure e-mail by consumers is the adoption of the secure communications technology by businesses, says Mike Rothman, executive vice president at security developer Shym Technology.

"No one's going to build an elaborate system just to protect a $30 transaction," Rothman says. "But once the infrastructure is in place for business-to-business transactions, it will be easier to extend it to the consumer side."