Intended to be "the first of many in the planned product range", the secure message and transaction service - yet to be named - will use cryptographic technology to issue digital certificates to individuals and companies.
The Royal Mail intends to act as the UK's first Trusted Third Party (TTP) following a deal with encryption specialist Entrust to provide its Entrust PKI encryption software tool for the service. PKI stands for public-key infrastructure which provides public-key encryption and digital signature services. This will enable the Royal Mail to issue digital certificates to mail and transaction recipients and senders in an attempt to guarantee security and legitimacy of users.
"At the moment, users don't have a guarantee of privacy and confidentiality, source of origin or proof of receipt," said Jim Pang, director of Royal Mail's Electronic Services in a prepared statement. The service is currently on trial with several corporate customers, according to the Royal Mail which sees the Internet security market growing to around $750m by 2001. "It is currently worth $60m a year and we want to be part of that growing market," said a spokesman.
Ken Fraser, principal analyst at the UK office of Gartner Group, said: "The Royal Mail is ideal for issuing digital certificates because it has credibility and experience. I'd expect them to team up with someone else soon for higher level certification. Most major credit agencies would give the Mail access to over 80 per cent of names in the country."
The idea is that during the various levels of certification, the Royal Mail has to determine whether a person or company exists and to determine existence, it can use financial records. The concept that a person only exists if he spends money may raise further debate but Fraser said that it is a system that is already in place in the US with credit check company Equifax.
The Royal Mail's determination to set up a secure messaging and transaction service follows just one month after Barbara Roche, minister for small firms at the Department of Trade and Industry, introduced proposals to make e-commerce transactions and email messages secure. The proposals include measures to promote the legal recognition of electronic signatures in electronic commerce and the introduction of a voluntary licensing regime for Certification Authorities, Trusted Third Parties and other providers of cryptographic services.