Telstra will launch a secure e-commerce payment service, Surelink, in New Zealand on March 3 after 18 “fantastic” months of the service in Australia.
Surelink allows customers to buy products and services online without having to give their credit card details each time. Once registered with Surelink’s secure service, they can use a customer ID and password, as long as the site they shop through is also registered.
Spokeswoman Nicola Lamont says several companies, including a couple of bookstores, have already signed up for the New Zealand service and will be announced at the March launch.
Messages between Surelink, buyers and sellers will use the RC4 stream cipher encryption mechanism contained in the secure sockets layer (SSL) supported by major Web browsers, although it will initially use only 40-bit encryption because of US restrictions on 128-bit encryption.
Surelink also ensures consumer protection by applying a Message Authentication Code (MAC) to any offer made by its merchants. This code is calculated using the MD5 hash algorithm and includes a secret key which will prevent any changes being made to the offer between the merchant and Surelink. The database with customers credit card details is protected by two firewalls.