2 Aug 2002: FSTC Sets Group to Explore XML-Based Web Security

The Financial Services Technology Consortium is exploring the use of XML protocols for web security. The initiative is being handled by a newly formed advisory committee, which last month held its inaugural telephone conference to discuss the group’s activities.

The FSTC’s Security Standing Committee is co-chaired by Larry Hollowood of Bank of America and Jim Cowing of Certicom. Among the participating financial institutions are Capital One, Fidelity Investments, FleetBoston Financial, Mellon, JP Morgan Chase and Wells Fargo.

The committee is considering a number of projects. One involves comparisons of emerging security XML protocols for cross-portal authentication. A second project being discussed is validation and FSTC-endorsed feedback to emerging XML security standards work.

During the conference call, participants also discussed FSTC comparison of emerging business models for cross-portal authentication, such as Microsoft Passport and Project Liberty. Several financial institutions in the group indicated interest in the use of such portable authentication mechanisms.

The Security Standing Committee is one of several standing committees set up at the association's meeting last February in Atlanta to share knowledge and initiate potential FSTC projects.

The association is pairing up financial institutions and technology vendors to co-chair each of the committees formed around specific topics, including security and infrastructure, payments, distribution channels, emerging technology, and business continuity.

The next step for the security committee will be to draft an outline of areas of focus and potential projects. At the association’s meeting later this year, standing committees will present white papers outlining projects important enough for FSTC members to consider.