Deliver Your News to the World

IBM Mainframe Operating System Now Certified to Enable More Secure Financial Data Transactions


Built-in Digital Certificates May Offer Less Costly, More Secure Data Transfers

ARMONK, NY -- Jul 7, 2005 -- IBM today announced that its mainframe operating system z/OS now includes a newly certified data encryption feature that may allow companies to further secure confidential data and transactions within global networks.

The Public Key Infrastructure (PKI) encryption technology within the IBM eServer zSeries mainframe operating system, z/OS Version 1 Release 5 (V1R5) and higher, has been certified as Identrus-compliant. Identrus is a company that issues and manages identity credentials based on global industry, banking and technology standards.

The PKI services in z/OS allows IBM clients -- including retailers, bankers, credit-card issuers -- to act as their own digital certificate authority. This may help to remove the typical process of a “middle man” certifier for banks, which can incur “per transaction” charges. For businesses with thousands of transactions conducted daily worldwide, this approach has the potential to translate into significant savings. Also it may reduce the number of places that confidential data passes through, allowing more control to the banks that hold and process the data.

“By using digital certificates regularly, banks may enable more effective risk management against loss of data or fraud,” said June Felix, general manager, IBM Global Banking. “IBM anticipates that more banks will tap the PKI capability of encryption, which may allow a greater number of highly secure financial transactions globally. Once again, z/OS offers customers security features and value at the time when our financial services firms demand it the most.”

By using the built-in PKI cryptographic security services feature in z/OS version 1.5 and higher, companies can manage the lifecycle of digital certificates on behalf of their business and in accordance with their security policy. This may allow banks that become part of the Identrus network to efficiently issue or revoke digital certificates as new risks are identified or changes in the global financial landscape emerge.

The Identrus identity system for banking can also be applied to other industries that depend on private and secure data transfer. Since IBM z/OS is used by retailers, pharmaceutical manufacturers and insurance companies, its application potential is broad.

“From banking to e-commerce to healthcare, we anticipate that using global identities to exchange data will be an expected and required process for online data transfer,” said Karen Wendel, CEO, Identrus. “As more and more financial institutions are faced with breaches in physical security such as lost data tapes, having a solution of distributing data through digital identities is exactly what consumers and businesses are demanding.”

In PKI cryptography each bank uses an algorithm to create a unique public/private key pair. The root certificate authority -- Identrus in this case -- certifies the authenticity of the public key by issuing the bank a digital certificate. The requesting bank then publishes the public key certificate in a public directory. When the requesting bank wants to transfer money to another member bank, it finds the recipient’s public key in the directory and sends the transaction encrypted with the recipient’s public key and signed with its own private key. Only the correct recipient bank will be able to decrypt the transaction with its own private key. This security-rich process allows encrypting messages for privacy and authentication so the receiving bank can verify the source.

Identrus creates global identities established by financial institutions that leverage the Identrus RuleSet for globally interoperable digital identity. These identities may help to reduce the risks of conducting business on the Internet and can facilitate streamlined business transactions. A bank and their customers can transact with other Identrus users and their financial institutions by using the Identrus system. A bank can use z/OS’s built-in PKI and encryption capability to create and issue digital identities to their customers -- which can be authenticated by other users throughout the Identrus network in real-time online to help facilitate transactions.

About Identrus
Founded in 1999, Identrus is owned by the world’s largest financial institutions, including Citibank, Wells Fargo, Royal Bank of Scotland and Zions Bancorporation. The Identrus network currently includes approximately 50 participating financial institutions across 80 countries. Identrus provides a worldwide network for trusted identity credentials based on global standards. Identrus’ solutions provide a technologically interoperable environment for using identities. Additional information about the company is available at

About IBM
IBM is the world’s largest information technology company, with 80 years of leadership in helping businesses innovate. Drawing on resources from across IBM and key IBM Business Partners, IBM offers a wide range of services, solutions and technologies that help enable customers, large and small, to take full advantage of the new era of e-business on demand. For more information about IBM, visit


IBM, eServer, zSeries and the IBM e-business logo are trademarks or registered trademarks of International Business Machines Corporation. For a list of additional IBM trademarks, please see All other names and trademarks are the property of their respective owners.


This news content was configured by WebWire editorial staff. Linking is permitted.

News Release Distribution and Press Release Distribution Services Provided by WebWire.