Individuals and businesses sending confidential information over the Internet may soon be able to buy insurance and be compensated paid if the data is lost or stolen, according to a company that has been issued four patents on making that insurance work.
Transurety, a Minnesota patent-holding company that acquired the original company behind the technology, plans to license it to companies in the insurance industry that can then offer policies to banks, health-care companies, law firms and other enterprises.
"There's no technology that's 100 percent secure, so why not insure the residual risk?" said Allen Stern, CEO of Amax Consulting, which is handling the operational aspects of Transurety's business. "We're trying to make the Internet safer for people."
The patents are specifically for data in transit, not sitting in a database or on a laptop that might be stolen, he said. It could information sent via e-mail or in the course of a transaction.
The insurance could come in two forms, Stern said. In one case, an individual might buy a policy as an add-on before sending a sensitive e-mail message via a Web e-mail service. It would be similar to insurance on a valuable package being sent via a courier service. In another situation, insurance could be taken out by an institution, such as a bank, to cover the risk involved in operations such as online banking. It could be offered to customers for extra assurance that they'll be protected if something goes wrong because of a network problem, Stern said.
The company's technology may also help security software vendors offer expanded warranties that cover losses that occur if their products don't work, Stern said.
Transurety is grouping the set of technologies under the brand name Insuriti and claims its patents are the first to address Internet transmission insurance. The patents cover four processes the company said is needed to make such an industry work:
-- a system for issuing bonds against the value of something sent over the Internet, such as a consumer might buy from a company before it transmits a sensitive e-mail message;
-- methods for setting up an insurance policy that cover losses resulting from a problem, such as information about a merger getting into the wrong hands;
-- technology for analyzing the relative risks of using various technologies, such as different browsers and encryption systems, so underwriters know how to price their coverage;
-- a way to track and create reports on transmission failure claims, just as the Insurance Institute for Highway Safety gathers statistics on auto accidents.
The idea has drawn early interest from "hundreds" of financial services companies and other potential users, Stern said. Products based on the patents should appear next year, if not before, he said.
What Transurety is proposing would be a new approach to ensuring the security of data in transit, said Gartner analyst Avivah Litan. The sweet spot would be business-to-business communications, she said.
"I think it does have appeal, I just don't see a big market for it," Litan said. Enterprises' current options, such as deploying a public key infrastructure or sending e-mail via a special online service, have had only a limited following. There aren't many lawsuits over e-mails not being delivered, she said.
"It's not such a hard thing to pick up the phone and say, 'Did you get this e-mail?' " Litan said.
However, one of the more common dangers is e-mail getting through to the intended recipient but being intercepted because a hacker has taken over that e-mail account, Litan said. An insurer could cover that using Transurety's technology, according to Stern.