As United Parcel Service stepped into the secure-electronic-data-transmission business this week, it promised to make online-document delivery as trustworthy and easy to use as a dollar bill minted by the US Treasury.

"We view ourselves as a trusted third party," said Mark Rhoney, vice president of marketing for electronic commerce at UPS.

What UPS will offer by the second quarter of 1998 is an alternative to the encryption model offered by companies like Entrust Technologies and Network Associates' PGP division.

Entrust and PGP hawk encryption systems that allow one person to send a secure data file to someone else with no meddling from any outsiders. UPS's new service, developed in partnerships with Tumbleweed Software and NetDox, is based on the idea that a supervisor should be involved in the process to guarantee the integrity of the information being sent.

Say a lawyer wants to send a contract worth US$3 million, but the recipient decides to tinker with the numbers and knock the figure down to $2.5 million. The situation dissolves to finger pointing, each side saying they agreed to something different.

With the UPS system, the data that is sent will be digitally fingerprinted and archived with time stamps and receipts from each party, so there will be records of whether or not a document has been tampered with.

"The document is digitally notarized and legally binding," said NetDox spokesman Lee Kallman. If there is a finger-pointing situation, UPS will be able to prove in court exactly what was sent, by whom, who received it, and when.

"That's what you don't get with other encryption systems, and that's the void [UPS] wants to fill," said Kallman. The service will play a role not unlike the role a government plays when it guarantees the value of currency, Kallman said.

UPS will insure the integrity of each document, and the identity of both sender and receiver, for up to US$100,000.

The system is called UPS Document Exchange, and it will offer two levels of security - Dossier for the strong stuff and Courier for the milder version.

For the most sensitive data, UPS will use a system designed by NetDox that requires users to download a software client that wraps data - any sort of digital information, from simple documents to multimedia - in two layers of encryption, an inner 40-bit layer, and an outer 128-bit layer. The data is sent to a UPS server where it is unwrapped, and a digital fingerprint is taken and stored; then it is re-wrapped and sent to its destination, where the recipient opens it with the NetDox client software.

For less-critical data packages, UPS will use a system designed by Tumbleweed that encrypts data with a varying number of bits to accommodate the different encryption levels supported by browsers in different countries. The encrypted data is then sent to a UPS server, where it is stored at a 128-bit encryption level. The server sends an email message to the recipient telling him or her the Web address where the data resides and how it can be accessed via browser with RSA encryption.

UPS has been close-mouthed on the question of price, saying only that delivery will be more expensive than a 32-cent stamp and cheaper than a traditional overnight delivery.

NetDox has been charging $5.35 for domestic transactions and $10.70 for international data exchanges, according to Kallman. But it hasn't had much competition. If the UPS service proves viable and other competitors emerge, prices could drop precipitously, Kallman said.

News of the UPS service was greeted warmly in some corners of the encryption industry, and skeptically in others.

"We're very excited to hear that a large company like UPS is rolling out a broad-based service like this," said Gina Klein Jorasch, director of enterprise marketing at VeriSign. The company provides digital certificates, which act like identity cards tying a user's identity to a public key that enables the encryption process.

VeriSign has reason to be hopeful, though. Software clients like the ones provided by NetDox and Tumbleweed require digital certificates, just like those provided by VeriSign. "A deal between VeriSign and UPS is very conceivable," Jorasch said.

Jeff Harell, the product manager for PGP products at Network Associates, quarreled with the fundamental idea of involving outsiders in the data transmission process.

"Why would a corporate customer want to go to third-party [systems]?" Harell asked. "A lot of companies don't want to involve a third party that they are required to trust." Many companies view their data as too important to risk exposing to a system with so many junctions and exchange points.

PGP is a proprietary system. Users sending and receiving data must both have PGP, and their keys can only be provided and verified by PGP.

All of this is new in the traditional package delivery industry, but not unexpected.

"Now that the Web has become so ubiquitous, this strikes me as something that UPS and the other delivery companies needed to do," said Rita Knox, an industry analyst with the Gartner Group.

"This is a pretty compelling service," Knox added. "It's available 24/7 and it's virtually instantaneous."

Federal Express, after a failed attempt to introduce an electronic service in the early 1980s, ended up setting a standard in the industry in 1995 when it launched a self-service ordering and tracking system on the Web.

Similar services have since been adopted by UPS and Airborne Express, among other competitors. Analysts are looking ahead to the possibility of UPS’s online delivery service becoming an industry must-have if it proves successful.

"I definitely anticipate another domino effect if UPS has any success with this at all," said Michael Sullivan-Trainer of International Data Corp. "All it takes is one competitor to introduce a new software innovation and it changes industry dynamics."