Secure Sockets Layer (SSL) was introduced by Netscape early in the move to the World Wide Web (WWW).  They created the first public browser with a graphical user interface and were immediately very successful at deployment.  At first SSL was designed to block evesdropping on communications from a customer accessing a merchant site.  As it became clear that any site could get an SSL connection, more attention was focused on proving the identity of the merchant site to prevent spoofing by rogue sites.  Most of the attention to web security has since focus on the user experience aroung sites that ask the user for payment information.

Banks and large merchants have learned one lesson from internet commerce; specifically they have learned that if they want to avoid fraud, they must proactively search for patterns of fraud and intercept them before the transaction occurs.

If the public Internet is not meeting the needs of  secure financial transactions, BusinessWeek reports that Richard Clarke has a solution for the DoD and SCADA (supervisory control and data acquisition) networks.  In his book "Cyber War and what to do about it" he advises critical infrastructure providers to build not buy.  His logic is that the commercial networks are not only well known to the attackers, but are built to the lowest common denominator.  If you need better secureity, you need a better network.  If this sounds a little like the splinternet, where different groups head off in different directions, you are right.  Fortunately technology is now moving to support such needs with private tunnels.