Security issues in Mobile eCommerce
- 687 Downloads
With Mobile e-commerce the mobile user can buy and pay for things, pay his bill or make a bet via his mobile phone when on the move, anywhere and at any time. Mobile e-commerce will bring convenience and contribute to improve life quality of the users. However, in order to be successful, security measures must be strong enough to protect the user from illegal abuses and to get confidence from him. Unfortunately, current security measures for mobile phones are not yet sufficient. This paper describes the R&D activities in mobile e-commerce at Ericsson, which aim at making mobile e-commerce applications secure and enabling a full-scale development and deployment of them. The paper starts with a definition of mobile e-commerce. Next are a summary of the Wireless Application Protocol (WAP) and its achievements. The problems related to security in mobile e-commerce are then described. Thereafter, the solution to the problems is presented. The paper concludes with a look on the future and discussions on what can be done.
KeywordsMobile Phone Mobile User User Authentication Certificate Authority Wireless Application Protocol
Unable to display preview. Download preview PDF.
- 1.Visa & Master Card: SET Secure Electronic Transaction Specification-Book One: Business Description, version 1.0, May 31, 1997, http://www.setco.org/download.html/#spec
- 2.Visa & Master Card: SET Secure Electronic Transaction Specification-Book Two: Programmer’s Guide, version 1.0, May 31, 1997, http://www.setco.org/download.html/#spec
- 3.Visa & Master Card: SET Secure Electronic Transaction Specification-Book Three: Formal Protocol Definition, version 1.0, May 31, 1997, http://www.setco.org/download.html/Sspec
- 4.ETSI: GSM 02.17 V8.0.0 Digital cellular telecommunications system (Phase 2+); Subscriber Identity Modules (SIM); Functional characteristicGoogle Scholar
- 5.ETSI: GSM 11.14 Digital cellular telecommunications system (Phase 2+); Specification of the SIM Application Toolkit for the Subscriber Identity Module-Mobile Equipment (SIM-ME) InterfaceGoogle Scholar
- 6.RSA Laboratories. PKCS #1: RSA Encryption Standard. Version 1.5, Nov 1993Google Scholar
- 7.RSA Laboratories. PKCS #7: Cryptographic Message Syntax Standard. Version 1.5, Nov 1993Google Scholar