Mobile News

With the internet notorious for security breaches and incomplete transactions, it is vital that the evolution of m-commerce is built within a secure and trusted environment. Trust in the m-commerce environment means more frequent transactions, higher value transactions and increased loyalty/ brand affinity. Mobile banking services therefore represent an opportunity to instill confidence in the m-commerce sector because its personalised and transactional nature relies fundamentally on security mechanisms. There are four complimentary concerns that security systems must address:

* Privacy–ensures that only the sender and the intended recipient of an encrypted message can read the contents of a message. Private information such as addresses and credit card information should not be accessible during internet transmission

* Integrity–ensures the detection of any change in the content of a message between the time it is sent and received. In addition there must be a method of reporting any such alteration, eg in many solutions a receiving system would request that the message be resent. Digital signatures are required

* Authentication–ensures that all parties involved in communication are who they claim to be. Server authentication provides user verification of the website connection. Client authentication verifies the user identity. Digital certificates enable solutions

* Non-repudiation–provides a method to guarantee that a party to a transaction cannot falsely claim non-participation in the transaction. Digital signatures are required.

Regardless of where the WAP gateway is situated, digital certificates are a part of wireless security. Banks will be able to act as their own Certification Authority (CA) and digital certificates will enable digital signatures–the wireless signature of legal documents. As mobile banking services move from information-based offerings to mobile portal-driven services via basic and complex transactions, security considerations will be aggregated.