Literary Components Of M Commerce Information Technology Essay
The present assignment on Secure Mobile Transactions: m-commerce, aims to present a comprehensive view of all the technological and security aspects that influence and govern monetary transactions done on wireless networks. This paper refers to some basic concepts related to m-commerce and then proceeds to discuss various purely technical issues involved in m-commerce. This work identifies presently available technologies that facilitate m-commerce and gives explanation about each of such technology. Further, the assignment focuses on the security challenges involved in mobile transactions and various aspects of mobile payments. Finally, the paper gives a brief list of m-commerce solutions currently available.
Table of Contents
Mobile commerce or simply m-commerce relates to commercial business operations and transactions carried out on wireless telecommunication networks with the infrastructural assistance of handheld mobile electronic devices. E-commerce is the commercial business processes done on internet and the m-commerce is making all monetary transactions on mobile devices (wireless electronic commerce). The technology of m-commerce offers many services and facilities that make commercial dealings simplified and reduce time consumed in those transactions. But the users and service providers have to be cautious of possible treats of wireless trade operations. Security of information, privacy to personal details and protection to the money involved are the real touch stones of strength of m-commerce.
2. Literary components of m-Commerce:
The concept of mobile commerce came into existence in the last decade of the 20th century. What has started as a facility to make payments to a soft drink vending machine, has now effectively subsumed nearly every aspect of electronic commerce. Today, m-commerce has emerged as a viable extension to e-commerce. Now the customers of any service or product can make their payments over mobile phones staying anywhere or even on move. Fundamental difference between e-commerce and m-commerce is that, in electronic commerce business dealings and transactions are made on internet, but the mobile commerce services can be used with the help of simple and inexpensive SMS and IVR systems (Rediff.com, 2010). Statistics inform that, the penetration of personal computers is still limited and the mobile penetration is nearly ten times more than that of PCs. Further, the wide internet access is still a distant dream with the exception of big cities and conurbations. Thus with the presently available user share and the further spread in future would certainly point mobile commerce as a viable and popular option to make swift and secure monetary transactions. Further, people with basic literacy can also make use of various services of mobile commerce unlike the electronic commerce, which requires the users to have good command on PC knowledge and its operational procedures.
The central point of mobile commerce is making payments on mobile phones. It is a point of sale payment made over a mobile gadget like cell phone, PDA (Personal Digital Assistant) ,a smart phone, gadgets of personal area networks and other newly coming wireless equipment (Krueger, 2001). Here, not only the merchandise transactions made through cell phones but the monetary payments made to utility vending machines, cab services, car wash machines etc also constitute acts of mobile commerce (Paavalainen, 2001). The core idea is the convenience. This convenience should not turn into a nightmare because of lack of security of the data exchanged in these commercial transactions over wireless networks.
Important services offered by m-commerce are,
Making reservations of tickets of journeys
Booking various entertainment show tickets
Making payments of civic utility bills
Transferring gift vouchers
Booking hotel rooms
Booking cab services
Make money donations to social service foundations
Making stock market trading
To avail all these facilities, mobile users can make use of SMS, BREW, GPRS and IVR services. Key issues of mobile transactions are the questions of authentication and security. The service providers have to follow robust security standards that are in vogue world wide. Some of the presently accepted standards are PCI DSS (Payment Card Industry Data Security Standard).
Advantages of m-commerce are:
Reduction of time consumed in serving merchandise orders
Reduction in the cost of management of commercial transactions
Gives extensively broad reach
Helps in effectively coordinating all the business processes involved
Gives competitive advantage in matters of product pricing
Provides high speed access to modern cellular applications (Answers Corporation, 2010).
Disadvantages of mobile transactions:
Cost of establishing and managing wireless telecommunication infrastructure
Concerns over safety of information and data exchanged over mobile gadgets
Mobile devices come with small screens and this limited display can limit the types of data and files that can be exchanged and accessed
Advanced mobile technologies are now largely confined to big cities
Technical limitations of mobile telecommunication equipments (Answers Corporation, 2010).
Given the comparative merits and demerits of mobile commerce, one can be perfectly sure that, the ongoing technological researches would certainly find viable answers to problems of this new paradigm in wireless commerce.
3. How m-commerce differs from e-commerce?
The level of wide availability of wireless telecommunication networks to use m-commerce applications practically from any location. The convenience in handling these small and low weighed devices is unique when compared to equipment required for carrying out electronic commerce transactions. Further these mobile devices are purely personal electronic gadgets and this guarantees maximum personalization unlike the PCs with Internet which are needed for e-commerce actions that are often shared among multiple users. Localized positioning of users can be done on all mobile commerce transactions. As the users carry their mobile phones with them, they can utilize their preferred personalized settings with which they can transact. This personalization is not available in electronic commerce transactions and dealings.
4. Technical areas related to secure m-commerce:
There are various aspects on the technical front that are closely related to safe money transactions done on wireless telecommunication networks with the help of mobile handheld devices. They are:
4.1. Need for secure m-commerce:
According to Yeun (2001), there are more cell phones which are connected to internet than the number of net connected Personal Computers. Though the PC penetration is also gaining pace, the spread of mobile phones and related gadgets has already surpassed all the future projections. The comfort given by mobile merchandise transactions is fueling the further expansion of m-commerce. As more and more people are resorting to the m-commerce utilities, the service providers have to take every care to ensure that all the transactions done, payments made, business deals concluded and the information exchanged over wireless networks is best guarded and strongly protected. Already the electronic commerce has seen any worst cases of security breaches and fraudulent infringements in high value commercial transactions done on electronic media through PCs connected to internet. This shows the dire need to research, design, invent and implement robust security standards for every small monetary transaction done over mobiles. Propensity of threat should be reduced and the vulnerability of supportive wireless networks should be reduced to sub-terrestrial depths to complement the growing demand for m-commerce.
4.2. Security Challenges in m-commerce:
As the wireless telecommunication networks are spreading fast and becoming a ubiquitous resource, the user base of m-commerce is fast expanding. But to ensure the continuity of this boom, high security of mobile transactions is in dire need. Important data and transaction security problems that pervade over m-commerce transactions are analyzed by Grosche & Knospe (n.d.).
As the mobile gadgets are purely personal devices, they are bound to carry some important private and confidential information which needs protection from unauthorized intruder access. To answer this threat these, smart and sensitive gadgets must employ user authentication mechanisms like passwords and PIN. Further, these cell phones must come with good data backup and crash recovery tools pre-installed in them, to cater to any unforeseen data loss and authentication breach. The operating systems used in the wireless gadgets must have tested perfection in defending owner’s data security needs. While the owner of the mobile phone intends to transmit some data over wireless telecommunication network for any commercial dealing, the wireless interface that guides this information exchange must be strong enough to maintain high levels of confidentiality, content integrity and more particularly user authenticity. Eavesdropping is a big threat which the wireless networks have to confront seriously. Data security mechanisms vary from one mobile technology to another. The end user access networks need to be strongly protected from data theft within and out side these network loops. And the network operator concerned must ensure that the money transactions made are concluded to the maximum satisfaction of both parties.
Money payment actions done on wireless networks should have assured secrecy and protection to the money involved. This task should cover all the stages starting from the payment or committing to make a payment up to the conclusion of the deal and authentication systems have to guard the entire transaction leaving no chance to intruder attack.
4.2. Technologies involved in m-commerce security:
With the increasing widening of mobile penetration, and all other similar wireless handheld devices, the services offered by mobile commerce have assured future. The technologies involved in the mobile commerce mainly deal with transferring of data and information over the available wireless telecom networks. Presently, widely used supportive network technologies are 2nd generation (2G), 3rd generation (3G) etc (Grosche & Knospe n.d.).
2nd generation wireless telephone technologies include, GSM (TDMA based), CDMA One etc. 2G telecommunication technologies are also known as PCS (Personal Communications Service) in USA. Advanced version of 2G services is 2.5G. This new one offers data transfer at higher speed. These services gave way to 3G services. This 3G technology comes with wireless telecom services like CDMA2000, UMTS, GSM EDGE, WiMAX, DECT etc. These new mobile standards support data transfers up to 14Mbits per second while downloading. The security of data transfers is higher in 3G when compared to earlier 2G technology. 3G services come with user authentication facilities while connecting to any network. This guarantees high security to all the transactions done of that specific telecom network (Grosche & Knospe n.d.)..
GSM is the most used media for carrying out mobile commerce transactions. The data transfer and sharing services offered on GSM networks are, SMS (Short Messaging Service) – for sending short messages having maximum 160 characters on the network media, WAP (Wireless Application Protocol) – to access internet APIs designed in WML (Wireless Mark-up Language), HSCSD (High Speed Circuit Switched Data) – tool of channel clustering for high data transfer rates and GPRS (General Packet Radio Service) – actually, this is an extension of GSM services. Fundamental architecture of GSM network generally contains GPRS, Intelligent Network(IN) and SMS services.
UTMS (Universal Mobile Telecommunication System) is a modern telecommunication system offered by 3G services. This is largely an extension of existing GSM. It has WCDMA (Wireband Code Division Multiple Access) radio channel signaling technology (Grosche & Knospe n.d.).
WLAN (Wireless LAN) works in 2.4 GHz & 5 GHz spectrum. Normally WLANs are low in data security. IEEE stipulated WEP (Wired Equivalent Privacy) to provide some security to transactions done on WLANs.
5. Security at various levels of mobile transactions:
5.1. Safety in data transport channels:
The technologies like GSM, GPRS, WLAN, UTMS provide considerable security to all deals transacted on wireless networks. But they cannot handle the safety constraints, when the commercial transactions involve multiple access networks. To ensure end to end security in such cases that communicate over Internet Protocol, SSL/TLS is widely used. SSL works with TCP (Transmission Control Protocol). Another transport layer security protocol designed and used for this purpose is WTLS with WAP services (Grosche & Knospe n.d.).
5.2. Safety of network services:
To make m-commerce transactions more secure, Intelligent Network (IN) concept in GSM networks is introduced. This GSM framework contains IN logic i.e. CAMEL (Cuatomized Application for Mobile Enhanced network Logic). IN handles all the m-commerce conversations. These services can also be used with SMS systems. Other technologies for secure services are, Parlay / OSA (Open Service Access) and USSD (Unstructured Supplementary Service Data) (Grosche & Knospe n.d.).
6. Security models presently in use:
GSM (Global System for Mobile Communication) is the widely used mobile security standard in European countries. According to Zobol (2001), Europe has the highest mobile penetration and the European Commission is presently implementing 15 new projects that operate mobile telecommunication networks. These projects are using WAP, GPRS, UTMS technologies. For ensuring high security of mobile transactions, they are using NESSIE encryption and E-PASTA environment. Further, 4G – an ultra speed broadband is also under implementation.
The commercial transactions concluded on mobile wireless networks do involve money payment. The concept of m-payments related to payment of charges for services or the price of goods sold or purchased over mobile wireless telecommunication networks. Significant advantageous aspects of m-payments are, less time consumed, no need to carry physical money and remote operability of accounts safely. There are different variants of m-payment systems like, pre paid payment systems, pay now payment systems and post payment systems.
There are various agreed limits of money transactions that can be done on mobile networks. In Europe micro, small and macro payments are in vogue form 1euro to more than 10 euros. In India the monetary transactions up to Rs.50000 can be done (Rediff.com, 2010).
The level of safety such mobile transactions need varies based on the money involved and the items that are traded in that transaction. But in each of such case anonymity of customer has to be protected safely. Mandatory and common requirements of mobile transactions are authenticity, reliability, confidentiality, authorization and integrity. Further the response time has to be reduced to minimum. And, conformity to ACID (Atomicity, Consistency, Isolation and Durability) principle for all deals involving monetary payment. Depending on the sources of money from where customers make payment over mobile networks, various m-payment systems presently available are:
“Software electronic – coins, Hardware electronic coins, Background amount” (Grosche & Knospe n.d.).
8. Examples of m-commerce security solutions:
Irrespective of the mode of payments made on mobile phones, there are various standardization bodies that deal with mobile commerce transactions. Some of them are, MoSign, Mobile Payment Forum, mSign etc. Another famous data security standard related to m-commerce is PCI DSS (Payment Card Industry Data Security Standard) (TechTarget, 2010). Visa International has recently developed Mobile 3D. It is a global security specification standard system that makes money transactions made by mobile phones and on internet more secure and safe (CellularOnline, n.d.). Finacle m-commerce solution developed by Infosys has many good security features like, generation of One time Password (OTP), USSD application, strong inclusivity framework and ability to register multiple bank accounts to a single mobile (Infosys, 2010).
Security of transactions concluded on mobile telecommunication networks is of fundamental necessity for the very concept of m-commerce. This assignment attempted to through light on every important aspect related to mobile commerce. The technologies discussed in this paper do need further improvement to cope up with the increasing threats to data and money transfer over internet and on wireless networks. Growing fraudulent intrusions on mobile information systems and individual gadgets make up a persistent need to continuously refine existing solutions and design new ones that can better resist attacks on transaction security over wireless media.Order Now