1 / 27

Introduction to M-Commerce

Overview. What is M-Commerce?Security IssuesUsability IssuesHeterogeneity IssuesBusiness Model IssuesCase Studies / ExamplesQ

bethesda
Download Presentation

Introduction to M-Commerce

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. Introduction to M-Commerce Copyright © 2001 by Neil Daswani, licensed for use to Venkat Rangan on November 14-15, 2001Copyright © 2001 by Neil Daswani, licensed for use to Venkat Rangan on November 14-15, 2001

    2. Overview What is M-Commerce? Security Issues Usability Issues Heterogeneity Issues Business Model Issues Case Studies / Examples Q & A

    3. What is M-Commerce? E-Commerce with mobile devices (PDAs, Cell Phones, Pagers, etc.) Different than E-Commerce? No, but additional challenges: Security Usability Heterogeneous Technologies Business Model Issues But first, let’s learn a little about wireless technologies…

    4. Wireless Technologies Link Layer (examples…) WAN: Analog / AMPS CDPD: Cellular Digital Packet Data TDMA/GSM: Time Division Multiple Access, Global System for Mobile Communications (Europe) CDMA: Code Division Multiple Access Mobitex (TDMA-based) LAN: 802.11 Bluetooth Devices: Cell Phones, Palm, WinCE, Symbian, Blackberry, …

    5. Examples of PDA Devices

    6. Application Layer Technologies Micro-browser based: WAP/WML, HDML: Openwave iMode (HTML): NTT DoCoMo Web Clipping: Palm.net XHTML: W3C Voice-browser based: VoiceXML: W3C Client-side: J2ME: Java 2 Micro Edition (Sun) WMLScript: Openwave Messaging: SMS: Part of GSM Spec.

    7. Example: WAP WAP: Wireless Application Protocol Created by WAP Forum Founded June 1997 by Ericsson, Motorola, Nokia, Phone.com 500+ member companies Goal: Bring Internet content to wireless devices WTLS: Wireless Transport Layer Security

    8. Basic WAP Architecture

    9. Example: WAP application

    10. Security Challenges Less processing power on devices Slow Modular exponentiation and Primality Checking (i.e., RSA) Crypto operations drain batteries (CPU intensive!) Less memory (keys, certs, etc. require storage) Few devices have crypto accelerators, or support for biometric authentication No tamper resistance (memory can be tampered with, no secure storage) Primitive operating systems w/ no support for access control (Palm OS)

    11. Wireless Security Approaches Link Layer Security GSM: A3/A5/A8 (auth, key agree, encrypt) CDMA: spread spectrum + code seq CDPD: RSA + symmetric encryption Application Layer Security WAP: WTLS, WML, WMLScript, & SSL iMode: N/A SMS: N/A

    12. Example: Security Concerns Performance: we’ll do an example: should we use RSA or ECC for WTLS mutual auth? Control: WAP Gap data in the clear at gateway while re-encryption takes place

    13. Example: WTLS– ECC vs. RSA? WTLS Goals Authentication Privacy Data Integrity Authentication: Public-Key Crypto (CPU intensive!!!) Privacy: Symmetric Crypto Data Integrity: MACs

    14. WTLS: Crypto Basics Public-Key Crypto RSA (Rivest-Shamir-Adelman) ECC (Elliptic Curve) Certificates Authentication None, Client, Server, Mutual

    18. WAP Gap: One Alternative… Dynamic Gateway Connection Other alternatives also exist…

    19. Usability Challenges Hard Data Entry Poor Handwriting Recognition Numeric Keypads for text entry is error-prone Poor Voice Recognition Further complicates security (entering passwords / speaking pass-phrases is hard!) Small Screens i.e., can’t show users everything in “shopping cart” at once! Voice Output time consuming

    20. Usability Approaches Graffiti (Scaled-down handwriting recognition, Palm devices) T9 Text Input (Word completion, most cell phones) Full alphanumeric keypad & scrollbar (Blackberry) Restricted VoiceXML grammars for better voice recognition Careful task-based Graphical User Interface & Dialog Design Lots of room for improvement!

    21. Heterogeneity Challenges Many link layer protocols (different security available in each) Many application layer standards Businesses need to write to one or more standards or hire a company to help them! Many device types: Many operating systems (Palm OS, Win CE, Symbian, Epoch, …) Wide variation in capabilities

    22. Heterogeneity Approaches HTML/Web screen scraping Protocol & Mark-up language translators Standardization

    23. Business Models Issues Possible Models: Slotting fees Wireless advertising (text) Pay per application downloaded Pay per page downloaded Flat-fees for service & applications Revenue share on transactions Trust issues between banks, carriers, and portals Lack of content / services

    24. Case Studies NTT DoCoMo’s I-Mode Palm.net Sprint PCS Wireless Web

    25. NTT DoCoMo I-Mode 20 million users in Japan HTML-based microbrowser (supports HTTPS/SSL) on CDMA-based network 10’s of thousands of content sites, ring tones, and screen savers Pay per application downloaded and pay per page models Invested in AT&T Wireless so we may see it here in US in next few years!

    26. Palm.Net Low 100K users in USA Web Clipping (specialized HTML) microbrowser on Mobitex (TDMA) – based network run by BellSouth (>98% coverage in urban areas) 100’s of content sites (typically no charge for applications) Palm VII devices now selling for $100 due to user adoption problems. (Service plans range from $10 - $40 per month.)

    27. Sprint PCS Wireless Web Low, single-digit millions of US users Multi-device strategy: WAP/HDML based microbrowser on phones, Web Clipping on Kyocera, both on CDMA network ~50 content sites slotted, many others available (very hard to enter URLs, though) Slotting-fee + rev-share on xactions model $10 per month flat-fee to users, most phones already have microbrowser installed.

More Related