Without ways to conduct secure commercial information exchange and safe electronic financial transactions over mobile networks, neither service providers nor potential customers will trust mobile commerce. Various mobile security procedures and payment methods have been proposed and applied to mobile commerce, and this chapter attempts to provide a comprehensive overview of these approaches and the issues involved. A secure mobile commerce system must have the following properties: (i) confidentiality, (ii) authentication, (iii) integrity, (iv) authorization, (v) availability, and (vi) non-repudiation. A discussion of the security issues related to the three network paradigms, wireless local area networks, wireless wide area networks, and WAP, is also included. Among the many themes of mobile commerce security, mobile payment methods are probably the most important. A typical mobile payment process includes: (i) registration, (ii) payment submission, (iii) authentication and authorization by a content provider, and (iv) confirmation. This chapter also describes a set of standards for mobile payments.
Network infrastructure provides essential voice and data communication capability for consumers and vendors in cyberspace. As part of the evolution from electronic commerce (EC) to mobile commerce (MC), it is necessary for the existing wired network infrastructure, i.e. the Internet, to be augmented by a series of wireless networks that support mobility for end users. Wireless networking technologies are advancing at a tremendous pace and each represents a solution for a certain phase, whether 1G, 2G, and 3G, in a particular geographical area such as the United States, Europe, or Japan. In this section, they will be categorized in terms of their radio coverage as wireless local area networks, wireless metropolitan area networks, or wireless wide area networks.