Chapter Preview
Top1. Introduction
There has been an exponential growth in the use of digital mobile devices in various fields these days. This has resulted in an increased effort to develop various commercial applications that would provide leverage to this extensive use of these digital mobile devices rather than desktop PCs. One such area is the evolution of e-commerce having application in mobile commerce (m-commerce. Some examples of m-commerce (Abbott, 2001) include the purchasing of airline tickets, purchasing of movie tickets, restaurant bookings and reservations, mobile banking and so on.
Normally when we think of buying a particular product (Thomas & Harold, 2003), things that normally come to our mind are the price, the quality, the brand, etc., of the desired product. To get this information, we often do window shopping in the conventional shopping method before we decide on buying the product. In electronic shopping we put an appropriate query, taking into consideration factors like the cost, the quality of product, etc. We also at times, compromise on the selection of the item, if we do not get an item suiting to our preconceived specifications. We human beings, under such circumstances, interpret various aspects depending on several considerations and make a balanced compromise before taking a decision on the deal.
In the mobile environment the same job will be replicated by an intelligent Agent (Pleisch & Schiper 2004; Jennings & Wooldridge, 1998; Altshuler et al., 2006) for getting the details on the specifications of the customer desired item by performing the search operation – a replication of the job done by a human agent in window or electronic shopping. It may be mentioned here that considerable research attention is being paid to the application of agents in various areas, these days. Quite amount of work been done in using intelligent agents for mobile shopping which accepts parameters from the user towards mobile shopping and agent does shopping based on fuzzy preferences or applying intelligence similar to how human being would do (Weng & Thomas, 2007; Guan et al., 2002; Foensca et al., 2002; Brown & Suresh, 2009, 2011). While unique features combined with an abundance of mobile digital devices and networks makes m-commerce an attractive venture, yet serious challenges also exist. However, one such concern is the security in doing transactions over this medium especially when making payments with the use of a credit card. The issue of security is however not restricted to M-Commerce as their consumers still at risk of fraud from card-cloning, identity theft, eavesdropping that can occur when conducting transactions in person and also via Electronic-Commerce (E-Commerce).So research was done in incorporating biometrics i.e., fingerprint towards mobile payment while conducting transaction wirelessly (Gordon & Suresh, 2010).
Key Terms in this Chapter
TLS: Transport Layer Security Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL).
WPKI: Wireless Public Key Infrastructure is a two-factor authentication scheme using mainly the mobile phone and a laptop. It is mainly promoted by banks, mobile operators, and mobile network manufacturers.
SHA: Secure Hash Algorithm is a family of cryptographic hash functions published by the National Institute of Standards and Technology (NIST) as a U.S. Federal Information Processing Standard (FIPS), including SHA-0, SHA-1, SHA-2, SHA-3.
SSL: Secure Socket Layer is a standard security technology for establishing an encrypted links between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client. SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely.
AEs: Advanced Encryption Standard also referenced as Rijndael is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.
WML: Wireless Markup Language based on XML, is a markup language intended for devices that implement the Wireless Application Protocol (WAP) specification, such as mobile phones. It provides navigational support, data input, hyperlinks, text and image presentation, and forms, much like HTML (HyperText Markup Language).
VPN: Virtual Private Network extends a private network across a public network, such as the Internet. It enables a computer or network-enabled device to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the private network.
WAP: Wireless Access Protocol is a technical standard for accessing information over a mobile wireless network. A WAP browser is a web browser for mobile devices such as mobile phones that uses the protocol.
UICC: Universal Integrated Circuit Card is a smart card used in mobile terminals in GSM and UMTS networks. The UICC ensures the integrity and security of all kinds of personal data, and it typically holds a few hundred kilobytes.