M-commerce (mobile e-commerce) security standards are in a critical formative stage. There is the PKI (Public Key Infrastructure) Forum, including IBM, Microsoft and RSA Security. There is Radicchio ( EDS; Ericsson, Gemplus- a France based smartcard mfg, Sonera- a Finnish telecom providing infrastructure technology to the Radicchio group)which claims to have concern that WAP devices have been pushed to market ahead of vital security issues, potentially stunting or delaying growth. Certicom, the cryptography company from which Q and others recently bought licenses, just joined Radicchio, which currently proposes a standard utilizing the 1024 bit assymmetric RSA code from RSA Security, but given Certicom's competitive position, we're looking at anything but convergence. There's an informative white paper at the Certicom site here:
certicom.com
There may be more groups squaring off, and technically I'm in the dark (as usual) except for that white paper, but RSAS/CIC is reminiscent of ERICY/QCOM. RSA's patents are expiring soon, which makes it somewhat more complex, i.e. the RSA code will be free for dvelopers from, say IBM and M-soft to work with, while the CIC code is superior but bears royalties to the owner. My sense is that Certicom's code will be the standard, but I can't factor out the value of the royalties, and my experience with Q has perhaps become an engram, skewing my thinking. In any event it seems undesirable and unlikely that we'll get into multiple modes of the standard since the market is still undeveloped and there's everything to be gained from a pure interoperation of all encrypted wireless devices, but there's heat being generated in this area. And I don't understand the generic difficulties with WAP:
The group denies Radicchio is a slap in the face for the WAP (wireless application protocol) Forum, or other existing forums, such as Bluetooth, which is advancing wireless connectivity for mobile devices.
"There are too many other issues to be resolved in the WAP Forum [which don't relate to security]," Sonera's Krull added. radicchio.org
Does anyone have any depth in this? |
