Schlumberger and Entrust Collaborate to Secure Wireless E-Commerce for WAP

WAP Identity Module plus PKI Provides Transaction Security for Wireless Networks

    Schlumberger (NYSE:SLB), the leading provider of smart card-based solutions to GSM operators in North America, and Entrust Technologies Inc. (Nasdaq:ENTU), global leader for solutions that bring trust to e-business, today announced that they are collaborating to provide client security solutions for the WAP(TM)-enabled mobile e-commerce marketplace. The strategic collaboration combines a new generation of WAP Identity Module (WIM) smart cards developed by Schlumberger, with Entrust public-key infrastructure (PKI) products and services. GSM mobile telecom operators will have a turnkey solution for securing mobile Internet transactions such as the purchase of goods, and accessing intranets over wireless networks. Millions of mobile phone users will have "peace of mind" that their e-commerce transactions have been secured.

    Schlumberger and Entrust will jointly integrate and promote their WIM/PKI solutions to telecommunications equipment and micro-browser vendors such as Nokia, Ericsson,, Motorola and others. They will also jointly promote their ready-to-use package solutions to mobile telecom operators who are seeking a best-of-approach to the WAP-enabled mobile e-commerce marketplace.

    Schlumberger has chosen Entrust as its strategic lead partner to provide PKI for its customers. The two companies have successfully co-developed security solutions for desktop computer applications, and have co-developed methods for securely implementing smart card-based identification systems. This latest collaboration extends the companies' joint development, marketing and sales efforts to the emerging mobile Internet marketplace, following the recent decision of the WAP Forum to adopt smart card security.

    The two organizations are making this early move to meet demand from GSM mobile telecom operators, who are keen to plan, trial and implement trusted WAP-based transaction services such as payment, mobile banking and brokerage. The client security solution developed by Schlumberger and Entrust brings digital signature processing in support of non-repudiation to these transactions. Non-repudiation is a fundamental requirement of any transaction with value, and mobile operators anticipate that the availability of a turnkey WIM production system will allow trials or commercial services to be launched as soon as WAP terminals compliant with the new 1.2 specification become available.

    "The proven experience of Entrust and Schlumberger in implementing smart card-based PKI gives mobile network operators a ready-to-use solution for rolling-out secure mobile commerce," says Minh Le, field marketing director, Mobile Communications Solutions, Schlumberger Test & Transactions, North America. "We expect it to reduce time to market substantially, allowing WAP commerce to become a practical proposition during 2000." Le noted that in addition to WIM smart cards, the Schlumberger Mobile Communications Solutions group provides smart card-based, complete solutions for the GSM market, including technology-leading subscriber identity module (SIM) smart cards, software, applications, integration and project management.

    "By specifying PKI as an intrinsic function of WAP terminals, the mobile Internet industry has created a powerful catalyst for electronic commerce," says Robert Heard, senior vice-president, marketing and business development, Entrust Technologies Inc. "We could see the first true mass applications of digital signatures as early as the end of this year, signaling a new era for business."

    About WIM

    The WIM is defined by the WAP Forum as a tamper-resistant device which is used to perform wireless transport layer and application level security functions, as well as the storage and processing of information needed for user ID and authentication. The WIM addresses two fundamental security issues. The first is the security of the wireless transport layer (WTLS) between the WAP gateway server and the mobile client terminal. This can be considered as the same kind of function as the Secure Socket Layer in today's Internet world, which provides mutual authentication and confidentiality. The WIM performs this task using cryptography algorithms that are stored inside the chip on the smart card. The second part of the security function is to secure the application layer, via a digital certificate signature and non-repudiation techniques

[ Home | Contact | MobiChat | Experts database | Let's do it ]

Comments to the content of this page can be posted on the MobiChat discussion group

logo.gif (1569 bytes)