Diversinet Provides End-To-End Digital Signatures For WAP And Non-WAP GSM Phones

SIM V2.0 Offers Unique Hybrid Security Solution for Both WAP and Non-WAP GSM Phones

Diversinet Corp. (NASDAQ Small Cap: DVNT), a leading provider of m-commerce security infrastructure solutions, today announced the launch of its new SIM V2.0 security solution.

Diversinet's new SIM V2.0, based on reliable, time-tested Gemplus GemXplore(TM) Trust Public Key SIM card technology, fully integrates into Diversinet's application security and Public-Key Infrastructure (PKI) suite of products. With the integration of the SIM V2.0, network operators and application developers will now be able to support PKI-enabled security solutions over both WAP and non-WAP GSM phones. The new version is a lighter weight version of its predecessor and has incorporated valuable feedback from Diversinet's customers.

The new SIM V2.0 is a hybrid WAP-GSM client certificate security solution. SIM V2.0 provides seamless wireless to wired security through enhanced PKI security over wireless networks by offering digital certificates to GSM phones for use in non-WAP environments and WAP-enabled GSM phones for use in a WAP environment. The SIM V2.0 solution is compatible with all current WAP gateways and browsers on the market and complements any WTLS security on the WAP handset.

Diversinet's PKI client on SIM cards delivers operators the capability to deploy secure end-to-end applications utilizing the GSM network through the user's phone handset. The new SIM V2.0 solution will be particularly attractive to organizations such as banks offering services that demand high levels of security, as it will enable them to authenticate users independently of the cellular network carrier. It will also allow for separation between the mobile network provider and the company offering the services.

The GSM market has over 330 million subscribers and 366 operators world-wide, and is expected to grow to 462 million subscribers by the end of 2001 and 733 million by the end of 2004, according to the GSM Association and industry research group EMC. By supporting the GSM market, the product provides Diversinet with a large base of potential new users of its SIM V2.0 is a true thin client as the bulk of the data processing occurs on the server, not the card. The SIM 2.0 offers flexible certificate provisioning by either the smart card manufacturer or the GSM carrier. Applications are not kept on the SIM card; therefore, the application software does not need to be provisioned on the card before hand. The network operator simply adds new applications to their Application Server and updates the application list. The next time the user selects the Applications menu item he/she gets the new list and chooses from the displayed menu. For GSM WAP-enable phones, the SIM card relies on the WAP browser as the source of applications and downloadable application templates, similar to browser pages for non-WAP GSM phones. For non-WAP GSM phones the SIM card relies on Diversinet's unique application provisioning technique.

Thin clients, such as the SIM V2.0, are especially useful in wireless applications and provide instantaneous security to a number of users with out issuing new SIM cards.

"Diversinet has developed an advanced SIM solution that addresses the entire GSM market," said Hussam Mahgoub, Vice President of Products, Diversinet Corp. "Now customers will be able to have their choice of either a WAP or non-WAP GSM phone and still have strong user authentication and digital signatures through a Subscriber Identity Module."


A SIM card contains all of the information about the end user. This personal information allows security-related functions and identity verification to be carried out, which is essential for electronic commerce. There are two kinds of protection provided by the SIM card: strong mutual authentication and non-repudiation between the client and server. This is achieved by generation of digital signatures that guarantee non-repudiation in transactions such as those for purchasing goods.

The advent of "always on services" brought about the implementation of GPRS poses great opportunities for network providers and application developers. GPRS also creates significant security issues for using these new services using GPRS. The flexibility of Diversinet's new SIM V2.0 makes it the ideal security platform to secure this new wave of applications.

Diversinet's new SIM V2.0 acts separately from the WAP/GPRS browser and communicates directly with the application provider. When a transaction is initiated through the WAP/GPRS browser, the application provider then contacts the SIM card inside the phone to complete the transaction securely. Once the transaction is complete, the phone switches back to the browser.

The SIM V2.0 further expands Diversinet's device coverage to include WAP/GPRS -enabled GSM phones, allowing application providers to deliver their applications over both WAP/GPRS and non- WAP/GPRS GSM phones in addition to Palm, RIM, WinCE, and PocketPC operating system-based devices, all from a single infrastructure.

Diversinet's wireless security infrastructure provides end-to-end (client-to-application) security for wireless applications that require strong authentication, encryption, and digital signatures in order to conduct business transactions in a completely secure environment that mirrors the security models being used in the bricks and mortar world today.

[ Home | Contact | MobiChat | Experts database | Let's do it ]

Comments to the content of this page can be posted on the MobiChat discussion group

logo.gif (1569 bytes)