Schlumberger (SLB :NYSE) announces a smart card innovation for mobile commerce – the first WAP identity module (WIM) which secures internet transactions on mobile devices. Compliant with the wireless application protocol (WAP), the Schlumberger WIM brings new levels of security and convenience for mobile device users and opens the way for a new generation of GSM applications in a secure environment. It removes the "is it safe?" barrier to the widespread adoption of mobile commerce, by putting state-of-the-art encryption and digital signatures to authorise on-line transactions in the hands of mobile internet users.
Mobile commerce, via wireless devices such as mobile phones, is seen as the latest technology revolution, with a quarter of a billion digital cellphone subscribers increasingly familiar with using their phone as an information and transaction tool. The first WAP projects are expected to take place in areas with advanced European GSM networks within the next year. The WIM will be a key tool for mobile network operators, service and content providers to begin implementing mobile commerce services from secure information access, to on-line banking and buying goods and services such as travel tickets.
"In the wireless future, more people will be going on-line via mobile devices. With this new card, mobile users can be 100% confident of the security of their Internet transaction," says Sheung Lau, WAP product manager at Schlumberger. "By specifying smart card security from day 1, the wireless internet community has given itself a real business advantage." The Schlumberger card is the first to implement the WAP identity module user security functions. These are expected to be introduced by the WAP Forum in December 1999 in the 1.2 specification.
The WIM offers unprecedented ease of use through a true multi-tasking capability never previously available on a smart card. It’s the first multi-application solution supporting ‘logical channels’, enabling users to pass from one application to another without losing transactions which have already been carried out. If the user wants to switch from one task to another – for example pausing a banking transaction to take an incoming call – operations are saved intact.
Two types of protection are provided by the WIM. The first is authentication between the client and the server by means of encryption using ultra-long keys of up to 1024 bits. This encryption can be based on RSA or new-generation elliptic curve algorithms to increase security further. For a second level of protection, the module also generates the digital signatures required to secure the application. Transactions such as purchase of goods or access to confidential information on an intranet can now by proof-stamped with a totally individual code to guarantee non-repudiation. This extremely powerful feature hardly exists in today’s Internet world, and has typically only been available for specialised applications such as funds transfer. Unlike an encryption-enabled browser, the secret keys handling the encryption remain in the user’s smart card, by definition a tamper-resistant device, allowing it to be removed and transferred to other devices.
The unique security features of the WIM offer the potential for use across a range of smart and multi-application cards – as an additional module on mobile phone SIMs like the Schlumberger Cyberflex Simera card; as part of a banking card enabling it to be plugged into two-slot mobile phones (or other WAP devices) for payment via a secured link; or as a standalone card for use in a WAP device such as a personal digital assistant.
This latest innovation draws on Schlumberger expertise in successfully developing secure smart card-based solutions across mobile communications, banking and e-commerce. It’s part of a global Schlumberger strategy of investing in next generation technology to power the wireless future.
[ Home | Contact | MobiChat | Experts database | Let's do it ]
Comments to the content of this page can be posted on the MobiChat discussion group