O'Reilly logo

Mobile Electronic Commerce by June Wei

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

147
chapter eight
Security in mobile
electronic commerce
James Scott Magruder
8.1 M-commerce
The buying of products or services through a computer network ( including
the Internet) is called e-commerce (Wikipedia, the free encyclopedia 2013, 1).
Initially, this activity was performed on a stand-alone, hardwired PC. Then
wireless systems were developed. This allowed movement of the device
used in e-commerce. This gave way to m-commerce. M-commerce ensures
the ability to conduct electronic commerce using a mobile device no mat-
ter where the customer is geographically (assuming the mobile device can
connect to an appropriate network). The term “mobile commerce” origi-
nally meant “the delivery of electronic commerce capabilities directly into
the consumer’s hand, anywhere, via wireless technology’ (Morris 1997)
(Wikipedia, the free encyclopedia 2013, 2).
“With the proliferation of smartphones over the past couple of years, it
is easy to forget that mobile commerce (m-commerce) began back in 1997
when the rst two mobile phone-enabled Coca-Cola vending machines
were installed in Helsinki, Finland. Those machines accepted payment
via SMS text messages” (Sahota 2011).
“Mobile commerce, as a term, has taken on a dual meaning, describ-
ing both making online payments or purchases from a mobile device
(mobile e-commerce) and using a mobile device to make payments at a
physical store’s point of sale” (Roggio 2013). “Over a billion people use
the PC platform to interact with the Internet and yet security breaches are
Contents
8.1 M-commerce .......................................................................................... 147
8.2 Changing business models ................................................................. 149
8.3 Security ................................................................................................... 151
8.4 Surveillance ........................................................................................... 154
8.5 Conclusion ............................................................................................. 155
References ........................................................................................................ 156
148 Mobile Electronic Commerce
still an issue for the apparently ‘mature’ technology” (Staff Writer 2011).
mobiThinking gave the gure of 5.3 billion subscribers in the mobile
market (the web page is dated 2011) (Staff Writer 2011). The PC platform
numbers may be going down (replaced perhaps by the mobile market), but
the mobile market will continue to grow in numbers. As the mobile mar-
ket continues to grow, those who would try to hack into mobile devices
will also grow in numbers (Staff Writer 2011).
This means that the security for mobile devices used for m-commerce
must improve substantially. Authentication has been a major problem for
some time in networking. Both sides of the connection must be authen-
ticated as to who they say they are. The website must indicate their true
validity (usually via a digital certicate (Symantec)). The customer must
validate their credentials as well. This is often done by the customer log-
ging in to their account on the website. After an account has been set up,
the log-in procedure can be automated via software (app) so the username
and password combination is automatically sent to the website when the
customer uses a (mobile) device to access the website. Obviously, this
convenience may be a problem if the mobile device is lost.
“Mobile devices have become computers in their own right, with a
huge array of applications, signicant processing capacity, and the ability
to handle high bandwidth connections. They are the primary communi-
cations device for many, for both personal and business purposes” (Silva
2012). So the advantages/disadvantages of computers now apply to mobile
devices.
Typically, in e-commerce/m-commerce, a (mobile) device will com-
municate with a website on a network (Internet) and search the website
for a desired product. The catalog is served up via a database of the orga-
nizations products. Once a product(s) is chosen, the customer logs in to
the website (if not previously done) and lls out a form, and the product is
sent to the customer. The product could be some sort of service, software,
or a physical product. The service or software may be electronically sent
to the customer. The physical product would be shipped later. The prod-
ucts that the customer looks at in the catalog can be saved as part of the
customer’s account on that website. This information could be used by the
organization as part of a marketing plan toward the customer, or it could
be sold to another organization. One or more databases contain the web-
site’s catalog and the customer’s information.
Cookies may be used to pass information between the web server
and the browser and also used to send the user a customized page or
to identify the user (Webopedia). The cookie law used in the EU “covers
the use by business of information stored on users’ ‘terminal equipment’
and this covers mobile sites and apps as well as desktop sites” (Charlton
2012). Cookies may be associated with browser use and tracking e-mails.
They may also have to be considered in mobile apps and other tech channels

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required