22.11 Critical Success Factors for M-Commerce

22.11 Critical Success Factors for M-Commerce

22.11.1 Speed

Today, most digital cellular users are limited to circuit-switched data at about 9.6 kbps, sufficient for text-based messaging and limited file transfer. This is where desktop Internet users were in 1994, when there were just 4 million host computers on-net compared with more than 60 million Internet hosts worldwide in October 1999. The next move in the circuit-switched world is high-speed circuit-switched data (HSCSD), running at 57.6 kbps. This is sufficient for fully functional Web browsing. However, as underlined by analysts such as Gartner Group's Dataquest, HSCSD is an early adopter scenario that gives operators a competitive edge with corporations. Essentially, it is profiled for bulky data transfers.

Conversely, General Packet Radio Service (GPRS) is quick and agile. As a packet-switched bearer, it promises "always-on" service at up to 115 kbps (for practical purposes). At the same time, it sits comfortably on the migration path to Enhanced Data for GSM Evolution (EDGE), running at up to 384 kbps. So, although speed may be a concern for WAP surfers now, technology will enhance that in the very near future. ^[14]

22.11.2 Billing

The WAP gateway has been profiled to gather extensive billing detail for each transaction, e.g., the download of content (both volume and time), universal resource locators (URLs) visited, and other typical events during a WAP session. This information is stored in a generic, flexible format in a billing log. This, in turn, interfaces to a mediation platform, which translates it into valid call detail records (CDRs) and passes them to the billing agency or credit card company's billing system. The billing could be

1. Transaction-based, where the services are paid according to service usage, with different prices possible for different services

2. Subscription based, with a monthly fee

3. Flat rate, with one price for all

4. Free, where the content provider may pay the operator for the airtime

5. A combination of the four billing options

The billing log receives "billable events" from the event manager. The gateway's billing data interface requires only minor tuning to adjust its data formatting for different billing systems. In short, the WAP gateway's flexibility enables operators to introduce and bill for new services easily without having to make changes to their existing billing systems. However, service roaming is difficult if transaction-based billing is used. The Holy Grail is turning the handheld device into a payment device or the equivalent of an electronic wallet. As we move toward the third-generation (3G) mobile standard, also known as Universal Mobile Telecommunications System (UMTS), an International Telecommunication Union (ITU) standard for voice, video, and Internet services licensed in Europe in 2000 and deployed in 2002, airtime is packet-based with an emphasis on content. The billing possibilities are

1. Monthly fee (similar to the Internet model)

2. Amount of data, or time based

3. Commercials

4. Service transactions

5. A combination of these options

Billing is a very market-sensitive problem and one solution is not possible. Without a doubt, the biggest change will be more choices, and in the end, markets will decide between free versus price for M-commerce.

22.11.3 Security

Security is optional in the WAP standard, but is clearly mandatory for E-commerce providers and users. It may be implemented initially at the Wireless Transport Layer Security (WTLS) level of the WAP stack. This is the wireless version of industry-standard Transport Layer Security (TLS), equivalent to the widely deployed Secure Sockets Layer (SSL) 3.1. As a recent Baltimore Technologies white paper notes, it provides a secure network connection session between a client and a server, and it most-commonly appears between a Web browser (in WAP's case, the handset micro-browser) and a Web server, which can be an existing Internet server that is also WAP-enabled.

Full participation in E-commerce requires that the additional security elements of verified authentication, authorization, and nonrepudiation aree addressed. In real terms, this implies integration with public key infrastructure (PKI) systems that are already deployed and with new systems in the future. In the wireless arena, these systems will be defined in WAP. ^[15] Citing the growth in usage of wireless devices, Richard Yanowitch, VeriSign's Vice President of Worldwide Marketing, said that his company plans to provide "a complete trust infrastructure to the wireless world." Key to the plan is an arrangement whereby Motorola will include VeriSign technology in the browsers that run on Motorola mobile telephones. Other companies endorsing VeriSign's plan include RSA Security, BellSouth, Sonera SmartTrust, and Research In Motion. These companies will leverage the technologies in their own products and services. For instance, technologies and services available from VeriSign include:

• Microclient Wireless Personal Trust Agent code for embedding in handheld devices to enable seamless use of private keys, digital certificates, and digital signatures available to device manufacturers now.

• Short-lived wireless server certificates, "mini-digital certificates," according to officials, that are optimized for authentication of wireless devices and services.

• A gateway-assisted Secure Sockets Layer (SSL) trust model to enable network service providers to substitute wireless certificates for SSL certificates.

• A gateway-assisted public key infrastructure roaming model to enable small-footprint devices to digitally sign transactions.

• Subscriber trust services for secure messaging and transactions using wireless handheld devices.

• Server/gateway trust services designed to allow electronic businesses operating wireless servers and gateways to deliver secure applications.

• Developer trust services for digitally protecting downloadable content.

• Enterprise trust services for wireless, B2B, and B2C applications such as banking, brokerage, healthcare, and messaging.

• Service provider platforms for network operators and applications service providers to offer VeriSign wireless trust services.

Transaction services offered include Wireless Validation Services for real-time certificate validation, and Wireless Payment Services, which enable wireless payment applications. ^[16]

^[14]Murphy, D., The mobile economy becomes a reality, Telecommunications, 33 (11), 31–34, 1999.

^[15]Murphy, D., The mobile economy becomes a reality, Telecommunications, 33 (11), 31–34, 1999.

^[16]Krill, P., Verisign aims to secure wireless transactions, available at http://www.cnn.com/2000/TECH/computing/01/19/verisign.secure.idg/index.html, January 19, 2000.