mCommerce: Ready To Roll (cont.)

PKI Moves Forward Across The Globe

PKI assumes use of public key cryptography and it is widely used for authenticating a message or encrypting and decrypting a message. The combination of private and public keys with certificate and registration authorities ensures that nothing of value (e.g. a credit card number) is transmitted over the air. In addition, digital signatures and digital certificates (digital IDs), which are issued by a certification authority, are employed. Governments in France, Germany, Italy, Malaysia, Singapore, as well as most states in the USA, have accepted digital signatures and the EU (European Union) drafted a directive for a common framework in May 1998.

Whichever way you look, mcommerce is looking good, but how does Joe Public get their public and private key? No problem if you live in Finland, which is where this whole thing started. (It also explains the many references to Sonera, the operator, and Sonera SmartTrust, a spin off). The country's population register (known as VRK) will be supervising a program whereby citizens are issued with smart cards having a digital certificate. VKR will act as the certification authority for the state sector; they will provide government certificate services and also create and maintain the infrastructure.

The SIM cards used in mobile phones are de facto microprocessors and they can be used to facilitate e-commerce. Gemplus, the world's leading supplier of plastic and smart cards, has joined forces with Sonera SmartTrust in order to enter this sector of the market. Gemplus SIM cards feature a digital signature and public key encryption, i.e. this technology is embedded in the card. Sonera also has a service that enables card issuers to manage smart cards containing several different service applications.