Sei sulla pagina 1di 108

Mobile Commerce:

Introduction, Framework,
and Models
Learning Objectives

• Introduction to the mobile universe

• What is mobile commerce?

• Benefits of mobile commerce

• Issues faced in mobile commerce

• What is the architectural framework of mobile


commerce?
Learning Objectives

• Elements of the mobile commerce framework


• Mobile network infrastructure
• Information distribution for mobile networks
• Multimedia content publishing technology
• Security and encryption
• Payment services in the mobile environment
• Business services infrastructure
• Public policy and legal infrastructure
• Mobile commerce applications
What is Mobile Commerce?
• The term Mobile Commerce, mCommerce has been used to
describe a variety of transactions conducted through
mobile devices connected through the wireless network.
• Wireless networks like GSM, GPRS, TDMA, CDMA, and
UMTS enable the mobile device user to access a variety
information stored on databases on connectivity providers,
other service providers, and information providers,
including information stored on web servers.
• The term mobile device is used here to refer to devices like:
• Cellular phones
• Hand-held computers such as palmtops, tablets PCs, etc.
• Messaging/pager devices
• Laptop computers
• Personal digital assistants (PDAs)
What is Mobile Commerce?
• Mobile Commerce can be defined as any electronic
commerce activity conducted over the wireless network
through mobile devices.
• According to Tarasewich, Nickerson, and Warkentin (2002),
mobile commerce includes “all activities related to a
(potential) commercial transaction conducted through
communications networks that interface with wireless (or
mobile) devices.”
• Mobile commerce is thus concerned and influenced by
evolution in the following aspects:
• Availability of information, goods, and services
• Mobile devices and applications capable of effective and efficient
interaction and rendering of goods and services
• The movement of information goods over a reliable network or
bandwidth.
What is Mobile Commerce?
• The very nature of mobile devices has made possible a
variety of alert and information services such as:
• Paying for and downloading ring tones, mp3 music, news or
information services
• Receiving parking meter expiry, alerts on handheld devices and
paying for additional parking time
• Enquiring the airlines, train or dynamic bus arrival schedules
• Enquiry, reservation, and purchase of airlines tickets through mobile
wireless devices
• Enquiring about stock market conditions and placing a stock
purchase or sales order through the mobile devices
• Receiving the location-specific information regarding restaurants,
entertainment complexes through mobile device
• Receiving location-specific advertisement and product discount
coupons in the current neighborhood
Benefits of Mobile Commerce
• Vencent Cerf, the Internet pioneer, predicted several
decades ago that the Internet is likely to become so
ubiquitous that it would disappear.
• The dream sequences of yesteryears science fiction, such
as, a refrigerator keeping track of the inventory inside and
sending alerts to a mobile user’s devices for refills, are all
virtual possibilities today.
• Mobile commerce is all about integration of wireless
networks accessed through handheld devices and internet.
• The round the clock (24x7) availability offered by the
Internet is also available to mobile commerce users.
Benefits of Mobile Commerce

• Much of the benefits offered by electronic commerce are offered by the


mobile commerce as well. Since the consumer using the handheld device
comes through a specific wireless network through which the location
can be identified. The location identifiable connectivity offered by mobile
commerce not only enhances the benefits made available by the
electronic commerce but additionally helps in providing more relevant
content.

• The handheld device user, connected to wireless network, can also meet
the information access and transactions need round the clock from any
place, even while on the move. The mobile commerce extends the
Anytime Access paradigm offered by the electronic commerce to that of
Anytime and from Anywhere Access.
Benefits of Mobile Commerce
• Due to knowledge of physical location of the mobile service
users, he/she can receive customized alerts, pointing them
to the stores, friends, and restaurant in the vicinity of the
user. A mobile user trying to locate a ATM teller can contact
the banking service provider which in turn can download the
location of the nearby ATM center.
• The timely information such as flight availability, flight
schedule, can be obtained at the last minute as well.
• The last minute on-the-move access offered by the mobile
commerce extends the electronic markets further as the last
minute availability information often leads to immediate
purchase.
Benefits of Mobile Commerce
• It can deliver time critical, emergency information using
SMS based notification and alert services.
• Improved personalization of the content as mobile user can
receive customized information based on current interest
profiles and location of the user. For example, the
advertisers can deliver the discount coupons that can be
cashed in and around the location of the mobile user on the
wireless handheld device.
• If user request the information regarding certain products,
the advertiser can deliver the wireless coupons of stores that
stock the targeted products. Advertisers can deliver time
sensitive, geographical region specific information along with
the promotional discount coupon any time anywhere.
Benefits of Mobile Commerce
• The electronic commerce payment models require the third
party mechanism such as credit cards. The mobile
commerce on the other can utilize the mobile device itself
for the payment purposes, the payments made on the
device can appear as part of phone bills.
• The users can thus pay for parking meters, taxis, petrol etc.
through the mobile device. The Pepsi and Coke has already
experimented in Japan by letting people charge the cost of
drinks to the phone bills.
Impediments in Mobile Commerce
• Mobile Device
• The handheld devices commonly used today include phones, palm-sized
computers. The very nature and purpose of these devices offers a limited
screen size. Although, the handheld devices provide a great deal of flexibility
and mobility in accessing the information but they have far lesser convenient
user interface when compared to personal computers.
• Additionally the mobile devices also have limited computing power. Memory
and storage capacity, as a result they are unable to run and support complex
applications.
• Incompatible Networks
• The cellular networks evolution in past decade has created multiple
competing protocol standards.
• United States- Time TDMA and CDMA
• Europe, Asia Pacific region- GSM
• India – GSM, CDMA (Reliance) for the wireless networks.
• Heterogeneity of the network protocols requires protocol aware application.
Impediments in Mobile Commerce
• Bandwidth Access
• The wireless networks use the frequency spectrum for exchanging the
information. In order to promote a healthy competition amongst the wireless
operators and judicious use of limited spectrum the regulatory bodies control the
spectrum. In India, the frequency spectrums were initially allocated by the
Department of Telecommunication (DoT) and are regulated.
• Security Concerns
• The mobile commerce operates over wireless network making it more vulnerable
to intruders. Intruder can be anyone with ability to receive the signal on their
wireless intrusion devices.
• Limited computing power, memory and storage capacity, it is difficult to deploy
256-bit and higher key encryption schemes
• The atmospheric interference and fading of the signal in wireless channel causes
frequent data errors and sometimes disconnection. A disconnection in middle of
a financial transaction can leave user unsure and distrustful.
• The frequent handoffs as the user moves from cell to cell also add to vulnerability.
Impediments in Mobile Commerce
• Security Concerns
• The authentication of mobile devices prior to carrying out any
transaction is a major issue. In case of GSM, the Subscriber Identity
Module (SIM) is used for storing the cryptographic keys, unique
identity called International Mobile Subscriber Identity (IMSI). The
authentication server of the wireless GSM network stores the
matching key and the IMSI of the subscriber as well. The calls and
short messages in the GSM are handled by the SIM rather than the
mobile station holding the SIM card. The wireless network thus can
authenticate the SIM card. This mechanism of authentication is one
way where network is capable of authenticated the SIM but a SIM
user can not authenticate the network. The sound commerce
environment requires that both sides should be able to authenticate
each other.
Impediments in Mobile Commerce
• Competing Web Language
• The mobile devices can not handle full-fledged HyperText Markup
Language (HTML) documents. In order to offer web access and offer
similar services two competing but incompatible standards have
emerged. The mobile devices that adopt Wireless Access Protocol use
Wireless Markup Language (WML) for mobile commerce applications,
while the NTT DoCoMO’s iMode devices use a condensed version
HTML (cHTML). In order to enable the voice access and interface for
displaying the web content, the VoiceXML, a new markup language, has
also emerged. The incompatible standards make the task of mobile
commerce application and service providers even more complex.
Mobile Commerce Framework

Mobile Commerce Applications

Information Mobile
Dissemination Business Service Infrastructure, Legal Framework and Protocol/ device
and Network Standards compatible
Distribution publishing
(Middle Languages
ware) e.g., WML,
Protocols Mobile Payment Models cHTML,
WAP, iMode VoiceXML

Security and Encryption Techniques

Wireless Network Infrastructure

Architectural Framework of Mobile Commerce


Mobile Commerce Framework

Evolution of Mobile Networks


Mobile Commerce Framework
• The cellular communication system
consists of three components: the
handheld device, the transceiver
within a cell, and the mobile
telephone switching office (MTSO).
• The service provider places an
antenna at the center of the cell.
• The transmission and reception
pattern of the antenna, also called
antenna pattern or footprint, is such Cells in Advanced Mobile Phone System
that it covers the entire cell.
• These antenna footprints are usually
circular in shape.
• However, on the map they are
depicted as hexagons for
convenience as they offer an
orderly pattern.
Wireless Network Infrastructure Advanced
Mobile Phone System (1G)

• AT& T in 1980’s developed an Advanced Mobile Phone


System (AMPS)
• The AMPS uses two 25 MHz bands, one for transmission
from base station antenna to mobile devices and other fro
receiving the signal from mobile devices.
• For the transmission from base to mobile unit 869-894 Mhz
band and for receiving from the mobile unit 824-849 Mhz
bands are deployed.
• Each operator is allocated 12.5 Mhz for receiving and 12.5
Mhz for transmitting. Thus, only two providers can operate
in a region.
Wireless Network Infrastructure Advanced
Mobile Phone System (1G)
• Each communication channel within the band is allocated 30
Khz, which in essence works out to 416 channels per service
provider.
• In AMPS, 21 channels are allocated for control purposes and
remaining 395 are used for carrying calls.
• Due to limited availability of frequency spectrum, the
frequency reuse plays an utmost important role in the
AMPS. By controlling the power of transmission from the
antenna placed in a cell, it is possible to carry the
communication within the cell at the frequency band, but
the signal diminishes it to undetectable levels in the adjacent
cells. Thus, the same frequencies can be reused in cells that
are not adjacent to the current cell.
Wireless Network Infrastructure Advanced
Mobile Phone System (1G)

• The base station at the minimum offer following


functionality:
• Transmission and reception of signals from mobile
devices.
• Supports full duplex communication
• Inter Communication among the Base Stations
• Interconnection with the controlling MTSO which in turn
may connect to public switched telephone network or
PSTN for transferring the mobile to landline and landline
to mobile calls
Wireless Network Infrastructure Advanced
Mobile Phone System (1G)

• Each base station is connected to the MTSO through one of


the following ways, depending upon the cell traffic capacity,
terrain and distance between the MSC and cell.
• Through a high-capacity copper telephone line, e.g., a T1
carrier line
• Through a fiber-optic cable, or
• Through a point-to-point microwave relay
Wireless Network Infrastructure Advanced
Mobile Phone System (1G)

Base Station Operation


Wireless Network Infrastructure Advanced
Mobile Phone System (1G)
• The Mobile Telephone Switching office (MTSO) is also known as Mobile
Service Center (MSC) in cellular system.
• The MTSO provides a central hub like functionality for routing the cellular
calls. The base transceiver station and PSTN are directly connected to the
MTSO.
• The interconnection between the PSTN and MTSO is through a high-
capacity phone line connection, as this capacity determines the number
of simultaneous cell to landline calls connections.
• In essence, the controlling MTSO for a base transceiver station offers
following functionality:
• Switching function for the calls -- cell-to-cell, cell-to-landline
• Handover of mobile (traveling) device from cell-to-cell with no disruption
• Data collection for accounting and billing purposes
• Coordination of monitoring and backup facilities
Wireless Network Infrastructure Advanced
Mobile Phone System (1G)
• In the AMPS, the handheld device or the mobile unit contains a modem
that can operate and switch between many frequencies. The device also
consists of three identification numbers.
• Electronic Serial Number – The manufacture places a 32-bit identifier
that is not difficult to tamper with and usual attempt to modify it may
result in self-destruction.
• Mobile Identification Number – This is the 10 digit mobile telephone
number of the device, represented and stored in 34 bits on the
system.
• System Identification Number –This is a 15 bit number that identifies
the operator with whom this device is associated. The number also
determines whether the device is native to the operator or in the
roaming mode. In case of roaming mode the authorization from the
associated operator needs to be obtained.
Wireless Network Infrastructure Advanced
Mobile Phone System (1G)

• In 1982, the Conference of European Posts and Telegraphs


(CEPT) nominated a group called Groupe Spécial Mobile
(GSM) to develop a public land mobile system that can
operate across Europe with the objective of:
• Low mobile device and service cost
• Good speech quality
• International roaming capability
• Ability to support handheld mobile devices
• Extensibility for adding new services and facilities
• Efficient use of Spectrum
• Compatibility with the ISDN
Wireless Network Infrastructure
Global System of Mobile Communication (2G)

General Architecture of a GSM Network


Wireless Network Infrastructure
Global System of Mobile Communication (2G)
• The Mobile Station:
• The mobile station (MS) consists of the equipment also often
referred to as the terminal and a removable Subscriber Identity
Module (SIM) in form of a smart card.
• The SIM card has user specific information for accessing the
subscribed services independent of the irrespective of a specific
terminal. The SIM card can be inserted in another GSM mobile
equipment/terminal and the user will be able to receive calls
specific that identity at the new terminal, also initiate calls from the
new terminal, and also access and operate other services that have
been subscribed by the mobile user. In essence the SIM card offers
personal or identity mobility as well.
Wireless Network Infrastructure
Global System of Mobile Communication (2G)
• The Mobile Station:
• In the GSM network the mobile equipment is uniquely identified by
the International Mobile Equipment Identity (IMEI) assigned at time
of manufacturing.
• The SIM card identity is independent of the IMEI. It uses
International Mobile Subscriber Identity (IMSI) for identifying the
subscriber to the system, a secret key for authentication, and other
information.
• The independence of IMEI and the IMSI and the use of IMSI alone to
identify the subscriber on the GSM network provides the personal
mobility with regards to the mobile equipment. The SIM card also
have provision for protection against unauthorized use by use of a
password or personal identity number (PIN).
Wireless Network Infrastructure
Global System of Mobile Communication (2G)
• The Base Station Subsystem
• The Base Station Subsystem is made up of two important
components, the Base Transceiver Station (BTS) and the Base Station
Controller (BSC).
• Base Transceiver Station is a radio transceiver that operates within a
cell defined by the power and footprint of the antenna used. It
deploys and communicates with the Mobile Station through the
radio-link protocols. The large and dense cellular networks may
deploy a large number of BTSs, thus the requirements for a BTS are
ruggedness, reliability, portability, and minimum cost. One or more of
the Base Transceiver Station operating in a cell are controlled by Base
Station Controller. It manages the radio resources for BTS, radio-
channel setup, frequency hopping, and handovers. On the other
hand, the BSC is connected to the Mobile service Switching Center
(MSC).
Wireless Network Infrastructure
Global System of Mobile Communication (2G)
• The Network Subsystem: The Mobile services Switching
Center (MSC) forms the core of Network subsystem.
• Performs the switching of calls between the mobile users,
• Performs switching of calls between mobile and fixed network users.
• It also handles the mobility management. The MSC handles:
• The registration information
• Authentication
• Location
• Call handovers
• Routing in case of roaming user
Wireless Network Infrastructure
Global System of Mobile Communication (2G)
• The Network Subsystem
• In order to handle the mobile user information
management and mobility issues, it uses the four
databases, viz.,
• Home Location Register (HLR)
• Visitor Location Register (VLR)
• Authorization (AuC)
• Equipment Identity Register (EIR)
Wireless Network Infrastructure
Global System of Mobile Communication (2G)
• The Network Subsystem
• HLR maintains registration and required information for all the
subscribers registered in the GSM Network along with the current
location of the mobile. The Home Location Register is stored as a
distributed database,
• VLR is associated with MSC, so records information about all the
mobile devices currently located in the geographical area controlled
by a MSC. The VLR contains an entry for all the mobile devices
currently controlled in area served by MSC. The VLR entry contains a
portion of selected information stored in HLR, related to the call
control and provision of the subscribed services.
Wireless Network Infrastructure
Global System of Mobile Communication (2G)
• The Network Subsystem
• EIR is database of all the valid International Mobile Equipment
Identity (IMEI) on the network. An IMEI is marked as invalid if it has
been reported stolen or is not of the approved type.
• The communication in GSM happens in encrypted format using a
secret key. Authentication Center (AuC) stores a copy of the secret
key stored in each subscriber's SIM card, which is used for
authentication and encryption over the radio channel.
Wireless Network Infrastructure
Global System of Mobile Communication (2G)
• Spectral Allocation
• The GSM uses 25 MHz for the mobile device to base
station transmission (uplink) and additional 25 MHz. for
the base station to mobiles device (downlink)
transmission.
• The International Telecommunication Union (ITU) has
allocated the bands 890-915 MHz for the uplink and 935-
960 MHz for the downlink transmission for mobile
networks in Europe.
Wireless Network Infrastructure
Global System of Mobile Communication (2G)
• Multiple Access
• The GSM networks use a combination of Frequency Division Multiple Access
(FDMA) and Time Division Multiple Access (TDMA).
• The GSM networks divide up the 25Mhz radio spectrum in 124 carrier
frequency channels that are spaced 200Khz each.
• Each base station is allocated at least one or more carrier frequencies.
• Each base station uses TDMA by dividing up the carrier channel in time slots.
The fundamental unit of time in the scheme is called a burst period and it
lasts 15/26 ms (or approx. 0.577 ms). Eight burst periods are grouped into a
TDMA frame (120/26 ms, or approx. 4.615 ms), which forms the basic unit
for the definition of logical channels.
• One physical channel is one burst period per TDMA frame.
• Entire pattern repeats approximately every 3 hours. Channels can be divided
into dedicated channels, (allocated to a mobile stations), and common
channels (used by mobile stations in idle mode).
Wireless Network Infrastructure
Global Packet Radio Service (2.5 G)
• General Packet Radio Service (GPRS) is implemented using the packet
overlay on 2G networks.
• The existing 2G GSM or TDMA networks are enhanced to offer the
packed-based services as well.
• The service provides capability to receive and transmit Internet Protocol
(IP) packets or X.25 packets from packet switched data network or mobile
devices.
• GPRS is designed to support intermittent and bursty data transfers and
transmission of large volumes of data, and point-to-point and point-to-
multipoint services are also supported.
• GSM network requires two new network elements for GPRS:
• Serving GPRS Support Node (SGSN) and
• Gateway GSN (GGSN).
Wireless Network Infrastructure
Global Packet Radio Service (2.5 G)
• Serving GPRS Support Node (SGSN)
• The SGSN is placed at the same hierarchical level as an MSC in the GSM.
The SGSN tracks packet from mobile locations, performs security
functions and access control. The SGSN is connected to the Base Station
System via Frame Relay.
• Gateway GPRS Support Node (GGSN)
• The GGSN interfaces with external packet data networks (PDNs) to
provide the routing destination for data to be delivered to the Mobile
Station and to send mobile originated data to its intended destination.
The GGSN is designed to provide interoperability with external packet
switched networks, and is connected with SGSNs via an IP based GPRS
backbone network.
• A packet control unit is also required which may be placed at the BTS or at
the BSC. A number of new interfaces have been defined between the
existing network elements and the new elements and between the new
network elements.
Wireless Network Infrastructure
Global Packet Radio Service (2.5 G)
• Key features of GPRS are summarized as follows:
• GPRS uses packet switching which offers more efficient utilization
of channel capacity than the circuit switching. Packet switching
means that GPRS radio resources are used only when users are
actually sending or receiving data. Rather than dedicating a radio
channel to a mobile data user for a fixed period of time, the
available radio resource can be concurrently shared between
several users.
• Utilizes the existing 2G infrastructure by adding the GPRS support
nodes.
• It can achieve maximum data transfer rates of up to 171.2 kilobits
per second (kbps) when using all eight timeslots simultaneously.
Wireless Network Infrastructure
Global Packet Radio Service (2.5 G)
• Key features of GPRS are summarized as follows:
• It provides like the internet nodes ‘always on’ capability with
charges accruing for the actual volume of packets transferred.
• GPRS is fully Internet aware and thus offers mobility to internet
services. The Internet services like file transfers, emails, chats and
browsing interoperates with the GPRS.
• Although the theoretical maximum of 172.2. Kbps data transfer
rates are possible but it requires occupation of all the eight slots by
single user. In reality, there are many more users trying to use the
capacity and hence the practically available bandwidth is far lower.
Wireless Network Infrastructure
Enhanced Data GSM Environment (EDGE)
• In order to address the practically achievable bandwidth limitations of
the GPRS, a new wireless standard called Enhanced Data GSM
Environment (EDGE) was introduced. The EDGE technology practically
triples the bandwidth capacity offered by GPRS
• Main features of the EDGE are as follows:
• EDGE is the uses 8 bit phase shift keying technique that increases the data
rate. Thus, three bits can be encoded in each symbol compared to only one
bit in GPRS.
• EDGE enables services like multimedia emailing, Web infotainment and video
conferencing to be easily accessible from wireless terminals. EDGE is
designed to enable GSM and TDMA network operators to offer multimedia
and other IP-based services at speeds of up to 384 kbits per second in wide
area networks.
Wireless Network Infrastructure
Enhanced Data GSM Environment (EDGE)

• Main features of the EDGE are as follows:


• An important attraction of EDGE is the smooth evolution and upgrade of
existing network hardware and software, which can be introduced into an
operator's current GSM or TDMA network in existing frequency bands.
• EDGE requires higher radio signal quality than that found in an average GSM
network before higher data throughput can be reached. This means more
base stations and infrastructure build-out for established GSM operators that
wish to migrate to EDGE.
Wireless Network Infrastructure
3 G Networks

• Third generation (3G) networks are derived from the


Universal Mobile Telecommunications Service (UMTS) for
high speed networks for enabling a variety of data intensive
applications.
• One of the two foremost standards in the 3G networks is:
• CDMA2000
It is a 3rd Generation solution for mobile networking that evolved
from existing wireless standard CDMAone also known as IMT IS-95 . It
supports 3G services as defined by the International
Telecommunications Union (ITU) for IMT-2000.

Huawei CDMA2000 EVDO USB wireless modem


Wireless Network Infrastructure
3 G Networks

• The second foremost standard in the 3G network is:


• W-CDMA
Wideband Code-Division Multiple Access is a standard defined by
International Telecommunication Union (ITU) standard and is derived
from Code-Division Multiple Access (CDMA) standard. The standard is
officially called IMT-2000 direct spread. It is a 3G mobile wireless
technology support high speeds transfers to mobile and portable
wireless devices. In the local area access mode, it supports the data
rates of up to 2 Mbps for transferring the multimedia information. In
the wide are access data rates of 384 Kbps are attained. In the
WCDMA the signal is coded and transmitted in spread-spectrum
mode over a 5 Mhz. carrier band compared to 200 Khz carrier band
used for CDMA.

44
Wireless Network Infrastructure
3 G Networks

• The high data transfer rates offered by 3G networks is


capable of running the multimedia services that combines
voice and data. Following data rates are supported by the 3G
wireless networks:
• 2.05 Mega bits per second to stationary devices.
• 384 Kilo bits per second for slowly moving devices, such as a handset
carried by a walking user.
• 128 Kilo bits per second for fast moving devices, such as handsets in
moving vehicles.

45
Information Distribution Protocols:
Wireless Access Protocol Architecture

Web Server

WAP Gateway
WML
WML Scripts WML Encoder WML with Scripts
WTAI WML Script Interpreter
Protocol Adapter

Content through-
HTML, CGI
Information Distribution Protocols:
WAP Layered Architecture
Application
Layer (WAE)

Session
Layer (WSP)

Transaction Services and


Layer (WTP)
Applications
Security
Layer (WTLS)

Transport
Layer (WDP)
Bearers: GSM CDMA CDPD IS-136 iDEN
Information Distribution Protocols
WAP: Protocol Layers

• Bearer Networks:
• The Wireless Access Protocol operates over a variety of
wireless bearer mechanisms such as GSM’s GPRS and
EDGE, CDMA, CDPD, IS-136 and iDEN. The WAP works of
variety of bearer networks which may support the packet,
or connection oriented services. The user of WAP are
shielded from the details of the bearer network.
Information Distribution Protocols
WAP: Protocol Layers

• Wireless Datagram Protocol (WDP)


• The WDP directly has to deal with the heterogeneous bearer network
environment. The bearer may or may not support the Internet
Protocol (IP) services. In case of bearers with the IP support it uses
the User Datagram Protocol (UDP), In case of IPless bearer such as
the GSM it follows the WAP specification to carry out the function.
• The WDP accomplishes the operational transparency over the bearer
n/ws through the adaptation sub layer. The adaptation layers maps
WDP functions to services offered by different bearers. In the cases
when where the bearer is IP capable the WDP functions in exact
same manner as the standard User Datagram Protocol (UDP) of
Internet.
Information Distribution Protocols
WAP: Protocol Layers

• Wireless Datagram Protocol (WDP)


• The WDP supports a connection-less, unreliable datagram service.
The issue of handling concurrent access of the underlying bearer
services are also handled and supported by the layer. It supports
concurrent access from a higher layer over a single underlying bearer
service as well. To the higher layers it offers the services at the same
level as the transport layer of the Internet Protocol stack.
• Hence, the higher layers use port numbers to address the connection
entities. The error reporting in the WDP can be offered by activating
the Wireless Control Message Protocol (WCMP) functionality.
Information Distribution Protocols
WAP: Protocol Layers
• Wireless Transaction Layer Security (WTLS)
• It is an optional layer that offers security services over the WDP layer. The
layer implemented over the WDP offers a secure transport service
interface to higher layers in order to preserve the transport service
interface of WDP. The layer WTLS provides end-to-end security features,
which include:
• Confidentiality using data encryption algorithms
• Data integrity using Message Authentication Codes
• Authentication through digital certificates
• Non-repudiation also though digital certificates and message authentication
codes
• The WTLS is derived from the Internet standard TLS protocol. It offers the
standard connection security and also optimizations through on-the-fly
payload compression to to increase the effectiveness of datagram service
running on a low-bandwidth network.
Information Distribution Protocols
WAP: Protocol Layers

• Wireless Transaction Layer (WTP)


• In the context a transaction is defines as request/response. The
responsibility of the layer is to offer an efficient transaction service
over the secure as well as insecure datagram service. It is a
lightweight transaction service that supports a request/response
service. The transaction services offered by the WTP can be put in
the following three classes of service, namely:
• Class 0: unreliable push service
• Class 1: reliable push service
• Class 2: reliable transaction service
Information Distribution Protocols
WAP: Protocol Layers

• Wireless Transaction Layer (WTP)


• The unreliable push service doesn’t resend the request for lost
packets.
• The reliable push service waits for the ack from the receiver and in
case of lost requests /timeout and retransmits the request. The layer
accomplishes reliability by selective retransmissions and duplicate
removal.
• Like TCP in Internet Protocol , WTP (Reliable transaction service) is
also responsible for taking care of segmentation/reassembly of larger
packets, port number addressing, asynchronous transactions,
optional out-of-band information, delayed acks and message
concatenation to improve over-the-air efficiency. WTP is message
oriented protocol.
Information Distribution Protocols
WAP: Protocol Layers
• Wireless Session Protocol (WSP)
• WSP layer is a stripped down version of the Internet standard, Hyper Text
Transfer Protocol (HTTP/1.1). One of the important feature of the protocol
is to support the suspension and resumption of a session. In the unstable
connection situation that is prevalent in the mobile environment, the user
who may have gotten disconnected can continue the operation from
exactly the same point where the device had gotten disconnected. The
content encoding for efficiently transferring the contents in a low
bandwidth environment is also addressed by the layer. The following
functionalities are offered and address by the layer:
• Protocol feature negotiation (capability negotiation)
• Compact encoding of data
• Session suspend/resume
• Long lived session states
• Asynchronous requests
• Common facility for confirmed and non-confirmed data push
Information Distribution Protocols
WAP: Protocol Layers
• Wireless Application Environment (WAE)
• WAE layer offers the services of session layer for building the applications.
The layer offers transparency over underlying network issues and
environments and provides opportunity to developers for device
independent application development. The wireless applications
developed using the services of WAE layer can be used from a wide variety
of WAP enabled mobile devices. The application framework allows for
extending the services offered by the standard Web Servers by delivering
the hosted content and services to mobile user community. The layer
provides the application and service developers an Internet/WWW
consistent authoring and publishing model. The layer uses the standard
URLs mechanism for addressing the content. The important components of
the WAE are as follows:
• Wireless Markup Language (WML)
• WMLScript
• WAP Content Types
• Wireless Telephony Application (WTA) environment
Information Distribution Protocols
WAP: Protocol Layers
• The WAP stack can be configured in four different ways to provide four
different types of services. Following are the four types of services offered
by WAP:
• Connectionless service: The WAP protocol stack used for this service
consists of only WSP layer operating directly over WDP layer.
• Connectionless service with security: This configuration is similar to the
one above but provides security by having WTLS layer between WSP
and WDP layers.
• Connection oriented service: The configuration of protocol stack used
for this service consists of WSP, WTP and WDP layers. WTP and WDP
layers together provide a connection oriented transport service in this
configuration.
• Connection oriented service with security: This configuration consists of all
the layers of WAP stack. Some of the bearers which are currently supported
by WAP are GSM SMS, GSM USSD, CSD, IPv4, IPv6 and CDMA.
Mobile Device Compatible Publishing Languages:
WML
• The WML is based on XML and follows the same concept. A WAP enabled
device implies that it has a Micro-browser software that understands and
can interprets tags defined in the above DTD. Although, complete and
official specification of the WML can be found at
http://www.wapforum.org, a brief glimpse of the WML documents is
described here.
• Like any XML document, the WML documents also have a prologue to
begin the document, the two line prologue used by WML defines the
version of XML and the DTD to be used for this document as shown
below:

<xml version='1.0'><!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD


WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
Mobile Device Compatible Publishing Languages:
WML
Example 1: WML Code
<xml version='1.0'><!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN"
"http://www.wapforum.org/DTD/wml_1.1.xml">
<WML>
<CARD id="card1">
<DO TYPE="ACCEPT" LABEL="Next">
<GO href="#card2"/>
</DO>
<p> Welcome to the WAP World</p>
</CARD>
<CARD id="card2">
<DO TYPE ="ACCEPT" LABEL="Back">
<GO href="#card1"/>
</DO>
<p>This is just a simple example of cards in a deck</p>
</CARD>
</WML>
Mobile Device Compatible Publishing Languages:
WML

Welcome to the WAP This is a simple example


World of cards in a deck.

_____________ _____________
Next Back

View of Handheld View of Handheld


Screen for Example 1 Screen
Mobile Device Compatible Publishing Languages
iHTML
• The i-mode uses iHTML which is derived from the standard
proposed for the small appliances by the name of Compact
HTML (cHTML). The cHTML was created as a language for
running on small devices that may not have full grown
screen, keyboard and freely moving cursor environment. In
these typical devices the cursor movement is governed by
few (arrow) buttons.
• The document type definition (DTD) for Compact HTML is
also described in Appendix B. This gives the intended
interpretation of Compact HTML elements. The document
type is defined as follows:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD Compact HTML 1.0


Draft//EN">
Mobile Device Compatible Publishing Languages
iHTML

Example 2: Sample cHTML Code or Microbrowsers

<!DOCTYPE HTML PUBLIC "-//W3C//DTD Compact HTML 1.0


Draft//EN">
<html>
<head>
<title>Greetings</title>
</head>
<body>
Welcome to the World of iMode!
</body>
</html>
Mobile Device Compatible Publishing Languages
iHTML

On a micro browser when the above code is accessed and


rendered the tags are interpreted and the output is shown in
the Figure below:

Greetings

Welcome to the World of iMode!

Microbrowser View of the


Code in Example 2
Mobile Device Compatible Publishing Languages
iHTML
Example 3: Sample iHTML Code with accesskey

<!DOCTYPE HTML PUBLIC "-//W3C//DTD Compact HTML 1.0 Draft//EN">


<html>
<head>
<title>Management Schools</title>
</head>
<body>
Welcome to the World of Management Schools
<a href="http://www.iiml.ac.in" accesskey="1">1. IIM Lucknow</a>
<a href="http://www.iimahd.ac.in"accesskey="2">2. IIM Ahmadabad</a>
<a href="http://www.iimcal.ac.in" accesskey="3">1. IIM Kolkata</a>
</body>
</html>
Mobile Device Compatible Publishing Languages
iHTML
On a micro browser when the code is accessed and rendered
the tags are interpreted and the output is shown in the
Figure below:

Management School
Welcome to the World of
Management Schools:

1 IIM Lucknow
2 IIM Ahamadabad
3 IIM Kolkata

Microbrowser View of the Code in


Example 3
Mobile Device Compatible Publishing Languages
iHTML

Example 4: iHTML illustrating the use of tel

<!DOCTYPE HTML PUBLIC "-//W3C//DTD Compact HTML 1.0 Draft//EN">


<html>
<head>
<title>ABC Incorporated</title>
</head>
<body>
Press the listed number for contacting the appropriated office
<a href="tel:052227361234 accesskey="1">1. Sales Office</a>
<a href="tel:0512229999"accesskey="2">2. Customer Service</a>
</body>
</html>
Mobile Device Compatible Publishing Languages
iHTML
On a micro browser when the above code is accessed and
rendered the tags are interpreted and the output is shown in
the figure below:

ABC Incorporated

Press the listed number for


contacting the office

1 Sales Office
2 Customer Service

Microbrowser View of the Code in Example 4


M-commerce and M-commerce Applications

• M-commerce
• In 2014 is 19 percent of all e-commerce
• Fastest growing form of e-commerce
• Some areas growing at 50 percent or more
• Main areas of growth (exclusive of location-based services)
• Retail sales at top Mobile 400 (Amazon, eBay, etc.)
• Sales of digital content (music, TV, etc.)
Consolidated Mobile Commerce Revenues

Figure 10-9 Mobile e-commerce is the fastest growing type of B2C e-commerce and represents about 19 percent of all
e-commerce in 2014.
M-commerce and M-commerce Applications

• Location-based services
• Used by 74 percent of smartphone owners
• Based on GPS map services
• Types
• Geosocial services
• Where friends are
• Geoadvertising
• What shops are nearby
• Geoinformation services
• Price of house you are passing
Interactive Session: Management

Will Mobile Technology Put Orbitz in the Lead?


Read the Interactive Session and discuss the following questions

• How important is mobile technology in Orbitz’s business


strategy? Why?
• What management, organization, and technology issues did
Orbitz need to address in its mobile strategy?
• Why are mobile phone users much more likely to book same-
day hotel room or airline reservations?
• What role does Orbitz for Business play in the company’s
business strategy?
• How successful is Orbitz’s mobile strategy? Explain your answer.
M-commerce and M-commerce Applications

• Other mobile commerce services


• Banks, credit card companies provide account management apps
• Mobile display advertising
• iAd, AdMob, Millenial Media, Facebook
• Ads embedded in games, videos, and mobile apps
• 55 percent of online retailers have m-commerce Web sites
Building an E-commerce Presence

• Most important management challenges


• Developing clear understanding of business objectives
• Knowing how to choose the right technology to achieve those objectives
• Develop an e-commerce presence map
• Four areas: Web sites, e-mail, social media, offline media
• Develop a timeline: milestones
• Breaking a project into discrete phases
Building an E-commerce Presence

E-commerce Presence Map

An e-commerce presence requires firms to


consider the four different types of
presence, with specific platforms and
activities associated with each.

Figure 10-10
Building an E-commerce Presence

E-commerce Presence Timeline


Phase Activity Milestone
Phase 1: Planning Envision Web presence; determine personnel Web mission statement

Phase 2: Web site Acquire content; develop a site design; arrange Web site plan
development for hosting the site
Phase 3: Web Develop keywords and metatags; focus on A functional Web site
Implementation search engine optimization; identify potential
sponsors
Phase 4: Social media Identify appropriate social platforms and content A social media plan
plan for your products and services
Phase 5: Social media Develop Facebook, Twitter, and Pinterest Functioning social media
implementation presence presence
Phase 6: Mobile plan Develop a mobile plan; consider A mobile media plan
options for porting your Web site
to smartphones

Table 10-8
Mobile Commerce
• Mobile commerce leverages security and ease of payments
on the pervasive mobiles, supporting innovative payment
solutions through mobiles
• Benefits include the ability to make payments without the
use of a computer or access to Internet and without a credit
card.
• Mobile transactions are similar to credit card transactions,
in that the merchant must have an account with the service

75
Doing Business on the Internet
The Internet presents a unique channel for business
characterised by:
• Almost instant communication through email, chat and
sharing of audio, video and text
• Ease of broadcasting instantly
• Lower costs of communication
• Ability to search huge amounts of information
• E-commerce refers to businesses created to use the Internet
technologies as a basis for transactions.
76
Doing Business on the Internet
• Portal – A web page that acts as an entry point to the web;
listing pages according to themes; they provide search
facilities; they re usually 'pure-play' in that they do not
involve any e-commerce, but this is changing fast
• Search Engine – A website that allows users to search for
pages on the Internet; early search engines crawled the
web, using the word-count method. Google used a Page
ranking algorithm to make searches more relevant and
introduced a differential pricing model for revenue
generation, leveraging IT

77
Direct Selling
• When goods are sold through a website, sellers directly
connect to buyers without intermediaries. Direct selling is
characterised by convenience, larger choice and the ability
to search easily which makes it popular for almost all kinds
of goods and services.
• E-commerce in developing countries like India are also
gaining ground

78
Direct Selling: Types of E-Commerce

B2C – Direct selling to consumers; B2B – Commerce between businesses


B2G – Direct transactions between businesses and government
departments
G2G – transactions between government departments
G2C – transactions between government departments and citizens (e-
governance)
C2C – transactions between customers and citizens

79
Auctions and Aggregators
• Auctions – websites that allow sellers and buyers to meet
over the Internet; pricing may be through bidding or direct
pricing; usually C2C; use rating of users; subject to strong
network effects.
• Aggregators (B2B) – websites that allow institutional buyers
and sellers to transact over the Internet, managing the
entire bidding and sale process. Most aggregators deal with
industrial products.

80
Differences between B2B and B2C e-
commerce
• B2C transactions are ad-hoc in nature, with one seller,
selling to customers in a single transaction; B2B involves
many buyers and sellers who establish long-term purchasing
contracts
• B2C transactions are of low value vis-à-vis B2B transactions
• The delivery schedule and timing of goods are critical and
require high degree of commitment in B2B, since they tie
into organisational supply-chains
• B2B do not have fixed prices and may involve auctions

81
E-Business
• E-business enhances the internal functioning of businesses
by using the facilities of the Internet, to share data and
information with partners, outside the firm. The
infrastructure is HTML-based.
• Lowers transaction costs; faster and more accurate
communications;
• Secure communication;
• Supports distributed organisations with partners from
different countries

82
E-Governance
• E-business enhances the internal functioning of businesses by
using the facilities of the Internet, to share data and information
with partners, outside the firm. The
Refers to he use of e-business and e-commerce technologies by
governments and their departments to conduct their business

• Services – G2B, G2C and G2G

• Advantages -
• Reduced transaction costs
• Convenience – saves time, effort, money
• Higher accuracy
83
E-distributors

Slide 12-84
Types of Payment Systems

• Cash
• Most common form of payment
• Instantly convertible into other forms of value
• No float
• Checking transfer
• Second most common payment form in United States
• Credit card
• Credit card associations
• Issuing banks
• Processing centers
Types of Payment Systems (cont.)

• Stored value
• Funds deposited into account, from which funds are paid out or withdrawn as
needed
• Debit cards, gift certificates
• Peer-to-peer payment systems
• Accumulating balance
• Accounts that accumulate expenditures and to which consumers make period
payments
• Utility, phone, American Express accounts
Payment System Stakeholders

• Consumers
• Low-risk, low-cost, refutable, convenience, reliability
• Merchants
• Low-risk, low-cost, irrefutable, secure, reliable
• Financial intermediaries
• Secure, low-risk, maximizing profit
• Government regulators
• Security, trust, protecting participants and enforcing reporting
E-commerce Payment Systems

• Credit cards
• 42% of online payments in 2013
• Debit cards
• 29% online payments in 2013
• Limitations of online credit card payment
• Security, merchant risk
• Cost
• Social equity
Alternative Online Payment Systems

• Online stored value systems:


• Based on value stored in a consumer’s bank, checking, or credit card account
• Example: PayPal
• Other alternatives:
• Amazon Payments
• Google Checkout
• Bill Me Later
• WUPay, Dwolla, Stripe
Mobile Payment Systems

• Use of mobile phones as payment devices established in


Europe, Japan, South Korea
• Near field communication (NFC)
• Short-range (2”) wireless for sharing data between devices
• Expanding in United States
• Google Wallet
• Mobile app designed to work with NFC chips
• PayPal
• Square
Digital Cash and Virtual Currencies

• Digital cash
• Based on algorithm that generates unique tokens that can be used in “real”
world
• Example: Bitcoin
• Virtual currencies
• Circulate within internal virtual world
• Example: Linden Dollars in Second Life, Facebook Credits
Insight on Society: Class Discussion

Bitcoin
• What are some of the benefits of using a digital currency?
• What are the risks involved to the user?
• What are the political and economic repercussions of a digital
currency?
• Have you or anyone you know ever used Bitcoin?
Electronic Billing Presentment and
Payment (EBPP)

• Online payment systems for monthly bills


• 50% of all bill payments
• Two competing EBPP business models:
• Biller-direct (dominant model)
• Consolidator
• Both models are supported by EBPP
infrastructure providers
How an Online Credit Transaction Works
A Typical E-commerce Transaction
Vulnerable Points in an E-commerce Transaction
How an Online Credit Transaction Works
Most Common Security Threats in the
E-commerce Environment
• Malicious code (malware, exploits)
• Drive-by downloads
• Viruses
• Worms
• Ransomware
• Trojan horses
• Backdoors
• Bots, botnets
• Threats at both client and server levels
Information Security in
E-Business

E- Business Environment:

 Use of Internet/Intranet/Extranet
 Web based application development

Security controls:

 Firewall/Proxy servers: Prevention of unauthorized access


 Use of Cryptology: Prevent exposure to unauthorized recipient
 Authentication: Use of Public/ Private keys for authenticity
 Message Integrity: Ensuring that message is not corrupted
 Digital signature: Confirmation of sender’s authenticity
Encryption/Decryption

Process
Cipher Text
Message

Order OrderV Rs Order


Order
value is Encrypt Redro
value is
Decrypt valueIsis
Value
0.02 noillim.
Rs.20 By code Rs.20 By code Rs.20
Rs 20
million. million. million.
Milion

Sender Receiver
Encrypt code: One example
Code rewrite in reverse order
Digital Signature
 Purpose: To ensure trust in electronic transaction, digital signature is
used so that parties involved cannot deny its authenticity.

 Why Digital signature: Because it cannot be faked. It uses


cryptography. They are legally accepted in a court.

 Use of Public KEY & Private key.

Example: Bank locker has two keys


One is of the banker (Public Key)
Other is of locker owner (Private Key)

Public keys are known to both parties while Private are secret
to the holder
Firewall

Internet

Firewall

Organization
Network
Firewall for Network Security
Internet/Intranet/Extranet

Firewall:

1. It is essentially a filter dedicated to secure network from


unauthorized entry or exit.

2. It is a set of software utilities which hold information


security policy of the organization.

3. When entry to network is sought, it checks through the


utilities the validity and authority of sender & receiver and
the rights, and bars the access to network, if so required.

4. Firewall sits on the router of the network.


Threats to Network
1. Malicious code

 Viruses : Attached to the program.


 Logic bombs: Installed in the system to execute when certain
parameters are met.
 Trojan horses: Installed through freeware.

2. Nature of attacks

 Password attacks
 Insider attacks
 Sniffers: Network management tools
 Denial of service
 IP spoofing: Attacks on IP Address
 Hacking: Theft of information
Disaster Recovery Planning

Types of disasters:

 Natural: Floods, Tornadoes, Hurricanes, Earthquakes

 Man made: Fire, leaks, Telephone/ cable interruptions, Explosions,


Building collapse, Crashes, Civil disturbances
DRP System
Model
Impacts,
Disaster Classification,
Analysis Consequences,
Probability

Time,
Resources,
Determining
Roles, Response DRP
Responsibilities Specifications system
Escalation steps

Personnel
Contact Response
Information Procedures
Display
Hierarchy of Secure Practices
Adaptation
• Continuous Evolution/Improvement Level 5
• Threats anticipated & countered

Control
Managed, Measured, Level 4
Tracked, Improved.

Understanding
• Security planned
• SMS in place
Level 3

Awareness
• Awareness Training Level 2
• Informal procedures

Recognition
• Expresses the need
• Has a concern Level 1
for security.