This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The Architecture of M-Commerce Systems consists of Mobile Enduser Devices Phones, PDAs, Tablets, Ipads and Communicators, Data Center hosting m-commerce applications, a Security Authority, a Clearing Authority (e.g., a bank) and merchants.
At the centre of this architecture is the Data Center. It directs and control m-commerce transactions sent from the mobile devices, issues shipping requests to the Suppliers, charges credit cards, among others. The Data Center is made up of a cluster of server computers running the server side of the m-commerce system, maintaining transaction information in a database.
Key Requirements of M-Commerce Systems
In order for M-Commerce systems to be successful they have to be able to run on varied mobile device platforms.
A browser-based architecture such as WAP might be sufficient for some m-commerce solutions, but others will require the deployment of a mobile application such as trading user interface.
This also means that different wireless bearers need to be supported: WAP, SMS, GPRS, and possibly UMTS.
Security Identification, authentication via the Security Authority, access control and end-to-end data encryption must be supported for any m-commerce solution to be acceptable.
A middleware is used to enhance reliability where there is weak or intermittent network coverage.
Another requirement is being able to send notifications to the customer to inform him/her that a transaction has taken place and his/her mode of payment such as credit card has been surcharged.
Java Technology on the Devices and Servers
Where special m-commerce software for complex business transactions is to be used, Java can be deployed. This makes it possible to run various applications on the mobile platform without changing the operating system.
However, deploying Java does not provide the features for developing scalable and secure m-commerce systems that guarantees delivery of transactions, security, timely delivery of notifications, and integration of the data center software with the logistics systems of suppliers. A messaging middleware can be used to mitigate this.
A middleware is a class of invisible software residing between an application and the underlying operating system environment. The messaging middleware ensures the reliable delivery of m-commerce transactions, from a mobile device to the data center.
A Messaging middleware also makes it possible to integrate m-commerce services in the data center with the logistics information system at the suppliers.
Another distinctive feature of messaging middleware is its ability to deliver real-time information.
Security in an m-commerce system may generally be classified into three main parts. Namely, hardware security, software security and access security. The access security involves both physical access and logical access.
Deise identified a change in the concentration of IT security in businesses incorporating security into businesses processes and transactions while protecting the corporate IT infrastructure, culminating into new security policies focused on reliability, availability and trust.
Security Threats Arising from Mobile Commerce
Security threats in mobile commerce range eavesdropping on othersâ€™ messages to stealing userâ€™s data. In a RF operated mobile commerce it is easier to do this with little difficulty.
Another problem is the inherent security risk involved in the transmission of data via a network. This can be highlighted into two: identification integrity and message integrity.
Zhang and Lee identified these two to cause a lot of concern to both parties involved in the transmission.
The sender could have his/her personnel information compromised while the merchant could be liable for repudiation of the transaction and resultant non-payment.
In addition, the mobile technology most often involves payment for services offered. This is evident special charges levied on users access other network carriers. These payments are normally done using the userâ€™s account details which is transmitted via a network for authentication. Security breaches could occur if these networks are not adequately secured.
A security breach can also occur during the transformation of a userâ€™s encrypted data for decryption. A WAP Gap could occur during these stages when translating one protocol to another. A hacker can compromise the security of the session capturing the data of the user at this point. Encryption technology consists of algorithms which a hacker could identify weaknesses since most of data transmission is based on encryption technology, it is obvious that data security is not fully assured.
Furthermore, there is no international regulatory framework to enforce security concerns committed across national boundaries. When a security of an international transaction is breached, no single country can prosecute the perpetrator. This however makes a user less confident in using an m-commerce application and an obvious loss of revenue to the SME concerned.
Trust is also crucial to the success of m-commerce. It generated through relationships between transacting parties, familiarity with procedures, or redress mechanisms.