Smartcards launched for mobile transactions

The first WAP-compliant smartcard has been launched by Schlumberger.

The WAP Identity Module (WIM) will allow network operators and service and content providers to provide secure mobile e-commerce services such as online banking. It is the first smartcard to implement the WAP identity module user security functions that are expected to be introduced by the WAP forum in December as part of the 1.2 specification.

Another unique feature of the card is its multi-application abilities. Supporting "logical channels", the card allows users to move between transactions keeping all the operations intact. This would allow, for instance, a user to pause a banking transaction to take an incoming call.

The WIM provides two levels of security. First is authentication between the client and the server using encryption keys of up to 1024 bits. The second layer of security is that the module also generates digital signatures required to generate an application. The keys that handle the encryption remain on the user's card rather than residing in the browser.

Stephan Legeneil, Schlumberger product manager for mobile smartcards, believes that the addition of this extra level of security will better enable smartcards to become security enablers of mobile e-commerce. "Using your phone as a smartcard reader will mean that consumers will be able to pay for things with out any hassle, especially with this additional security layer."

Schlumberger said that the WIM could be used as an additional module on SIM cards, as part of a card to slot in to dual slot mobile phones, or as a standalone card for use in a PDA.

See the e-commerce special for more business news.