Mobile commerce over GSM: A banking perspective on security

Van der Merwe, Pieter Ben

20 July 2004

GSM has changed the face of communication and information exchange, much as the Internet did. With the advances made in the mobile technology arena, new opportunities are created. Mobile Commerce (m-Commerce) is one such opportunity. Each new advance in technology brings with it associated risks. This dissertation focuses on the risks involved with m-Commerce for the banking industry. This dissertation provides a detailed overview of basic services that any m-Commerce application should provide to the banking industry. These principles provide the foundation for securing any financial transaction over untrusted networks. Several mechanisms to provide these services are also discussed. Examples of such mechanisms include hash functions, Message Authentication Codes and Digital Signatures. The security of GSM networks has come under attack in the past. This is largely due to the fact that the GSM consortium opted to develop their security technologies in secret, rather than in the public domain. This dissertation aims to evaluate the security offered by GSM and assess potential attacks in order to further understand risks associated with m-Commerce applications over GSM. In recent years there have been significant additions to the GSM enabling technology family. The arrival of the SIM Application Toolkit and the Wireless Application Protocol promised to again change the face of commerce. Although market acceptance of these technologies proved to be initially slow, usage is set to increase exponentially within the next couple of years. A detailed analysis of these enabling technologies is presented in the dissertation. Possible attacks on these technologies are discussed in the latter part or this document. Based on the findings of the research, some changes to either the application architectures or the processing of the data have been suggested in order to enhance the security offered by these services. It is not the intent of this dissertation to redesign these applications, but to rather leverage off the current technologies in order to enable secure m-Commerce over these channels. This dissertation provides a detailed overview of basic services that any m-Commerce application should provide to the banking industry. These principles provide the foundation for securing any financial transaction over untrusted networks. Several mechanisms to provide these services are also discussed. Examples of such mechanisms include hash functions, Message Authentication Codes and Digital Signatures. The security of GSM networks has come under attack in the past. This is largely due to the fact that the GSM consortium opted to develop their security technologies in secret, rather than in the public domain. This dissertation aims to evaluate the security offered by GSM and assess potential attacks in order to further understand risks associated with m Commerce applications over GSM. In recent years there have been significant additions to the GSM enabling technology family. The arrival of the SIM Application Toolkit and the Wireless Application Protocol promised to again change the face of commerce. Although market acceptance of these technologies proved to be initially slow, usage is set to increase exponentially within the next couple of years. A detailed analysis of these enabling technologies is presented in the dissertation. Possible attacks on these technologies are discussed in the latter part or this document. Based on the findings of the research, some changes to either the application architectures or the processing of the data have been suggested in order to enhance the security offered by these services. It is not the intent of this dissertation to redesign these applications, but to rather leverage off the current technologies in order to enable secure m-Commerce over these channels. / Dissertation (M.Sc (Electronics))--University of Pretoria, 2005. / Electrical, Electronic and Computer Engineering / unrestricted

M-commerce

Mobile commerce security

Wireless application protocol

Wap

Wireless internet gateway

Wig

Stk

Sim application toolkit

Cryptographuy

Mobile commerce

Gsm security

Gsm

UCTD

Selected antecedents towards the acceptance of m-payment services and the relationship with attitude and future intentions

Makokoe, Isaac

01 March 2017

M. Tech. (Marketing, Faculty of Management Sciences), Vaal University of Technology / Keywords: Mobile payments, usefulness, ease of use, security, attitude, future intentions. An increased reliance on mobile phones by consumers for making retail purchases has been witnessed over the years. Given the pervasive use of m-payments and the incessant diffusion of innovations in South Africa, it is important for marketers to have knowledge of the right set of factors that enhance consumers’ intent towards favouring m-payments in future encounters. This study draws from the undertones of Davis’s (1989) Technology acceptance Model (TAM). Whereas the theory alludes to the influences of both usefulness and ease of use on consumer attitudes and behaviour, this study further amplifies the salience of cosumer perceptions of security as a salient drive towards m-payment acceptance. This is because m-payments involve moneybased transactions and therefore it is important for consumers to have assurance that they operate along a secure platform. The TAM was nominated as the underlying theory in this research owing to its effectiveness when applied during the initial phases of an innovation, to avoid costly mistakes of implementing innovation attributes that do not offer the requiredset of elements for persuading consumers. The purpose of this study was to test an integrative research model of the antecedents of mpayment acceptance using a South African sample of consumers. A quantitative study comprising a non-probability snowball sample of 474 consumers aged between 18 and 50 years was conducted in 2016, in and around the five major towns of Southern Gauteng province in South Africa. The structured questionnaire requested respondents to indicate their perceptions regarding the usefulness, ease of use and security of m-payment platforms they have utilised. In addition, the questionnaire relates to consumers’ attitude evaluations of m-payments in general, as well as their intentions to both use and recommending m-payments to others in the future. Initially, descriptive statistics were performed on the data set, including correlation analysis and multicolinearity testing. Subsequently, structural equation modelling was applied by first, assessing the measurement model using fit indices, confirmatory factor analysis and statistical accuracy tests of reliability and validity. Specification of the measurement model led to the conclusion that the future intentions model was a five-factor structure comprising usefulness, ease of use, security, attitude and future intentions. Thereafter, the results of the structural model (Structural model A) supported the existence of a direct influence between usefulness and security with attitude, while the latter was found to have a direct influence on future intentions. Nevertheless, the relationships between ease of use and attitude was not significant and therefore, alternative hypothesis Ha3 could not be supported in this study leading to the need to specify a vi subsequent competing model. Under Structural model B, perceived usefulness is used as both a dependent and an independent variable since it is predicted by perceived ease of use and in turn predicts attitude towards using and behavioural intention to use simultaneously. The results of Structural model B led to the decision to accept the competing model as the ultimate model for this research since the model presents complete evidence of path weights that are greater than 0.20, interpreted as evidence for significant path outcomes. Insights gained from this study could assist both marketing academics and practitioners to understand the perceptions of consumers towards m-payments. In this regard, if a determination is made that conducting m-payment transactions in secure and effort-free environments could enhance the effectiveness of consumers in their jobs and lives in general, then marketers could be in a better position to deliver a worthwhile innovation solution for South African consumers.

Dissertations, Academic -- South Africa

Mobile commerce -- Security measures

Business enterprises -- Data processing

Mobile communication systems

Near-field communication