Developer tackles Wap security glitch

A Swedish company claims that it can solve the security problems related to Wap by doing away with the Wap gateway.

Mi4e, developer of mobile internet infrastructure software, has unveiled its ThunderWap software series, which allows businesses to offer instant Wap capabilities to users without employing a portal.

By embedding the Wap protocol suite within existing World Wide Web servers, the makers say that ThunderWap solves several issues created by Wap gateways - including the theoretical security glitch which has banned the product from ecommerce.

James Ewing, chief executive of Mi4e, said: "The current scepticism towards Wap applications is justified, considering the problems with the gateway model. Customers have trouble using their Wap capabilities, and providers can't offer a secure solution because of the gateway's translation method."

ThunderWap transforms any Microsoft Internet Information Server (IIS) into a Wap 1.1 compliant server. Users can gain direct access to Wap content using Microsoft's server platform, ensuring that third-party gateways are no longer required, said Ewing.

However, IIS has experienced several glitches and Microsoft has frequently had to release security updates to patch them. Recently there were seven updates for IIS in the space of two months.

In September a number of sites were hacked. Analysts commented that the attacks probably took advantage of vulnerabilities in IIS.

"All the security is directly down to Mi4e," said Ewing. "We step into the web server so that the second half of the process is internal. It is entirely secure because IIS never talks outside of its box. We have gone into IIS and taken out any external communications with third parties."

Nick Howard, chief operating officer of Joe Network, said that in theory it would be secure if the server was sitting behind a firewall.

"It seems to cut down on the millisecond of risk at the Wap gateway when data is being encrypted and decrypted. All phones come with a default gateway so it is unclear how they would work around that," he said.

"Some big businesses wouldn't be reliant on gateways and it is potentially marketed towards them."

First published in Network News

See also:

Motorola deal ups m-commerce security

A deal between Motorola and digital certificates company Baltimore Technologies will give a much-needed security boost to m-commerce.  08 Nov 2000

Wap gateways will be 'hacker magnets'

The level of security threats will rise as companies link their IT infrastructures into the wireless world, opening themselves up to attacks on Wap gateways from mobile spam and even viruses on mobile phones.  20 Oct 2000

Free open source Wap server available

A UK startup is offering an open source mobile internet server free of charge to stimulate the development of Wap services and applications.  18 Oct 2000

Breathe offers unmetered free Wap access

Internet service provider Breathe is hoping to boost its mobile internet subscriber base by offering free unmetered Wap calls until the end of November.  18 Oct 2000

Why Wap is failing to win over users

Many consumers are shunning the so-called mobile internet technology, because of slow connections, high call charges, and a lack of meaningful and useful Wap sites.  19 Sep 2000

PDAs to usurp mobiles for B2B ecommerce

Successful business-to-business communication strategies may rely increasingly on the use of personal digital assistants and not mobile phones, according to analysts.  14 Sep 2000

Wap criticism well founded, says analyst

Recent criticism of Wap is well founded, according to research company IDC, which says the services are not easy to use and many are not useful.  12 Sep 2000

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!