M-commerce Standards: Helping to Define an Industry
By Heidi Kriz, Tue Mar 27 00:00:00 GMT 2001

Mobile Electronic Transaction (MeT) is establishing an interoperable approach for secure mobile electronic transactions that will create a common and global marketplace.

The first few months of toe-dipping our toe into the seemingly murky waters of online shopping and consumerism seemed pretty terrifying to the uninitiated. What Jaws-like menace lurked out there in the deep? When we typed in our credit card number, where did it go and who got a peek at it? How did we know that whatever we bought would arrive safely, and in one piece? What protected us?

Well, in a relatively short period, many people are practically au fait with e-commerce. They send off their orders and credit card numbers into cyberspace ether with nary a blink. And the projected revenues for the next several years for PC-based shopping are stratospheric. Not surprisingly, the wireless industry hopes to bite a big chunk out of the hide of this cash cow.

But the same concerns that bedeviled e-commerce are potential pitfalls for mobile, or m-commerce. Authentication, integrity of data, privacy and confidentiality, and non-repudiation (repudiation is the industry word used to describe the incidence of when a consumer denies having made a purchase, and their responsibility for it).

All of the above concerns can be addressed by existing technologies and encrypting software. But if everybody developed their own proprietary solutions, it would mean each device or service would run the risk of becoming ghettoized. So successful standardization for mobile commerce could mean the difference between boom or bust for the industry.

Not surprisingly nobody wants to be left behind on this score. Which is how the MeT initiatives were born.

The movement behind MeT

The MeT initiative, or mobile electronic transactions initiative was originally the brainchild of mobile giants Nokia, Ericsson and Motorola. It was formed a year ago, with the common purpose of jointly developing an open and common industry framework for secure mobile electronic transactions.

How important is this goal?

According to MeT's members, it's do or die.

"Telephony is really all about standardization," says Jacob Goldman, global head of sales and marketing in bank and finance, for Ericsson.

"The mobile phone is a device that should transcend national boundaries, open up borders," says Goldman.

"Without standardization among mobile devices - interoperability, that won't happen," he says.

Of course, mobile phones without borders mean m-commerce without borders. One day, shopping in London's Harrod's or New York's Bendel's may simply be a matter of punching up the buttons your mobile device - from anywhere in the world. Of course, the potential revenues from a global m-commerce market could be staggering.

But that is not the only area of the industry that will flourish as a result, believes Goldman.

"M-commerce will be one of the great drivers of innovation in 3G and 4G technology," says Goldman.

Jumping on board

Not surprisingly, soon after the MeT initiative was formed, other mega mobile phone manufacturers clambered on board, including Siemens, Matsushita and Sony.

With six of the biggest heavyweights in mobile directing the concerns of the initiative, you might argue that there is a danger of them simply taking control of the market, by dictating standards and technologies that are most beneficial to them, or already a part of their future agenda.

But mobile industry analyst Adam Zawel doesn't consider that issue a particularly serious or relevant one.

"Of course, all companies are looking out for themselves, as a matter of course," says Zawel, who is with the Boston, Massachusetts-based Yankee Group.

"But these guys are all going to keep an eye on each other, making sure no single big company will be able to jump out ahead with a proprietary technology," says Zawel.

Ultimately, successful standardization will have to benefit the consumer as well.

"M-commerce is not going to take off the way it can, if it is not cheap enough to entice the consumer to use it, instead of, or in addition to other transactions of commerce," says Zawel.

"Consequently, the mobile industry will have to find a way to create a cheap infrastructure that will help make m-commerce cheap enough for the consumer to use. That requires industry standardization," Zawel says.

Privacy and other perils

"When e-commerce first came into existence, where people were buying things over Internet from their PC for the first time, there was a lot of anxiety about the security of sending out their credit card number into the ether," says Tom Zalewski, the mobile commerce business development manager for Nokia.

"When it comes to mobile commerce, there is that concern for the consumer and another one - privacy, or the use or misuse of personal data. Those are some of concerns we are addressing with MeT," Zalewski says.

"When you move from the PC-based Internet to mobile, you have moved into a less secure world," says industry analyst Rudy Baca.

"There are plenty of advertisers who would love to target you on the basis of your location at any given moment, your tastes, and so on. People are concerned that there is a potential for misuse or abuse of personal data," says Baca, who is with the Washington D.C-based Precursor Group.

Finally, the consumer wants ease of use.

"Can you imagine if, every time you rented a car, you had to learn a whole new way to operate it?" asks Zalewski. "There must be 'consistent user interface,' in m-commerce technology."

According to Goldman, the four areas that the MeT members are focusing on creating standard technologies for are the following:

1). Data integrity

2.) Authentication

3.) Non-repudiation (avoiding repudiation of responsibility of payment).

4.) Confidentiality

The MeT initiative members say their customers who use m-commerce will have their privacy and security protected with digital signatures and cryptography.

To help them achieve this, the MeT members are leveraging bits and pieces out of pre-existing industry standards, such as WAP, Wireless Transport Security Layer (WTL), Wireless Identification Mode (WIM), Public Key Infrastructure (PKI), and Bluetooth.

This February, the MeT initiative announced that it had developed the first specifications for secure mobile transactions. (The specifications can be downloaded at http://www.mobiletransaction.org/documents.html).

We will see those specifications reflected in the mobile phone products that our MeT members launch during this year, says Zalewski.

In the future, the group will endeavor to develop specs for even more sophisticated security technologies, like biometrics, where authentication is confirmed by a digital or retinal scan of the user.

The aim of the MeT member companies is to have all their technologies and concepts work on all networks with all services, and from all mobile devices.

"We must secure the personal trust of the consumer in order for m-commerce to work," says Zalewski. "And that's what the MeT initiatives are all about."

Heidi Kriz is a freelance writer based in San Francisco whose work has appeared in Wired News, Salon and Wired magazine.