Combining World Wide Web and Wireless Security

In current electronic commerce systems, customers have an on-line interaction with merchants via a browser on their personal computer. Also payment is done electronically via the Internet, mostly with a credit card. In parallel to this, e-services via wireless-only systems are emerging. This paper identifies security and functionality weaknesses in both of these current approaches. The paper discusses why and how generalpurpose mobile devices could be used as an extension to PC based systems, to provide more security and functionality. General-purpose mobile devices are shown to be an alternative to costly special-purpose hardware. This combined approach has in many cases more interesting properties than when using mobile devices only. As an example of the combined approach, a GSM based electronic payment system is proposed and investigated. The system enables users to order goods through the World Wide Web and pay by using their mobile phone.