RealTime IT News

ESign Promises to Secure Australian Smartphones

Australian certificate authority eSign has detailed bold plans to secure wireless e-commerce transactions using custom-built parts of a public key infrastructure (PKI).

Using software from VeriSign, the company said it would build what it called "wireless trust" applications with digital certificates, digital signatures and a cut-down version of the Secure Sockets Layer protocol. eSign is a wholly owned subsidiary of systems integrator Com Tech Communications, and acts as VeriSign's Australian representative.

Future developments from eSign will include:

  • a "wireless personal trust agent", which would have to be embedded in mobile devices to enable the rest of the security services;
  • short-lived wireless server certificates which eSign claimed would still provide strong authentication and "real-time certificate validation for low-footprint handhelds";
  • gateway-assisted SSL, which would substitute a compromised certificate into the SSL process;
  • gateway-assisted PKI, which would mean that mobile phone users' digital certificates would be stored in directories on the wireless gateways;

    eSign's e-commerce payment systems will also be amended so that they can handle tranactions from roaming devices.

    "Australia has one of the highest penetrations of mobile phones and Internet usage in the world," said Gregg Rowley, MD of eSign. "A personal device such as a mobile phone is an ideal way for consumers to access many Web services, and a convenient device for the storage and use of digital certificates."