ESign Promises to Secure Australian Smartphones

Australian certificate authority eSign has detailed bold plans to
secure wireless e-commerce transactions using custom-built parts of a
public key infrastructure (PKI).

Using software from VeriSign, the
company said it would build what it called “wireless trust” applications
with digital certificates, digital signatures and a cut-down version of
the Secure Sockets Layer protocol. eSign is a wholly owned subsidiary of
systems integrator Com Tech
Communications
, and acts as VeriSign’s Australian representative.

Future developments from eSign will include:

  • a “wireless personal trust agent”, which would have to be embedded
    in mobile devices to enable the rest of the security services;

  • short-lived wireless server certificates which eSign claimed would
    still provide strong authentication and “real-time certificate
    validation for low-footprint handhelds”;

  • gateway-assisted SSL, which would substitute a compromised
    certificate into the SSL process;

  • gateway-assisted PKI, which would mean that mobile phone users’
    digital certificates would be stored in directories on the wireless gateways;

    eSign’s e-commerce payment systems will also be amended so that they can
    handle tranactions from roaming devices.

    “Australia has one of the highest penetrations of mobile phones and
    Internet usage in the world,” said Gregg Rowley, MD of eSign. “A
    personal device such as a mobile phone is an ideal way for consumers to
    access many Web services, and a convenient device for the storage and
    use of digital certificates.”

  • News Around the Web