PKI – The Key To Security

Many leading companies with an interest in the field have formed an alliance called Radicchio. The aim is to produce a standard for cross-platform, end-to-end encryption (the translation of data into a code that requires a secret key or password) for security. Known as PKI (Public Key Infrastructure), it comprises a two-part data encryption/ decryption key. One part is available for distribution to companies supplying services, while the other is kept privately by the user, much like the PIN number for a credit card. Mike Walker, chief scientist for Vodafone, chairman of the 3GPP (Third Generation Partnership Project – the standardisation forum for 3G mobile systems) Working Group SA3 (Security) and a member of the Radicchio board says that PKI is vital to ensure that mobile e-commerce does not suffer from the same degree of distrust as has fixed-access Internet trading. Other solutions do exist for these technologies. WAP has a built-in security feature, but it only encrypts data between the handset and the gateway to the Internet. This means that any data sent beyond this point could be read by anyone with the means to intercept it. Some companies, in partnership with banks and traders, have set up Virtual Private Networks (VPNs), so that customers can carry out secure transactions and pass sensitive data without using the public part of the World Wide Web. However, the service is only available from those companies that have signed up with a VPN. This may be fine for banks and their customers, but in the long run it will not deliver the freedom to trade with whomever one wishes on the public Web.