Sony Ericsson T290c, T290i manual Configuration of WAP settings, Certificates, WIM locks PIN codes

Page 22

White Paper T290i/T290c

A Wireless Identity Module (WIM) can contain both trusted and client certificates, private keys and algorithms needed for WTLS handshaking, encryp- tion/decryption and signature generation. The WIM module can be placed on a SIM card which is then referred to as a SWIM card.

Certificates

To use secure connections, the user needs to have certificates stored in the phone. There are two types of certificates:

Trusted certificate

A certificate that guarantees that a WAP site is genuine. If the phone has a stored certificate of a certain type, it means that the user can trust all WAP gateways that use the certificate.

Trusted certificates can be pre-installed in the phone, in the SWIM or they can be downloaded from the trusted supplier’s WAP page.

Client certificate

A personal certificate that verifies the user’s identity. A bank that the user has a contract with may issue this kind of certificate. Client certifi-

cates can be pre-installed in the SWIM card.

WIM locks (PIN codes)

There are two types of WAP security locks (PIN codes) for a SWIM, which protect the subscription from unauthorised use. The PIN codes should typi- cally be provided by the supplier of the SWIM.

Access lock

An access lock protects the data in the WIM. The user is asked to enter the PIN code the first time the SWIM card is accessed when estab- lishing a connection.

Signature lock

A signature lock is used for confirming transac- tions, much like a digital signature.

In the T290i/T290c, the user can check which transactions have been made with the phone when browsing. Each time the user confirms a transac- tion with a signature lock code, a contract is stored in the phone. The contract contains details about the transaction.

Configuration of WAP settings

An easy way to perform WAP configuration in the T290i/T290c is to use the step-by-step WAP con- figurator available on http://www.SonyErics- son.com. The configurator utilizes OTA provisioning.

Manual configuration is done using the menu sys- tem in the phone. This is described in the User’s Guide.

WAP settings can also be customized in the mobile phone based on the operator’s preferences.

Over-the-air provisioning of WAP settings

To simplify the configuration of WAP settings in the T290i/T290c, all settings can be sent to the phone as an SMS message. This makes it easy for an operator, a service provider or a company to dis- tribute settings for Internet/intranet, and WAP, with- out the user having to configure the phone manually. This also makes it easy to upgrade serv- ices, as no manual configuration is required.

The OTA configuration message is distributed via SMS point-to-point.

The setup information is a binary encoded XML message (WBXML). To receive information about OTA specifications, please contact your local Sony Ericsson representative for con- sumer products. A configurator that utilizes OTA provisioning can be tested on www.SonyErics- son.com.

The user is alerted about new settings when the ongoing browsing session ends. Settings are not changed during an ongoing browsing ses- sion.

User interaction is limited to receiving and accepting/rejecting the configuration message, and selecting which WAP profile to allocate the settings to.

Security can be handled using a keyword identi- fier displayed on the screen as a shared secret between the SMS sender and recipient. It is important that the user can verify that the con- figuration message is authentic.

22

October 2004

Page 21 Page 23
Image 22
Page 21 Page 23
Contents T290i/T290c Preface Online Developer Resources Sony Ericsson Developer Support Document history Contents Product overview Key functions and features Full graphic 4K display ImagingNavigation More in-phone functions IMelody and Melody Composer Picture phonebookEvents Explanatory HelpTechnologies in detail MMS Multimedia Messaging Service Multimedia in the T290i/T290cTemplates MMS objectsText Pictures and themesBusiness card vCard BenefitsPIM communication with MMS Smil presentationsArchitecture MMS technical featuresMessage conversion EMS Enhanced Messaging Service EMS more than just wordsNew possibilities with messaging Notification Ring signalsUsing Web, WAP and SMS for download Internet email alertsPush services WAP servicesUsing WAP in the T290i/T290c Support of XhtmlSupport for cookies Using standard toolsProvide settings Sending bookmarksSecurity using WAP Bearer type characteristicsGateway characteristics Gprs accessCertificates Configuration of WAP settingsOver-the-air provisioning of WAP settings WIM locks PIN codesService Loading SL Push servicesService Indication SI Mobile InternetGeneral Packet Radio Services Using Gprs in the T290i/T290c In-phone functions and features AMRCSS DRMEons EotdTBD White Paper T290i/T290c TTY Network-dependent featuresSMS and EMS messaging ALSFixed dialling and Restricted calls EotdService Mode Support T290i T290c SIM AT services supported by the T290i/T290cSIM application toolkit More Time GET InkeyGET Input Play ToneRefresh SET UP CallSET UP Event List Select Item‘Key’ responses User interaction with SIM ATMMI Maximum Response lengths Feature Support in the T290i/T290c for m-commerce Security and M-commerce technical data‘Key’ responses‘ White Paper T290i/T290c Facts and figures Terminology and abbreviations GSM system GatewayImage SIM card Service providerMicro browser PhonebookWAP Application WAP serviceWMLScript Documents Technical specificationsRelated information Links Trademarks and acknowledgementsGeneral technical data Exterior descriptionCurrent consumption, talk and standby times Ambient temperaturesSupported Man-Machine Interface MMI languages Embedded gamesSpeech coding Feature Support in the T290i/T290cDownloadable games Full rate FR Enhanced full rate EFRCell broadcast service Short Messaging ServiceSMS Enhanced Messaging Service Multimedia Messaging Service WbmpDelivery report request Tdma Performance and technical characteristicsEgsm GSM GmskFeature Support in the T290i/T290c WAP browser WAP browser technical dataJPG WAP WAP operator technical dataFeature Support in the T290i/T290c for WAP HtmlOTA SwimSIA WtaiDownload NOM I, II Gprs technical dataPccch NC0GEA1 SIMUssd technical data Email client technical dataImage format technical data Feature Support in the T290i/T290c for m-commerce Dual-slot Commerce technical dataFeature File type Max. size Images downloading to phoneFeature Support in the T290i/T290c for m-commerce Numerics EMSWhite Paper T290i/T290c
Top Page Image Contents