Sony Ericsson G900C manual Browser security, TLS Security

G900c features an integrated Opera™ 8 browser. This browser has been designed to display practically all Web pages on the Internet. The browser supports the de facto HTML standard ‘street HTML’ (used by most Web developers), JavaScript™ technology, frames, and the ability to add plug-in applications. Users thus can access their favourite Web pages also from the phone.

It is easy to switch between portrait and landscape presentation, as well as change from normal view with scroll bars to full screen view. Pen motions are used to slide the page on the screen.

Users can select ‘fit to screen’ to reformat pages to fit inside the screen width and eliminate the need for horizontal scrolling (Small Screen Rendering is supported).

Some key features:

•Flash Lite 3 support (from maintenance release 1 of the phone software).

•By tapping and holding on a bookmark the page is displayed in a new window.

•By tapping and holding on a link a context-sen- sitive menu of alternative actions is displayed: an http link would give the options Open, Open in new window, Open in background and Send as.

•Includes Secure downloads manager – espe- cially useful for downloading commercial media objects that need to be paid for.

•Pages can be saved for offline viewing.

•All private data can be cleared with one com- mand.

•Built-in pop-up blocking.

G900c supports TLS/SSL to provide a secure encrypted link between the browser and the Web site. This method is commonly used for secure transactions on the Web. An icon in the display indicates when a secure connection is in use.

TLS Security

When using certain Internet services such as banking, the user may require a secure connection between the phone and the Web site. G900c is based on the WAP 2.0 specification where security functionality is specified with a technology called WAP TLS Profile (Wireless Application Protocol Transport Layer Security).

The Internet protocols that handle the connection, its transport and its security are structured in protocol layers. The security is handled by the TLS layer operating above the transport protocol layer. There are three TLS classes that define the levels of security for a TLS connection:

•Anonymous TLS involves encryption with no authentication.

•Server authentication involves encryption with server authentication.

•Client authentication involves encryption with both server and client authentication