Sony Ericsson T290i Bearer type characteristics, Gateway characteristics, Security using WAP

The T290i/T290c accesses WAP services over IP. IP can be provided either over GSM Data or GPRS, depending on network services.

Typical differences which distinguish the bearer types are listed below.

GPRS access

•The connection is maintained “constantly”, with data transmitted in packets, and transmission capacity being used by the application in use on an as-needed basis.

•Higher transmission speed than with GSM Data or SMS access.

•Pricing of GPRS can be dependent on the actual use of bandwidth, which means the user is charged for the volume of data transmitted, rather than the duration of the connection.

•When transmitting large amounts of data, band- width can be increased automatically to allow faster transmission speed.

•Ideal for complex pull services, browsing, data transfer, provisioning, pager services, messag- ing services, info services, push initiations.

GSM data access

•Circuit connection of data calls, which means that the phone is connected during the entire WAP session.

•Pricing is comparable to that of data calls in the network.

A WAP Gateway provides Internet/intranet as well as WAP services to the mobile browser. A Gateway is identified by an IP number, depending on access type.

End-to-end gateway navigation

The WAP 2.0 supports E2E (End-to-End) Gateway navigation, making it possible for example for a bank to redirect its clients from the Internet gate- way to its own gateway.

For certain WAP services, such as banking serv- ices, a secure connection between the phone and WAP gateway is necessary. An icon in the display of the T290i/T290c indicates when a secure con- nection is in use.

The T290i/T290c is based on the WAP 1.2.1 speci- fication suite, in which security functionality is specified by a technology called Wireless Transport Layer Security (WTLS). The WAP protocols for han- dling connection, transport and security are struc- tured in layers, with security handled by the WTLS layer, operating above the transport protocol layer. WTLS classes define the levels of security for a WTLS connection:

•WTLS class 1 – encryption with no authentica- tion.

•WTLS class 2 – encryption with server authenti- cation.

•WTLS class 3 – encryption with both server and client authentication.

Server authentication requires a server certificate stored at the server side and a trusted certificate stored at the client side.

Client authentication requires a client certificate stored at the client side and a trusted certificate stored at the server side.