Sony Ericsson T68ie Configuration of WAP settings, Push services

T68i

White Paper, April 2002

storedat the client side and a trusted certificate

storedat the server side.

A WirelessIdentity Module (WIM) can contain

both trustedand client certificates, private keys

and algorithmsneeded for WTLS handshaking,

encryption/decryptionand signature generation.

The WIM modulecan be placed on a SIM card

and is then referredto as a SWIM card.

Certificates

Touse secure connections,the user needs to

have certificatesstored in the phone. There are

two types of certificates:

• Trustedcertificate

A certificatethat guarantees that a WAP

siteis genuine. If the phone has a stored

certificateof a certain type, it means that

the user can trust all WAP gatewaysthat

usethe certificate. Trusted certificates can

be pre-installedin the phone, in the SWIM

or they can be downloadedfrom the

trusted supplier’s WAP page.

• Client certificate

A personal certificatethat verifies the

user’s identity. A bank that the user has a

contract with may issue this kind of certifi-

cate. Clientcertificates can be pre-

installedin the SWIM card.

WIM locks (PIN codes)

Thereare two types of WAP security locks (PIN

codes) fora SWIM, which protectthe

subscriptionfrom unauthorized use. The PIN

codes should typically be provided by the

supplierof the SWIM.

• Access lock

An access lockprotects the data in the

WIM. The useris asked to enter the PIN

code the first time the SWIM card is

accessed whenestablishing a connection.

• Signaturelock

A signaturelock is used for confirming

transactions, much like a digital signature.

In the T68i, the user can check which

transactions have been made with the phone

when browsing.Each time the user confirms a

transactionwith a signature lock code, a

contract is storedin the phone. The contract

containsdetails about the transaction.

Configuration of WAPsettings

An easy way to perform WAP configuration in the

T68iis to use the step-by-step WAP configurator

available on http://

www.SonyEricssonMobile.com. The configu rator

utilizes OTAp rovisioning.

Manualconfiguration is done using the menu

system inthe phone. This is described in the

User’s Guide.

Over-the-airprovisioning of WAP

settings

Tosimplify the configuration of WAP settings in

theT68i, all settings can be sent to the phone as

an SMS message.This makes it easy for an

operator,a service provider or a company to

distribute settings for Internet/intranet, and WAP,

without the user having to configure the phone

manually.Thi sa lso makes it easy to upgrade

services,a s no manual configurationis required.

• The OTAconfiguration message is distrib-

uted viaSMS point-to-point.

• The setup information is a binary encoded

XML message (WBXML). To receive infor-

mation about OTAspecifications, please

contact your localSony Ericsson repre-

sentativefor consumer products. A config-

uratorthat utilizes OTA provisioningcan be

tested on www.SonyEricssonMobile.com.

• The user is alertedabout new settings

when the ongoing browsingsession ends.

Settings arenot changed during an ongo-

ing browsingsession.

• User interactionis limited to receiving and

accepting/rejectingthe configuration mes-

sage, and selectingwhich WAP profile to

allocatethe settings to.

• Securitycan be handled using a keyword

identifierdisplayed on the screen as a

sharedsecret between the SMS sender

and recipient.It is important that the user

can verify that theconfiguration message

is authentic.

Push services

Examples of WAPservices that can be pushed

include:

• Notification of new e-mail, voice mail, etc.

• News, sports results, weather forecast s,