Design and Implementation of a Mobile Transactions Client System: Secure UICC Mobile Wallet

Abstract

This paper describes our concept, design and current implementation of the Secure Mobile Wallet. Mobile Wallet is an application stored in mobile phones providing to subscribers the possibility to perform various mobile financial transactions. In our approach Secure Mobile Wallet is stored and running in the Javacard SIM chip, called UICC module. The Wallet comprises several Javacard applets supporting several types of financial transactions – mobile banking, mobile payments, mobile commerce, mobile micro–loans, mobile ticketing, and mobile promotions. Secure Mobile Wallet supports over–the-air (OTA) transactions based on SMS, GPRS, or mobile Internet protocols and also over–the–counter (OTC) transactions based on NFC or Bluetooth protocols. Users, messages and data stored in the Secure Mobile Wallet are managed and maintained using both, OTA and OTC, protocols. Security is supported by Integrated Security Platform, which is a separate application providing security services to other applications. Integrated Security Platform is the implementation of USSM concept, specified by ETSI. As a client's application, Secure Mobile Wallet is integrated into our larger, secure mobile transactions system.