White Paper
J200
14
November 2004
To use such secure connections, certificates have
to be saved in the phone. The J200 comes with a
number of pre-installed WAP certificates, so called
trusted certificates
.
WTLS class 2 includes the following security fea-
tures:
•
Encryption of a message, ensuring that only the
sender and the recipient can read the contents
of a message.
•
Server authentication, meaning that the mes-
sage is encrypted and users can verify that they
really are communicating with the WAP gateway
they believe they are connected to.
Configuration of WAP settings
An easy way to perform the WAP configuration of a
single phone is by using the Sony Ericsson step-
by-step WAP configurator. The configurator utilizes
OTA provisioning, and is available on
www.SonyEricsson.com
; no login required.
A manual configuration is made using the menu
system in the phone. This is described in the user
guide.
To simplify configuration of WAP settings in a
number of phones, all settings can be sent as an
SMS message to each phone. This makes it easy
for an operator, a service provider or a company to
distribute settings for Internet/intranet, and WAP,
without having to configure each phone manually.
•
The OTA configuration message is distributed
via SMS point-to-point.
•
The setup information is a binary encoded XML
message, according to WBXML. To receive
information about OTA specifications, please
contact your local Sony Ericsson representative
for consumer products.
•
The user is not alerted about new settings until
the ongoing browsing session ends. Further-
more, settings are not changed during an ongo-
ing browsing session.
•
The necessary user interaction is limited to
receiving and accepting/rejecting the configura-
tion message, and selecting the WAP profile to
allocate the settings to.
•
Security can be handled using a keyword identi-
fier displayed on the screen as a shared secret
between the SMS sender and recipient. It is
important that the user can verify that the con-
figuration message is authentic.
Push services
These are useful for sending updated WAP site
contents or WAP links to mobile users. Examples
of services that can be implemented using push
services:
•
Notification of new voice mails. Instant messag-
ing and chat.
•
News, sport results, weather forecasts, financial
information (such as stock quotes).
•
Fill up a smart card with e-cash.
•
Interactive games, for example, play poker with
a friend.
In the J200, the user selects whether to allow push
messages or not. There are two different forms of
Push services:
Service Indication (SI)
This is basically a text message to the user con-
taining a link to a URL carried by the SI. If the user
decides to load the suggested URL, normal WAP
browsing commences.
Service Loading (SL)
This means that the WAP site content is immedi-
ately loaded and executed on the client, or alterna-
tively is loaded and stored in the cache for later
use. In both cases, the SL is loaded without any
user intervention.
When a service indication is received in the J200, it
is presented to the user in one of the following
ways: