The Security Hole in WAP: An Analysis of the Network and Business Rationales Underlying a Failure

Niels Christian Juul and Niels Jørgensen
International Journal of Electronic Commerce,
Volume 7, Number 4, Summer 2003, pp. 73.


Abstract: To succeed, the Wireless Application Protocol (WAP), a protocol for the delivery of Internet-like services for mobile phones, had to achieve widespread usage on the market for mobile electronic commerce; but a security hole made it unsuitable for e-commerce transactions. The security hole was a byproduct of the so-called WAP-gateway. Mobile service providers offering WAP to their subscribers were supposed to deploy the gateway as a converter between the fixed and mobile networks. The early versions of WAP could not solve the security problem in a way that was satisfactory from both a technical and a business perspective. Although the security weakness was not the main reason that WAP failed, it would probably have caused the protocol suite to fail even if every other problem had been solved.

Key Words and Phrases: Gateway, Internet, mobile commerce, protocols, security, standards, WAP.