Users of mobiles and handheld devices such as the Palm are growing exponentially and are expected to outnumber PC users by 2003. Merrill Lynch is predicting m-commerce will grow to a $208 billion (€238 billion) industry by the middle of the decade. By 2004, more than 150 million people are expected to use mobiles or personal digital assistants (PDAs) for online banking and other financial transactions. And according to an industry expert, the Asian passion for mobiles is so intense that the number one hobby of housewives in Hong Kong is online share trading via mobile phones.
But consumer excitement about the proliferation of devices, and the hype surrounding the predicted uses for them, have focused attention away from some of the significant challenges facing the development of true m-commerce, say industry experts speaking here at Global eSecurity 2000, a conference held by security software firm Baltimore Technologies. The primary difficulty, it says, is a young and under-developed market. That means almost no standards exist for hardware or software, regional differences are creating isolated markets, and no one has figured out how m-commerce will work. Virtually no standards exist yet for wireless devices, which forces applications developers to create several versions of the same program to suit different devices, and isolates users into separate worlds that frequently can't interlink, share information or communicate with each another.
Different manufacturers and software companies are competing to make their approach the industry standard. Within the cell phone sector alone, different operating standards are separating the globe into two markets: the United States and everywhere else. In the United States, half of the 100 million cell phones in use are old-style analog devices running on one type of network. In the rest of the world, most use digital mobiles on GSM networks. But even the GSM phones can't all share information. Users within a single European country often cannot send each other text or short message service (SMS) messages via their mobiles because different carriers use different protocols.
Mobiles and PDAs also are divided by an interoperability gap. "€2E (end-to-end) interoperability will be essential," says Ed Guntin, mobile commerce manager for phone manufacturer Motorola. "M-commerce must operate the same way anywhere in the world." He says mobile and PDA manufacturers are beginning to work together to settle on standards that will eliminate the problem.
Mobile security is also an issue. Smart cards - small cards embedded with low-memory microchips - are considered to be one method of placing security directly on a handset. It's accomplished in the form of small programs or digital certificates that identify the user and generate digital signatures.
But most American cell phones don't have the tiny SIM smart cards commonly used in Europe to activate and personalise mobiles. And two SIM card slots would be necessary for adding security features, but manufacturers have balked at providing them.
Security is also a concern at the server end of a transaction, starting with the question of who is controlling the server and where responsibility for the security of a transaction should lie.
In the United States, a "walled garden" approach to supplying online information to wireless device users means that carriers have tended to control access to the network via their own gateway. Subscribers to a wireless service are allowed to roam the content provided by the carrier but not to move beyond those walls.
"That's fine for information but different for money transactions," says Peter Klante, vice- president of marketing for Compaq wireless application spin-off Tantau Software. "That creates a security hole at the carrier."
In Europe and Asia, wireless users tend to link directly to the organisation they need to contact, so transactions can be secured from end to end, he says. He believes the walled garden approach will fade. In the meantime, users may need to go through a second dial-up to create a direct link to a financial institution, he said.
The market for transactions appears lucrative, once such problems are addressed. Europeans have shown they are happy to use mobiles for banking transactions; over 90 per cent of European banks offered some form of mobile banking last year, he said.
Privacy is also an unresolved issue for m-commerce - from how personal identifying information might be stored and accessed over networks, to how long encrypted information is retained on a server, to whether mobile carriers or service companies "own" consumers and should be allowed to market to them or sell their information.
"The privacy of the end-user is important," says Guntin. "The question is, can we capture in the m-commerce space the lessons we've learned in the wired space?" He thinks service providers may move toward an opt-in program, where wireless device users would let themselves be spammed in exchange for access to certain services or features. According to Klante, a July study by research firm Metrica revealed that consumers already have clear ideas on what they want from m-commerce. Asked about what conditions might influence their use of wireless services, 94 per cent said they would not use a wireless online service if they were restricted to "walled garden" access. Some 88 per cent said they wouldn't use a service if they didn't believe it was fully secure, and 77 per cent said they wouldn't use a service unless it could be personalised.
Ultimately, he says, frustrated consumers may shape the growth of the market and the speed at which interoperability is achieved.
Karlin Lillington is at klillington@irish-times.ie