Certicom Corp. has released public-key encryption software designed to secure transactions by handheld devices over wireless links.
The software, called Trustpoint, will let handheld users do signed transactions wirelessly, the digital equivalent of showing two forms of identification when paying for a purchase by writing a check.
Certicom is one of a small number of vendors of what's called public-key infrastructure (PKI) software. PKI software uses a system of digital certificates and complex encryption techniques so both parties to a transaction can be authenticated, and then allowed to pass sensitive data back and forth.
Trustpoint has a server program for issuing and managing the certificates, a portal program for storing them and working with other certificate servers, and a client program for the wireless device. Trustpoint can work with existing Certicom and other PKI security systems, such as those from Baltimore Technologies PLC and Entrust Technologies Inc., according to the vendor.
Lucent Technologies Inc. is incorporating Trustpoint, and other Certicom security software, into the mobile Internet hardware that it markets to service providers.
While Trustpoint creates the authenticated, encrypted link, there remain other mobile security issues the software does not address, such as encrypting data stored on the device itself, physically securing the gateway servers, and intrusion detection and countermeasures.