Hello Rene, I think this is the reason why wap is not popular in banking apps, still sms more pop.
Rene, I have a question, where i can have to WTLS patch? TIA, Jul Saturday, July 16, 2005, 9:13:09 AM, you wrote: > Depending on the phone, a WAP Push brings up a message on the screen, > asking if the user wants to see the page that is contained in the WAP > Push. > For security reasons, if you want to use Kannel also as the WAP Gateway, > you will need the WTLS patch (secure wap, kind of like using http/s). > Another note on security: a WAP Push can easily be forged by anyone. A > 'malicious user' can send a WAP Push with the sender-id of the bank, > leading it to a page that looks similar to what you expect, but in fact it > is another page. Not all phones display the actual URL, but merely just > the description that is send along with the WAP Push. > Besides that, most users have WAP configured with the WAP gateway of their > provider, which leaves opportunities open for a man-in-the-middle attack. > Email me if you want to know more details. > Cheers, > Rene Kluwen > Chimit >> Good day, >> >> I have used Kannel in the past as a pure SMS gateway. For the last couple >> of days, I've been looking for a partial replacement for a SIM Toolkit >> application when I saw that one of Kannel's features is a WAP Push. Does >> anyone know what the effect is of receiving a WAP push on the mobile side? >> Can it only put a message in the mobile's inbox, or am I able to bring up >> a screen to allow a user to accept or decline a transaction. This is for a >> banking application, so any advice on security will aslo be of interest. >> -- Best regards, julyanto mailto:[EMAIL PROTECTED]
