You are here: Home Contents V2 N1 V2N1_Muntermann.html
Personal tools

Security Issues And Capabilities of Mobile Brokerage Services and Infrastructures



Full text

Journal of Information System Security
Volume 2, Number 1 (2006)
Pages 2759
ISSN 1551-0123
Jan Muntermann — Goethe University Frankfurt, Germany
Heiko Roßnagel — Goethe University Frankfurt, Germany
Information Institute Publishing, Washington DC, USA




Reliable and trustworthy information processing is an essential success factor for financial transactions. This paper investigates the capabilities of integrated mobile financial information and transaction services which support private investors in making time-critical investment decisions and portfolio transactions. The analysis of intraday stock price reactions following company announcements provides evidence regarding the value added from according services if abnormal price movements can be observed. As efficient capital markets react very quickly to new information available, private investors require combined mobile notification and transaction services. So far, existing concepts can not fulfill these requirements which results from inappropriate implementation of the security mechanisms in order to realize secure and trustworthy processing. After identifying potential weaknesses of current solutions we introduce an adequate system infrastructure which can realize secure information and transaction processing in time by permitting a smart integration of notification and transaction services.




Mobile Brokerage, Security Requirements, Service Integration, eFinance




APWGAnti Phishing Working Group (2005), 'Phishing Activity Trends Report' _Activity_Report_Feb05.pdf, 16 June 2005.

Bundesverband Deutscher Banken (2004), 'Kunden der privaten Banken begeisterte Online Banker1, = 164710&art = 1107&ttyp=1&tid=1442,10 March 2005.

Carter, M. and Soo, B. (1999), "The relevance of Form 8-K Reports," Journal of Accounting Journal of Accounting Research, 37 (1): 119-132.

Claessens, J., Dem, V., de Cock, D., Preneel, B. and Vandewalle, J. (2002), "On the Security of Today's Online Electronic Banking Systems," Computers & Security, 21:257-269.

Deutsche Postbank AG (2004), 'Postbank Direct Details', .jsp, 10 March 2005.

Durlacher Research Ltd. (1999), Mobile Commerce Report, London.

ETSI European Telecommunications Standards Institute (2004),Universal Mobile Telecommunications System (UMTS); Quality of Service (QoS) concept and architecture -TS 123107 V6.2.0, Valbonne Cedex, France.

European Community (1999), Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community Framework for Electronic Signatures, Brussels.

European IST Project (2004), Wireless Trust for Mobile Business (WiTness), SIM Application Hosting - Detailed description of the concept',, 10 March 2005.

European Telecommunications Standards Institute (1992), GSM 3.40 -Technical Realization of the Short Message Service - Point-to-Point, Valbonne Cedex, France.

European Telecommunications Standards Institute (1999), GSM 3.48 -Security Mechanisms for the SIM application toolkit, Sophia Antipolis Cedex, France.

Felton, E. W., Balfanz, D., Dean, D. and Wallach, D. S. (1997). 'Web Spoofing: An Internet Con Game'. National Information Systems Security Conference. Oct 7-10. Baltimore, Maryland: 95-103.

Forrester Research (2003), European Mobile Forecast: 2003 To 2008, Amsterdam.

Frost & Sullivan (2002), European Mobile Commerce Payments, London.

Ghani, R. (2001) The Future of Wireless Banking',, 13 November 2004.

GSMBox Ltd. (2004), 'GSMBOX Homepage',, 10 March 2005.

Guthery, S. B. and Cronin, M. J. (2002), Mobile Application Development with SMS and the SIM Toolkit, McGraw-Hill, New York.

Klein, A. and Rosenfeld, J. (1987), "The influence of market conditions on event-study residuals," Journal of Financial and Quantitative Analysis, 22 (3): 345-351.

Mattila, M. (2003), "Factors Affecting The Adoption Of Mobile Banking Services," Journal of Internet Banking and Commerce, 8(1).

Muntermann, J., Roßnagel, H. and Rannenberg, K. (2005). Mobile Brokerage Infrastructures - Capabilities and Security Requirements. Proceedings of the 13th European Conference on Information Systems (ECIS 2005), Regensburg.

Rivest, R., Shamir L. and Adleman L. (1978), "A Method for Obtaining Digital Signatures and Public Key Cryptosystems," Communications of the ACM, 21 (2): 120-126.

Roland Berger (2000), Dial M for Mobile - Key Success Factors in the Wireless World, New York.

Roßnagel, H. (2004). 'Mobile Qualified Signatures and Certification on Demand', in Public Key Infrastructures, eds. S. K. Katsikas, S. Gritzalis and J. Lopez. Springer LNCS 3039.

Roßnagel, H. and Royer, D. (2005). 'Investing in Security Solutions: Can Qualified Electronic Signatures be Profitable for Mobile Operators?'. Americas Conference on Information Systems. Aug 11-15. Omaha, Nebraska.

Schiller, J. (2003), Mobile Communications, Addison-Wesley, Boston, MA.

Shegalov, G., Weikum G., Barga, R. and Lomet, D. (2002). 'EOS: Exactly-Once E-Service Middleware'. Conference on Very Large Databases. Hong Kong.

Venkatesh, V., Ramesh, V. and Massey, A.P. (2003), "Understanding Usability in Mobile Commerce," Communications of the ACM, 46 (12): 53-56.

Yuan, Y, Ye, E. Z. and Smith, S. (2001), Web Spoofing 2001, Department of Computer Science, Dartmouth College, Technical Report TR2001-409, July 2001.