There is, a whole process of Mobile Merchant Payment System is the back-end to provide a secure, encrypted, end-to-end mobile platform for magnetic stripe and smart card payment transactions. The process consists of the following components:

MTT hardware: hardware which includes an embedded Mobile Merchant Payment Application, a Secure Access Module (SAM), a mobile printer, and a mobile phone.

SecureNet Server: a wireless gateway server that authenticates MTT connections and establishes an encrypted wireless communication channel and provides remote terminal management and maintenance applications.

Mobile Merchant Server: a payment processing gateway server that integrates with payment processing systems.

(2) How does Way's MTT ensure end-to-end security ?

Way Systems has developed the Secure Mobile Application Platform (SMAP) as an end-to-end infrastructure for secure mobile application development, deployment, and maintenance. This consists of hardware, software, and messaging elements as well as a networking infrastructure and an additional level of security and message integrity to manage wireless security, latency, and network connectivity issues.

The foundation of the security of SMAP is to provide each mobile device and server with a unique identity utilizing Public Key Infrastructure (PKI). Each MTT is assigned a unique identification code during the manufacturing process. When an MTT is provided to a merchant, each MTT contains a SAM with a Private/Public Key Pair, which is then digitally signed by a Certificate Authority. The combination of the MTT ID and the signed Public Key is then registered to a specific merchant and stored with the Mobile Transaction Server, establishing a network with mutually authenticated nodes. Additionally, a cryptographic processor contained within the SAM utilizes RSA, DES, and 3DES to encrypt and decrypt all transaction data.

(3) What are the risks that the merchant makes skimming on the customer card?

The MTT encrypts the card data as soon as it is read or swiped so that the merchant will never have access to the card data. The card data is also encrypted before it is sent via the mobile phone over the GSM network.

(4) Do you have to make any modifications to the existing mobile phone?

There are no hardware or software modifications to make to the existing mobile phone -- just insert the plastic cover over the back of the phone. Way's MTT does not alter the conditions for the phone manufacturer's warrantee.

(5) How many brands of mobile phones are you working with at this time?

Way's MTT works with any GSM phone that supports SIM Toolkit (GSM/3GPP TS 11.14 Standard) specifications. WAY Systems prefers to utilize mobile phones that support SIM Toolkit class "e" commands for GPRS support. MTT's are currently designed for Siemens' S55/S56/S57 and C55/C56/2128 models.


Are you still uncertain of all the facts? You are welcome to read our solutions page, where there is more detailed explanations of the security as well as mobile coverage information.