Docstoc

Smart Agent based Mobile Shopping and Secured Payment

Document Sample
Smart Agent based Mobile Shopping and Secured Payment Powered By Docstoc
					       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856




            Smart Agent based Mobile Shopping and
                      Secured Payment
                                      Philip Smith1, Suresh Sankaranarayanan 2,3
                             1
                              Mona Institute of Applied Sciences, University of WestIndies, Jamaica
                              2
                              Computing & Information Systems, Institut Teknologi Brunei, Brunei
                                3
                                 Department of Computing, University of WestIndies, Jamaica

Abstract: M-Commerce has become a lucrative method of             or a computer [1]. The sophisticated capabilities smart
shopping in today’s technological advance society.                phones now include have made its landmark in social
Consumers who are looking to buy a mobile device are many         society as well as the workplace. Phones of today
times not confident or knowledgeable of what features to look     represent small personal computing devices and run
for in a mobile phone, as there are many complicated terms        applications ranging from games and television players to
related to the specifications of the mobile device that they      business and productivity tools. This has led to the
might not be familiar with. There are many online shopping
                                                                  development of commercial applications inclusive of
sites today, which allow users to buy mobile phones online.
But still the system lacks in intelligence towards shopping i.e
                                                                  which are applications employing mobile devices
users got to have good knowledge on device specification          Some examples of m-commerce include purchasing of
while selecting the criteria and also system search based on      airline tickets, purchasing of movie tickets, restaurant
specification. The system has no capability to search beyond      booking and reservation and mobile banking [2]. This
the specification based on fuzzy preference rules. Recently       represents an incredible opportunity to enable mobile
there has been quite amount of work been carried in using         devices, as a universal device for mobile commerce
intelligent agents towards mobile shopping which overcomes        applications
the drawbacks of the online shopping system. In addition to       M-commerce is often represented as a derivative of
shopping there has been ongoing issue on security in mobile       ecommerce; this implies that any e-commerce site should
payment system and work been reported in using Biometrics         be made available from a mobile device [2]. The overall
i.e fingerprint towards it.
                                                                  concept of mcommerce is “business transaction on the
So taking all the above points into consideration we here have
                                                                  move” [3]. Its exponential growth is due to increased
developed smart agent based system towards shopping and
payment, which is far more superior, compared to other agent      expectation from users seeking to conduct business,
based system in terms of intelligence towards shopping. The       communicate, and share information while they are away
system so developed uses smart software agents that works by      from their desktop computers. There are opportunities to
collaborating among themselves based on criteria selected by      enable mobile devices as universal devices for mobile
the user in layman’s language and return results to the client    commerce applications. But still the system lack
that is precise and best suit the user requirements. Also the     intelligence towards shopping i.e users have to be
agent possesses learning capability of searching the mobile       knowledgeable in selecting the criteria towards mobile
phones too which is based on past search experience In            shopping and also system search based on criteria only
addition our system provides biometric security mechanism in      and nothing beyond it. Therefore, it is for the user to
Mobile payment system which is improvement over the               refine if the search is not successful. So taking those into
existing system developed in terms of security and
                                                                  consideration quite amount of work been done in using
information transmitted using Secure Sockets Layer (SSL)
(Server-Gated Cryptography (SGC)) on the internet. This will
                                                                  intelligent agents for mobile shopping which accepts
be facilitated on Android2.2 enabled mobile phone using           parameters from the user towards mobile shopping and
JADE-LEAP Agent development kit. The system would                 agent does shopping based on fuzzy preferences or
improve on the previous model to make it more user-friendly,      applying intelligence similar to how human being would
visually enticing, versatile and secure solution.                 do [4-8]. While unique features combined with an
Keywords- M-Commerce, J2ME, SSL, SGC                              abundance of mobile digital devices and networks makes
                                                                  m-commerce an attractive venture, yet serious challenges
1. INTRODUCTION                                                   also exist. However, one such concern is the security in
                                                                  doing transactions over this medium especially when
The world we now live in has seen many new emergences             making payments with the use of a credit card. The issue
of technology in the last few decades with advances in the
                                                                  of security is however not restricted to M-Commerce as
use of cellular phones, which were once upon a time only
                                                                  their consumers still at risk of fraud from card-cloning,
used for making and receiving phone calls. In these               identity theft, eavesdropping that can occur when
modern and technically advanced days, smart phones                conducting transactions in person and also via Electronic-
which “in a nutshell… is a device that lets you make              Commerce (E-Commerce). So research was done in
telephone calls, but also adds in features that, in the past,
you would have found only on a personal digital assistant
Volume 1, Issue 3, September – October 2012                                                                        Page 240
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


incorporating biometrics i.e fingerprint towards mobile     being made for the safe transmission of mobile payment
payment while conducting transaction wirelessly [9].        “over the air”. A few companies looking at M-Commerce
So taking all the above points into consideration, smart    standardization are: Pay Circle, Mobile Signature
agent based shopping and secured payment system been        (MoSign), Mobile Payment Forum, Mobile Electronic
developed which allows intelligent agents to shop based     Signature Consortium (mSign) and Encorus. These
on layman’s language rather than users being technically    companies have paved way of internationally acceptance
knowledgeable about the criteria while shopping. Also       of     some      standardization      of   cross-application
system possess past search experience towards shopping.     infrastructure, development of secure and authenticated
Lastly system also incorporate biometric feature along      m-commerce using payment card accounts and other
with Secure Socket layer (SSL) towards information          methods [13].
being transmitted which is improvement over earlier         M-Commerce seeks to interlock two independent industry
system.                                                     components; E-Commerce and Wireless technology
The paper is organized in sections as follows. Section 2    which in themselves have their security challenges. Thus
talks on Electronic/Mobile shopping followed by security    proper mechanism must be put in place to secure any data
in Mobile shopping & Agent based approach to mobile         that is stored on the mobile device, the transaction details
shopping. Section 3 talks on Architecture of smart agent    and the communication medium. To achieve effective
based mobile shopping and secured payment architecture      mobile commerce security, serious considerations must be
details and algorithm. Section 4 gives the implementation   taken into account for the following security mechanism:
details using JADE-LEAP. Section 5 is conclusion &                   Authorization – To ensure authorized use of
future work.                                                          system and performance of business functions by
                                                                      authorized users only.
2. ELECTRONIC/MOBILE SHOPPING                                        Authentication – To establish that all parties
                                                                      involved in the electronic transaction or
Logica founded the Global Mobile Commerce Forum and
                                                                      communication are who they claim they are.
Cellnet in London in the late 1990’s and saw a rapid
growth with over 100 companies joining in short order.               Integrity–To ensure that data on the host system
M-Commerce was first launched in 1997 when two                        or in transmission are not created, intercepted,
mobile-phones enabled Coca-Cola vending Machines                      modified or deleted illicitly.
were used to conduct the first payment via SMS text                  Confidentiality- To warrant that data are only
messages in Finland. M-Commerce was quickly adapted                   revealed to parties who have a legitimate need to
over the next few years and experienced exponential                   know it or have access to it.
growth with many countries releasing new services such      There are also several ways an intruder can attempt to
as Mobile Parking Payments (Finland), Train Ticketing       attack these systems:
(Austria) and Purchasing Airline Tickets (Japan). Over               The theft/loss of the mobile device
the past few years the mobile market has seen rapid                  The use of a copied/scanned fingerprint taken
growth as consumer spending rose from $396 million in                 from a surface
2008 to $1.2 billion in 2009 [10]. There are currently               The interception of wireless message packets that
popular applications available to consumers who own a                 contain financial information or fingerprint data
mobile smart phone that provide luxuries such as                     The injection of fabricated fingerprints into the
browsing the stock for a company, adding goods to their               database
shopping cart and making payments to the supplier of the             The interception of wireless message packets to
goods and/or services. An example of such an application              manipulate and corrupt sensitive information
is the EBAY mobile application which allows its users to
shop, buy, pay and review purchase history.                 The most popular digital networks used by cell phone
Mobile-Commerce is the exchange or buying and selling       companies world-wide are GSM, CDMA and TDMA;
of services and goods, both physical and digital, from a    these come with their own security mechanism to ensure
mobile device [11]. Recent studies have shown that m-       data confidentiality and integrity. Using an
commerce sales has increased to almost US$7 billion in      “unlocked”/”jail broken” mobile phone puts the users at a
2011 as it proved itself to add tremendous value in         higher risk of cyber-attacks due to the compromise these
accelerating online and in-store purchases and as such      functions have on the in-built security features. Advances
many organizations are investing more resources on          have been made in mobile phones anti-theft and anti-loss
developing better front-end mobile experiences and          solutions for most of the more modern smart phones that
ensuring compatibility with their back-end technology       will allow owners to wipe clean, track or disable the
[12]. So having seen what Mobile shopping is, we will       phone remotely.
now look into security aspects in Mobile shopping.             2.1.1 Biometrics and Verification
   2.1 Security in Mobile Shopping                          History has shown us that the most popular and
When addressing the issue of security in mobile shopping    promising biometric technique is the of fingerprint
we have to look at the current standardization efforts      recognition which has dated back to pre-historic times
                                                            where it was used as for authentication and identification
Volume 1, Issue 3, September – October 2012                                                                  Page 241
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


purposes but was most commonly found in criminal                      The use of certificates to authenticate packet
matters. Fingerprint recognition technology for mobile                 senders and receiver
devices is poised to become one of the most preferred user    Using fingerprint biometrics addressed the challenges
verification and authentication solutions in mobile device    faced with customer identification and verification and
security especially seeing the great decline in cost-to-      creates a simplified means of identifying user accounts
solution seen in recent time which would enable simple        without the need to send credit card number and security
installation on cell phones and PDA’s [14].The process of     pins over the network. Users would essentially now have
fingerprint recognition is based on the pattern of “hills”    a digital signature which is difficult to forge because of
and “valleys” on the surface of each finger. The patterns     strong security encryption enforcement and thus provide a
of the captured hills and valleys can be grouped into a       simple and reliable mechanism to authenticate users
larger category known as “arches”, “loops” and “whorls”       securely with the banking agent. Fingerprint recognition
but the most important are some very fine features known      is popularly used in forensic settings and many US
as “minutiae” which are the general locations where a         government-class identification applications and is seen
specific ridge ends or splits into two ridges. Minutiae are   on many of today’s laptops as an easy user verification
vital in precise fingerprint recognition and in this          tool. A major con with using Biometrics is that if by some
advanced age of image quality of small inexpensive            means your biometric data was captured and is now
electronic scanners, accuracy and affordability is not a      compromised, there is no replacement for one’s finger.
challenge.
The Figure 1 below [15] outlines an example of what the             2.1.2 Security Schemes and Considerations
fingerprint matching process would look like. The mobile      With the constant risk of hackers attempting to steal,
device scans the fingerprint, a reconstruction of the image   interfere with or misuse sensitive information, it is
is done and then the minutiae extraction would be             critical to any system that time is taken to identify risks
implemented. The image is converted and encrypted then        and circumvent possibility of such nature and secure the
a matching will occur to verify if the fingerprint scanned    over-the-air communication to protect the data that is in
matches back to what is store at the database level.          transit. Certificate Based Authentication (CBA) and
                                                              Trust, a strong encryption such as the Advanced
                                                              Encryption Standard (AES) symmetric key encryption
                                                              and Hypertext transport protocol secure (HTTPS) over
                                                              Secure Socket Layer (SSL), should protect sensitive
                                                              information such as the customer’s biometrics.
                                                              Communication is done over HTTPS, which is an
                                                              overlapping layer over HTTP that would automatically
                                                              encrypt and decrypt the messages that are being passed.
                                                              The Secure Socket layer sometimes referred to as the
    Figure 1 Biometrics and verification - Fingerprint        Transport Layer Security (TLS) provide authentication,
                    Verification Process                      integrity, and confidentiality to the data it encapsulates
Biometric security systems face challenges in the             [16]. For SSL connections to be successful there are two
collecting, encoding and in the comparing of biometric        primary phases that need to be completed. These phases
data, such as the accuracy of the detection and               are the Handshake – which would ensure the correct
representation of biometric information and the               endpoint connection and then there is the Data Transfer –
possibility of lifting prints from surfaces in a bid to       which would complete the verification process and verify
deceive a biometric system, thus careful considerations       certificates. A session is created when there is a
must be made as to the methods to detect and protect the      successful handshake association with the client
system sensitive data. Taking note of the risks mentioned     (requestor) and the server (responder). These sessions
to eliminate or minimize at worst these attacks and secure    would aid in avoiding lag in the system and the expense
the transmission of biometric data, mobile payment and        of negotiating new security parameters for each
other sensitive information, the following are taken into     connection.
consideration                                                 X.509 Certificate based authentication is used to proof the
        No fingerprint images or sensitive information is     client’s identification by the use of information that
          stored on the mobile phone.                         would be unique to each user such as:
        Additional security schemes are implemented to             • Distinguished Name (DN)
          ensure valid customer identification.                    • The public key
        Message packets sent over the wireless network             • The name of the Certificate Authority (CA) who
          are encrypted to maintain data integrity                       issued the certificate.
                                                              The issued certificate must not have expired and should
        Limited access to server and databases and
                                                              have been issued by a valid trusted Certificate Authority.
          implementation of data audits to ensure proper
                                                              The public key of the issuing CA must validate the
          confidentiality
                                                              issuer’s digital signature, and the user’s public key must

Volume 1, Issue 3, September – October 2012                                                                   Page 242
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


validate the user’s digital signature [17]. The process of      entered once only, along with payment information and
this authentication scheme is as follows:                       picture ID. The scanner reads the finger print [22]
   • Establish the SSL connection with the web server           capturing 40 points of information, encrypting and then
   • Send details of the certificate to the Policy Server for   store this information. This delivers higher security,
     verification against the information in the user store.    because no two fingerprints are alike. Fingerprint pictures
The Advanced Encryption Standard (AES) is the United            are eliminated, once ID and payment information are
States Government’s Federal Information Processing              recorded to the scanning processor. For future
Standard (FIPS) for symmetric encryption, which would           transactions, all you need is to swipe your finger to
enable fast and secure data encryption and decryption.          complete transactions. Payment by touch systems
AES uses cipher key whose length can be 128, 192, or            facilitates shorter processing time for transactions.
256 bits. AES assisted with the resistance of harmful           Biometric payment technology enables the consumer to
attacks including Brute Force attacks and with                  pay by the touch of a finger on scanner linked to a
compatibility against different platforms and speed and         payment wallet. The fingerprint is transmitted through a
design simplicity [14].                                         linked router and media required to approve the
The Biometric Application Programming Interface                 transaction through an automated process. Providers of
(BioAPI) was created by a consortium that now has over          biometric payment solutions require the completion of a
120 companies and organizations that all share an               pre-enrollment process which captures necessary
interest in the development of biometric markets. The           information such as personal identification, fingerprint
x9.84 Biometric Information Management and Security             and banking information.
standard brings platform and device independence to             Having talked about electronic/mobile shopping and
application programmers and biometric service providers         security consideration in mobile shopping, we will now
[18] and ensures biometric components and libraries can         look into intelligent agent technology followed by agent
be easily integrated. The Cryptographic Protocol and            based mobile shopping developed previously which is the
Application Security standards group specifies file and         underlying basis for our research.
biometric data formats and has performance and testing             2.2 Smart/Intelligent Agent Technology
tools. Some other standards use an XML Biometric                There have been many debates as to what the true
Common Format.                                                  classification of an Agent should be, but there has not
      2.1.3 Biometric Mobile Device                             been a universally accepted definition. Reference [23]
Recently Motorola released a mobile phone running               defines an agent as an entity that can be viewed as
Android 2.3 operating system. The Motorola ATRIX 4G             perceiving its environment through sensors and acting
features biometric fingerprint smart sensor ensures             upon its environment through effectors [24]. An
security. The unique fingerprint recognition technology         Intelligent Agent is one that is capable of flexible
allows only authorized person to what’s on your phone.          (reactivity, pro-activeness and social ability) autonomous
This smart sensor feature allows for faster, enhanced           action to meet its design objectives [23].
security and personal data privacy that surpasses               As problem scope becomes larger and more complex,
password or PIN locks. [19]                                     Multi-Agent Systems (MASs) were required to tackle
      2.1.4 Biometric Security in Mobile Payment                these intricate possibilities the individual agents could not
For any kind of electronic transaction, we have being           manage. By forming communities of agents a solution
using till now only information like credit card, signature     based on a modular design can be implemented where
and so on. These security mechanisms are still not secure       each member of the agency specializes in solving a
in terms of mobile/electronic payment. So we introduced         particular aspect of the problem [25].
a biometric mechanism- fingerprint that gives a better          Artificial Intelligence agents have been incorporated in
level of security mechanism for mobile payment systems          many of the systems we interact with on a daily basis
[9]                                                             directly or indirectly such as modeling the impact of
      2.1.5 Biometric Credit Card                               climate change on biological populations, modeling
Citibank in Singapore launched the introduction of the          traffic systems, internet search engines, etc. Taking all
world’s first card less payment service on November 9,          the above points into consideration, quite amount of
2006 [20]. The service employed technology used by a            research been carried out in developing agent based
biometric authentication vendor Pay-By-Touch. This              mobile shopping application which is discussed below
meant at the time of purchase Citibank Clear Platinum              2.2.1 Agent Learning
Card holders no longer need to present their plastic card.      Corporative multi-agent learning [26] approaches can be
They are now required to simply scan their finger on a          segmented into two major categories: Team learning
biometric scanner and enter a seven digit "Personal             approach and the concurrent learning. Concurrent
Search Number".                                                 learning utilizes multiple concurrent learning processes.
Biometrics credit card manufacturer’s assertion is that         Rather than learning behaviors for the entire team,
processing of these cards versus traditional credit cards is    concurrent learning methods normally employ a learner
more secure [21]. The merchant will install a biometric         for each team member. This is done with the expectation
reader at his register. The customer’s ID data would be         that it reduces the joint space by projecting it into N

Volume 1, Issue 3, September – October 2012                                                                      Page 243
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


separate spaces. However, the presence of multiple            Conducting any form of electronic payment has its
concurrent learners makes the environment mobile. This        challenges. Payment methods range from sending an
in itself is a contravention of the assumptions behind        account number and pin to sending credit card number
most conventional machine learning techniques. This is        and security codes over a network and at times puts
the main reason why concurrent learning needs new or          consumers at risk to eavesdropping, interception and
significantly modified forms of machine learning              fraud if not implemented correctly. When developing our
methods.                                                      shopping application we had to look carefully at the best
Team learning involves a single learner which discovers a     means to conduct mobile payments safely and securely,
set of behaviors for a team of agents instead of a single     and as such, we have chosen to use two-factor
agent. Team learning can use regular single-agent             authentication. Authentication methodologies have three
machine learning procedures to accomplish its goals.          basic factors:
Team learning can be separated into two type’s namely                 Something the user knows (username, password,
homogeneous and heterogeneous team learning.                           pin, etc.).
Homogeneous learners would advance using single agent                 Something the user has (ATM card, credit card,
behavior which by extension is then used by every agent                etc.).
on the team. Heterogeneous team learners on the other                 Something the user is (Fingerprint, face
hand, can develop based on the distinctive behavior for                recognition, etc.).
each agent. Heterogeneous learners are therefore expected     Research has been conducted in using Biometric for
to yield superior solutions from agent specialization. A      mobile payment [9]
middle ground is found by using hybrid learning.
2.3 Agent based Mobile shopping
                                                              3. ARCHITECTURE OF SMART AGENT BASED
Human shoppers in their quest to find goods and services      MOBILE SHOPPING AND SECURED PAYMENT
at the best prices execute a shopping process that searches
both physical stores and electronic stores (via a web-        It is evident from literature that quite amount of research
browser) for a product or service. Another possibility is     been carried out in using agents for mobile shopping such
that a shopper can also search electronic stores by using     as the Agent-Mediated E-Commerce Environment [6]
their mobile phones as support for m-commerce                 and Mobile Intelligent Agent-based Architecture for E-
increases. Previous research has been carried out by          business [4] . There were some shortcomings noticed in
companies and individuals in employing agents for             the system which motivated to develop intelligent agent
mobile shopping such as the Agent-Mediated E-                 based mobile shopper in mobile environment i.e J2Me
Commerce Environment for the Mobile Shopper[6] in             enabled mobile handset that would essentially employ a
which some significant shortcomings were noticed . The        software agent based on preference rules to make a
agent based shopping [5] was solely based their reasoning     reasonable decision towards selecting items replicating
on the price of the product. So taking the shortcomings       what the human being would be performing when
into consideration Mobile Intelligent Agent-based             purchasing a product [7][8]. But still the intelligent agent
Architecture for E-business was developed [4] in which        based mobile shopper system noticed some shortcoming
we noted that products are only described by their name       as given below which the main motivation towards our
and offered no other attribute or relevant image.             smart agent based mobile shopping system been
Taking these issues into consideration, research was          developed:
carried out in 2009 aimed at developing an Agent based           •Agent based system possess no learning capability or
mobile shopper that would essentially employ a software             past search experience towards search of items
agent exactly replicating what the human being would be          •Agent based system does not take into consideration
performing when purchasing a product – Intelligent                  rating and also popularity of product by the previous
Agent-based Mobile Shopper, IAMS[7][8]. This                        shoppers.
intelligent agent would mimic the role of a human                •The GUI was done in plain and thus did not include
shopper, but in the mobile environment in which a                   any phone images.
cellular phone or a PDA would be employed. The                   •Complex terms and expressions were used in the user
development of these agents is essentially based on                 specifications that the average consumer would not
preference rules to make a reasonable decision while                be knowledgeable of.
selecting the item corresponding to the user specification.      •Each mobile shop has its own agent and would be less
In short, the agent based mobile shopper developed                  efficient when a search is conducted
performs the selection functions as desired by the user.         •Adding a new mobile store agent would be a tedious
Having seen the technological advancement in applying               process and some code modifications
agent technologies in mobile shopping, we now look into       Now in terms of mobile payment research has been
mobile payment system involving biometrics                    conducted in using Biometric for mobile payment [9] but
2.4. Biometric based Mobile Payment                           still some drawbacks exist which include the following
                                                              that has been motivation towards developing secured

Volume 1, Issue 3, September – October 2012                                                                    Page 244
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


payment for our smart agent based mobile shopping               Securely transfer shopping cart information and
system:                                                          shipping information over HTTPS
  •User has to give financial details like credit card          Liaise with security agent to verify if the mobile
     number, pin number and biometric information like           shop is Third Party Trusted and advise the
     signature and fingerprint which is encrypted and            customer of response
     checked towards authentication.                            Retrieve and display the status of the m-commerce
  •Signature, credit card, pin can be easily replicated          transaction attempted from the Banking Agent.
     during wireless transmission, as it is also a part of
     authentication for mobile payment                       3.1.2 Security Agent (SA)
  •The system does not possess any third party                  The Security Agent is in charge ensuring that all
     certification i.e. VeriSign towards verifying the            sensitive information is passed securely and
     authenticity of shop towards making any payment.             holds the following as its core responsibilities:
  •Lastly the system was implemented in J2ME based              Create a secure connection over HTTPS to liaise
     mobile handset, which does not possess enough                with the Trusted Third Party to verify mobile
     memory and processing power to hash the fingerprint          store certificates.
     using the encryption algorithm. Also does not possess      Set up a secure connection over HTTPS to interact
     Touch pad feature to read fingerprint and so cannot          with the Banking Agent to transfer customer
     be really deployed in real time.                             check-out details and customer biometrics.
Considering the above drawbacks, we here have                   Securely transfers Customer verification from the
developed smart agent based mobile shopping and                   Banking Agent to Mobile Agent over HTTPS
secured payment system. The architecture of system                connection.
developed is shown in Figure 2. From an architectural           Securely transfers the status of the attempted
standpoint, what is required is a data-enabled mobile             transaction that was sent to the Banking Agent
network that is integrated with a Local Area Network              back to the Mobile Agent over HTTPS
(LAN) to allow for multiple agent communication with              connection.
the relevant databases and mobile devices.                   3.1.3 Banking Agent (BA)
                                                                The Banking Agent has the following as its core
                                                                  responsibilities:
                                                                Communicate with the Security Agent and
                                                                  Trusted Third Party to verify customer
                                                                  information. Attempt to match the customer
                                                                  biometric and credit card information and send a
                                                                  response to the customer through the security
                                                                  agent informing them if customer exists and is
                                                                  verified.
                                                                Conduct the necessary withdrawals on the
                                                                  customer’s account and send a message through
                                                                  the Security Agent to inform the customer of the
                                                                  status of the attempted transaction.

   Figure 2: Smart Agent based Mobile Shopping and           3.1.4 Mobile Search Agent (MSA)
        Secured Payment (SAMSP) Architecture                    The Mobile Search Agent would act as the brain
                                                                  of the mobile phone search process and has the
   3.1 The details of agents and their responsibilities           following responsibilities:
are listed below:                                               Retrieve the requested specifications entered from
3.1.1 Mobile Agent (MA)                                           the Mobile Agent and using the fuzzy preference
The mobile agent residing in Android Mobile handset               rules hierarchy, intelligently configure the search
carries out the following responsibilities:                       criteria when no results are found for the initial
        Retrieve and submit the mobile phone preferences          search.
         submitted by customer                                  Organize the results in descending order by
        Capture and securely submit mobile phone rating           mobile phone price and pass the sorted list to the
         data                                                     Mobile Agent for it to graphically display the
        Retrieve and display search results in a user             results to the customer.
         friendly format
        Capture and encrypt customer biometric data          3.1.5 Trusted Third Party (TTP)
        Securely transfer the captured biometrics data
         over HTTPS

Volume 1, Issue 3, September – October 2012                                                               Page 245
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


       The Trusted Third Party mimics an external entity      Internet etc are left as blank as it is assumed that
        that would conduct the following as its main          sometimes users find it cumbersome to select all
        responsibilities:                                     specifications mentioned in the system. So instead of just
       Securely communicate with the security agent to        taking default value and searching the phones as in
        retrieve encrypted customer biometric and credit      previous system [7][8].We here use Agent learning
        card information for Customer verification with       wherein the mobile search agent interacts with a database
        the Banking Agent                                     and retrieves the mobile phones with maximum
       Validate Mobile Store Certificates using TTP           popularity i.e. ones which is most preferred by the users
        API’s and communicate status via secure HTTPS         based on past search experience and forwards the results
        connection through the Security Agent.                along with the specifications, rating and popularity on the
                                                              GUI of the mobile device. The same fuzzy preferences are
     3.2 Mobile Phone Search Algorithm                        used for searching except specifications are left as blank.
The algorithm developed based on the architecture shown          3.2.2 Mobile Phone Purchase Algorithm
in Figure 2 is given below. We will look into how fuzzy       The following section will outline the process to purchase
preference rules been incorporated in the algorithm.          a mobile phone from the system architecture shown in
The customer launches the application from his/her            Figure 2
mobile phone and be granted the option to login or go           •Customer logs into the application securely over https
straight to the search form to enter their phone                •When a phone is selected to view the details, the
preferences. Customers must however be registered and              Security agent checks to see if the Mobile Store is a
logged in to add an item to cart or make any purchases.            trusted store through the Trusted Third Party (TTP)
   •Customer selects desired phone specifications such as          API’s. If the Store is verified to be trusted, then a
     price range, phone rating, feedback period and other          VeriSign logo will appear in the top section of the
     specifications in layman language like camera,                screen. If the store is not verified, no VeriSign logo
     Touch pad, QWERTY keyboard, Internet etc rather               will appear.
     than in technical language as in earlier system            •When the customer clicks the option to add the phone
     (Brown and Suresh, 2009a; Brown and Suresh,                   to their shopping cart a check is done to see if the
     2009b)                                                        phone is from a trusted store. If the store is not
   •The specified phone criteria are sent from the mobile          trusted then a message will be displayed alerting the
     application to the Mobile Agent using dynamic                 customer and they will be given the option to stop or
     search ontology.                                              continue with adding the phone to their cart.
   •The Mobile Agent would take the data and build              •The mobile agent would then send a message to the
     customized queries from the criteria selected and             security agent to check if the selected mobile phone is
     execute same on the database looking for matches on           already in the customers shopping cart. If the phone
     the specifications using the following fuzzy                  is already in their shopping cart then a message
     preference rules:                                             would be displayed alerting the customer.
       If mobile phones are available with the desired user     •Mobile agent sends message to the Database Agent
       specifications below the price cap entered.                 and updates the relevant tables.
       If mobile phones are available with the desired user     •The Mobile agent captures and encrypts the biometric
       specifications above the quoted budget up to price          fingerprint data using public key AES 128bit
       mark                                                        encryption.
       If no mobile phones are found within quoted price        •Mobile Agent sends biometric information to the
       cap, find phones with the user specifications with          security agent over https.
       price above quoted budget.                               •The Trusted Third Party agent liaises with the
       If no mobile phones are available for user                  Banking Agent to verify the Customers biometric
       specifications, find exact price match with best            information. The customer information is requested
       match specifications.                                       from the Banking agent using the customer Full
       If no mobile phones are available with the desired          Name and Credit Card Type.
       specifications, find phones of any specifications        •If the Trusted Third Party agent is unable to verify the
       within the price range.                                     customer information from the Banking agent (BA) a
   •Display results from Mobile Agent on customer’s                report is sent to the Security agent.
     mobile device.                                             •If the TTP agent is able to retrieve the customer
                                                                   information from the Banking agent, it would then
  3.2.1 Agent Learning for Mobile Phone Search                     decrypt the information and verify that the customer
The algorithm used for Agent learning is same as above             biometric data is consistent from both sources.
except here the user enters only the mandatory shopping         •If the customer biometric information does not match,
search criteria from a GUI on mobile device such as: Star          the Trusted Third Party agent sends a message to the
Rating, Feedback period, Maximum price, Price Mark up.             Security Agent that the biometric data does not
The other specifications such as camera, touch pad,                match. If the biometric information matches a

Volume 1, Issue 3, September – October 2012                                                                    Page 246
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


    message is sent to the security agent that the           Many of these options are optional and default values
    customer is verified.                                    used in cases where a selected option must be chosen.
  •The Security agent would then pass on the message         Also here mobile phone search options been expressed in
    received from the Trusted Third Party agent to the       layman’s language and not in mobile technical language
    Mobile agent. The verification status would be           which makes users to easily select for searching compared
    displayed to the customer. If the response returned      to earlier system [7][8]. When the user is satisfied with
    negative the user will be asked to try again.            the required or desired interests met or configured on the
  •A purchase confirmation screen is then displayed for      criteria the search button is clicked to initiate the search
    the user to confirm items to be purchased and correct    operation which is primarily driven by the mobile Search
    shipping details are stored.                             Agent.
  •When the customer has confirmed the purchase              There are six scenarios been considered for the
    details, a message is sent to the Security agent to      implementation of our prototype, which would be
    communicate with the Banking agent to withdraw           discussed below.
    the necessary amount out of the users’ bank account.     Let us consider a scenario where the user here selects
  •When the transaction is completed the Banking agent       Maximum price of J$70000 with star rating of 2 and
    the status is sent back to the Mobile agent through      feedback period of 3 month as shown in Figure 4. Price
    the security agent via a message that will be            mark up is been selected as No markup which means user
    displayed to the customer whether transaction was        can spend up to a maximum of 70000 dollars only. The
    successful or not.                                       other features of phones are selected as YES like Movie,
                                                             Messages, Internet, picture, Camera, Touch pad, Qwerty
4. IMPLEMENTATION USING JADE-LEAP                            Keyboard in layman language understood by every
                                                             common man. Customers submit these inputs from
The application was built using Eclipse Helios 3.6.2 build
                                                             Mobile handset to Mobile agent as shown in Figure 4.
20110210-1200 with a Java Development Kit 1.6.0_21
                                                             In this scenario, the mobile phone results returned by the
(jdk1.6.0_21) as the runtime environment with an
                                                             search must be less than or equal to J$70000 entered by
Android SDK Emulator plug-in as an IDE. The system is
                                                             the user to meet all the other specifications entered. When
created using Android 2.2 with and Java Agent
                                                             the consumer submits the preferred phone specifications
Development Toolkit (JADE) with Lightweight
                                                             on the android device, it is then sent to the Mobile Agent
Extensible Authentication Protocol (LEAP) [27-30].The
                                                             using the JADE platform which would be submitted to
list of agents in the JADE environment is shown in
                                                             mobile search agent who uses fuzzy preferences to query
Figure 3. and are identified by their names.
                                                             the Mobile Database for the devices that meet the criteria
                                                             and return the results to the mobile device




             Figure 3 Agents in JADE Environment

   4.1 Mobile Phone Search Implementation                                    Figure 4: Search Option Screen-1
The mobile phones searches are performed using an
Android enabled mobile device with access to the internet    Now based on search results returned by mobile agent on
and fairly good connective to the cellular network. Entry
                                                             the user’s mobile handset using fuzzy preferences, the
into the search menu will initiate the mobile Search
                                                             customer is presented with the results that matched the
Agent into operation. Among the options the user has to      specifications entered by the consumer, which in this case
configure for his or her search are Rating, Max Price,       is a list of three mobile devices as shown in Figure 5. The
Price Markup, Feedback period, Camera, Touchpad,
                                                             Search Results screen displays the list of phones
Internet, Picture, Movies, Messages, Music, Qwerty
                                                             including some of the major details such as the phone
Keyboard etc.                                                ratings and popularity, the store that is selling the phone


Volume 1, Issue 3, September – October 2012                                                                   Page 247
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


and with its list price and lastly a stock image of the        specifications. The phone details are displayed in Figure 9
mobile phone as shown in Figure 5.                             along with overall rating, customer’s breakdown of rating
                                                               and popularity of 40% which shows it is good among
                                                               public.




                Figure 5: Search Results Screen-1
If the customer is interested in one of the mobile phones
displayed in the result set, they may click on the
respective phone to view more details about the device.
Figure 6 below shows a screenshot of the details available                Figure 7 Search Options Screen-2
for the Blackberry Torch. The mobile phone details
screen gives a comprehensive outline of the features
available for the selected mobile device and also gives
the customer an option to add the mobile phone to his/her
shopping cart or to go back to the search screen if they
would like to search using some different criteria. The
screen displays the logo of the store that has the phone for
sale along with the sale price. Other information is also
presented on this screen about the available features of the
phone, the phone overall ratings. Customer ratings
breakdown and also popularity of phone i.e. how popular
the phone is among the public which depends on number
of people who bought and which in this case is 40% and
is termed as Good.
                                                                          Figure 8 Search Results Screen-2




         Figure 6: Mobile Phone details Screen-1
Let us consider another scenario where user is trying to
find mobile phones with the same specifications as in                   Figure 9: Mobile Phone Details Screen-2
previous scenario but with a maximum price budget of           Let us consider another scenario where the customer is
J$50000 and price mark-up of 20% as shown in Figure            searching for a mobile phone that is within the price
7.When the consumer submits the preferred phone                range of $40,000 with no price mark up, rating of at least
pecifications on the android device, it is then sent to the    two stars and with no touch pad or memory expansion
Mobile Agent using the JADE platform which would be            capabilities. The Mobile Search Agent here applies fuzzy
submitted to mobile search agent who uses fuzzy                preference rules and explored the store inventories for
preferences to query the Mobile Database for the devices       phones that are within the price range of J$40000 with
that meet the criteria for sale price of 50000 with mark up    specifications mentioned. The search agent here finds list
of 20% and return the results to the mobile device as          of phones and displays it onto the user’s mobile handset
shown in Figure 8. Figure 8 show that the search only          as shown in Figure 10. Figure 11 shows that the customer
returned one result that matched the price cap and the         selected the Blackberry Curve 8310 from CLARO mobile

Volume 1, Issue 3, September – October 2012                                                                    Page 248
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


store to review its specifications which en rated matched    The customer is now given the choice for selecting the
all specification except for one which is Touch pad for      appropriate phones which match the price with 80% of
price of J$30000 with overall rating of 4 and popularity     specification matching or exact matching of specifications
0%. Being a new phone or that no users has rated the         with any price by taking customer rating and popularity
phone. So far, Customer rating is displayed as 0             of phones into consideration which gives better idea in
customers have rated and so popularity is also 0% . So it    purchasing the phone
is now left to the customer whether to purchase the phone
or not based on popularity and rating values though price
matches except for one specification which is Touch pad.




                                                                           Figure 12 Search results-4a


           Figure 10: Search Results Screen-3




                                                                        Figure 13 Mobile Phone Details-4a




        Figure 11: Mobile phone Details Screen-3
Let us consider another scenario where the customer has
opted for a maximum price of J$30,000 and a rating of at
least 2 stars and did not desire a phone with a camera and
touch pad. The Mobile Search Agent used fuzzy
preferences and queried database and found no phones for
the quoted budget with customer specifications. So agent
here applied the intelligence to find phones matching the
customer quoted budget with any specification as shown
in Figure 12. Figure 13 shows the phone specifications
                                                                       Figure 14 Search Results Screen- 4b
with rating of 5 and popularity of 20% which is average
among common public that match most of what the user
was requesting by over 80% i.e it does not offer memory
expansion as requested but does include the touchpad and
the camera.
Agent also uses intelligence to find phones that match the
customer’s specification for any price as shown in Figure
14 which is The BlackBerry Bold 9000 being sold by
LIME for $43,000 and Digicel for $45,000. The customer
selects the cheaper phone and is able to view all the
specifications and other available information as shown
in Figure 15 with customer rating of 4 and 0% popularity
as poor which here is Blackberry Bold 9000 by LIME.                 Figure 15 Mobile Phone Details Screen- 4b


Volume 1, Issue 3, September – October 2012                                                                  Page 249
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


The user is given the option to select the rating period for   matching that is popular as shown in Figure 19. The
the customer feedback during search. By adjusting the          results are sorted by popularity in descending order.
period from 3 months to 6 months or a year the user will
note that the ratings figures as well as the popularity
would be recalculated.
4.2 Mobile Phone Search – Agent Learning
Until now, we have seen the intelligence possessed by
smart agent situations towards mobile phone search based
on specification selected by customer. Now in many
situations customers feel cumbersome to select all
specifications towards mobile phone search. So here we
bring learning strategy of smart agent which uses the past
search experience to search phones and display to user’s              Figure 18 Agent Learning Search Screen-2
handset based on popularity of phone. The user will select
the mandatory specifications like Maximum price,
Rating, Price Mark up, Feedback period. The other
specifications like Camera, touch pad, Qwerty Keyboard,
Memory expansion etc be left blank.
Let us consider a scenario where Customers are search for
mobile phones based by selecting the mandatory
specifications as shown in Figure 16. The agent here uses
its past search experience to search phones for price of
$70000 which is most popular and display the results as
shown in Figure 17. The user now can view the phone
details by selecting the phone which is popular with good
rating and proceed for shopping
                                                                   Figure 19 Agent Learning Search Results Screen-2

                                                               4.3 Mobile Phone Purchase
                                                               We have seen till now as how agents are used in
                                                               searching the phone according to user specification and
                                                               also by using agent learning too. Now having searched
                                                               the phone and added to shopping cart, the next is about
                                                               buying the phone by supplying our financial. This section
                                                               would cover details on security features implemented
                                                               towards mobile phone purchase.
                                                               Before customer proceeds for making payment for
                                                               purchase, we go to make sure the store is valid one and
                                                               not fake. So we got to bring Third party Trust like
       Figure 16 Agent Learning Search Screen-1                VeriSign for it. When a mobile store is verified as Third
                                                               Party Trusted by the SAMSP application, we are saying
                                                               that we have proof that this mobile store is valid and that
                                                               it is safe to conduct business with them. Mobile stores are
                                                               only considered verified once our trusted third party –
                                                               VeriSign has validated based on certificates retrieved.
                                                               Figure 20 below shows the trusted image that would be
                                                               displayed once the security agent has connected to the
                                                               VeriSign component over HTTPS and successfully
                                                               validates that the mobile store certificate retrieved from
                                                               the Mobile Agent (MA) is still valid, authentic and issued
                                                               by the same trusted third party using API’s. When the
                                                               mobile store is third party trusted then the customer
       Figure 17 Agent Learning Search Results-1               would have no difficulty in adding the mobile device to
                                                               their shopping cart and continue with their check-out
Let us consider another scenario where the customer may        process.
also do a more advanced search as shown in Figure 18.
The Agent here possess intelligence to search and display
phone for price of $40000 with customer specification

Volume 1, Issue 3, September – October 2012                                                                    Page 250
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


                                                               when it is time to securely conduct the M-Commerce
                                                               transaction.




    Figure 20 Third Party Trust verified mobile store

If the Mobile Store does not have any valid certificate that     Figure 23 Purchase Details - Credit Card Information
could be verified with our Trusted Third Party VeriSign,
the VeriSign trusted logo will not be displayed and thus       Figure 24 shows the screen that would capture the
the store will not be verified as Third Party Trusted.         customers fingerprint biometrics encrypted and
Figure 21 displays such a scenario in which the user           transferred to the security agent to do the necessary
selects a mobile phone which is being sold by a mobile         validations. It is recommended that the customer use a
store that is not verified with the Third party Trust. If a    phone that has a touch screen, fingerprint scanner or a
user attempts to add this mobile phone to their shopping       camera. Since fingerprint data doesn’t change over time,
cart, a pop-up will be displayed warning the user that the     it is critical the system handles this information with care
Mobile Store that is selling the phone has not been Third      and sensitivity. So the system will ensure that when the
Party Trusted (VeriSign) verified as shown in Figure 22.       fingerprint is scanned, it is encrypted using AES 256 bit
The user is presented with the option of continuing with       encryption scheme and transferred over HTTPS and
the purchase process of adding the item to their cart or       ensuring that any cache is removed from the mobile
cancelling the process.                                        device. Biometric information is not stored on the
                                                               customer’s mobile device as this may put them at risk for
                                                               identity theft and fraud if the mobile device is stolen.




 Figure 21 Screenshot showing unverified mobile store

This warning is important as it would ensure that the user
is aware that they would be giving a potentially fake                    Figure 24 Fingerprint Scanner screen
store/individual access to sensitive information such as
their name, phone number and shipping address.                 When the user selects the ‘Get Fingerprint’ button they
                                                               will be presented with the appropriate API to scan their
                                                               fingerprint as shown in Figure 25 .The encryption of the
                                                               fingerprint is done when the user selects the save and
                                                               continues button after the image has been captured as
                                                               shown in Figure 26.


   Figure 22 Warning message about unverified store

The user’s biometric information is never sent to the
mobile store as there is no need for them to retrieve it at
any time. The Mobile store bank account number is used
to conduct the m-commerce transaction.
Figure 23 below provide the customer with the option to
choose which bank and card type they would prefer to use
to conduct the transaction. This information is important                   Figure 25 Captured Fingerprint
to ensure the correct bank and bank account is selected


Volume 1, Issue 3, September – October 2012                                                                     Page 251
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


                                                                 phone would no longer show up in the list shown in
                                                                 Figure 30.




  Figure 26 Popup Information– Fingerprint Encrypted

The purchase confirmation screen provides the user with
the final summary of what is being purchased as well as
the customers shipping address as shown in Figure 27.                         Figure 29 Order Results Screen




  Figure 27 Customer’s Purchase Confirmation Screen
                                                                             Figure 30 Mobile Phone Review
If the user is satisfied with the details on this screen, they
can continue with the check-out process by clicking “Buy         The user will select from the list, the phone which they
Now”. A pop-up will be displayed to confirm that they            would like to leave feedback for. Figure 31 shows a screen
would like to send payment. It is only when “Yes” is             shot of what the customer would see when leaving a
selected from the pop-up screen that the m-commerce              rating for a mobile device. The customer would simply
transaction is attempted. The money will be withdrawn            choose a rating between 1 (lowest) and 5 (highest) for the
from the users account and sent to the Mobile Store as           respective category and click “Rate Phone” to leave the
shown in Figure 28                                               review.




            Figure 28 Payment Confirmation

It is important to display the order status after the                     Figure 31 Mobile Phone Rating Screen
purchase attempt is made. Figure 29 below shows that the
transaction that was done went through successfully and
also provides the customer with a reference number if            5. CONCLUSION & FUTURE WORK
they have to query the transaction.                              The smart agent based mobile shopping and secured
Customers who have purchased phones using the system             payment systems give an introduction on Electronic
have the opportunity to leave a review about the                 shopping and the strides that have been accomplished
purchased phone. The review that is left would be used to        within the last few years. Literature also shows the
act as a rating system that would aid other customers in         research been done in the area of mobile shopping with
their choice for their next mobile phone. A user can only        multiple-agent technology. Taking the earlier systems and
leave a review once. When the review has been sent, the          drawbacks into consideration smart agent based system
                                                                 been developed towards mobile shopping that would take
Volume 1, Issue 3, September – October 2012                                                                     Page 252
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


the specifications a user desires and make smart decisions     tracking., Electronic Commerce Research and
based on fuzzy preference rules to find the most suitable      Applications, Elsevier, Vol.1,No.3
results to return to the user. The system also provides      [6].    Fonseca, S., Griss, M., & Letsinger, R. (2001).,
users with a mobile phone rating capacity which allows         An Agent- Mediated E-Commerce Environment for
users who have bought the phone to leave their feedback        the      Mobile      Shopper.,     Retrieved     from
on the device.                                                 http://www.hpl.hp.com/techreports/2001/HPL-2001-
Security in any application is paramount to the integrity      157.htmlAlliance, O. M. (2005). White Paper on the
and continuity of the system and as such was critical in       M-Commerce Landscape. Open Mobile Alliance , 49.
this system in ensuring secure communication between         [7].    Brown, R and Suresh, S(2009), “Intelligent
the agents and protecting data integrity and                   Agent based Mobile Shopper”, Proceedings of Sixth
confidentiality. The security facilities provide features      IFIP/IEEE International Conference on Wireless and
that would assist in properly identifying trusted mobile       Optical Communication Networks (WOCN 2009),
stores as well as customer validation and verification         Cairo, Egypt
using biometrics. The results of the development been        [8].    Brown, R and Suresh, S(2011). “Intelligent
carried out using JADE-LEAP agent development kit on           Store Agent for Mobile shopper”, International
Android 2.2 handset and are shown as screenshots in this       Journal of E-services and Mobile Applications, Vol.3
paper validating our research. There are some future           (1), pp.56-71, IGI publishing
improvements to the system that can be done towards          [9].    Gordon, M and Suresh, S(2010) “Biometric
including cancellation of payment towards purchase made        Mechanism in Mobile Payments”, Proceedings of
and money refunded accordingly. Also, remove phones            Seventh IEEE International Conference in Wireless
from stores whose popularity and rating falls below            and Optical communication Networks (WOCN 10),
average value. In addition allow for the mobile payments       Colombo, Srilanka
to be done using international third party agents such as    [10]. Butcher, D. (2010, February 17). Retrieved
Google Wallet and PayPal. Also create an Android               February 01, 2011, from Mobile Commerce Daily:
interface that will allow Mobile Shops to update stock and     http://www.mobilecommercedaily.com/2010/02/17/m
store information. Also expanding the search and product       obile-shopping-in-us-will-grow-to-24-billion-this-
catalog to include phone accessories and other products.       year-abi-research
Also implement Email/SMS messaging when Mobile               [11]. Alliance, O. M. (2005). White Paper on the M-
Stores add new phones to their inventory or having             Commerce Landscape. Open Mobile Alliance , 49.
mobile phones on sale/discount. Last but not the least       [12]. Oracle. (2012). E-Commerce Trends For 2012.
research/develop a possible cost effective alternative         CA: Oracle.
Trusted Third Party (TTP) Biometric verification method.     [13]. Schwiderski, S., & Knospe, e. Secure M-
This could be integrated with BioAPI xml based Service         Commerce. Europe: IST Programme.
Oriented Architecture (SOA) which could improve              [14]. Farpoint Group. (2008). The Broad Reach of
efficiency.                                                    Biometrics. Fingerprint recognition and Mobile
                                                               Security , 2-10.
REFERENCES                                                   [15]. Stallings, W. (2005). Cryptography and
                                                               Network Security Principles and Practices, Fourth
  [1]. Cassavoy, & Liane. (2010). What Makes a
                                                               Edition. Prentice Hall.
    Smartphone Smart. Retrieved 11 12, 2011, from
                                                             [16]. HP. (2008). HP JetDirect and SSL/TSL. HP
    About.com:http://cellphones.about.com/od/smartpho
                                                               JetDirect and SSL/TSL , 2-6.
    nebasics/a/what_is_smart.htm
                                                             [17]. EMC. (2011). Certificate-Based Single Sign-
  [2].    Abbott, L. (2001) Separating Mobile Commerce
                                                               On. White Paper.
    from Electronic Commerce , Retrieved, from
                                                             [18]. BioAPI        Consortium. (2001). Welcome.
    MobileInfo                                  Website:
                                                               Retrieved 6 12, 2012, from BioAPI Consortium:
    http://www.mobileinfo.com/mcommerce/differences.
                                                               http://www.bioapi.org/
    htm
                                                             [19]. Motorola (2011). Answers – Fingerprint Smart
  [3].    Rao, G. K. et al (2005)., Design and
                                                               Sensor Retrieved from http://motorola-global-
    Development of a New Middleware Platform for
                                                               portal.custhelp.com
    Mobile Applications.,Conference proceedings of
                                                             [20]. Lynn, T (2006). Citibank S'pore launches
    European Internet and Multimedia Systems and
                                                               biometric payment service. Retrieved from
    Applications.,Grindelwald, Switzerland .
                                                               http://www.zdnetasia.com/citibank-spore-
  [4].    Weng, Z., & Tran, T. (2007). A Mobile
                                                               launchesbiometric-payment-service_print-
    Intelligent Agent-based Architecture for E-business.
                                                               61965886.htm
    Ottawa, Canada: IGI Global.
                                                             [21]. Ziemba, J (2004). Credit Card Processing:
  [5].    Guan, S., Ngoo, C. S., & Zhu, F. (2002).,
                                                               Biometrics                Retrieved              from
    Handy broker: an intelligent product-brokering agent
                                                               http://business.lovetoknow.com/wiki/Credit_Card_Pr
    for m-commerce applications with user preference
                                                               ocessing:_Biometrics

Volume 1, Issue 3, September – October 2012                                                               Page 253
       Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com
Volume 1, Issue 3, September – October 2012                                    ISSN 2278-6856


  [22]. Bocoum, M. (1999). Acceptance Threshold's                 respectively in UWI and ITB, Brunei. He has got to his credit,
    Adaptability in Fingerprint-Based Authentication              as on date, about 50 fully refereed research papers published in
    Methods. Master of Science Thesis, School of                  the Proceedings of major IEEE international conferences, as
    Computer Science, McGill University, Montreal,                Book Chapters and in International Journals. He is also a
                                                                  Reviewer and Technical Committee member for a number of
    Canada.                                                       IEEE Conferences and Journals. He has conducted many
  [23]. Jennings, Woodridge, M., & N.R. (1995).                   tutorials, workshops and also given Guest Lectures in
    Intelligent Agents: Theory and Practice. UK.                  Networking in various Universities and Colleges. He also
  [24]. Russel, S., & Norvig, P. (1995). Artificial               managed a collaborative research programme with Oakland
    Intelligence: A Modern Approach. NJ: Prentice-Hall.           University, Rochester, USA. His current research interests are
  [25]. Rudowsky, I. (2004). Intelligent Agents.                  mainly towards ‘Mobile and Ubiquitous Computing - Wireless
    Intelligent Agents , 1-3.                                     Sensor Networks, Mobile Commerce, Intelligent Agents’ used
  [26]. Panait, L and Luke, S (2005). Cooperative                 in the Health, Commercial and Engineering sectors.
    Multi-Agent Learning: The State of the Art
    .Retrieved                                     from
    http://cs.gmu.edu/~eclab/papers/panait05cooperative.
    pdf
  [27]. Bellifemine, F., Caire, G., & Greenwood, D.
    (2004). Developing multi-agent systems with JADE.
    New Jersey: John Wiley & Sons.
  [28]. FIPA. (2012). Welcome to Fipa. Retrieved 3 28,
    2012, from FIPA: http://www.fipa.org/
  [29]. Jade Software Corporation Limited. (2009).
    JADE. Object manager Guide. Version 6.3 , 45-50.
  [30]. Google (2011). What is Android. Retrieved
    from          http://code.google.com/android/what-is-
    android.html

AUTHORS
Philip Smith is a final year Msc. Computer Science student in
the Department of Computing at the University of the West
Indies, Jamaica. Prior to that, he obtained his Bsc. Computing
and Information Technology (Honors) from the University of
Technology, Jamaica.. He also possess good programming skills
in Java, PHP, Agents and so. His research interests are mobile
computing, intelligent agents.
Dr. Suresh Sankaranarayanan holds a PhD degree (2006) in
Electrical Engineering with specialization in Networking from
the University of South Australia. Later he has worked as a
Postdoctoral Research Fellow and then as a Lecturer in the
University of Technology, Sydney and at the University of
Sydney, respectively during 2006-08. He is the recipient of
University of South Australia President Scholarship, towards
pursuing the PhD degree programme and has also bagged the
IEEE travel award in 2005. He is also Senior Member of IEEE
computer Society and Computer Society of India too. He was
working as a Lecturer (Asst. Prof. Status) in the Department of
Computing and lead the Intelligent Networking Research
Group, in the University of West Indies, Kingston, Jamaica,
during 2008-11.He has also worked as a Professor, School of
Computer Science and Engineering, Vellore Institute of
Technology (VIT University), Chennai Campus, India, for a
short period during 2011. He is now working as Associate
Professor, Department of Computer & Information Systems,
Institute of Technology, Brunei (ITB – A technological
university). Currently he is also functioning as a Visiting
Professor, Department of computing, Faculty of Pure & applied
Science, University of West Indies, Mona Campus, Kingston-7,
Jamaica, West Indies. He has supervised 28 research students
leading to M.Sc, ME, M.Phil and M.S degrees and currently
supervising 9 students leading to M.sc, M.phil and Ph.d

Volume 1, Issue 3, September – October 2012                                                                           Page 254

				
DOCUMENT INFO
Description: International Journal of Emerging Trends & Technology in Computer Science (IJETTCS) Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September – October 2012 ISSN 2278-6856