Question & Answer: In one page identify and discuss the new security threats of mobile commerce crimes……

There are several mobile commerce crimes, mobile commerce offers security for customers to make their payments but while this industry grows it creates opportunities for criminals. There are several threats that are associated with mobile commerce. Some of these threats are: Root kit installation that can install itself on the user’s device and hide from normal modes of detection, which means it can operate in secret in order to get access to computers and the user’s information. Smishing is just like phishing but smishing tries to trick the user into revealing personal information, it sends text messages to bait the user into giving personal details like bank account information, social security numbers, credit card information, etc. QR codes can be good for consumers to find out about products and to find tons of information with little to no effort, but using these can be risky. Once the codes are scanned you don’t know where they may take you, a lot of times QR codes can lead to sites that will download malware or viruses onto the user’s mobile device.

SECURITY THREATS ARISING FROM M-COMMERCE
Mobile commerce operated on a radio frequency platform is prone to passive attacks e.g. (snooping i.e. eavesdropping on a network) or listening to ongoing conversation [5].Consumers have great concerns
about the information they share amongst participating parties either data or voice messages or both from unauthorised party gaining access. On the other hand, identification integrity and message integrity are also involved in mobile security. Unfortunately,the current platform in which mobile communication is built on does not offer full scale security measures when it comes to transaction integrity .
The mobile adhoc wireless networks have some limitations in particular which needed to be taken into consideration. These issues are discussed briefly below.
1. Transaction Management-The in-depth idea of transaction can be difficult to enforce and network intermitted disconnections will affect a particular service in a secure m-commerce operations, succession to fail accordingly the secure connectivity would be considered unfinished and will be subjected to abort.
2. Delivery of Service-Due to unique characteristics of complexities of adhoc wireless network, existing service discovery and delivery protocols do not seem to suit the needs of an adhoc network making them unsuitable for m-commerce oriented scenarios. Service advertisements and deliveries may need to be disseminated by a mix of a store and forward strategy as well as local multicasting to cope with intermittent online connectivity.
3. Trust system-One of the important factor of online communication in terms of security is trust, it assists the participating entries to ensure secure transaction by reducing the chances of risk involved in transactions. On the other hand, as the mobile network cannot rely solely on network service providers to facilitate security services such as Certification Authority (CA). In order to facilitate self-reliance to trading entities to participate in secure m-commerce operation, the following services should be considered.
1. Authentication- This is the first step which facilitate both participating entities ensuring no any illegal third party masquerading as a legitimate party in other words the process of determining if someone is indeed who he/she declares to be.
2. Confidentiality-This guarantees that secure transaction information sent across the network is not accessible by any unauthorised third party such as snoopers.
3. Integrity-This ensures the message transmitted is not being tampered with and it will arrive at the intended recipient as genuine and un-tampered .
4. Non-Repudiation-This property assures that if the sending entity sends a message the receivingentity, both of the parties will not be able to claim with disapproval or reject one was responsible for the message.
5 Attestation-This enables an adhoc m-commerce peer to vouch for the identity trading history or transaction reputation of other peer nodes. It assists alleviate threat in transacting with formerly unknown entities.