A SET based approach to secure the payment in mobile commerce

In this paper we propose an approach, combining the SET protocol with the TLS/WTLS protocols in order to enforce the security services over the WAP 1.X for the payment in the m-commerce. We propose to implement the additional services of the SET protocol as the confidentiality of the payment information between the buyer and the payment gateway and the data integrity. However, we use WTLS certificates instead of the SET certificates. This allows to avoid the SET certification heaviness. Moreover, this approach eliminates the "WAP gap" since the payment information would not be decrypted within the WAP gateway nor within the seller side.