Today’s mobile devices are capable of multitude of functionalities. Among many other potential mobile applications, a mobile device can be used for financial services. Due to this fact the field of m-commerce has evolved. One important concern for m-commerce applications is their security. This thesis focuses on security of messages (transaction data) as key to achieve end-to-end security. Security goals and objectives are achieved after identifying different kinds of mobile transactions. Security requirements are identified independent of communication environments and infrastructure. <br />Proposed solution is based on prevailing standards for different kind of transactions. These standards include ETSI-based secure GSM messages in the form of command and response packets and EMV-based secured command APDUs for credit/debit card transactions. Analysis, design and implementation is done using object oriented approach which also fulfills additional objectives of reusability, extensibility and functional abstraction. <br />The main result of this thesis is “Generic Message Security Object” which can be used by any mobile application to achieve message security. It can be a Mobile Wallet, chat application or trading application. The implemented solution is incorporated into SAFE™ Mobile Wallet, which demonstrates task fulfillment of this Project.
