smart agent based mobile shopping and secured payment

7/30/2019 Smart Agent based Mobile Shopping and Secured Payment

1/15

Web Site: www.ijettcs.org Email: [email protected], [email protected]

Volume 1, Issue 3, September October 2012 ISSN 2278-6856

Volume 1 , I ssue 3 , September October 20 12 Page 24 0

Abstract:M-Commerce has become a lucrative method ofshopping in todays technological advance society.

Consumers who are looking to buy a mobile device are many

times not confident or knowledgeable of what features to look

for in a mobile phone, as there are many complicated terms

related to the specifications of the mobile device that they

might not be familiar with. There are many online shopping

sites today, which allow users to buy mobile phones online.

But still the system lacks in intelligence towards shopping i.e

users got to have good knowledge on device specification

while selecting the criteria and also system search based on

specification. The system has no capability to search beyond

the specification based on fuzzy preference rules. Recently

there has been quite amount of work been carried in using

intelligent agents towards mobile shopping which overcomes

the drawbacks of the online shopping system. In addition to

shopping there has been ongoing issue on security in mobile

payment system and work been reported in using Biometrics

i.e fingerprint towards it.

So taking all the above points into consideration we here have

developed smart agent based system towards shopping and

payment, which is far more superior, compared to other agent

based system in terms of intelligence towards shopping. Thesystem so developed uses smart software agents that works by

collaborating among themselves based on criteria selected by

the user in laymans language and return results to the client

that is precise and best suit the user requirements. Also the

agent possesses learning capability of searching the mobile

phones too which is based on past search experience In

addition our system provides biometric security mechanism in

Mobile payment system which is improvement over the

existing system developed in terms of security and

information transmitted using Secure Sockets Layer (SSL)

(Server-Gated Cryptography (SGC)) on the internet. This will

be facilitated on Android2.2 enabled mobile phone using

JADE-LEAP Agent development kit. The system would

improve on the previous model to make it more user-friendly,

visually enticing, versatile and secure solution.Keywords- M-Commerce, J2ME, SSL, SGC

1.INTRODUCTIONThe world we now live in has seen many new emergencesof technology in the last few decades with advances in theuse of cellular phones, which were once upon a time onlyused for making and receiving phone calls. In thesemodern and technically advanced days, smart phoneswhich in a nutshell is a device that lets you maketelephone calls, but also adds in features that, in the past,you would have found only on a personal digital assistant

or a computer [1]. The sophisticated capabilities smart

phones now include have made its landmark in socialsociety as well as the workplace. Phones of todayrepresent small personal computing devices and run

applications ranging from games and television players tobusiness and productivity tools. This has led to thedevelopment of commercial applications inclusive of

which are applications employing mobile devicesSome examples of m-commerce include purchasing ofairline tickets, purchasing of movie tickets, restaurant

booking and reservation and mobile banking [2]. Thisrepresents an incredible opportunity to enable mobiledevices, as a universal device for mobile commerceapplicationsM-commerce is often represented as a derivative ofecommerce; this implies that any e-commerce site shouldbe made available from a mobile device [2]. The overallconcept of mcommerce is business transaction on the

move [3]. Its exponential growth is due to increasedexpectation from users seeking to conduct business,communicate, and share information while they are away

from their desktop computers. There are opportunities toenable mobile devices as universal devices for mobilecommerce applications. But still the system lackintelligence towards shopping i.e users have to beknowledgeable in selecting the criteria towards mobile

shopping and also system search based on criteria onlyand nothing beyond it. Therefore, it is for the user torefine if the search is not successful. So taking those intoconsideration quite amount of work been done in usingintelligent agents for mobile shopping which acceptsparameters from the user towards mobile shopping andagent does shopping based on fuzzy preferences orapplying intelligence similar to how human being would

do [4-8]. While unique features combined with anabundance of mobile digital devices and networks makes

m-commerce an attractive venture, yet serious challengesalso exist. However, one such concern is the security indoing transactions over this medium especially whenmaking payments with the use of a credit card. The issueof security is however not restricted to M-Commerce astheir consumers still at risk of fraud from card-cloning,identity theft, eavesdropping that can occur whenconducting transactions in person and also via Electronic-

Commerce (E-Commerce). So research was done in

Smart Agent based Mobile Shopping and

Secured Payment

Philip Smith1, Suresh Sankaranarayanan

2,3

1Mona Institute of Applied Sciences, University of WestIndies, Jamaica2Computing & Information Systems, Institut Teknologi Brunei, Brunei

3Department of Computing, University of WestIndies, Jamaica


2/15




incorporating biometrics i.e fingerprint towards mobilepayment while conducting transaction wirelessly [9].So taking all the above points into consideration, smartagent based shopping and secured payment system beendeveloped which allows intelligent agents to shop based

on laymans language rather than users being technicallyknowledgeable about the criteria while shopping. Alsosystem possess past search experience towards shopping.Lastly system also incorporate biometric feature along

with Secure Socket layer (SSL) towards informationbeing transmitted which is improvement over earliersystem.The paper is organized in sections as follows. Section 2talks on Electronic/Mobile shopping followed by securityin Mobile shopping & Agent based approach to mobileshopping. Section 3 talks on Architecture of smart agentbased mobile shopping and secured payment architecture

details and algorithm. Section 4 gives the implementationdetails using JADE-LEAP. Section 5 is conclusion &

future work.

2.ELECTRONIC/MOBILE SHOPPINGLogica founded the Global Mobile Commerce Forum and

Cellnet in London in the late 1990s and saw a rapidgrowth with over 100 companies joining in short order.M-Commerce was first launched in 1997 when twomobile-phones enabled Coca-Cola vending Machineswere used to conduct the first payment via SMS textmessages in Finland. M-Commerce was quickly adaptedover the next few years and experienced exponentialgrowth with many countries releasing new services such

as Mobile Parking Payments (Finland), Train Ticketing

(Austria) and Purchasing Airline Tickets (Japan). Overthe past few years the mobile market has seen rapidgrowth as consumer spending rose from $396 million in2008 to $1.2 billion in 2009 [10]. There are currentlypopular applications available to consumers who own amobile smart phone that provide luxuries such asbrowsing the stock for a company, adding goods to their

shopping cart and making payments to the supplier of thegoods and/or services. An example of such an applicationis the EBAY mobile application which allows its users toshop, buy, pay and r eview purchase history.Mobile-Commerce is the exchange or buying and sellingof services and goods, both physical and digital, from amobile device [11]. Recent studies have shown that m-commerce sales has increased to almost US$7 billion in

2011 as it proved itself to add tremendous value inaccelerating online and in-store purchases and as suchmany organizations are investing more resources ondeveloping better front-end mobile experiences andensuring compatibility with their back-end technology[12]. So having seen what Mobile shopping is, we willnow look into security aspects in Mobile shopping.

2.1Security in Mobile ShoppingWhen addressing the issue of security in mobile shoppingwe have to look at the current standardization efforts

being made for the safe transmission of mobile paymentover the air. A few companies looking at M-Commercestandardization are: Pay Circle, Mobile Signature(MoSign), Mobile Payment Forum, Mobile ElectronicSignature Consortium (mSign) and Encorus. These

companies have paved way of internationally acceptanceof some standardization of cross-applicationinfrastructure, development of secure and authenticatedm-commerce using payment card accounts and other

methods [13].M-Commerce seeks to interlock two independent industrycomponents; E-Commerce and Wireless technologywhich in themselves have their security challenges. Thusproper mechanism must be put in place to secure any datathat is stored on the mobile device, the transaction detailsand the communication medium. To achieve effectivemobile commerce security, serious considerations must be

taken into account for the following security mechanism:

Authorization To ensure authorized use of

system and performance of business functions byauthorized users only.

Authentication To establish that all partiesinvolved in the electronic transaction orcommunication are who they claim they are.

IntegrityTo ensure that data on the host systemor in transmission are not created, intercepted,modified or deleted illicitly.

Confidentiality- To warrant that data are onlyrevealed to parties who have a legitimate need toknow it or have access to it.

There are also several ways an intruder can attempt toattack these systems:

The theft/loss of the mobile deviceThe use of a copied/scanned fingerprint takenfrom a surface

The interception of wireless message packets thatcontain financial information or fingerprint data

The injection of fabricated fingerprints into the

database

The interception of wireless message packets tomanipulate and corrupt sensitive information

The most popular digital networks used by cell phonecompanies world-wide are GSM, CDMA and TDMA;these come with their own security mechanism to ensuredata confidentiality and integrity. Using anunlocked/jail broken mobile phone puts the users at ahigher risk of cyber-attacks due to the compromise thesefunctions have on the in-built security features. Advanceshave been made in mobile phones anti-theft and anti-loss

solutions for most of the more modern smart phones thatwill allow owners to wipe clean, track or disable thephone remotely.

2.1.1 Biometrics and Verification

History has shown us that the most popular andpromising biometric technique is the of fingerprintrecognition which has dated back to pre-historic timeswhere it was used as for authentication and identification


3/15




purposes but was most commonly found in criminalmatters. Fingerprint recognition technology for mobiledevices is poised to become one of the most preferred userverification and authentication solutions in mobile devicesecurity especially seeing the great decline in cost-to-

solution seen in recent time which would enable simpleinstallation on cell phones and PDAs [14].The process offingerprint recognition is based on the pattern of hillsand valleys on the surface of each finger. The patterns

of the captured hills and valleys can be grouped into alarger category known as arches, loops and whorlsbut the most important are some very fine features knownas minutiae which are the general locations where aspecific ridge ends or splits into two ridges. Minutiae arevital in precise fingerprint recognition and in thisadvanced age of image quality of small inexpensiveelectronic scanners, accuracy and affordability is not a

challenge.The Figure 1 below [15] outlines an example of what the

fingerprint matching process would look like. The mobiledevice scans the fingerprint, a reconstruction of the imageis done and then the minutiae extraction would beimplemented. The image is converted and encrypted thena matching will occur to verify if the fingerprint scannedmatches back to what is store at the database level.

Figure 1 Biometrics and verification - FingerprintVerification Process

Biometric security systems face challenges in the

collecting, encoding and in the comparing of biometricdata, such as the accuracy of the detection andrepresentation of biometric information and the

possibility of lifting prints from surfaces in a bid todeceive a biometric system, thus careful considerationsmust be made as to the methods to detect and protect thesystem sensitive data. Taking note of the risks mentionedto eliminate or minimize at worst these attacks and securethe transmission of biometric data, mobile payment and

other sensitive information, the following are taken intoconsideration

No fingerprint images or sensitive information isstored on the mobile phone.

Additional security schemes are implemented toensure valid customer identification.

Message packets sent over the wireless networkare encrypted to maintain data integrity

Limited access to server and databases and

implementation of data audits to ensure properconfidentiality

The use of certificates to authenticate packetsenders and receiver

Using fingerprint biometrics addressed the challenges

faced with customer identification and verification andcreates a simplified means of identifying user accounts

without the need to send credit card number and securitypins over the network. Users would essentially now havea digital signature which is difficult to forge because of

strong security encryption enforcement and thus provide asimple and reliable mechanism to authenticate userssecurely with the banking agent. Fingerprint recognitionis popularly used in forensic settings and many USgovernment-class identification applications and is seen

on many of todays laptops as an easy user verificationtool. A major con with using Biometrics is that if by somemeans your biometric data was captured and is nowcompromised, there is no replacement for ones finger.

2.1.2 Security Schemes and Considerations

With the constant risk of hackers attempting to steal,interfere with or misuse sensitive information, it is

critical to any system that time is taken to identify risksand circumvent possibility of such nature and secure theover-the-air communication to protect the data that is intransit. Certificate Based Authentication (CBA) andTrust, a strong encryption such as the AdvancedEncryption Standard (AES) symmetric key encryptionand Hypertext transport protocol secure (HTTPS) overSecure Socket Layer (SSL), should protect sensitive

information such as the customers biometrics.Communication is done over HTTPS, which is anoverlapping layer over HTTP that would automatically

encrypt and decrypt the messages that are being passed.The Secure Socket layer sometimes referred to as theTransport Layer Security (TLS) provide authentication,integrity, and confidentiality to the data it encapsulates[16]. For SSL connections to be successful there are two

primary phases that need to be completed. These phasesare the Handshake which would ensure the correctendpoint connection and then there is the Data Transfer which would complete the verification process and verify

certificates. A session is created when there is asuccessful handshake association with the client(requestor) and the server (responder). These sessionswould aid in avoiding lag in the system and the expenseof negotiating new security parameters for each

connection.X.509 Certificate based authentication is used to proof theclients identification by the use of information thatwould be unique to each user such as:

Distinguished Name (DN) The public key The name of the Certificate Authority (CA) who

issued the certificate.

The issued certificate must not have expired and shouldhave been issued by a valid trusted Certificate Authority.The public key of the issuing CA must validate theissuers digital signature, and the users public key must


4/15




validate the users digital signature [17]. The process ofthis authentication scheme is as follows:

Establish the SSL connection with the web server Send details of the certificate to the Policy Server for

verification against the information in the user store.

The Advanced Encryption Standard (AES) is the UnitedStates Governments Federal Information ProcessingStandard (FIPS) for symmetric encryption, which wouldenable fast and secure data encryption and decryption.

AES uses cipher key whose length can be 128, 192, or256 bits. AES assisted with the resistance of harmfulattacks including Brute Force attacks and withcompatibility against different platforms and speed anddesign simplicity [14].The Biometric Application Programming Interface(BioAPI) was created by a consortium that now has over120 companies and organizations that all share an

interest in the development of biometric markets. Thex9.84 Biometric Information Management and Security

standard brings platform and device independence toapplication programmers and biometric service providers[18] and ensures biometric components and libraries canbe easily integrated. The Cryptographic Protocol andApplication Security standards group specifies file andbiometric data formats and has performance and testing

tools. Some other standards use an XML BiometricCommon Format.

2.1.3 Biometric Mobile Device

Recently Motorola released a mobile phone runningAndroid 2.3 operating system. The Motorola ATRIX 4Gfeatures biometric fingerprint smart sensor ensuressecurity. The unique fingerprint recognition technologyallows only authorized person to whats on your phone.

This smart sensor feature allows for faster, enhancedsecurity and personal data privacy that surpassespassword or PIN locks. [19]

2.1.4 Biometric Security in Mobile Payment

For any kind of electronic transaction, we have beingusing till now only information like credit card, signatureand so on. These security mechanisms are still not securein terms of mobile/electronic payment. So we introduceda biometric mechanism- fingerprint that gives a betterlevel of security mechanism for mobile payment systems

[9]

2.1.5 Biometric Credit Card

Citibank in Singapore launched the introduction of the

worlds first card less payment service on November 9,2006 [20]. The service employed technology used by abiometric authentication vendor Pay-By-Touch. Thismeant at the time of purchase Citibank Clear PlatinumCard holders no longer need to present their plastic card.

They are now required to simply scan their finger on abiometric scanner and enter a seven digit "PersonalSearch Number".Biometrics credit card manufacturers assertion is thatprocessing of these cards versus traditional credit cards ismore secure [21]. The merchant will install a biometricreader at his register. The customers ID data would be

entered once only, along with payment information andpicture ID. The scanner reads the finger print [22]capturing 40 points of information, encrypting and thenstore this information. This delivers higher security,because no two fingerprints are alike. Fingerprint pictures

are eliminated, once ID and payment information arerecorded to the scanning processor. For futuretransactions, all you need is to swipe your finger tocomplete transactions. Payment by touch systems

facilitates shorter processing time for transactions.Biometric payment technology enables the consumer topay by the touch of a finger on scanner linked to apayment wallet. The fingerprint is transmitted through alinked router and media required to approve thetransaction through an automated process. Providers ofbiometric payment solutions require the completion of apre-enrollment process which captures necessary

information such as personal identification, fingerprintand banking information.

Having talked about electronic/mobile shopping andsecurity consideration in mobile shopping, we will nowlook into intelligent agent technology followed by agentbased mobile shopping developed previously which is theunderlying basis for our research.

2.2 Smart/Intelligent Agent Technology

There have been many debates as to what the trueclassification of an Agent should be, but there has notbeen a universally accepted definition. Reference [23]defines an agent as an entity that can be viewed asperceiving its environment through sensors and actingupon its environment through effectors [24]. AnIntelligent Agent is one that is capable of flexible(reactivity, pro-activeness and social ability) autonomous

action to meet its design objectives [23].As problem scope becomes larger and more complex,Multi-Agent Systems (MASs) were required to tacklethese intricate possibilities the individual agents could not

manage. By forming communities of agents a solutionbased on a modular design can be implemented whereeach member of the agency specializes in solving aparticular aspect of the problem [25].Artificial Intelligence agents have been incorporated inmany of the systems we interact with on a daily basis

directly or indirectly such as modeling the impact ofclimate change on biological populations, modelingtraffic systems, internet search engines, etc. Taking all

the above points into consideration, quite amount ofresearch been carried out in developing agent basedmobile shopping application which is discussed below

2.2.1 Agent Learning

Corporative multi-agent learning [26] approaches can be

segmented into two major categories: Team learningapproach and the concurrent learning. Concurrentlearning utilizes multiple concurrent learning processes.Rather than learning behaviors for the entire team,concurrent learning methods normally employ a learnerfor each team member. This is done with the expectationthat it reduces the joint space by projecting it into N


5/15




separate spaces. However, the presence of multipleconcurrent learners makes the environment mobile. Thisin itself is a contravention of the assumptions behindmost conventional machine learning techniques. This isthe main reason why concurrent learning needs new or

significantly modified forms of machine learningmethods.Team learning involves a single learner which discovers aset of behaviors for a team of agents instead of a single

agent. Team learning can use regular single-agentmachine learning procedures to accomplish its goals.Team learning can be separated into two types namelyhomogeneous and heterogeneous team learning.Homogeneous learners would advance using single agentbehavior which by extension is then used by every agenton the team. Heterogeneous team learners on the otherhand, can develop based on the distinctive behavior for

each agent. Heterogeneous learners are therefore expectedto yield superior solutions from agent specialization. A

middle ground is found by using hybrid learning.2.3 Agent based Mobile shoppingHuman shoppers in their quest to find goods and servicesat the best prices execute a shopping process that searchesboth physical stores and electronic stores (via a web-

browser) for a product or service. Another possibility isthat a shopper can also search electronic stores by usingtheir mobile phones as support for m-commerceincreases. Previous research has been carried out bycompanies and individuals in employing agents formobile shopping such as the Agent-Mediated E-Commerce Environment for the Mobile Shopper[6] inwhich some significant shortcomings were noticed . The

agent based shopping [5] was solely based their reasoningon the price of the product. So taking the shortcomingsinto consideration Mobile Intelligent Agent-basedArchitecture for E-business was developed [4] in which

we noted that products are only described by their nameand offered no other attribute or relevant image.Taking these issues into consideration, research wascarried out in 2009 aimed at developing an Agent basedmobile shopper that would essentially employ a softwareagent exactly replicating what the human being would be

performing when purchasing a product IntelligentAgent-based Mobile Shopper, IAMS[7][8]. Thisintelligent agent would mimic the role of a human

shopper, but in the mobile environment in which acellular phone or a PDA would be employed. Thedevelopment of these agents is essentially based onpreference rules to make a reasonable decision whileselecting the item corresponding to the user specification.

In short, the agent based mobile shopper developedperforms the selection functions as desired by the user.Having seen the technological advancement in applyingagent technologies in mobile shopping, we now look intomobile payment system involving biometrics

2.4. Biometric based Mobile Payment

Conducting any form of electronic payment has itschallenges. Payment methods range from sending anaccount number and pin to sending credit card numberand security codes over a network and at times putsconsumers at risk to eavesdropping, interception and

fraud if not implemented correctly. When developing ourshopping application we had to look carefully at the bestmeans to conduct mobile payments safely and securely,and as such, we have chosen to use two-factor

authentication. Authentication methodologies have threebasic factors:

Something the user knows (username, password,pin, etc.).

Something the user has (ATM card, credit card,etc.).

Something the user is (Fingerprint, facerecognition, etc.).

Research has been conducted in using Biometric formobile payment [9]

3.ARCHITECTURE OF SMART AGENT BASEDMOBILE SHOPPING AND SECURED PAYMENT

It is evident from literature that quite amount of researchbeen carried out in using agents for mobile shopping suchas the Agent-Mediated E-Commerce Environment [6]and Mobile Intelligent Agent-based Architecture for E-business [4] . There were some shortcomings noticed inthe system which motivated to develop intelligent agentbased mobile shopper in mobile environment i.e J2Me

enabled mobile handset that would essentially employ asoftware agent based on preference rules to make a

reasonable decision towards selecting items replicatingwhat the human being would be performing whenpurchasing a product [7][8]. But still the intelligent agentbased mobile shopper system noticed some shortcomingas given below which the main motivation towards oursmart agent based mobile shopping system been

developed:Agent based system possess no learning capability or

past search experience towards search of itemsAgent based system does not take into consideration

rating and also popularity of product by the previousshoppers.

The GUI was done in plain and thus did not include

any phone images.Complex terms and expressions were used in the userspecifications that the average consumer would not

be knowledgeable of.Each mobile shop has its own agent and would be less

efficient when a search is conductedAdding a new mobile store agent would be a tedious

process and some code modificationsNow in terms of mobile payment research has beenconducted in using Biometric for mobile payment [9] butstill some drawbacks exist which include the following

that has been motivation towards developing secured


6/15




payment for our smart agent based mobile shoppingsystem:

User has to give financial details like credit cardnumber, pin number and biometric information likesignature and fingerprint which is encrypted and

checked towards authentication.Signature, credit card, pin can be easily replicatedduring wireless transmission, as it is also a part ofauthentication for mobile payment

The system does not possess any third partycertification i.e. VeriSign towards verifying theauthenticity of shop towards making any payment.

Lastly the system was implemented in J2ME basedmobile handset, which does not possess enoughmemory and processing power to hash the fingerprintusing the encryption algorithm. Also does not possessTouch pad feature to read fingerprint and so cannot

be really deployed in real time.Considering the above drawbacks, we here have

developed smart agent based mobile shopping andsecured payment system. The architecture of systemdeveloped is shown in Figure 2. From an architecturalstandpoint, what is required is a data-enabled mobilenetwork that is integrated with a Local Area Network(LAN) to allow for multiple agent communication with

the relevant databases and mobile devices.

Figure 2: Smart Agent based Mobile Shopping andSecured Payment (SAMSP) Architecture

3.1 The details of agents and their responsibilities

are listed below:

3.1.1 Mobile Agent (MA)

The mobile agent residing in Android Mobile handsetcarries out the following responsibilities:

Retrieve and submit the mobile phone preferencessubmitted by customer

Capture and securely submit mobile phone rating

data

Retrieve and display search results in a userfriendly format

Capture and encrypt customer biometric data

Securely transfer the captured biometrics dataover HTTPS

Securely transfer shopping cart information andshipping information over HTTPS

Liaise with security agent to verify if the mobileshop is Third Party Trusted and advise thecustomer of response

Retrieve and display the status of the m-commercetransaction attempted from the Banking Agent.

3.1.2 Security Agent (SA)

The Security Agent is in charge ensuring that allsensitive information is passed securely andholds the following as its core responsibilities:

Create a secure connection over HTTPS to liaisewith the Trusted Third Party to verify mobilestore certificates.

Set up a secure connection over HTTPS to interactwith the Banking Agent to transfer customercheck-out details and customer biometrics.

Securely transfers Customer verification from the

Banking Agent to Mobile Agent over HTTPSconnection.

Securely transfers the status of the attemptedtransaction that was sent to the Banking Agentback to the Mobile Agent over HTTPSconnection.

3.1.3 Banking Agent (BA)

The Banking Agent has the following as its coreresponsibilities:

Communicate with the Security Agent andTrusted Third Party to verify customerinformation. Attempt to match the customerbiometric and credit card information and send a

response to the customer through the securityagent informing them if customer exists and isverified.

Conduct the necessary withdrawals on thecustomers account and send a message throughthe Security Agent to inform the customer of thestatus of the attempted transaction.

3.1.4 Mobile Search Agent (MSA)

The Mobile Search Agent would act as the brainof the mobile phone search process and has the

following responsibilities:

Retrieve the requested specifications entered fromthe Mobile Agent and using the fuzzy preferencerules hierarchy, intelligently configure the search

criteria when no results are found for the initialsearch.

Organize the results in descending order bymobile phone price and pass the sorted list to the

Mobile Agent for it to graphically display theresults to the customer.

3.1.5 Trusted Third Party (TTP)


7/15




The Trusted Third Party mimics an external entitythat would conduct the following as its mainresponsibilities:

Securely communicate with the security agent toretrieve encrypted customer biometric and credit

card information for Customer verification withthe Banking Agent

Validate Mobile Store Certificates using TTPAPIs and communicate status via secure HTTPSconnection through the Security Agent.

3.2 Mobile Phone Search Algorithm

The algorithm developed based on the architecture shownin Figure 2 is given below. We will look into how fuzzypreference rules been incorporated in the algorithm.The customer launches the application from his/her

mobile phone and be granted the option to login or gostraight to the search form to enter their phonepreferences. Customers must however be registered and

logged in to add an item to cart or make any purchases.Customer selects desired phone specifications such as

price range, phone rating, feedback period and otherspecifications in layman language like camera,Touch pad, QWERTY keyboard, Internet etc ratherthan in technical language as in earlier system(Brown and Suresh, 2009a; Brown and Suresh,2009b)

The specified phone criteria are sent from the mobile

application to the Mobile Agent using dynamicsearch ontology.

The Mobile Agent would take the data and buildcustomized queries from the criteria selected and

execute same on the database looking for matches onthe specifications using the following fuzzypreference rules:

If mobile phones are available with the desired user

specifications below the price cap entered.If mobile phones are available with the desired userspecifications above the quoted budget up to pricemarkIf no mobile phones are found within quoted pricecap, find phones with the user specifications withprice above quoted budget.If no mobile phones are available for user

specifications, find exact price match with bestmatch specifications.

If no mobile phones are available with the desiredspecifications, find phones of any specificationswithin the price range.

Display results from Mobile Agent on customersmobile device.

3.2.1 Agent Learning for Mobile Phone Search

The algorithm used for Agent learning is same as above

except here the user enters only the mandatory shoppingsearch criteria from a GUI on mobile device such as: StarRating, Feedback period, Maximum price, Price Mark up.The other specifications such as camera, touch pad,

Internet etc are left as blank as it is assumed thatsometimes users find it cumbersome to select allspecifications mentioned in the system. So instead of justtaking default value and searching the phones as inprevious system [7][8].We here use Agent learning

wherein the mobile search agent interacts with a databaseand retrieves the mobile phones with maximumpopularity i.e. ones which is most preferred by the usersbased on past search experience and forwards the results

along with the specifications, rating and popularity on theGUI of the mobile device. The same fuzzy preferences areused for searching except specifications are left as blank.

3.2.2 Mobile Phone Purchase Algorithm

The following section will outline the process to purchasea mobile phone from the system architecture shown inFigure 2

Customer logs into the application securely over https

When a phone is selected to view the details, theSecurity agent checks to see if the Mobile Store is a

trusted store through the Trusted Third Party (TTP)APIs. If the Store is verified to be trusted, then aVeriSign logo will appear in the top section of thescreen. If the store is not verified, no VeriSign logowill appear.

When the customer clicks the option to add the phone

to their shopping cart a check is done to see if thephone is from a trusted store. If the store is nottrusted then a message will be displayed alerting thecustomer and they will be given the option to stop orcontinue with adding the phone to their cart.

The mobile agent would then send a message to thesecurity agent to check if the selected mobile phone isalready in the customers shopping cart. If the phone

is already in their shopping cart then a messagewould be displayed alerting the customer.

Mobile agent sends message to the Database Agentand updates the relevant tables.

The Mobile agent captures and encrypts the biometricfingerprint data using public key AES 128bitencryption.

Mobile Agent sends biometric information to thesecurity agent over https.

The Trusted Third Party agent liaises with the

Banking Agent to verify the Customers biometricinformation. The customer information is requestedfrom the Banking agent using the customer Full

Name and Credit Card Type.If the Trusted Third Party agent is unable to verify the

customer information from the Banking agent (BA) areport is sent to the Security agent.

If the TTP agent is able to retrieve the customer

information from the Banking agent, it would thendecrypt the information and verify that the customerbiometric data is consistent from both sources.

If the customer biometric information does not match,the Trusted Third Party agent sends a message to theSecurity Agent that the biometric data does notmatch. If the biometric information matches a


8/15




message is sent to the security agent that thecustomer is verified.

The Security agent would then pass on the messagereceived from the Trusted Third Party agent to theMobile agent. The verification status would be

displayed to the customer. If the response returnednegative the user will be asked to try again.A purchase confirmation screen is then displayed for

the user to confirm items to be purchased and correct

shipping details are stored.When the customer has confirmed the purchase

details, a message is sent to the Security agent tocommunicate with the Banking agent to withdrawthe necessary amount out of the users bank account.

When the transaction is completed the Banking agentthe status is sent back to the Mobile agent throughthe security agent via a message that will be

displayed to the customer whether transaction wassuccessful or not.

4.IMPLEMENTATION USING JADE-LEAPThe application was built using Eclipse Helios 3.6.2 build

20110210-1200 with a Java Development Kit 1.6.0_21

(jdk1.6.0_21) as the runtime environment with anAndroid SDK Emulator plug-in as an IDE. The system iscreated using Android 2.2 with and Java AgentDevelopment Toolkit (JADE) with LightweightExtensible Authentication Protocol (LEAP) [27-30].Thelist of agents in the JADE environment is shown inFigure 3. and are identified by their names.

Figure 3 Agents in JADE Environment

4.1 Mobile Phone Search ImplementationThe mobile phones searches are performed using anAndroid enabled mobile device with access to the internetand fairly good connective to the cellular network. Entryinto the search menu will initiate the mobile SearchAgent into operation. Among the options the user has toconfigure for his or her search are Rating, Max Price,

Price Markup, Feedback period, Camera, Touchpad,Internet, Picture, Movies, Messages, Music, QwertyKeyboard etc.

Many of these options are optional and default valuesused in cases where a selected option must be chosen.Also here mobile phone search options been expressed inlaymans language and not in mobile technical languagewhich makes users to easily select for searching compared

to earlier system [7][8]. When the user is satisfied withthe required or desired interests met or configured on thecriteria the search button is clicked to initiate the searchoperation which is primarily driven by the mobile Search

Agent.There are six scenarios been considered for theimplementation of our prototype, which would bediscussed below.Let us consider a scenario where the user here selectsMaximum price of J$70000 with star rating of 2 andfeedback period of 3 month as shown in Figure 4. Pricemark up is been selected as No markup which means user

can spend up to a maximum of 70000 dollars only. Theother features of phones are selected as YES like Movie,

Messages, Internet, picture, Camera, Touch pad, QwertyKeyboard in layman language understood by everycommon man. Customers submit these inputs fromMobile handset to Mobile agent as shown in Figure 4.In this scenario, the mobile phone results returned by thesearch must be less than or equal to J$70000 entered by

the user to meet all the other specifications entered. Whenthe consumer submits the preferred phone specificationson the android device, it is then sent to the Mobile Agentusing the JADE platform which would be submitted tomobile search agent who uses fuzzy preferences to querythe Mobile Database for the devices that meet the criteriaand return the results to the mobile device

Figure 4: Search Option Screen-1

Now based on search results returned by mobile agent onthe users mobile handset using fuzzy preferences, the

customer is presented with the results that matched thespecifications entered by the consumer, which in this caseis a list of three mobile devices as shown in Figure 5. TheSearch Results screen displays the list of phonesincluding some of the major details such as the phoneratings and popularity, the store that is selling the phone


9/15




and with its list price and lastly a stock image of themobile phone as shown in Figure 5.

Figure 5: Search Results Screen-1If the customer is interested in one of the mobile phonesdisplayed in the result set, they may click on therespective phone to view more details about the device.Figure 6 below shows a screenshot of the details availablefor the Blackberry Torch. The mobile phone details

screen gives a comprehensive outline of the features

available for the selected mobile device and also givesthe customer an option to add the mobile phone to his/hershopping cart or to go back to the search screen if they

would like to search using some different criteria. Thescreen displays the logo of the store that has the phone forsale along with the sale price. Other information is alsopresented on this screen about the available features of thephone, the phone overall ratings. Customer ratingsbreakdown and also popularity of phone i.e. how popularthe phone is among the public which depends on numberof people who bought and which in this case is 40% and

is termed as Good.

Figure 6: Mobile Phone details Screen-1Let us consider another scenario where user is trying to

find mobile phones with the same specifications as inprevious scenario but with a maximum price budget ofJ$50000 and price mark-up of 20% as shown in Figure7.When the consumer submits the preferred phonepecifications on the android device, it is then sent to the

Mobile Agent using the JADE platform which would besubmitted to mobile search agent who uses fuzzypreferences to query the Mobile Database for the devicesthat meet the criteria for sale price of 50000 with mark upof 20% and return the results to the mobile device asshown in Figure 8. Figure 8 show that the search onlyreturned one result that matched the price cap and the

specifications. The phone details are displayed in Figure 9along with overall rating, customers breakdown of ratingand popularity of 40% which shows it is good amongpublic.

Figure 7 Search Options Screen-2

Figure 8 Search Results Screen-2

Figure 9: Mobile Phone Details Screen-2Let us consider another scenario where the customer issearching for a mobile phone that is within the pricerange of $40,000 with no price mark up, rating of at least

two stars and with no touch pad or memory expansioncapabilities. The Mobile Search Agent here applies fuzzypreference rules and explored the store inventories forphones that are within the price range of J$40000 withspecifications mentioned. The search agent here finds listof phones and displays it onto the users mobile handsetas shown in Figure 10. Figure 11 shows that the customerselected the Blackberry Curve 8310 from CLARO mobile


10/15




store to review its specifications which en rated matchedall specification except for one which is Touch pad forprice of J$30000 with overall rating of 4 and popularity0%. Being a new phone or that no users has rated thephone. So far, Customer rating is displayed as 0

customers have rated and so popularity is also 0% . So itis now left to the customer whether to purchase the phoneor not based on popularity and rating values though pricematches except for one specification which is Touch pad.

Figure 10: Search Results Screen-3

Figure 11: Mobile phone Details Screen-3

Let us consider another scenario where the customer hasopted for a maximum price of J$30,000 and a rating of atleast 2 stars and did not desire a phone with a camera andtouch pad. The Mobile Search Agent used fuzzy

preferences and queried database and found no phones forthe quoted budget with customer specifications. So agenthere applied the intelligence to find phones matching thecustomer quoted budget with any specification as shownin Figure 12. Figure 13 shows the phone specificationswith rating of 5 and popularity of 20% which is averageamong common public that match most of what the user

was requesting by over 80% i.e it does not offer memoryexpansion as requested but does include the touchpad andthe camera.Agent also uses intelligence to find phones that match thecustomers specification for any price as shown in Figure14 which is The BlackBerry Bold 9000 being sold byLIME for $43,000 and Digicel for $45,000. The customerselects the cheaper phone and is able to view all thespecifications and other available information as shown

in Figure 15 with customer rating of 4 and 0% popularityas poor which here is Blackberry Bold 9000 by LIME.

The customer is now given the choice for selecting theappropriate phones which match the price with 80% ofspecification matching or exact matching of specificationswith any price by taking customer rating and popularityof phones into consideration which gives better idea in

purchasing the phone

Figure 12 Search results-4a

Figure 13 Mobile Phone Details-4a

Figure 14 Search Results Screen- 4b

Figure 15 Mobile Phone Details Screen- 4b


11/15




The user is given the option to select the rating period forthe customer feedback during search. By adjusting theperiod from 3 months to 6 months or a year the user willnote that the ratings figures as well as the popularitywould be recalculated.

4.2 Mobile Phone Search Agent LearningUntil now, we have seen the intelligence possessed bysmart agent situations towards mobile phone search basedon specification selected by customer. Now in many

situations customers feel cumbersome to select allspecifications towards mobile phone search. So here webring learning strategy of smart agent which uses the pastsearch experience to search phones and display to usershandset based on popularity of phone. The user will selectthe mandatory specifications like Maximum price,Rating, Price Mark up, Feedback period. The otherspecifications like Camera, touch pad, Qwerty Keyboard,

Memory expansion etc be left blank.Let us consider a scenario where Customers are search for

mobile phones based by selecting the mandatoryspecifications as shown in Figure 16. The agent here usesits past search experience to search phones for price of$70000 which is most popular and display the results asshown in Figure 17. The user now can view the phonedetails by selecting the phone which is popular with good

rating and proceed for shopping

Figure 16 Agent Learning Search Screen-1

Figure 17 Agent Learning Search Results-1

Let us consider another scenario where the customer mayalso do a more advanced search as shown in Figure 18.

The Agent here possess intelligence to search and displayphone for price of $40000 with customer specification

matching that is popular as shown in Figure 19. Theresults are sorted by popularity in descending order.

Figure 18 Agent Learning Search Screen-2

Figure 19 Agent Learning Search Results Screen-2

4.3 Mobile Phone Purchase

We have seen till now as how agents are used insearching the phone according to user specification andalso by using agent learning too. Now having searchedthe phone and added to shopping cart, the next is about

buying the phone by supplying our financial. This sectionwould cover details on security features implemented

towards mobile phone purchase.Before customer proceeds for making payment forpurchase, we go to make sure the store is valid one andnot fake. So we got to bring Third party Trust likeVeriSign for it. When a mobile store is verified as ThirdParty Trusted by the SAMSP application, we are sayingthat we have proof that this mobile store is valid and thatit is safe to conduct business with them. Mobile stores are

only considered verified once our trusted third party

VeriSign has validated based on certificates retrieved.Figure 20 below shows the trusted image that would be

displayed once the security agent has connected to theVeriSign component over HTTPS and successfullyvalidates that the mobile store certificate retrieved fromthe Mobile Agent (MA) is still valid, authentic and issuedby the same trusted third party using APIs. When themobile store is third party trusted then the customer

would have no difficulty in adding the mobile device totheir shopping cart and continue with their check-outprocess.


12/15




Figure 20 Third Party Trust verified mobile store

If the Mobile Store does not have any valid certificate thatcould be verified with our Trusted Third Party VeriSign,the VeriSign trusted logo will not be displayed and thusthe store will not be verified as Third Party Trusted.Figure 21 displays such a scenario in which the user

selects a mobile phone which is being sold by a mobilestore that is not verified with the Third party Trust. If auser attempts to add this mobile phone to their shopping

cart, a pop-up will be displayed warning the user that theMobile Store that is selling the phone has not been ThirdParty Trusted (VeriSign) verified as shown in Figure 22.The user is presented with the option of continuing withthe purchase process of adding the item to their cart or

cancelling the process.

Figure 21 Screenshot showing unverified mobile store

This warning is important as it would ensure that the useris aware that they would be giving a potentially fake

store/individual access to sensitive information such astheir name, phone number and shipping address.

Figure 22 Warning message about unverified store

The users biometric information is never sent to themobile store as there is no need for them to retrieve it atany time. The Mobile store bank account number is usedto conduct the m-commerce transaction.Figure 23 below provide the customer with the option to

choose which bank and card type they would prefer to useto conduct the transaction. This information is importantto ensure the correct bank and bank account is selected

when it is time to securely conduct the M-Commercetransaction.

Figure 23 Purchase Details - Credit Card Information

Figure 24 shows the screen that would capture thecustomers fingerprint biometrics encrypted andtransferred to the security agent to do the necessaryvalidations. It is recommended that the customer use aphone that has a touch screen, fingerprint scanner or acamera. Since fingerprint data doesnt change over time,

it is critical the system handles this information with careand sensitivity. So the system will ensure that when thefingerprint is scanned, it is encrypted using AES 256 bitencryption scheme and transferred over HTTPS andensuring that any cache is removed from the mobiledevice. Biometric information is not stored on thecustomers mobile device as this may put them at r isk foridentity theft and fraud if the mobile device is stolen.

Figure 24 Fingerprint Scanner screen

When the user selects the Get Fingerprint button theywill be presented with the appropriate API to scan theirfingerprint as shown in Figure 25 .The encryption of thefingerprint is done when the user selects the save andcontinues button after the image has been captured as

shown in Figure 26.

Figure 25 Captured Fingerprint


13/15




Figure 26 Popup Information Fingerprint Encrypted

The purchase confirmation screen provides the user withthe final summary of what is being purchased as well as

the customers shipping address as shown in Figure 27.

Figure 27 Customers Purchase Confirmation Screen

If the user is satisfied with the details on this screen, theycan continue with the check-out process by clicking BuyNow. A pop-up will be displayed to confirm that they

would like to send payment. It is only when Yes isselected from the pop-up screen that the m-commercetransaction is attempted. The money will be withdrawn

from the users account and sent to the Mobile Store asshown in Figure 28

Figure 28 Payment Confirmation

It is important to display the order status after thepurchase attempt is made. Figure 29 below shows that thetransaction that was done went through successfully andalso provides the customer with a reference number ifthey have to query the transaction.Customers who have purchased phones using the systemhave the opportunity to leave a review about thepurchased phone. The review that is left would be used to

act as a rating system that would aid other customers intheir choice for their next mobile phone. A user can onlyleave a review once. When the review has been sent, the

phone would no longer show up in the list shown inFigure 30.

Figure 29 Order Results Screen

Figure 30 Mobile Phone Review

The user will select from the list, the phone which theywould like to leave feedback for. Figure 31 shows a screenshot of what the customer would see when leaving arating for a mobile device. The customer would simplychoose a rating between 1 (lowest) and 5 (highest) for the

respective category and click Rate Phone to leave thereview.

Figure 31 Mobile Phone Rating Screen

5.CONCLUSION &FUTURE WORKThe smart agent based mobile shopping and securedpayment systems give an introduction on Electronic

shopping and the strides that have been accomplishedwithin the last few years. Literature also shows theresearch been done in the area of mobile shopping withmultiple-agent technology. Taking the earlier systems anddrawbacks into consideration smart agent based system

been developed towards mobile shopping that would take


14/15




the specifications a user desires and make smart decisionsbased on fuzzy preference rules to find the most suitableresults to return to the user. The system also providesusers with a mobile phone rating capacity which allowsusers who have bought the phone to leave their feedback

on the device.Security in any application is paramount to the integrityand continuity of the system and as such was critical inthis system in ensuring secure communication between

the agents and protecting data integrity andconfidentiality. The security facilities provide featuresthat would assist in properly identifying trusted mobilestores as well as customer validation and verificationusing biometrics. The results of the development beencarried out using JADE-LEAP agent development kit onAndroid 2.2 handset and are shown as screenshots in thispaper validating our research. There are some future

improvements to the system that can be done towardsincluding cancellation of payment towards purchase made

and money refunded accordingly. Also, remove phonesfrom stores whose popularity and rating falls belowaverage value. In addition allow for the mobile paymentsto be done using international third party agents such asGoogle Wallet and PayPal. Also create an Androidinterface that will allow Mobile Shops to update stock and

store information. Also expanding the search and productcatalog to include phone accessories and other products.Also implement Email/SMS messaging when MobileStores add new phones to their inventory or havingmobile phones on sale/discount. Last but not the leastresearch/develop a possible cost effective alternativeTrusted Third Party (TTP) Biometric verification method.This could be integrated with BioAPI xml based Service

Oriented Architecture (SOA) which could improveefficiency.

REFERENCES

[1]. Cassavoy, & Liane. (2010). What Makes aSmartphone Smart. Retrieved 11 12, 2011, from

About.com:http://cellphones.about.com/od/smartphonebasics/a/what_is_smart.htm

[2]. Abbott, L. (2001) Separating Mobile Commercefrom Electronic Commerce , Retrieved, fromMobileInfo Website:http://www.mobileinfo.com/mcommerce/differences.htm

[3]. Rao, G. K. et al (2005)., Design andDevelopment of a New Middleware Platform forMobile Applications.,Conference proceedings ofEuropean Internet and Multimedia Systems andApplications.,Grindelwald, Switzerland .

[4]. Weng, Z., & Tran, T. (2007). A MobileIntelligent Agent-based Architecture for E-business.Ottawa, Canada: IGI Global.

[5]. Guan, S., Ngoo, C. S., & Zhu, F. (2002).,Handy broker: an intelligent product-brokering agentfor m-commerce applications with user preference

tracking., Electronic Commerce Research andApplications, Elsevier, Vol.1,No.3

[6]. Fonseca, S., Griss, M., & Letsinger, R. (2001).,An Agent- Mediated E-Commerce Environment forthe Mobile Shopper., Retrieved from

http://www.hpl.hp.com/techreports/2001/HPL-2001-157.htmlAlliance, O. M. (2005). White Paper on theM-Commerce Landscape. Open Mobile Alliance , 49.

[7]. Brown, R and Suresh, S(2009), IntelligentAgent based Mobile Shopper, Proceedings of SixthIFIP/IEEE International Conference on Wireless andOptical Communication Networks (WOCN 2009),Cairo, Egypt

[8]. Brown, R and Suresh, S(2011). IntelligentStore Agent for Mobile shopper, InternationalJournal of E-services and Mobile Applications, Vol.3(1), pp.56-71, IGI publishing

[9]. Gordon, M and Suresh, S(2010) BiometricMechanism in Mobile Payments, Proceedings of

Seventh IEEE International Conference in Wirelessand Optical communication Networks (WOCN 10),Colombo, Srilanka

[10]. Butcher, D. (2010, February 17). RetrievedFebruary 01, 2011, from Mobile Commerce Daily:http://www.mobilecommercedaily.com/2010/02/17/m

obile-shopping-in-us-will-grow-to-24-billion-this-year-abi-research

[11]. Alliance, O. M. (2005). White Paper on the M-Commerce Landscape. Open Mobile Alliance , 49.

[12]. Oracle. (2012). E-Commerce Trends For 2012.CA: Oracle.

[13]. Schwiderski, S., & Knospe, e. Secure M-Commerce. Europe: IST Programme.

[14]. Farpoint Group. (2008). The Broad Reach ofBiometrics. Fingerprint recognition and MobileSecurity , 2-10.

[15]. Stallings, W. (2005). Cryptography andNetwork Security Principles and Practices, Fourth

Edition. Prentice Hall.[16]. HP. (2008). HP JetDirect and SSL/TSL. HP

JetDirect and SSL/TSL , 2-6.[17]. EMC. (2011). Certificate-Based Single Sign-

On. White Paper.

[18]. BioAPI Consortium. (2001). Welcome.Retrieved 6 12, 2012, from BioAPI Consortium:http://www.bioapi.org/

[19]. Motorola (2011). Answers Fingerprint SmartSensor Retrieved from http://motorola-global-portal.custhelp.com

[20]. Lynn, T (2006). Citibank S'pore launchesbiometric payment service. Retrieved from

http://www.zdnetasia.com/citibank-spore-launchesbiometric-payment-service_print-61965886.htm

[21]. Ziemba, J (2004). Credit Card Processing:Biometrics Retrieved fromhttp://business.lovetoknow.com/wiki/Credit_Card_Processing:_Biometrics


15/15



Volume 1, Issue 3, September October 20 12 Page 25 4

[22]. Bocoum, M. (1999). Acceptance Threshold'sAdaptability in Fingerprint-Based AuthenticationMethods. Master of Science Thesis, School ofComputer Science, McGill University, Montreal,Canada.

[23].

Jennings, Woodridge, M., & N.R. (1995).Intelligent Agents: Theory and Practice. UK.[24]. Russel, S., & Norvig, P. (1995). Artificial

Intelligence: A Modern Approach. NJ: Prentice-Hall.

[25]. Rudowsky, I. (2004). Intelligent Agents.Intelligent Agents , 1-3.

[26]. Panait, L and Luke, S (2005). CooperativeMulti-Agent Learning: The State of the Art.Retrieved fromhttp://cs.gmu.edu/~eclab/papers/panait05cooperative.pdf

[27]. Bellifemine, F., Caire, G., & Greenwood, D.(2004). Developing multi-agent systems with JADE.New Jersey: John Wiley & Sons.

[28]. FIPA. (2012). Welcome to Fipa. Retrieved 3 28,2012, from FIPA: http://www.fipa.org/

[29]. Jade Software Corporation Limited. (2009).JADE. Object manager Guide. Version 6.3 , 45-50.

[30]. Google (2011). What is Android. Retrievedfrom http://code.google.com/android/what-is-

android.html

AUTHORS

Philip Smith is a final year Msc. Computer Science student inthe Department of Computing at the University of the WestIndies, Jamaica. Prior to that, he obtained his Bsc. Computingand Information Technology (Honors) from the University of

Technology, Jamaica.. He also possess good programming skillsin Java, PHP, Agents and so. His research interests are mobilecomputing, intelligent agents.

Dr. Suresh Sankaranarayanan holds a PhD degree (2006) inElectrical Engineering with specialization in Networking fromthe University of South Australia. Later he has worked as aPostdoctoral Research Fellow and then as a Lecturer in theUniversity of Technology, Sydney and at the University ofSydney, respectively during 2006-08. He is the recipient ofUniversity of South Australia President Scholarship, towardspursuing the PhD degree programme and has also bagged theIEEE travel award in 2005. He is also Senior Member of IEEEcomputer Society and Computer Society of India too. He wasworking as a Lecturer (Asst. Prof. Status) in the Department ofComputing and lead the Intelligent Networking Research

Group, in the University of West Indies, Kingston, Jamaica,during 2008-11.He has also worked as a Professor, School ofComputer Science and Engineering, Vellore Institute ofTechnology (VIT University), Chennai Campus, India, for ashort period during 2011. He is now working as AssociateProfessor, Department of Computer & Information Systems,Institute of Technology, Brunei (ITB A technologicaluniversity). Currently he is also functioning as a VisitingProfessor,Department of computing,Faculty of Pure & appliedScience, University of West Indies, Mona Campus, Kingston-7,Jamaica, West Indies. He has supervised 28 research studentsleading to M.Sc, ME, M.Phil and M.S degrees and currentlysupervising 9 students leading to M.sc, M.phil and Ph.d

respectively in UWI and ITB, Brunei. He has got to his credit,as on date, about 50 fully refereed research papers published inthe Proceedings of major IEEE international conferences, asBook Chapters and in International Journals. He is also aReviewer and Technical Committee member for a number ofIEEE Conferences and Journals. He has conducted many

tutorials, workshops and also given Guest Lectures inNetworking in various Universities and Colleges. He alsomanaged a collaborative research programme with OaklandUniversity, Rochester, USA. His current research interests aremainly towards Mobile and Ubiquitous Computing - WirelessSensor Networks, Mobile Commerce, Intelligent Agents usedin the Health, Commercial and Engineering sectors.

smart agent based mobile shopping and secured payment

Documents