Browser security
Security features may be required for some services, such as banking services or
shopping on a site. For such connections you need security certificates and
possibly a security module, which may be available on your SIM card. For more
information, contact your service provider.
Menu fu
nctions
163
Copyright
©
2004 Nokia. All rights reserved.
Security module
The security module can contain certificates as well as private and public keys. The
security module may improve the security services for applications requiring
browser connection, and allows you to use a digital signature. The certificates are
saved in the security module by the service provider.
Press
Menu
and select
Services
,
Settings
,
Security settings
and
Security module
settings
. Select
•
Security module details
to show the security module title, its status,
manufacturer and serial number.
•
Module PIN request
to set the phone to ask for the module PIN when using
services that are provided by the security module. Key in the code and select
On
. To disable the module PIN request, select
Off
.
•
Change module PIN
to change the module PIN, if allowed by the security
module. Key in the current module PIN code, then key in the new code twice.
•
Change signing PIN
. Select the signing PIN that you want to change. Key in the
current PIN code, then key in the new code twice.
See also
Access codes
on page
21
.
Certificates
There are three kinds of certificates: server certificates, authority certificates and
user certificates.
• The phone uses a server certificate to improve security in the connection
between the phone and the content server. The phone receives the server
certificate from the service provider before the connection is established and
Copyright
©
2004 Nokia. All rights reserved.
164
its validity is checked using the authority certificates that are saved on the
phone. Server certificates are not saved.
The security indicator
is displayed during a connection if the data
transmission between the phone and the content server is encrypted.
• Authority certificates are used by some services, such as banking, for checking
the validity of other certificates. Authority certificates can either be saved in
the security module by the service provider, or they can be downloaded from
the network, if the service supports the use of authority certificates.
• User certificates are issued to users by a Certifying Authority. User certificates
are required, for example, to create a digital signature.
Important: Note, however, that even if the use of certificates makes
the risks involved in remote connections and software installation
considerably smaller, they must be used correctly in order to benefit
from increased security. The existence of a certificate does not offer
any protection by itself; the certificate manager must contain correct,
authentic, or trusted certificates for increased security to be available.
Important: Certificates have a restricted lifetime. If Expired certificate
or Certificate not valid yet is shown even if the certificate should be
valid, check that the current date and time in your phone are correct.
Important: Before changing these settings, you must make sure that
you really trust the owner of the certificate and that the certificate
really belongs to the listed owner.
Menu fu
nctions
165
Copyright
©
2004 Nokia. All rights reserved.
Digital signature
You can create digital signatures with your phone. The signature can be traced
back to you via the private key in the security module and the user certificate that
was used to create the signature. Using the digital signature may be considered to
be equal to a normal signature on any legal document.
To create a digital signature, select a link on a page, for example, the title of the
book you want to buy and its price. The text that needs to be signed (possibly
including amount, date, etc.) will be shown.
Check that the header text is
Read
and that the digital signature icon
is
shown.
Note: If the digital signature icon does not appear, there is a security
breach and you should not enter any personal data such as your signing
PIN.
To add the digital signature to the text, read all of the text first and then you can
select
Sign
.
Note: The text may not fit on a single screen. Therefore, make sure to
scroll through and read all of the text before signing.
Select the user certificate that you want to use. Key in the signing PIN (see
Access
codes
on page
21
) and press
OK
. The digital signature icon will disappear and the
service may display a confirmation of your purchase.
Copyright
©
2004 Nokia. All rights reserved.
166