■ Browser security
Security features may be required for some services, such as banking services or
online shopping. For such connections you need security certificates and possibly
a security module which may be available on your SIM card. For more information,
contact your service provider.
Nokia_7380_issue_1_EB.fm Page 87 Wednesday, November 16, 2005 12:25 PM
88
Copyright © 2005 Nokia. All rights reserved.
Security module
The security module can contain certificates as well as private and public keys. The
purpose of the security module is to improve security services for applications
requiring browser connection, and it allows you to use a digital signature. The
certificates are saved in the security module by the service provider.
Select
Menu
>
Web
>
Settings
>
Security settings
>
Security module settings
and
from the following options:
Security module details
— to show the security module title, its status,
manufacturer, and serial number
Module PIN request
— to set the phone to request the module PIN when using
services provided by the security module
Change module PIN
— to change the module PIN, if allowed by the security
module
Change signing PIN
— to change the signing PIN
See also
Access codes
p.
16
.
Certificates
There are three kinds of certificates: server certificates, authority certificates, and
user certificates.
• The phone uses a server certificate to create a connection with improved
security to the content server. The phone receives the server certificate from
the service provider before the connection is established and its validity is
Nokia_7380_issue_1_EB.fm Page 88 Wednesday, November 16, 2005 12:25 PM
89
Copyright © 2005 Nokia. All rights reserved.
checked using the authority certificates saved in the phone. Server certificates
are not saved.
The security indicator
is displayed during a connection if the data
transmission between the phone and the content server is encrypted.
The security icon does not indicate that the data transmission between the
gateway and the content server (or place where the requested resource is
stored) is secure. The service provider secures the data transmission between
the gateway and the content server.
• Authority certificates are used by some services, such as banking services, for
checking the validity of other certificates. Authority certificates can either be
saved in the security module by the service provider, or they can be
downloaded from the network, if the service supports the use of authority
certificates.
• User certificates are issued to users by a certifying authority. User certificates
are required, for example, to create a digital signature, and they associate the
user with a specific private key in a security module.
Nokia_7380_issue_1_EB.fm Page 89 Wednesday, November 16, 2005 12:25 PM
90
Copyright © 2005 Nokia. All rights reserved.
Important: Even if the use of certificates makes the risks involved in remote
connections and software installation considerably smaller, they must be used
correctly in order to benefit from increased security. The existence of a certificate
does not offer any protection by itself; the certificate manager must contain
correct, authentic, or trusted certificates for increased security to be available.
Certificates have a restricted lifetime. If Expired certificate or Certificate not valid
yet is shown even if the certificate should be valid, check that the current date and
time in your device are correct.
Before changing any certificate settings, you must make sure that you really trust
the owner of the certificate and that the certificate really belongs to the listed
owner.
Digital signature
You can make digital signatures with your phone if your SIM card has a security
module. The signature can be traced back to you using the private key on the
security module and the user certificate that was used to perform the signature.
Using the digital signature can be the same as signing your name to a paper bill,
contract, or other document.
To make a digital signature, select a link on a page, for example, the title of the
book that you want to buy and its price. The text to sign ( for example, amount,
and date) is shown.
Check that the header text is
Read
and that the digital signature icon
is
shown.
Nokia_7380_issue_1_EB.fm Page 90 Wednesday, November 16, 2005 12:25 PM
91
Copyright © 2005 Nokia. All rights reserved.
Note: If the digital signature icon does not appear, there is a security
breach, and you should not enter any personal data such as your signing
PIN.
To sign the text, read all of the text first, then select
Sign
.
The text may not fit within a single screen. Therefore, make sure to scroll through
and read all of the text before signing.
Select the user certificate that you want to use. Enter the signing PIN (see
Access
codes
on page
16
).
Nokia_7380_issue_1_EB.fm Page 91 Wednesday, November 16, 2005 12:25 PM
92
Copyright © 2005 Nokia. All rights reserved.