Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.

com Volume 1, Issue 3, September October 2012 ISSN 2278-6856

Smart Agent based Mobile Shopping and Secured Payment

Philip Smith1, Suresh Sankaranarayanan 2,3
1 2

Mona Institute of Applied Sciences, University of WestIndies, Jamaica Computing & Information Systems, Institut Teknologi Brunei, Brunei 3 Department of Computing, University of WestIndies, Jamaica

Abstract: M-Commerce has become a lucrative method of

shopping in todays technological advance society. Consumers who are looking to buy a mobile device are many times not confident or knowledgeable of what features to look for in a mobile phone, as there are many complicated terms related to the specifications of the mobile device that they might not be familiar with. There are many online shopping sites today, which allow users to buy mobile phones online. But still the system lacks in intelligence towards shopping i.e users got to have good knowledge on device specification while selecting the criteria and also system search based on specification. The system has no capability to search beyond the specification based on fuzzy preference rules. Recently there has been quite amount of work been carried in using intelligent agents towards mobile shopping which overcomes the drawbacks of the online shopping system. In addition to shopping there has been ongoing issue on security in mobile payment system and work been reported in using Biometrics i.e fingerprint towards it. So taking all the above points into consideration we here have developed smart agent based system towards shopping and payment, which is far more superior, compared to other agent based system in terms of intelligence towards shopping. The system so developed uses smart software agents that works by collaborating among themselves based on criteria selected by the user in laymans language and return results to the client that is precise and best suit the user requirements. Also the agent possesses learning capability of searching the mobile phones too which is based on past search experience In addition our system provides biometric security mechanism in Mobile payment system which is improvement over the existing system developed in terms of security and information transmitted using Secure Sockets Layer (SSL) (Server-Gated Cryptography (SGC)) on the internet. This will be facilitated on Android2.2 enabled mobile phone using JADE-LEAP Agent development kit. The system would improve on the previous model to make it more user-friendly, visually enticing, versatile and secure solution. Keywords- M-Commerce, J2ME, SSL, SGC

1. INTRODUCTION
The world we now live in has seen many new emergences of technology in the last few decades with advances in the use of cellular phones, which were once upon a time only used for making and receiving phone calls. In these modern and technically advanced days, smart phones which in a nutshell is a device that lets you make telephone calls, but also adds in features that, in the past, you would have found only on a personal digital assistant Volume 1, Issue 3, September October 2012

or a computer [1]. The sophisticated capabilities smart phones now include have made its landmark in social society as well as the workplace. Phones of today represent small personal computing devices and run applications ranging from games and television players to business and productivity tools. This has led to the development of commercial applications inclusive of which are applications employing mobile devices Some examples of m-commerce include purchasing of airline tickets, purchasing of movie tickets, restaurant booking and reservation and mobile banking [2]. This represents an incredible opportunity to enable mobile devices, as a universal device for mobile commerce applications M-commerce is often represented as a derivative of ecommerce; this implies that any e-commerce site should be made available from a mobile device [2]. The overall concept of mcommerce is business transaction on the move [3]. Its exponential growth is due to increased expectation from users seeking to conduct business, communicate, and share information while they are away from their desktop computers. There are opportunities to enable mobile devices as universal devices for mobile commerce applications. But still the system lack intelligence towards shopping i.e users have to be knowledgeable in selecting the criteria towards mobile shopping and also system search based on criteria only and nothing beyond it. Therefore, it is for the user to refine if the search is not successful. So taking those into consideration quite amount of work been done in using intelligent agents for mobile shopping which accepts parameters from the user towards mobile shopping and agent does shopping based on fuzzy preferences or applying intelligence similar to how human being would do [4-8]. While unique features combined with an abundance of mobile digital devices and networks makes m-commerce an attractive venture, yet serious challenges also exist. However, one such concern is the security in doing transactions over this medium especially when making payments with the use of a credit card. The issue of security is however not restricted to M-Commerce as their consumers still at risk of fraud from card-cloning, identity theft, eavesdropping that can occur when conducting transactions in person and also via ElectronicCommerce (E-Commerce). So research was done in

Page 240

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
incorporating biometrics i.e fingerprint towards mobile payment while conducting transaction wirelessly [9]. So taking all the above points into consideration, smart agent based shopping and secured payment system been developed which allows intelligent agents to shop based on laymans language rather than users being technically knowledgeable about the criteria while shopping. Also system possess past search experience towards shopping. Lastly system also incorporate biometric feature along with Secure Socket layer (SSL) towards information being transmitted which is improvement over earlier system. The paper is organized in sections as follows. Section 2 talks on Electronic/Mobile shopping followed by security in Mobile shopping & Agent based approach to mobile shopping. Section 3 talks on Architecture of smart agent based mobile shopping and secured payment architecture details and algorithm. Section 4 gives the implementation details using JADE-LEAP. Section 5 is conclusion & future work. being made for the safe transmission of mobile payment over the air. A few companies looking at M-Commerce standardization are: Pay Circle, Mobile Signature (MoSign), Mobile Payment Forum, Mobile Electronic Signature Consortium (mSign) and Encorus. These companies have paved way of internationally acceptance of some standardization of cross-application infrastructure, development of secure and authenticated m-commerce using payment card accounts and other methods [13]. M-Commerce seeks to interlock two independent industry components; E-Commerce and Wireless technology which in themselves have their security challenges. Thus proper mechanism must be put in place to secure any data that is stored on the mobile device, the transaction details and the communication medium. To achieve effective mobile commerce security, serious considerations must be taken into account for the following security mechanism: Authorization To ensure authorized use of system and performance of business functions by authorized users only. Authentication To establish that all parties involved in the electronic transaction or communication are who they claim they are. IntegrityTo ensure that data on the host system or in transmission are not created, intercepted, modified or deleted illicitly. Confidentiality- To warrant that data are only revealed to parties who have a legitimate need to know it or have access to it. There are also several ways an intruder can attempt to attack these systems: The theft/loss of the mobile device The use of a copied/scanned fingerprint taken from a surface The interception of wireless message packets that contain financial information or fingerprint data The injection of fabricated fingerprints into the database The interception of wireless message packets to manipulate and corrupt sensitive information The most popular digital networks used by cell phone companies world-wide are GSM, CDMA and TDMA; these come with their own security mechanism to ensure data confidentiality and integrity. Using an unlocked/jail broken mobile phone puts the users at a higher risk of cyber-attacks due to the compromise these functions have on the in-built security features. Advances have been made in mobile phones anti-theft and anti-loss solutions for most of the more modern smart phones that will allow owners to wipe clean, track or disable the phone remotely. 2.1.1 Biometrics and Verification History has shown us that the most popular and promising biometric technique is the of fingerprint recognition which has dated back to pre-historic times where it was used as for authentication and identification Page 241

2. ELECTRONIC/MOBILE SHOPPING
Logica founded the Global Mobile Commerce Forum and Cellnet in London in the late 1990s and saw a rapid growth with over 100 companies joining in short order. M-Commerce was first launched in 1997 when two mobile-phones enabled Coca-Cola vending Machines were used to conduct the first payment via SMS text messages in Finland. M-Commerce was quickly adapted over the next few years and experienced exponential growth with many countries releasing new services such as Mobile Parking Payments (Finland), Train Ticketing (Austria) and Purchasing Airline Tickets (Japan). Over the past few years the mobile market has seen rapid growth as consumer spending rose from $396 million in 2008 to $1.2 billion in 2009 [10]. There are currently popular applications available to consumers who own a mobile smart phone that provide luxuries such as browsing the stock for a company, adding goods to their shopping cart and making payments to the supplier of the goods and/or services. An example of such an application is the EBAY mobile application which allows its users to shop, buy, pay and review purchase history. Mobile-Commerce is the exchange or buying and selling of services and goods, both physical and digital, from a mobile device [11]. Recent studies have shown that mcommerce sales has increased to almost US$7 billion in 2011 as it proved itself to add tremendous value in accelerating online and in-store purchases and as such many organizations are investing more resources on developing better front-end mobile experiences and ensuring compatibility with their back-end technology [12]. So having seen what Mobile shopping is, we will now look into security aspects in Mobile shopping. 2.1 Security in Mobile Shopping When addressing the issue of security in mobile shopping we have to look at the current standardization efforts Volume 1, Issue 3, September October 2012

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
purposes but was most commonly found in criminal matters. Fingerprint recognition technology for mobile devices is poised to become one of the most preferred user verification and authentication solutions in mobile device security especially seeing the great decline in cost-tosolution seen in recent time which would enable simple installation on cell phones and PDAs [14].The process of fingerprint recognition is based on the pattern of hills and valleys on the surface of each finger. The patterns of the captured hills and valleys can be grouped into a larger category known as arches, loops and whorls but the most important are some very fine features known as minutiae which are the general locations where a specific ridge ends or splits into two ridges. Minutiae are vital in precise fingerprint recognition and in this advanced age of image quality of small inexpensive electronic scanners, accuracy and affordability is not a challenge. The Figure 1 below [15] outlines an example of what the fingerprint matching process would look like. The mobile device scans the fingerprint, a reconstruction of the image is done and then the minutiae extraction would be implemented. The image is converted and encrypted then a matching will occur to verify if the fingerprint scanned matches back to what is store at the database level. The use of certificates to authenticate packet senders and receiver Using fingerprint biometrics addressed the challenges faced with customer identification and verification and creates a simplified means of identifying user accounts without the need to send credit card number and security pins over the network. Users would essentially now have a digital signature which is difficult to forge because of strong security encryption enforcement and thus provide a simple and reliable mechanism to authenticate users securely with the banking agent. Fingerprint recognition is popularly used in forensic settings and many US government-class identification applications and is seen on many of todays laptops as an easy user verification tool. A major con with using Biometrics is that if by some means your biometric data was captured and is now compromised, there is no replacement for ones finger. 2.1.2 Security Schemes and Considerations With the constant risk of hackers attempting to steal, interfere with or misuse sensitive information, it is critical to any system that time is taken to identify risks and circumvent possibility of such nature and secure the over-the-air communication to protect the data that is in transit. Certificate Based Authentication (CBA) and Trust, a strong encryption such as the Advanced Encryption Standard (AES) symmetric key encryption and Hypertext transport protocol secure (HTTPS) over Secure Socket Layer (SSL), should protect sensitive information such as the customers biometrics. Communication is done over HTTPS, which is an overlapping layer over HTTP that would automatically encrypt and decrypt the messages that are being passed. The Secure Socket layer sometimes referred to as the Transport Layer Security (TLS) provide authentication, integrity, and confidentiality to the data it encapsulates [16]. For SSL connections to be successful there are two primary phases that need to be completed. These phases are the Handshake which would ensure the correct endpoint connection and then there is the Data Transfer which would complete the verification process and verify certificates. A session is created when there is a successful handshake association with the client (requestor) and the server (responder). These sessions would aid in avoiding lag in the system and the expense of negotiating new security parameters for each connection. X.509 Certificate based authentication is used to proof the clients identification by the use of information that would be unique to each user such as: Distinguished Name (DN) The public key The name of the Certificate Authority (CA) who issued the certificate. The issued certificate must not have expired and should have been issued by a valid trusted Certificate Authority. The public key of the issuing CA must validate the issuers digital signature, and the users public key must Page 242

Figure 1 Biometrics and verification - Fingerprint Verification Process Biometric security systems face challenges in the collecting, encoding and in the comparing of biometric data, such as the accuracy of the detection and representation of biometric information and the possibility of lifting prints from surfaces in a bid to deceive a biometric system, thus careful considerations must be made as to the methods to detect and protect the system sensitive data. Taking note of the risks mentioned to eliminate or minimize at worst these attacks and secure the transmission of biometric data, mobile payment and other sensitive information, the following are taken into consideration No fingerprint images or sensitive information is stored on the mobile phone. Additional security schemes are implemented to ensure valid customer identification. Message packets sent over the wireless network are encrypted to maintain data integrity Limited access to server and databases and implementation of data audits to ensure proper confidentiality Volume 1, Issue 3, September October 2012

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
validate the users digital signature [17]. The process of this authentication scheme is as follows: Establish the SSL connection with the web server Send details of the certificate to the Policy Server for verification against the information in the user store. The Advanced Encryption Standard (AES) is the United States Governments Federal Information Processing Standard (FIPS) for symmetric encryption, which would enable fast and secure data encryption and decryption. AES uses cipher key whose length can be 128, 192, or 256 bits. AES assisted with the resistance of harmful attacks including Brute Force attacks and with compatibility against different platforms and speed and design simplicity [14]. The Biometric Application Programming Interface (BioAPI) was created by a consortium that now has over 120 companies and organizations that all share an interest in the development of biometric markets. The x9.84 Biometric Information Management and Security standard brings platform and device independence to application programmers and biometric service providers [18] and ensures biometric components and libraries can be easily integrated. The Cryptographic Protocol and Application Security standards group specifies file and biometric data formats and has performance and testing tools. Some other standards use an XML Biometric Common Format. 2.1.3 Biometric Mobile Device Recently Motorola released a mobile phone running Android 2.3 operating system. The Motorola ATRIX 4G features biometric fingerprint smart sensor ensures security. The unique fingerprint recognition technology allows only authorized person to whats on your phone. This smart sensor feature allows for faster, enhanced security and personal data privacy that surpasses password or PIN locks. [19] 2.1.4 Biometric Security in Mobile Payment For any kind of electronic transaction, we have being using till now only information like credit card, signature and so on. These security mechanisms are still not secure in terms of mobile/electronic payment. So we introduced a biometric mechanism- fingerprint that gives a better level of security mechanism for mobile payment systems [9] 2.1.5 Biometric Credit Card Citibank in Singapore launched the introduction of the worlds first card less payment service on November 9, 2006 [20]. The service employed technology used by a biometric authentication vendor Pay-By-Touch. This meant at the time of purchase Citibank Clear Platinum Card holders no longer need to present their plastic card. They are now required to simply scan their finger on a biometric scanner and enter a seven digit "Personal Search Number". Biometrics credit card manufacturers assertion is that processing of these cards versus traditional credit cards is more secure [21]. The merchant will install a biometric reader at his register. The customers ID data would be Volume 1, Issue 3, September October 2012 entered once only, along with payment information and picture ID. The scanner reads the finger print [22] capturing 40 points of information, encrypting and then store this information. This delivers higher security, because no two fingerprints are alike. Fingerprint pictures are eliminated, once ID and payment information are recorded to the scanning processor. For future transactions, all you need is to swipe your finger to complete transactions. Payment by touch systems facilitates shorter processing time for transactions. Biometric payment technology enables the consumer to pay by the touch of a finger on scanner linked to a payment wallet. The fingerprint is transmitted through a linked router and media required to approve the transaction through an automated process. Providers of biometric payment solutions require the completion of a pre-enrollment process which captures necessary information such as personal identification, fingerprint and banking information. Having talked about electronic/mobile shopping and security consideration in mobile shopping, we will now look into intelligent agent technology followed by agent based mobile shopping developed previously which is the underlying basis for our research. 2.2 Smart/Intelligent Agent Technology There have been many debates as to what the true classification of an Agent should be, but there has not been a universally accepted definition. Reference [23] defines an agent as an entity that can be viewed as perceiving its environment through sensors and acting upon its environment through effectors [24]. An Intelligent Agent is one that is capable of flexible (reactivity, pro-activeness and social ability) autonomous action to meet its design objectives [23]. As problem scope becomes larger and more complex, Multi-Agent Systems (MASs) were required to tackle these intricate possibilities the individual agents could not manage. By forming communities of agents a solution based on a modular design can be implemented where each member of the agency specializes in solving a particular aspect of the problem [25]. Artificial Intelligence agents have been incorporated in many of the systems we interact with on a daily basis directly or indirectly such as modeling the impact of climate change on biological populations, modeling traffic systems, internet search engines, etc. Taking all the above points into consideration, quite amount of research been carried out in developing agent based mobile shopping application which is discussed below 2.2.1 Agent Learning Corporative multi-agent learning [26] approaches can be segmented into two major categories: Team learning approach and the concurrent learning. Concurrent learning utilizes multiple concurrent learning processes. Rather than learning behaviors for the entire team, concurrent learning methods normally employ a learner for each team member. This is done with the expectation that it reduces the joint space by projecting it into N Page 243

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
separate spaces. However, the presence of multiple concurrent learners makes the environment mobile. This in itself is a contravention of the assumptions behind most conventional machine learning techniques. This is the main reason why concurrent learning needs new or significantly modified forms of machine learning methods. Team learning involves a single learner which discovers a set of behaviors for a team of agents instead of a single agent. Team learning can use regular single-agent machine learning procedures to accomplish its goals. Team learning can be separated into two types namely homogeneous and heterogeneous team learning. Homogeneous learners would advance using single agent behavior which by extension is then used by every agent on the team. Heterogeneous team learners on the other hand, can develop based on the distinctive behavior for each agent. Heterogeneous learners are therefore expected to yield superior solutions from agent specialization. A middle ground is found by using hybrid learning. 2.3 Agent based Mobile shopping Human shoppers in their quest to find goods and services at the best prices execute a shopping process that searches both physical stores and electronic stores (via a webbrowser) for a product or service. Another possibility is that a shopper can also search electronic stores by using their mobile phones as support for m-commerce increases. Previous research has been carried out by companies and individuals in employing agents for mobile shopping such as the Agent-Mediated ECommerce Environment for the Mobile Shopper[6] in which some significant shortcomings were noticed . The agent based shopping [5] was solely based their reasoning on the price of the product. So taking the shortcomings into consideration Mobile Intelligent Agent-based Architecture for E-business was developed [4] in which we noted that products are only described by their name and offered no other attribute or relevant image. Taking these issues into consideration, research was carried out in 2009 aimed at developing an Agent based mobile shopper that would essentially employ a software agent exactly replicating what the human being would be performing when purchasing a product Intelligent Agent-based Mobile Shopper, IAMS[7][8]. This intelligent agent would mimic the role of a human shopper, but in the mobile environment in which a cellular phone or a PDA would be employed. The development of these agents is essentially based on preference rules to make a reasonable decision while selecting the item corresponding to the user specification. In short, the agent based mobile shopper developed performs the selection functions as desired by the user. Having seen the technological advancement in applying agent technologies in mobile shopping, we now look into mobile payment system involving biometrics 2.4. Biometric based Mobile Payment Volume 1, Issue 3, September October 2012 Conducting any form of electronic payment has its challenges. Payment methods range from sending an account number and pin to sending credit card number and security codes over a network and at times puts consumers at risk to eavesdropping, interception and fraud if not implemented correctly. When developing our shopping application we had to look carefully at the best means to conduct mobile payments safely and securely, and as such, we have chosen to use two-factor authentication. Authentication methodologies have three basic factors: Something the user knows (username, password, pin, etc.). Something the user has (ATM card, credit card, etc.). Something the user is (Fingerprint, face recognition, etc.). Research has been conducted in using Biometric for mobile payment [9]

3. ARCHITECTURE OF SMART AGENT BASED MOBILE SHOPPING AND SECURED PAYMENT

It is evident from literature that quite amount of research been carried out in using agents for mobile shopping such as the Agent-Mediated E-Commerce Environment [6] and Mobile Intelligent Agent-based Architecture for Ebusiness [4] . There were some shortcomings noticed in the system which motivated to develop intelligent agent based mobile shopper in mobile environment i.e J2Me enabled mobile handset that would essentially employ a software agent based on preference rules to make a reasonable decision towards selecting items replicating what the human being would be performing when purchasing a product [7][8]. But still the intelligent agent based mobile shopper system noticed some shortcoming as given below which the main motivation towards our smart agent based mobile shopping system been developed: Agent based system possess no learning capability or past search experience towards search of items Agent based system does not take into consideration rating and also popularity of product by the previous shoppers. The GUI was done in plain and thus did not include any phone images. Complex terms and expressions were used in the user specifications that the average consumer would not be knowledgeable of. Each mobile shop has its own agent and would be less efficient when a search is conducted Adding a new mobile store agent would be a tedious process and some code modifications Now in terms of mobile payment research has been conducted in using Biometric for mobile payment [9] but still some drawbacks exist which include the following that has been motivation towards developing secured Page 244

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
payment for our smart agent based mobile shopping system: User has to give financial details like credit card number, pin number and biometric information like signature and fingerprint which is encrypted and checked towards authentication. Signature, credit card, pin can be easily replicated during wireless transmission, as it is also a part of authentication for mobile payment The system does not possess any third party certification i.e. VeriSign towards verifying the authenticity of shop towards making any payment. Lastly the system was implemented in J2ME based mobile handset, which does not possess enough memory and processing power to hash the fingerprint using the encryption algorithm. Also does not possess Touch pad feature to read fingerprint and so cannot be really deployed in real time. Considering the above drawbacks, we here have developed smart agent based mobile shopping and secured payment system. The architecture of system developed is shown in Figure 2. From an architectural standpoint, what is required is a data-enabled mobile network that is integrated with a Local Area Network (LAN) to allow for multiple agent communication with the relevant databases and mobile devices. Securely transfer shopping cart information and shipping information over HTTPS Liaise with security agent to verify if the mobile shop is Third Party Trusted and advise the customer of response Retrieve and display the status of the m-commerce transaction attempted from the Banking Agent. 3.1.2 Security Agent (SA) The Security Agent is in charge ensuring that all sensitive information is passed securely and holds the following as its core responsibilities: Create a secure connection over HTTPS to liaise with the Trusted Third Party to verify mobile store certificates. Set up a secure connection over HTTPS to interact with the Banking Agent to transfer customer check-out details and customer biometrics. Securely transfers Customer verification from the Banking Agent to Mobile Agent over HTTPS connection. Securely transfers the status of the attempted transaction that was sent to the Banking Agent back to the Mobile Agent over HTTPS connection. 3.1.3 Banking Agent (BA) The Banking Agent has the following as its core responsibilities: Communicate with the Security Agent and Trusted Third Party to verify customer information. Attempt to match the customer biometric and credit card information and send a response to the customer through the security agent informing them if customer exists and is verified. Conduct the necessary withdrawals on the customers account and send a message through the Security Agent to inform the customer of the status of the attempted transaction. 3.1.4 Mobile Search Agent (MSA) The Mobile Search Agent would act as the brain of the mobile phone search process and has the following responsibilities: Retrieve the requested specifications entered from the Mobile Agent and using the fuzzy preference rules hierarchy, intelligently configure the search criteria when no results are found for the initial search. Organize the results in descending order by mobile phone price and pass the sorted list to the Mobile Agent for it to graphically display the results to the customer. 3.1.5 Trusted Third Party (TTP)

Figure 2: Smart Agent based Mobile Shopping and Secured Payment (SAMSP) Architecture 3.1 The details of agents and their responsibilities are listed below: 3.1.1 Mobile Agent (MA) The mobile agent residing in Android Mobile handset carries out the following responsibilities: Retrieve and submit the mobile phone preferences submitted by customer Capture and securely submit mobile phone rating data Retrieve and display search results in a user friendly format Capture and encrypt customer biometric data Securely transfer the captured biometrics data over HTTPS Volume 1, Issue 3, September October 2012

Page 245

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
The Trusted Third Party mimics an external entity that would conduct the following as its main responsibilities: Securely communicate with the security agent to retrieve encrypted customer biometric and credit card information for Customer verification with the Banking Agent Validate Mobile Store Certificates using TTP APIs and communicate status via secure HTTPS connection through the Security Agent. 3.2 Mobile Phone Search Algorithm The algorithm developed based on the architecture shown in Figure 2 is given below. We will look into how fuzzy preference rules been incorporated in the algorithm. The customer launches the application from his/her mobile phone and be granted the option to login or go straight to the search form to enter their phone preferences. Customers must however be registered and logged in to add an item to cart or make any purchases. Customer selects desired phone specifications such as price range, phone rating, feedback period and other specifications in layman language like camera, Touch pad, QWERTY keyboard, Internet etc rather than in technical language as in earlier system (Brown and Suresh, 2009a; Brown and Suresh, 2009b) The specified phone criteria are sent from the mobile application to the Mobile Agent using dynamic search ontology. The Mobile Agent would take the data and build customized queries from the criteria selected and execute same on the database looking for matches on the specifications using the following fuzzy preference rules: If mobile phones are available with the desired user specifications below the price cap entered. If mobile phones are available with the desired user specifications above the quoted budget up to price mark If no mobile phones are found within quoted price cap, find phones with the user specifications with price above quoted budget. If no mobile phones are available for user specifications, find exact price match with best match specifications. If no mobile phones are available with the desired specifications, find phones of any specifications within the price range. Display results from Mobile Agent on customers mobile device. 3.2.1 Agent Learning for Mobile Phone Search The algorithm used for Agent learning is same as above except here the user enters only the mandatory shopping search criteria from a GUI on mobile device such as: Star Rating, Feedback period, Maximum price, Price Mark up. The other specifications such as camera, touch pad, Volume 1, Issue 3, September October 2012 Internet etc are left as blank as it is assumed that sometimes users find it cumbersome to select all specifications mentioned in the system. So instead of just taking default value and searching the phones as in previous system [7][8].We here use Agent learning wherein the mobile search agent interacts with a database and retrieves the mobile phones with maximum popularity i.e. ones which is most preferred by the users based on past search experience and forwards the results along with the specifications, rating and popularity on the GUI of the mobile device. The same fuzzy preferences are used for searching except specifications are left as blank. 3.2.2 Mobile Phone Purchase Algorithm The following section will outline the process to purchase a mobile phone from the system architecture shown in Figure 2 Customer logs into the application securely over https When a phone is selected to view the details, the Security agent checks to see if the Mobile Store is a trusted store through the Trusted Third Party (TTP) APIs. If the Store is verified to be trusted, then a VeriSign logo will appear in the top section of the screen. If the store is not verified, no VeriSign logo will appear. When the customer clicks the option to add the phone to their shopping cart a check is done to see if the phone is from a trusted store. If the store is not trusted then a message will be displayed alerting the customer and they will be given the option to stop or continue with adding the phone to their cart. The mobile agent would then send a message to the security agent to check if the selected mobile phone is already in the customers shopping cart. If the phone is already in their shopping cart then a message would be displayed alerting the customer. Mobile agent sends message to the Database Agent and updates the relevant tables. The Mobile agent captures and encrypts the biometric fingerprint data using public key AES 128bit encryption. Mobile Agent sends biometric information to the security agent over https. The Trusted Third Party agent liaises with the Banking Agent to verify the Customers biometric information. The customer information is requested from the Banking agent using the customer Full Name and Credit Card Type. If the Trusted Third Party agent is unable to verify the customer information from the Banking agent (BA) a report is sent to the Security agent. If the TTP agent is able to retrieve the customer information from the Banking agent, it would then decrypt the information and verify that the customer biometric data is consistent from both sources. If the customer biometric information does not match, the Trusted Third Party agent sends a message to the Security Agent that the biometric data does not match. If the biometric information matches a Page 246

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
message is sent to the security agent that the customer is verified. The Security agent would then pass on the message received from the Trusted Third Party agent to the Mobile agent. The verification status would be displayed to the customer. If the response returned negative the user will be asked to try again. A purchase confirmation screen is then displayed for the user to confirm items to be purchased and correct shipping details are stored. When the customer has confirmed the purchase details, a message is sent to the Security agent to communicate with the Banking agent to withdraw the necessary amount out of the users bank account. When the transaction is completed the Banking agent the status is sent back to the Mobile agent through the security agent via a message that will be displayed to the customer whether transaction was successful or not. Many of these options are optional and default values used in cases where a selected option must be chosen. Also here mobile phone search options been expressed in laymans language and not in mobile technical language which makes users to easily select for searching compared to earlier system [7][8]. When the user is satisfied with the required or desired interests met or configured on the criteria the search button is clicked to initiate the search operation which is primarily driven by the mobile Search Agent. There are six scenarios been considered for the implementation of our prototype, which would be discussed below. Let us consider a scenario where the user here selects Maximum price of J$70000 with star rating of 2 and feedback period of 3 month as shown in Figure 4. Price mark up is been selected as No markup which means user can spend up to a maximum of 70000 dollars only. The other features of phones are selected as YES like Movie, Messages, Internet, picture, Camera, Touch pad, Qwerty Keyboard in layman language understood by every common man. Customers submit these inputs from Mobile handset to Mobile agent as shown in Figure 4. In this scenario, the mobile phone results returned by the search must be less than or equal to J$70000 entered by the user to meet all the other specifications entered. When the consumer submits the preferred phone specifications on the android device, it is then sent to the Mobile Agent using the JADE platform which would be submitted to mobile search agent who uses fuzzy preferences to query the Mobile Database for the devices that meet the criteria and return the results to the mobile device

4. IMPLEMENTATION USING JADE-LEAP

The application was built using Eclipse Helios 3.6.2 build 20110210-1200 with a Java Development Kit 1.6.0_21 (jdk1.6.0_21) as the runtime environment with an Android SDK Emulator plug-in as an IDE. The system is created using Android 2.2 with and Java Agent Development Toolkit (JADE) with Lightweight Extensible Authentication Protocol (LEAP) [27-30].The list of agents in the JADE environment is shown in Figure 3. and are identified by their names.

Figure 3 Agents in JADE Environment 4.1 Mobile Phone Search Implementation The mobile phones searches are performed using an Android enabled mobile device with access to the internet and fairly good connective to the cellular network. Entry into the search menu will initiate the mobile Search Agent into operation. Among the options the user has to configure for his or her search are Rating, Max Price, Price Markup, Feedback period, Camera, Touchpad, Internet, Picture, Movies, Messages, Music, Qwerty Keyboard etc. Figure 4: Search Option Screen-1 Now based on search results returned by mobile agent on the users mobile handset using fuzzy preferences, the customer is presented with the results that matched the specifications entered by the consumer, which in this case is a list of three mobile devices as shown in Figure 5. The Search Results screen displays the list of phones including some of the major details such as the phone ratings and popularity, the store that is selling the phone

Volume 1, Issue 3, September October 2012

Page 247

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
and with its list price and lastly a stock image of the mobile phone as shown in Figure 5. specifications. The phone details are displayed in Figure 9 along with overall rating, customers breakdown of rating and popularity of 40% which shows it is good among public.

Figure 5: Search Results Screen-1 If the customer is interested in one of the mobile phones displayed in the result set, they may click on the respective phone to view more details about the device. Figure 6 below shows a screenshot of the details available for the Blackberry Torch. The mobile phone details screen gives a comprehensive outline of the features available for the selected mobile device and also gives the customer an option to add the mobile phone to his/her shopping cart or to go back to the search screen if they would like to search using some different criteria. The screen displays the logo of the store that has the phone for sale along with the sale price. Other information is also presented on this screen about the available features of the phone, the phone overall ratings. Customer ratings breakdown and also popularity of phone i.e. how popular the phone is among the public which depends on number of people who bought and which in this case is 40% and is termed as Good.

Figure 7 Search Options Screen-2

Figure 8 Search Results Screen-2

Figure 6: Mobile Phone details Screen-1 Let us consider another scenario where user is trying to find mobile phones with the same specifications as in previous scenario but with a maximum price budget of J$50000 and price mark-up of 20% as shown in Figure 7.When the consumer submits the preferred phone pecifications on the android device, it is then sent to the Mobile Agent using the JADE platform which would be submitted to mobile search agent who uses fuzzy preferences to query the Mobile Database for the devices that meet the criteria for sale price of 50000 with mark up of 20% and return the results to the mobile device as shown in Figure 8. Figure 8 show that the search only returned one result that matched the price cap and the Volume 1, Issue 3, September October 2012

Figure 9: Mobile Phone Details Screen-2 Let us consider another scenario where the customer is searching for a mobile phone that is within the price range of $40,000 with no price mark up, rating of at least two stars and with no touch pad or memory expansion capabilities. The Mobile Search Agent here applies fuzzy preference rules and explored the store inventories for phones that are within the price range of J$40000 with specifications mentioned. The search agent here finds list of phones and displays it onto the users mobile handset as shown in Figure 10. Figure 11 shows that the customer selected the Blackberry Curve 8310 from CLARO mobile Page 248

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
store to review its specifications which en rated matched all specification except for one which is Touch pad for price of J$30000 with overall rating of 4 and popularity 0%. Being a new phone or that no users has rated the phone. So far, Customer rating is displayed as 0 customers have rated and so popularity is also 0% . So it is now left to the customer whether to purchase the phone or not based on popularity and rating values though price matches except for one specification which is Touch pad. The customer is now given the choice for selecting the appropriate phones which match the price with 80% of specification matching or exact matching of specifications with any price by taking customer rating and popularity of phones into consideration which gives better idea in purchasing the phone

Figure 12 Search results-4a Figure 10: Search Results Screen-3

Figure 13 Mobile Phone Details-4a

Figure 11: Mobile phone Details Screen-3 Let us consider another scenario where the customer has opted for a maximum price of J$30,000 and a rating of at least 2 stars and did not desire a phone with a camera and touch pad. The Mobile Search Agent used fuzzy preferences and queried database and found no phones for the quoted budget with customer specifications. So agent here applied the intelligence to find phones matching the customer quoted budget with any specification as shown in Figure 12. Figure 13 shows the phone specifications with rating of 5 and popularity of 20% which is average among common public that match most of what the user was requesting by over 80% i.e it does not offer memory expansion as requested but does include the touchpad and the camera. Agent also uses intelligence to find phones that match the customers specification for any price as shown in Figure 14 which is The BlackBerry Bold 9000 being sold by LIME for $43,000 and Digicel for $45,000. The customer selects the cheaper phone and is able to view all the specifications and other available information as shown in Figure 15 with customer rating of 4 and 0% popularity as poor which here is Blackberry Bold 9000 by LIME. Volume 1, Issue 3, September October 2012

Figure 14 Search Results Screen- 4b

Figure 15 Mobile Phone Details Screen- 4b Page 249

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
The user is given the option to select the rating period for the customer feedback during search. By adjusting the period from 3 months to 6 months or a year the user will note that the ratings figures as well as the popularity would be recalculated. 4.2 Mobile Phone Search Agent Learning Until now, we have seen the intelligence possessed by smart agent situations towards mobile phone search based on specification selected by customer. Now in many situations customers feel cumbersome to select all specifications towards mobile phone search. So here we bring learning strategy of smart agent which uses the past search experience to search phones and display to users handset based on popularity of phone. The user will select the mandatory specifications like Maximum price, Rating, Price Mark up, Feedback period. The other specifications like Camera, touch pad, Qwerty Keyboard, Memory expansion etc be left blank. Let us consider a scenario where Customers are search for mobile phones based by selecting the mandatory specifications as shown in Figure 16. The agent here uses its past search experience to search phones for price of $70000 which is most popular and display the results as shown in Figure 17. The user now can view the phone details by selecting the phone which is popular with good rating and proceed for shopping matching that is popular as shown in Figure 19. The results are sorted by popularity in descending order.

Figure 18 Agent Learning Search Screen-2

Figure 19 Agent Learning Search Results Screen-2 4.3 Mobile Phone Purchase We have seen till now as how agents are used in searching the phone according to user specification and also by using agent learning too. Now having searched the phone and added to shopping cart, the next is about buying the phone by supplying our financial. This section would cover details on security features implemented towards mobile phone purchase. Before customer proceeds for making payment for purchase, we go to make sure the store is valid one and not fake. So we got to bring Third party Trust like VeriSign for it. When a mobile store is verified as Third Party Trusted by the SAMSP application, we are saying that we have proof that this mobile store is valid and that it is safe to conduct business with them. Mobile stores are only considered verified once our trusted third party VeriSign has validated based on certificates retrieved. Figure 20 below shows the trusted image that would be displayed once the security agent has connected to the VeriSign component over HTTPS and successfully validates that the mobile store certificate retrieved from the Mobile Agent (MA) is still valid, authentic and issued by the same trusted third party using APIs. When the mobile store is third party trusted then the customer would have no difficulty in adding the mobile device to their shopping cart and continue with their check-out process.

Figure 16 Agent Learning Search Screen-1

Figure 17 Agent Learning Search Results-1 Let us consider another scenario where the customer may also do a more advanced search as shown in Figure 18. The Agent here possess intelligence to search and display phone for price of $40000 with customer specification Volume 1, Issue 3, September October 2012

Page 250

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
when it is time to securely conduct the M-Commerce transaction.

Figure 20 Third Party Trust verified mobile store If the Mobile Store does not have any valid certificate that could be verified with our Trusted Third Party VeriSign, the VeriSign trusted logo will not be displayed and thus the store will not be verified as Third Party Trusted. Figure 21 displays such a scenario in which the user selects a mobile phone which is being sold by a mobile store that is not verified with the Third party Trust. If a user attempts to add this mobile phone to their shopping cart, a pop-up will be displayed warning the user that the Mobile Store that is selling the phone has not been Third Party Trusted (VeriSign) verified as shown in Figure 22. The user is presented with the option of continuing with the purchase process of adding the item to their cart or cancelling the process. Figure 23 Purchase Details - Credit Card Information Figure 24 shows the screen that would capture the customers fingerprint biometrics encrypted and transferred to the security agent to do the necessary validations. It is recommended that the customer use a phone that has a touch screen, fingerprint scanner or a camera. Since fingerprint data doesnt change over time, it is critical the system handles this information with care and sensitivity. So the system will ensure that when the fingerprint is scanned, it is encrypted using AES 256 bit encryption scheme and transferred over HTTPS and ensuring that any cache is removed from the mobile device. Biometric information is not stored on the customers mobile device as this may put them at risk for identity theft and fraud if the mobile device is stolen.

Figure 21 Screenshot showing unverified mobile store This warning is important as it would ensure that the user is aware that they would be giving a potentially fake store/individual access to sensitive information such as their name, phone number and shipping address.

Figure 24 Fingerprint Scanner screen When the user selects the Get Fingerprint button they will be presented with the appropriate API to scan their fingerprint as shown in Figure 25 .The encryption of the fingerprint is done when the user selects the save and continues button after the image has been captured as shown in Figure 26.

Figure 22 Warning message about unverified store The users biometric information is never sent to the mobile store as there is no need for them to retrieve it at any time. The Mobile store bank account number is used to conduct the m-commerce transaction. Figure 23 below provide the customer with the option to choose which bank and card type they would prefer to use to conduct the transaction. This information is important to ensure the correct bank and bank account is selected

Figure 25 Captured Fingerprint

Volume 1, Issue 3, September October 2012

Page 251

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
phone would no longer show up in the list shown in Figure 30.

Figure 26 Popup Information Fingerprint Encrypted The purchase confirmation screen provides the user with the final summary of what is being purchased as well as the customers shipping address as shown in Figure 27.

Figure 29 Order Results Screen

Figure 27 Customers Purchase Confirmation Screen Figure 30 Mobile Phone Review If the user is satisfied with the details on this screen, they can continue with the check-out process by clicking Buy Now. A pop-up will be displayed to confirm that they would like to send payment. It is only when Yes is selected from the pop-up screen that the m-commerce transaction is attempted. The money will be withdrawn from the users account and sent to the Mobile Store as shown in Figure 28 The user will select from the list, the phone which they would like to leave feedback for. Figure 31 shows a screen shot of what the customer would see when leaving a rating for a mobile device. The customer would simply choose a rating between 1 (lowest) and 5 (highest) for the respective category and click Rate Phone to leave the review.

Figure 28 Payment Confirmation It is important to display the order status after the purchase attempt is made. Figure 29 below shows that the transaction that was done went through successfully and also provides the customer with a reference number if they have to query the transaction. Customers who have purchased phones using the system have the opportunity to leave a review about the purchased phone. The review that is left would be used to act as a rating system that would aid other customers in their choice for their next mobile phone. A user can only leave a review once. When the review has been sent, the Figure 31 Mobile Phone Rating Screen

5. CONCLUSION & FUTURE WORK

The smart agent based mobile shopping and secured payment systems give an introduction on Electronic shopping and the strides that have been accomplished within the last few years. Literature also shows the research been done in the area of mobile shopping with multiple-agent technology. Taking the earlier systems and drawbacks into consideration smart agent based system been developed towards mobile shopping that would take Page 252

Volume 1, Issue 3, September October 2012

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
the specifications a user desires and make smart decisions based on fuzzy preference rules to find the most suitable results to return to the user. The system also provides users with a mobile phone rating capacity which allows users who have bought the phone to leave their feedback on the device. Security in any application is paramount to the integrity and continuity of the system and as such was critical in this system in ensuring secure communication between the agents and protecting data integrity and confidentiality. The security facilities provide features that would assist in properly identifying trusted mobile stores as well as customer validation and verification using biometrics. The results of the development been carried out using JADE-LEAP agent development kit on Android 2.2 handset and are shown as screenshots in this paper validating our research. There are some future improvements to the system that can be done towards including cancellation of payment towards purchase made and money refunded accordingly. Also, remove phones from stores whose popularity and rating falls below average value. In addition allow for the mobile payments to be done using international third party agents such as Google Wallet and PayPal. Also create an Android interface that will allow Mobile Shops to update stock and store information. Also expanding the search and product catalog to include phone accessories and other products. Also implement Email/SMS messaging when Mobile Stores add new phones to their inventory or having mobile phones on sale/discount. Last but not the least research/develop a possible cost effective alternative Trusted Third Party (TTP) Biometric verification method. This could be integrated with BioAPI xml based Service Oriented Architecture (SOA) which could improve efficiency. tracking., Electronic Commerce Research and Applications, Elsevier, Vol.1,No.3 [6]. Fonseca, S., Griss, M., & Letsinger, R. (2001)., An Agent- Mediated E-Commerce Environment for the Mobile Shopper., Retrieved from http://www.hpl.hp.com/techreports/2001/HPL-2001157.htmlAlliance, O. M. (2005). White Paper on the M-Commerce Landscape. Open Mobile Alliance , 49. [7]. Brown, R and Suresh, S(2009), Intelligent Agent based Mobile Shopper, Proceedings of Sixth IFIP/IEEE International Conference on Wireless and Optical Communication Networks (WOCN 2009), Cairo, Egypt [8]. Brown, R and Suresh, S(2011). Intelligent Store Agent for Mobile shopper, International Journal of E-services and Mobile Applications, Vol.3 (1), pp.56-71, IGI publishing [9]. Gordon, M and Suresh, S(2010) Biometric Mechanism in Mobile Payments, Proceedings of Seventh IEEE International Conference in Wireless and Optical communication Networks (WOCN 10), Colombo, Srilanka [10]. Butcher, D. (2010, February 17). Retrieved February 01, 2011, from Mobile Commerce Daily: http://www.mobilecommercedaily.com/2010/02/17/m obile-shopping-in-us-will-grow-to-24-billion-thisyear-abi-research [11]. Alliance, O. M. (2005). White Paper on the MCommerce Landscape. Open Mobile Alliance , 49. [12]. Oracle. (2012). E-Commerce Trends For 2012. CA: Oracle. [13]. Schwiderski, S., & Knospe, e. Secure MCommerce. Europe: IST Programme. [14]. Farpoint Group. (2008). The Broad Reach of Biometrics. Fingerprint recognition and Mobile Security , 2-10. [15]. Stallings, W. (2005). Cryptography and Network Security Principles and Practices, Fourth Edition. Prentice Hall. [16]. HP. (2008). HP JetDirect and SSL/TSL. HP JetDirect and SSL/TSL , 2-6. [17]. EMC. (2011). Certificate-Based Single SignOn. White Paper. [18]. BioAPI Consortium. (2001). Welcome. Retrieved 6 12, 2012, from BioAPI Consortium: http://www.bioapi.org/ [19]. Motorola (2011). Answers Fingerprint Smart Sensor Retrieved from http://motorola-globalportal.custhelp.com [20]. Lynn, T (2006). Citibank S'pore launches biometric payment service. Retrieved from http://www.zdnetasia.com/citibank-sporelaunchesbiometric-payment-service_print61965886.htm [21]. Ziemba, J (2004). Credit Card Processing: Biometrics Retrieved from http://business.lovetoknow.com/wiki/Credit_Card_Pr ocessing:_Biometrics Page 253

REFERENCES
[1]. Cassavoy, & Liane. (2010). What Makes a Smartphone Smart. Retrieved 11 12, 2011, from About.com:http://cellphones.about.com/od/smartpho nebasics/a/what_is_smart.htm [2]. Abbott, L. (2001) Separating Mobile Commerce from Electronic Commerce , Retrieved, from MobileInfo Website: http://www.mobileinfo.com/mcommerce/differences. htm [3]. Rao, G. K. et al (2005)., Design and Development of a New Middleware Platform for Mobile Applications.,Conference proceedings of European Internet and Multimedia Systems and Applications.,Grindelwald, Switzerland . [4]. Weng, Z., & Tran, T. (2007). A Mobile Intelligent Agent-based Architecture for E-business. Ottawa, Canada: IGI Global. [5]. Guan, S., Ngoo, C. S., & Zhu, F. (2002)., Handy broker: an intelligent product-brokering agent for m-commerce applications with user preference Volume 1, Issue 3, September October 2012

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 3, September October 2012 ISSN 2278-6856
[22]. Bocoum, M. (1999). Acceptance Threshold's Adaptability in Fingerprint-Based Authentication Methods. Master of Science Thesis, School of Computer Science, McGill University, Montreal, Canada. [23]. Jennings, Woodridge, M., & N.R. (1995). Intelligent Agents: Theory and Practice. UK. [24]. Russel, S., & Norvig, P. (1995). Artificial Intelligence: A Modern Approach. NJ: Prentice-Hall. [25]. Rudowsky, I. (2004). Intelligent Agents. Intelligent Agents , 1-3. [26]. Panait, L and Luke, S (2005). Cooperative Multi-Agent Learning: The State of the Art .Retrieved from http://cs.gmu.edu/~eclab/papers/panait05cooperative. pdf [27]. Bellifemine, F., Caire, G., & Greenwood, D. (2004). Developing multi-agent systems with JADE. New Jersey: John Wiley & Sons. [28]. FIPA. (2012). Welcome to Fipa. Retrieved 3 28, 2012, from FIPA: http://www.fipa.org/ [29]. Jade Software Corporation Limited. (2009). JADE. Object manager Guide. Version 6.3 , 45-50. [30]. Google (2011). What is Android. Retrieved from http://code.google.com/android/what-isandroid.html AUTHORS
Philip Smith is a final year Msc. Computer Science student in the Department of Computing at the University of the West Indies, Jamaica. Prior to that, he obtained his Bsc. Computing and Information Technology (Honors) from the University of Technology, Jamaica.. He also possess good programming skills in Java, PHP, Agents and so. His research interests are mobile computing, intelligent agents. Dr. Suresh Sankaranarayanan holds a PhD degree (2006) in Electrical Engineering with specialization in Networking from the University of South Australia. Later he has worked as a Postdoctoral Research Fellow and then as a Lecturer in the University of Technology, Sydney and at the University of Sydney, respectively during 2006-08. He is the recipient of University of South Australia President Scholarship, towards pursuing the PhD degree programme and has also bagged the IEEE travel award in 2005. He is also Senior Member of IEEE computer Society and Computer Society of India too. He was working as a Lecturer (Asst. Prof. Status) in the Department of Computing and lead the Intelligent Networking Research Group, in the University of West Indies, Kingston, Jamaica, during 2008-11.He has also worked as a Professor, School of Computer Science and Engineering, Vellore Institute of Technology (VIT University), Chennai Campus, India, for a short period during 2011. He is now working as Associate Professor, Department of Computer & Information Systems, Institute of Technology, Brunei (ITB A technological university). Currently he is also functioning as a Visiting Professor, Department of computing, Faculty of Pure & applied Science, University of West Indies, Mona Campus, Kingston-7, Jamaica, West Indies. He has supervised 28 research students leading to M.Sc, ME, M.Phil and M.S degrees and currently supervising 9 students leading to M.sc, M.phil and Ph.d respectively in UWI and ITB, Brunei. He has got to his credit, as on date, about 50 fully refereed research papers published in the Proceedings of major IEEE international conferences, as Book Chapters and in International Journals. He is also a Reviewer and Technical Committee member for a number of IEEE Conferences and Journals. He has conducted many tutorials, workshops and also given Guest Lectures in Networking in various Universities and Colleges. He also managed a collaborative research programme with Oakland University, Rochester, USA. His current research interests are mainly towards Mobile and Ubiquitous Computing - Wireless Sensor Networks, Mobile Commerce, Intelligent Agents used in the Health, Commercial and Engineering sectors.

Volume 1, Issue 3, September October 2012

Page 254