(keitai-l) Re: [link] wlan/plan

From: Benjamin Kowarsch <benjk_at_mac.com>
Date: 06/06/02
Message-Id: <3AF7001C-7937-11D6-BA3F-003065FB21DC@mac.com>
On Thursday, June 6, 2002, at 05:45 , wimjam wrote:

> or http://www.birdstep.com/.....
>   they have some solutions.
>
> roughly it all comes down to putting an agent on the mobile device (fair
> enough on laptops,... bit more difficult on the phones..) and having
> dual air interfaces (WLAN with... PDC, GSM/GPRS,...)

The main technical issue is authentication. The main logistical issue is 
roaming agreements. Roaming authentication comes with a risk and roaming 
agreements add significant cost.

If mobile phone companies are to be used as billing agents, then they 
will have to be able to authenticate a user over public network links. A 
user device trying to sign on to a WLAN service would need to send an 
authentication request to the mobile phone network which issued the SIM 
card and the equivalent of an HLR/AuC would have to be able to challenge 
the device, then tell the network operating the WLAN whether the device 
is to be granted access or not. Once access is granted, it is not 
necessary for the mobile network to do the metering. Metering can be 
done by the operator of the WLAN, which would then ask the mobile 
network to put the usage on the user's phone bill.

This is how roaming works between mobile phone networks.

The problems with authentication of a device trying to sign on to a WLAN 
by a remote mobile phone network are manyfold. Different protocols can 
be overcome initially by gateways, such as an SS7/IP gateway.

However, the main problem is the risk involved with the present 
authentication systems found in mobile phone standards. Authentication 
rests on secret algorithms, such as the A3/A5 algorithms used in GSM. 
Those algorithms are inherently weak. If that authentication traffic is 
travelling over public IP, which can be easily picked up with a notebook 
and a WiFi card, it will potentially receive a much higher exposure to 
hackers who will try to retrieve the key (Ki in GSM). The risk would be 
with the mobile companies, not with the WLAN operators.

Further there is the cost of roaming agreements which grows 
exponentially with the number of parties involved. In the GSM world 
there are now over 400 networks and the maintenance of roaming 
agreements between them has grown into a nightmare and cost has gone 
through the roof. Clearing houses now provide packages by which you can 
sign up to get 100 or so roaming partners on a single vanilla contract, 
but this service too comes at a price because clearing houses are no 
charities, they do it for profit.

Now imagine the sheer nightmare with ten thousands of hot spots all of 
which may want to negotiate a roaming agreement on their own. With 
increased competition in the mobile phone business and MVNOs which run 
their own billing systems also in on the competition, it is unlikely 
that WLAN operators will be in the position of take-it-or-leave-it. It 
will be a seller's market for the WLAN operators and many of them will 
take advantage of it. If you think that roaming agreements between 
mobile phone networks are hairy, wait until WLAN roaming agreements are 
on the loose. You ain't seen nothing yet.

As the experience with mobile phone roaming shows, if the billing 
company carries the sole risk without real-time transparency of usage 
volume plus the cost of logistics, then that cost will have to be paid 
for as a hefty premium by the end user in form of exorbitant roaming 
surcharges.

Who is going to pay 300 yen for a minute WLAN access simply because it 
is convenient to pay for it through the phone bill ?

It is unlikely that WLANs will not offer any alternative form of 
payment. I have said it many times before and have been flamed for it, 
but I repeat it here again. A hot spot WLAN in a cafe or hotel bar is 
likely to link consumption to airtime, ie. one cappucino gets you 15 
minutes WLAN access whilst in the shop.

It is way easier and cheaper to link a cashier with a WLAN access point 
to accommodate such an airtime for consumption scheme than it is to set 
up roaming agreements and infrastructure.

So, if the alternative is a cup of cappucino every 15 mins or 300 yen 
per minute on the roaming plan, which one is just about everybody going 
to use ?

Just because something is feasible from an engineering point of view 
doesn't mean that it is going to be feasible from a business point of 
view.

Mobile phone companies have been trying for years to break in to billing 
services on behalf of other utilities, such as gas and electricity. In 
most cases they have failed spectacularly despite all the hype they 
generated initially when they came up with the idea.

In the end it comes down to how much the average end user is willing to 
pay for the extra convenience of a unified bill. Let's face it nobody 
likes to pay roaming surcharges.

rgds
benjamin
Received on Thu Jun 6 13:22:12 2002