Wireless Transport Layer Security (WTLS) is the security layer of the WAP, providing privacy, data integrity and authentication for WAP services. WTLS, designed specifically for the wireless environment, is needed because the client and the server must be authenticated in order for wireless transactions to remain secure and because the connection needs to be encrypted.
For example, a user making a transaction with a bank over a wireless device needs to know that the connection is secure and private and not subject to a security breach during transfer (sometimes referred to as a man-in-the-middle attack). WTLS is needed because mobile networks do not provide complete end-to-end security.
WTLS is based on the widely used TLS v1.0 security layer used in Internet. Because of the nature of wireless transmissions, modifications were made to the TLS v1.0 in order to accommodate for wireless’ low bandwidth, datagram connection, limited processing power and memory capacity, and cryptography exporting restrictions.
