Mobile phones, originally designed for voice communication, are now extensively utilized for data transmission. The Short Message Service (SMS) protocol is the most widely used form of sending text messages between mobile phone users. SMS is also utilized for data communication between a server and a mobile phone. For example, in a simple “server-to-mobile” system, a server sends a mobile phone user an SMS message to notify him that he has voice mail or to send him information updates, i.e., news, weather and sports updates. More complex SMS applications enable the mobile phone user to send an SMS message to a designated server to request a stock quote, perform an inventory lookup or process a credit card transaction. SMS is a “store and forward” messaging protocol that ensures that a message reaches its intended destination. While this protocol is appropriate for sending text messages between two mobile phone users, it is not well suited for sending data and performing financial transactions between a mobile device and a host system for the following reasons.                The European Telecommunications Standards Institute (ETSI) SMS specification (3GPP TS 23.040) defines the technical size limitation of an SMS message as 140 bytes. As a result, if the data transmission requires a larger size message, an application on the mobile device and the server must split up the message into smaller sizes and reassemble messages in the proper order.        SMS messages have no context of a session, i.e., each SMS message is a distinct event. As a result, if a transaction requires multiple steps and therefore multiple SMS messages are needed to complete the transaction, the mobile device and server application must keep track of the transaction as it progresses through the various steps required to complete the transaction.        Although SMS data can be encrypted “over the air” within a mobile operator's network, there is no specification for SMS data encryption once the message is transmitted beyond the mobile operator's network. For example, if the destination of the SMS message is a server inside a banking or enterprise network which is outside the mobile operator's network, the data will be unencrypted and vulnerable to interception by other unauthorized parties. As a result, the mobile device and server application must implement their own encryption method to ensure that the data in the SMS message are encrypted between the two endpoints.        The “store and forward” nature of SMS provides reliability in getting a message transmitted. However, this also results in time delays between sender and recipient. This message latency is unpredictable and not suitable for conducting transactions where timing is important. For example, in financial transactions where customers and merchants expect instantaneous data transmission for payment authorization transactions, SMS message transmission that can average between 5 seconds to 60 seconds is not acceptable.        
The implementation of packet-switch networks such as General Packet Radio Service (GPRS), DataTac, Mobitex provides an “always on” connection for data transmission that solves many of the problems associated with SMS data transmissions for transaction processing. GPRS also provides a direct gateway to the Internet, thereby enabling a mobile transaction system to directly interface between a mobile device and a server without utilizing SMS. Mobile devices can utilize GPRS networks in several ways:                The mobile device can be directly connected to a computer using a serial cable, infrared or Bluetooth connection. When connected to the computer, the mobile device acts like a typical modem and an application on the computer can utilize Asynchronous Transfer Mode (ATM) commands to control the mobile device's connection to the GPRS network and establish a connection to the Internet. Once connected to the Internet, the computer can act as either a host/server or a client to create a mobile transaction processing system.        The mobile device can also directly utilize a GPRS connection using a built-in or web/WAP browser to connect to a server application. Alternatively, the mobile device may enable developers to develop and deploy an application directly on the mobile device's operating system.        On mobile devices that utilize a Subscriber Identification Card (SIM) card, applications on the SIM card can access control the GPRS connection utilizing SIM Toolkit (STK) commands as defined in the ETSI specification, ETSI TS 101 267 (3GPP TS 11.14). Using this connection, a web/WAP browser or an application on the SIM card can access data on a server and perform secure transaction processing.        
Each of these methods enables a mobile financial transaction processing system depending on the type of application. The SIM card method is a more flexible solution because the SIM card can be placed into any mobile device that meets the 3GPP TS 11.14 (class e) specifications and the application will work the same way on any of these devices, whereas the other methods require custom programming for each type of mobile device. Although the SIM card approach provides greater flexibility, this approach is also more complex to develop because the SIM card is issued by the mobile network operator and only the mobile network operator can allow applications to be developed and deployed on the SIM card. As a result third party developers are not able to deploy applications without cooperating with the mobile network operator. Accordingly, there is a need for a system that allows third party developers to develop and deploy applications on the SIM card without the need for approval from the mobile network operator. Furthermore, the system needs to be able to transmit and receive data utilizing a standard communication protocol that will work the same way on any mobile device without the need for customization.