We are in the need of the following java ( J2ME ) based mobile solution.
PART 1 - Security
We need to have mobile application which will be secure enough so that it can only be run from single mobile phone device ( if copied it onto another it won't run ). The mobile application will contain the unique identity of the person who owns the mobile device ( it will uniquely identify them ), based on the phone number and private key stored in the application.
The application should utilize public key cryptography, meaning that a private key will be stored on the mobile phone and used to authenticate to the remote mobile server ( where public key is stored ). The communication between mobile device and server will be encrypted.
The mobile device application needs to also make sure that private key can be encrypted via user chosen passphrase ( similiar to how openssh works ). Once the user provides the passphrase the key is decrypted and user can then be sucessfully authenticated to the mobile server.
The mobile application will be created or compiled when user comes to our website ( fills up the signup form ) and submits it. We will then take all this information and compile the application for the user to download ( the application has to contain phone number of the user sent by the signup form ). The application from that point on can only be used on the single mobile device only and uniquely identifies it as described previously.
PART 2 - APPLICATION USER INTERFACE
This mobile application when run by the mobile user ( after downloading it ), will show a screen with two input boxes, user can then input the two phone numbers into these boxes. The first box will by default be pre-filled with the phone number of the user, second box will be blank. User can then change or input the numbers in either of the boxes.
The screen will also have submit or send button which when clicked will prompt the user for the secure passphrase and allow for the decryption of the private key ( mentioned before ), then it will connect to the secure mobile server, authenticate and transmit this information securely to the server. In the case user cannot be authenticated certain number of times ( the application will be disabled ). Both on the client and server side.
The number of times for the sucesfull authentication is programmable. The labels around those two input boxes and the button also have to be editable in the code. We want full source code and all rights to it.
Please contact me for any further questions.
Please BID ONLY if you have experience developing mobile applications and working with security.