"What we would expect," Perry said, "is that the hand-held device will support encryption and the server itself will support encryption, or that the base stations that hand-held device goes back to will have it."
One recent development that suggests the urgency of plugging the "gap in the WAP" comes from wireless-application pioneer Phone.com.
Last month, Phone.com introduced a secure wireless network infrastructure that plugs the gap, allowing companies to say for the first time that all their wirelessly transmitted data is encrypted end to end.
The product it developed, called Uplink, will be available to wireless service providers soon.
"It's the first product that solves the issue," said Kevin Ellis, senior product marketing manager of security and enterprise applications at Phone.com.
It comes none too soon.
Companies that offer wireless Web services are making some heady predictions about the number of users and the types of services customers will one day be comfortable performing online. For companies such as Great River, N.Y.-based Hand-Trade Technologies, which is developing a service that lets users trade stocks via wireless personal data assistants, there's an assumption of security from the companies providing the wireless infrastructure.
Wireless Web service providers say despite the pinhole in the encryption process, security of online transactions remains high, perhaps even higher than wired access.
"We have some security schemes in place now that allow wireless transactions to be very secure," said Ken Woo, a spokesman for AT&T Wireless.
Among other measures, the company has a full-time security group in its wireless division and "about 100 PhDs at AT&T Labs whose full-time work it is to develop new algorithms. We are trying to stay at least 20 steps ahead of the bad guys," Woo said.
The development of hybrid palm-top computers and smart cellular Web phones, presaged by a recent joint-venture agreement between Motorola Inc. and Palm Inc., suggests that the simplicity and lack of storage capacity that made early smart phones difficult to infect could soon make them the next great challenge for the hacking community.
Larry Swasey, senior vice president of communications research for Allied Business Intelligence, a research company based in Oyster Bay, N.Y., said mobile device makers will have to weigh their desire to build the best encryption hardware into their products against their desire to boast of the best functions and features.
"You'll need heavy encryption in the handset, but that will come at the expense of something else," Swasey said. "It could be less viability for the address book, for instance. It's always a trade-off."
He suggested that the lucrative potential of the business will force companies to opt for heightened security, primarily for fear of killing the goose before it lays a golden egg.
"It doesn't take much to scare people away from putting their credit card online," Swasey said. "Wireless Web access will become lucrative soon, given the investments of some of the world's largest banks. Initially there may be some worries, but the security and wireless and financial industries will make this happen."