Hi, I am writing a simple application for my own use, and I would like it to be guarded somehow. The best I think would be to have it take input from the user and compare to the SIM card's PIN, but I don't know how to get the PIN, and if I knew, I would probably have to sign the jar, and this is not an option - I am using Nokia 6300, which is known as a Series 40 phone. When I sign the jar with my self-signed cert, the app would not start ("Certificate not on phone or SIM" error message), and I cannot import the cert to my phone (at least I didn't find how to do this, and the searches make me rather pessimistic). So, I would have to pay to Verisign or Thawte (or other entities whose root CA is installed on the phone already) to get my cert signed by them, but I don't want that.
So, do you have other options about what simple authentication/authorization scheme should look like?