WAP gateways translate requests from WAP devices to HTTP and responses from web servers to WML, acting as an intermediary. They face security issues as data is unencrypted between the gateway and device/server. More secure alternatives include using a single WAP server combining the gateway and web server functionality or future solutions enabling end-to-end encryption.