Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
Session 1: Introduction on mID:
Trends, Challenges and Opportunities
Jose Antonio Aranda, Technology Director, Europe / Latam, GSMA
Expert Group Meeting on Mobile ID
Warsaw - Poland 18th October 2016
© GSMA 2016 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
THE FUTURE OF DIGITAL IDENTITY A global opportunity for governments, inter-governmental forums and
other stakeholders
Personal Data - Mobile Connect2
© GSMA 2016 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
Barriers to national digital identity systems
raise the need for public and private sector cooperation
3
8% - No Digital ID
12% - Digital ID used for
identification only
72% - Digital ID used for
one or more services
7% - Fully integrated
multi-purpose ID systems
*198 countries included in the assessment
NATIONAL DIGITAL ID*, COVERAGE POLULATION
Source: Accenture ID4D Integration approach report 2015
Personal Data - Mobile Connect
© GSMA 2016 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
Mobile Connect for governments
Drives ease, high security, and compliance
GSMA’s government survey1 has identified a short list of authentication and attribute
needs in the government sector:
1. Enhanced security for the protection of citizens
2. Standards and compliance-driven need to meet data protection regulations
3. Reduce high levels of user friction to drive registrations
4. Improve User Experience and enable complex form-filling on small screen
5. Reduce demand on, and improve efficiency of call centers use cases
4
[1] GSMA Service Provider survey, April 2015
Personal Data - Mobile Connect
© GSMA 2016 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
Convenient alternative to passwords and
protects consumers privacy
Personal Data - Mobile Connect15
Mobile Connect is the mobile operator facilitated authentication and
identity service that provides simple, secure and convenient access
to online services from any device.
It combines the user’s unique mobile number and an optional PIN for
added security, to verify and authenticate the user everywhere they
see Mobile Connect.
© GSMA 2016 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
Sri Lanka
Australia
April
2015
Bangladesh
Spain
Peru
Argentina
Mexico
Turkey
China
Indonesia
Spain
France
Italy
Malaysia
Bangladesh
Switzerland
China
Myanmar
Philippines
Indonesia
Mexico
Finland
Morocco
Egypt
Thailand
Pakistan
India
UK
42 m 85 m178 m
622 m
2 bn2.5 bn 2.8 bn
The Mobile Connect growth
Jul – Oct
2015
Nov – Dec
2015January
2016
February
2016
March
2016June
2016
Mobile Connect has grown at an
exceptionally rapid pace and today is
available to more than 2.8bn mobile
users
© GSMA 2016 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
Global deployments
Personal Data – Mobile Connect7
© GSMA 2016 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
✓
Login/Authentication
Discover
Operator
Operator ID Gateway
SP presents Mobile
Connect Login
11Tom selects
Mobile Connect
22Tom enters his
Mobile Number
33
Operator
Details
Found
Authenticate
User
Authentication
Request
Tom press OK on
the Pop-up window
44
Authentication
Response
Tom is logged in to
the mobile app
✓✓
AUTHENTICATION SUCCESSFUL****
USSD
API Exchange
OK
****
SDK reads
MCC + MNC
from device
Iberdrola Authentication flow
© GSMA 2016 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
Test Results: SPAIN – FINLAND SCENARIO 1:
AUTHENTICATION – Access to Generalitat portal
© GSMA 2015 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
The transformation … towards Multifactor Authentication
Personal Data – Mobile Connect10
Something I Know
Something I Have
Something I Have+
Something I Know
Something I Have+
Something I Am
Or
Click OK
+
Something I Have+
Something I Am+
Something the Network Knows
Risk-based authenticationMobile Connect starting line
© GSMA 2015 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
Mobile Connect Architecture – Key Components
Service Provider needs to discover the Operator
•Discovery – API Exchange
Service Provider needs to discover the Operator
•Discovery – API Exchange
Service Provider needs to send the Authentication request using a standard API (OpenID Connect)
•Mobile Connect Identity Gateway
Service Provider needs to send the Authentication request using a standard API (OpenID Connect)
•Mobile Connect Identity Gateway
The user needs to be Authenticated
•Authentication sub systems – “Authenticators”
The user needs to be Authenticated
•Authentication sub systems – “Authenticators”
Personal Data – Mobile Connect11
© GSMA 2015 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
Mobile Connect Architecture
Personal Data – Mobile Connect12
Tablet/desktop
Service access request
Authentication/Authorisation
Service Provider
Mobile Connect
Identity Gateway
request
Mobile phone
1
34
Discovery
2
Click OK Enter PIN
Consistent SP
experience
© GSMA 2016 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
High Level View:
MC4EU cross-border authentication
Mobile ID
Ser service
Public Service Provider
MNO’s Market State B
GSMA
discovery
MARKET STATE B
MARKET STATE A
OIDC User Info
(Access Token)
Citizens
connect to national
Public Service,
cross borders
Cross border
european
identity
verification
MNO’s Market State A
Public Service Provider
Leverage existing
strong authentication
mechanisms with
Mobile ID SIM
Authentication
through MNO using
GSMA discovery
Authentication
service on both
ends
Unique user
experience
through Mobile
Connect discovery
© GSMA 2016 – CONFIDENTIAL TO FULL MEMBERS OF THE GSMA
Overall, Mobile Connect brings strong benefits
for the Public Sector
Personal Data - Mobile Connect14
• Mobile operators are already working with digital service providers, hence are the ideal
partners to create a trustworthy ecosystem
• Drives scale and ensures national and international inter-operability
• Enables new digital public and private services improving citizens’ daily life
• Easy-to-use digital identity is a key enabler to build a more connected society and enhance
digital inclusion
• Simple user experience, on a device that citizens already carry with them
• Frictionless login encourages citizens to access government services more often.
• Flexible security helps protect citizens’ accounts and personal details.
• Compliant with regulatory requirements on authentication, aligned with international
security standards.
• Outspoken privacy focus, preserves citizens’ trust and aligned with government priorities
• Cost effective, no need for additional devices or readers
• Efficient and ubiquitous solution, working across public and private sector