1. Auditable and verifiable identity management

2. Mobile IdentityRequirements to tackle this challenge from identitymanagement perspectiveIndustry focusMaintain relevanceSustain industry growthRelevance of theSIMThe relevance of the physical SIM is a criticalasset for Etisalat (operators) to offer digitalservicesTrustAn opportunity to build a new valueproposition around customer trustInteroperabilityIt is crucial to maintain the global connectivityof our businesses as we enter the IP eraScaleThe value chain going global in manyinstances operators cannot individually createthe scale required to be competitiveThe value of beinglocalLocal regulated status, physical presence, callcentres etc are significant assets which weshould leverage 3. Mobile IdentityMobile Connect builds from simple authentication tomanaging personal dataStep 1:AuthenticationStep 2:IdentityAdds:Basic user attributes(e.g., name, gender,DOB etc.)Step 3:PersonalisationAdds:Richer attribute set+Permissionsframework(attribute validation orbrokerage)Step 4:Personal DataHelping users managetheir identity andpersonal data acrosstheir digital footprintOperator ConnectAuthenticationOperator ConnectIdentityOperator ConnectAttributesOperator ConnectPersonal Data 4. Mobile Identitywhich will deliver authentication at differentLevels of Assurance1SMS-pushedOTPSeamless login(via mobile network)MSISDN + PINentered on tablet/PCSIM Enter PINSIM-generatedOTP2Handset-generatedOTP2USSD Click OKSIM Click OK1 Levels of Assurance based on ISO/IEC 29115 Clause 62 Generation of a One-Time-Password on the SIM or an application running in the handset3 SIM PIN + PKISIM Mobilesignature3MSISDN + PINentered via handsetappLevel 1 - Low Level 2 -MediumLevel 3 - High Level 4 Very High 5. Mobile IdentityPositioning the mobile phone as the authenticationkey to all online services (any-device; any-channel)Superior experience when accessing anonline service via the mobile networkServiceProviderServiceProviderConsumption deviceAuthenticationdeviceConsumption device 6. Mobile Connect Authentication decouples identity/ accountmanagement from credential managementCredential management & authentication Identity/account managementMobile IdentityAnonymous customer referenceOnline Service Provider maps ACR useraccountServiceProviderEtisalat(CredentialProvider) MSISDN PINEtisalat maps MSISDN Anonymous CustomerReference (ACR) 7. Service ecosystemPhone Service ProviderConsumer EtisalatEricsson/ItalioLoA Authentication Security Example use case/Service Provider1SeamlessloginMobile network Bundled service (e.g., Deezer)2 Click OK Symmetric keys Proof of age (Retail)3 Enter PIN Symmetric keysSubscription paywall (Media)Basic Financial transaction (Banks)4 Enter PIN Asymmetric keys(enhanced SIM)Legally binding transaction (Banks) User experience: Seamless login (via mobile network); Click OK; Enter PIN 8. Mobile IdentityConsistent implementations delivers value to allmembers of ecosystem Integration protocol Operator discovery Identifier Supported LoA &authenticators offered Common approach to ServiceProvider onboarding(commercial model & businessprocesses)Consistent propositionto consumersConsistent proposition toService Providers Simple service discovery &easy enrolment Service invocation Familiar authentication userexperience across devices Common approach to theidentifier Portability betweenOperatorsEtisalat Service ProviderEricsson/ItalioConsumer 9. Mobile IdentityEtisalat proposal for consistent Authentication servicefor end-users Can reach 100% of the user base Can quickly grow to mass market: 100s of Service Providers, thousands of developers Shortens time to marketo Simplifies Service Provider onboarding processo Easier to agree on common user experience (in case if accessible across other Operators)o Easier Operator deployment (e.g., no need to integrate with CRM databases) Launching authentication services will drive habitual behaviour around using the mobilephone as a more secure replacement for online passwords Leverage Operators assets to obtain competitive advantage and deliver real customer value: Strong authentication (2-factor via mobile handset + PIN) Strong security (SIM storage + WPKI + secure channel) Identity proofing and validated attributes Value-add APIs/services (e.g., charge to bill) Retail presence and customer careMobile ConnectAuthentication 10. Mobile IdentityMobile Money service - Flous 11. Mobile IdentitymPOS service Mobile Cashier 12. Mobile IdentityGo-to-market activities Etisalat Mobile Connect 13. Mobile IdentityThank you