G&D simplifies secure authentication in web services and prevents identity theft

Munich, February 24, 2015 – Munich-based technology group Giesecke & Devrient (G&D) today announced the launch of an new service to provide improved security for consumers as they increasingly use mobile devices to carry out business and private transactions over the Internet. The service will combine the G&D’s SmartLicentio platform and G&D’s SIM cards with am applet compliant with the GSMA Mobile Connect SIM applet specification. It will enable mobile network operators to offer a consistent and standardized set of services for managing digital authentication and identity globally. This solution only requires the user’s mobile number and mobile device.

People today are more dependent than ever on web-based services such as e-mail, voice communications, e-commerce applications, online banking and ticketing. However, in addition to the flexibility and mobility that technology provides, consumers are concerned about the security of their data and personal information as the rise in phishing attempts and spyware make life harder for users. In light of millions of hacked usernames and passwords and stolen identities, the calls for better security mechanisms in the digital environment are becoming louder and louder. To allay consumer fears, passwords alone are no longer sufficient, as attacks by cyber criminals are becoming increasingly cunning and their technical methods are growing in sophistication.

Another important aspect is user convenience. Today the need for using multiple usernames and passwords is not very user-friendly when online users have to identify themselves for various partners with different combinations or even with their private data. The users are therefore calling for a standardized solution which will allow them to identify themselves quickly and securely, whilst retaining control over their own user data.

Authentication made simple

With the new solution making its debut at Mobile World Congress 2015 in Barcelona, Giesecke & Devrient is once again showcasing its innovation, and presenting a commercial solution which will allow mobile network operators (MNO) to offer their customers a more convenient and secure identity protection. The progressive solution from G&D is based on the GSMA Mobile Connect SIM applet specification and G&D’s service platform SmartLicentio, the tried and trusted server for authentication services. By using this G&D solution, MNOs will be able to equip the SIM cards of their customers with a two-factor authentication, clearing a convenient path for their users to greater security in the mobile environment. The two-factor authentication requires the end user to be in possession of their mobile device and be able to enter a secret that they know (a PIN or personal code) when prompted on their phone. This approach is independent of the respective operating system and can be used with any mobile device, as the required Mobile Connect SIM applet is stored on the SIM card and so is automatically controlled by the SIM toolkit. Another advantage for the user: He will only have to register for this service once with their mobile network operator.

“With this solution, we are working with the mobile network operators to offer the user a high degree of security and convenience,” explains Carsten Ahrens, Group Senior Vice President and head of the division Telecommunication Industries at Giesecke & Devrient. “This is a form of two-factor authentication based on the phone number and the possession of the phone. Users hence don’t need to memorize several user IDs and passwords for all the services they use.”

Contribution to the GSMA Mobile Connect Initiative

This end-to-end solution is a contribution made by G&D as a founding member to the GSMA Mobile Connect Initiative, set up at Mobile World Congress 2014. The objective of this cross-industry consortium, which includes leading mobile network providers and other technology companies as well as G&D, is to develop specification and implementation guidelines worldwide. Service providers, content suppliers and banks can offer trustworthy authentication via mobile network operators in this way.

“This is another important step forward for the adoption of GSMA Mobile Connect as it boosts user growth, as well as increases the availability of Mobile Connect-enabled services,” said Marie Austenaa, Head of Personal Data, GSMA. “Mobile Connect brings together an ecosystem of trusted mobile operators and service providers to offer consumers the ability to use their mobile phone to manage their access to online services, giving them greater control and a means of access that is more secure and convenient.”