Mobile phones are fast moving beyond communications, beyond gaming, social and productivity tools, to take on a vast number of new applications thanks to the use of NFC-based technology and data services. We’re theoretically able to unlock hotel rooms, pay for groceries, secure deals with location-based vouchers and work on the go. We can do our banking on our mobile device, buy plane and train tickets, and more.
But is that enough? In light of recent hack attacks and data breaches, the question is being asked: is the mobile as secure as it should be as we share more and more of our information on the move?
Well, some are taking steps to ensure that the mobile is indeed safe, introducing mobile authentication in a trusted network. What this means is that operators know who you are based on your SIM card and, through additional verification, can use your mobile ID for other ID-related authentication. Using an application that is built into a SIM card compatible with all mobile devices, not just smartphones, phone users can use their mobile as ID when applying for a bank account or insurance through a website, secure in the knowledge that their personal data is safe at all times. Digital signatures are also possible, with the same legal status as a written signature.
Imagine, instead of having to send off an ID document and a paper document with your signature (and potentially having to stand in line in a Post Office for postage) to open a new bank account or register for voting, that you can do it with your mobile device.
In Finland this is happening via a government-driven initiative that led to Wireless Public Key Infrastructure-based authentication for service providers that require strong authentication and legally binding signatures. This includes banks, insurance companies, municipal services as well as ecommerce and social media websites.
It’s hardly surprising that Finland is leading the way currently, given Gemalto’s own mobile authentication expertise stems from our acquisition of Valimo, which pioneered the use of two-channel, two-factor authentication based on Public Key Infrastructure (PKI) combining an over the air platform (OTA) with a software client in the SIM. What we’re eagerly awaiting is the next innovative application for mobile authentication to further extend the usefulness of our ever-present mobile phone friends. This is something to watch.