The mobile-based login procedure is in use around the world as a quick but more secure way for customers to log into digital services.
Customers will be able to use their smartphone and mobile phone number to sign up for the service, meaning no username or password is needed. The customer’s phone number acts as their digital identity for shopping online and other activities, via smartphones, tablets and computers.
The service is provided by cross-sector identity platform Verimi, which was founded in 2017. It is based on a GSMA global standard, and the trade body says it is already in use by 70 network operators in nearly 40 countries
The three say that in the future, Mobile Connect could also be used by digital authorities.
“Hacker attacks on politicians and celebrities show that access to password-protected online platforms carries a high level of risk,” said Michael Reinartz, Director of Innovation & Consumer Services at Vodafone Germany.
He added, “Mobile Connect offers just that kind of security, because it is identified by the mobile phone and not by password. The entire e-commerce sector as well as public authorities must now show a willingness to innovate and, in their own interest, offer alternative and above all secure login options.”
How it works
After entering their mobile phone number to log into website, the customer receives an SMS and is asked to confirm its receipt by clicking on a link embedded in the text message.
This network operator then sends an encrypted message containing a customer reference number to the website operator, without revealing the customer’s identity, asking them to let the customer use the website.
Where this approach is not suitable or as an interim measure, Mobile Connect can be used for two-factor authentication in addition to a password.
Strategic importance to online business Banks, electronic payment services, media, entertainment, social networks, travel or logistics could benefit from the service, the operators say as it makes customers’ access faster and simpler, and facilitates more secure sales.
There was no mention of how the service addresses the risk of thieves fraudently obtaining a replacement SIM cards with someone else’s phone number or persuading an operator to transfer someone’s number, without their knowledge or permission, to a SIM owned by the thief.
This would seem to put the burden of super-rigorous checks on the operators.
Expandings its application
The three network operators plan to expand Mobile Connect quickly: they are engaged in discussions with other German and international service providers about the use of the new identity solution.
Deutsche Telekom, Telefónica and Vodafone are inviting all mobile brands and virtual network operators without their own infrastructure to also support Mobile Connect.
Alex Sinclair, CTO at the GSMA, noted, “The introduction of Mobile Connect in Germany is a very important step for both mobile network operators and their customers as it provides both more trust and ease of use in an increasingly complex digital world.”
Dirk Backofen, Head of Security at Deutsche Telekom said, “Currently, six out of ten Internet users say they are afraid of cybercrime. For the protection of the customers the Telekom pursues daily 100,000 instances of reported password theft.
Mobile Connect closes these exploited vulnerabilities to hackers for customers. “ Pia von Houwald, Director of B2P Digital Processes and Services Telefónica Deutschland, stated, “Our goal here is clear: Together with our partners, we want to make Mobile Connect in Germany the standard for registering for online services. That’s why we are available for discussions with interested providers at any time. “