Security made easy
As soon as you start surfing, shopping, and logging in to websites, you are asked for all kinds of authentication data including usernames, passwords, and other details. Having to type in your data again and again is certainly annoying – but are you even sure that your data is safe on these websites?
With LicentioID from G&D, Mobile Network Operators (MNO) are able to provide "Authentication-as-a-Service" in the future, thus extending their portfolio to user authentication. Licentio ID simplifies online authentication processes, making them more convenient for you by requiring you to provide your details only once. Your data is then stored on a protected server hosted by your service provider and your mobile device becomes your entry point to the web. Simple and safe!
Securing the customer journey
Licentio ID is based on the GSMA specification Mobile Connect and is a convenient and secure method to provide access to various web services using the security provided by the SIM card on your mobile phone.
Using Licentio ID involves the usage of two different channels for communication with the end user. On the one hand, there is the standard mechanism via the internet, where users identify themselves with a username and password. However, the identity verification is carried out via the mobile network channel.
Once the username and password are verified, an authentication request is sent to the mobile phone. The user will be requested to press OK or enter a PIN code depending on the application. Once this is verified, the system sends confirmation to the web service portal and access is granted.
A Mobile Connect Technology Vendor
G&D has been accredited to be a "Mobile Connect Technology Vendor" for its LicentioID solution by the GSMA. Designation as a "Mobile Connect Technology Vendor" confirms that a supplier is compliant with major elements of the GSMA's Mobile Connect solution. G&D’s end-to-end solution LicentioID covers both the service backend and the Mobile Device and SIM based applet.
Licentio ID is G&D end-to-end solution for the GSMA Mobile Connect compliant solution. Licentio ID interfaces with three different parties:
- Service providers: Licentio ID provides an interface to service providers in order to be able to register to the service.
- MNO infrastructure: Licentio ID interfaces with the system components at the mobile network operator.
- One API Exchange: Licentio ID offers an OpenID interface which interfaces with the One API Exchange to receive the authentication requests from service providers
When a user request to get access to a web service, the service provider requests are forwarded to the One API Exchange and are routed to the appropriate mobile network operator holding the user subscription.
The authentication server performs the verification of the user’s identity and sends the confirmation back to the service provider, which then grants access to the web service.
The main components of Mobile ID
- Administration portal to be used by customer care agents. It implements the self-care portal use cases.
- MNO administration portal implements the administration of service providers, as well as SAML and OpenID client use cases.
- This handles registration/enrolment requests and service provider registration. It creates and manages users and content providers and related settings in the database. The management server also publishes an API which allows for the building of own registration/management clients and use cases, and also allows for integration with external “MNO/BSS” systems.
- OpenID Connect interfaces with content providers.
- The G&D GSMA Mobile Connect applet, which performs authentication requests on the SIM in interaction with the user.
Licentio ID-enabled services provide MNOs and service providers with a simple and convenient method to access web services. This standard method adds an extra level of security, making login more secure. In addition, single sign-on ensures that your personal information is never shared to third parties without your consent, even for login access.
In certain cases, the user experience is simplified even more and the user can log in to websites without usernames and passwords. At the same time, the risks of identity theft that we are exposed to are reduced.
Services for all needs
- Authentication of MNO customer for MNO web services
- Authentication of service provider customer to web services
- Authentication of financial services customers to online services
- Authentication of enterprise employee to enterprise web services