Veon in major move into digital mobile security standard
Mobile network operator Veon has incorporated the GSMA’s Mobile Connect standard into what it hopes will be a global identity system.
Veon wants its MobileID initiative to provide an authentication, credentials management and permission control system that, it believes, will safeguard consumers and protect retail companies.
“Digital identity is one of the great challenges of our time,” states Kaan Terzioğlu (pictured), CEO of the Veon group. “To date, the world has struggled with the competing forces of wanting to make the consumer experience more seamless, while decreasing the risk of online fraud. MobileID will enable mobile operators to be the trusted authority for both consumers and retailers with the reassurance that the operator is based in their home country and licensed by local data protection laws.”
Veon said this morning that it intends to roll out MobileID to its 212 million customers across nine countries as well as offering it as the standard for mobile operators worldwide to provide digital identity validation that is fully compliant with local data privacy laws.
The company, which owns Beeline in Russia and four other countries, plus Jazz in Pakistan, Kyivstar in Ukraine, Djezzy in Algeria and Banglalink in Bangladesh, made clear that its plan would in corporate the GSMA’s Mobile Connect standard.
The GSMA says that Mobile Connect, launched in 2014, has been made available by more than 70 operators around the world. It matches the end user to their mobile phone number in order to confirm identify online. An application programming interface (API) delivers the Mobile Connect product portfolio through the OpenID Connect standard.
A federated architecture means it can be used “with multiple operators across the globe”, says the GSMA.
Veon said today that its MobileID “enables safe and secure determination of customer identity for both online and physical locations”. The service will delivers consumers “a streamlined customer experience without the need to remember passwords, a universal login at physical and online locations, and SIM-card based implementation that enables MobileID to work on any device, including feature phones”.
Veon said the roll out of MobileID “follows extensive trials in Russia with Veon’s Beeline mobile operator in partnership with other Russian mobile operators”.
A nine-month trial “saw over 1.2 million monthly active users subscribe to MobileID to authenticate their digital persona with 36 major online service providers and merchants, including AliExpress, Alfa-Bank, Alfa Insurance, Sheremetievo Airport, and Raiffeisen Bank”.
Now Veon will extend the project to all its mobile operators, starting in Uzbekistan and Kazakhstan.
Terzioğlu said: “It is the right time for the mobile telecommunications industry to implement a new industry standard for digital identity validation. For both consumers and retailers, MobileID could replace the authentication services currently offered by social networks that are often susceptible to fraud and lack the checks on the true identity of the digital persona.”
He added: “Our newly introduced permission centre solution also puts consumers in control of their personal data and enables them to manage and control permissions that were previously granted to mobile service providers.”
All customer data will be stored at class 3/class 4 data centres that are operated “by national telecommunications operators in compliance with local data privacy laws”, the group said.
“The seamless integration with customer SIM cards delivers an additional level of security and customer protection and personal customer data is always encrypted with the RSA asymmetric algorithm. … In accordance with local regulations, customer personal data will stay within a country’s geographical borders.”
The use of Mobile Connect means it will be possible to have national and global interoperability, the company added. “For major retailers and financial institutions, a full portfolio of software tools and APIs are available to customise MobileID and integrate it into specific applications.”