MAGAZINE

Recommendations

Info

Contributed by: Vidhi (MBA-I) What is Mobile Connect? The user authentication market as we know it is about to change. There’s one digital device in existence that has more users than any other in the market. It’s in use from the rural villages of India to the sprawling metropolis of the world – the mobile phone. Wouldn't it be great if you could leverage your phone, which basically never leaves your side, to authenticate to and access online services? Now you can, thanks to Mobile Connect. Mobile Connect verifies you through the device that you always keep with you - your mobile phone. Safer log-in is literally in your hands. Easy to sign up You can set up your Mobile Connect account with your mobile provider in two ways: Just click on the Mobile Connect logo when you see it as an option on a website or application OR Sign up directly with your mobile provider. Most likely you will receive an invitation via a text message, an email or from their customer care portal. GSMA and Mobile Connect GSMA represents the interests of mobile operators worldwide. There are several working groups under the GSMA advancing different mobile based technologies, best practices and standards. Under the Personal Data Working Group, there’s a program called Mobile Connect. At the core of Mobile Connect, there’s an adapted version of the OpenID Connect protocol with the aim to create a federated and global mobile identity ecosystem. Let’s take that last sentence apart to get more sense into the techno gibberish. Mobile Connect is Global In some parts of the world, the mobile phone is a very basic device. In some other parts, most people will walk their nose pointed firmly towards the ground (and the 5” screen) as they check their latest snaps, Facebook updates, or try to get through to the next level in Clash of Clans. The global aspect of Mobile Connect takes this into account and allows mobile operators to choose the method of user authentication that is appropriate for their subscribers. More basic devices could use a simple SMS based or non-PKI SIM based authentication, whereas more advanced devices could use an app and the fingerprint to authenticate users to online services. The GSMA calls these authenticators. An authenticator is the piece of technology that provides the means for the end user to
establish his identity. An authenticator always uses a device that has an MSISDN (that’s the phone number in plain English). This is the first clever bit of Mobile Connect. The MSISDN can be considered as a unique attribute or identifier. Online services connect to an operator Identity Gateway using the standardized Mobile Connect protocol. The Identity Gateway connects to the authentication server. The authentication server takes care of the actual authentication event by sending the authentication request to the authenticator and validating the response. The type of authenticator(s) selected by the operator defines what kind of authentication servers are required. Sometimes the Identity Gateway and the authentication service come from different vendors. The selection of authenticators is a local issue. As the communication between the online service provider and the identity gateway is standardized, it is straightforward to connect online services and identity gateways on a global scale. Mobile Connect is federated The second clever part of Mobile Connect is in the federation. Federation is a technology (and agreements) that allow users to move between independent domains without re-authentication. In the Mobile Connect concept, it allows a subscriber of an operator in India for example, to log into an online service in the UK. The key to this capability is something called the discovery service. The normal scenario is that the online service provider is connected to the GSMA Discovery Service (and the Identity Gateway). This discovery service provides the login screen for the end user where the phone number will be typed in by the user. Now for the magic part. The discovery service will check the phone number and… erm… discover that it belongs to an India based operator and routes the authentication request to the home operator of the user. The home operator then pushes the authentication request to the user's mobile device and the user authenticates Simple. Enabling the Subscriber When the operator decides to deploy Mobile Connect they will first have to build the infrastructure. So they acquire/build an identity gateway and choose appropriate authenticators for their subscribers. Deploying the hub of the solution, the identity gateway can be done the easy or the hard way. The easy way could be for example using Global Sign Identity Gateway as a managed solution. This can be up and running in two hours after we receive the call. The hard way is to do it in-house and create a development team, try to pass the conformance tests and maintain the in-house solution as the protocol develops and new features are added over time. Then it’s a question of selecting the authenticator(s). The chosen authenticator is dependent on the market situation and what the subscribers can utilize. There are authenticators options that rely on SMS based technologies and won’t require anything extra to be installed to the user’s phone. The next category would be an authenticator that involves an installation of a small SIM based application, but still using SMS based communication. The larger SIM applications, for example PKI based operations, typically require a new
Page 3 and 4: 1. Editorial 2. Governor of Reserve
Page 5 and 6: Now India is growing fast it’s ti
Page 7 and 8: NEEDED, A POLICY TO BOOST INDIAN R&
Page 10 and 11: Governor of Reserve Bank Of India -
Page 12 and 13: UPCOMING CHALLNEGES FOR RBI GOVERNO
Page 14 and 15: Contributed by: Nancy Chawla (MBA-I
Page 16 and 17: analysis before shifting their loan
Page 18 and 19: Globally, the United States suffere
Page 20 and 21: ICICI Pru Life IPO opened, biggest
Page 22: IDFC issues commercial papers of Rs
Page 25 and 26: Subsidiaries: TCS China, TRDDC, Com
Page 27 and 28: 2013 April Computational Research L
Page 29 and 30: INTRODUCTION In August 6, 1943, Rat
Page 31 and 32: TATA MOTORS INTRODUCTION Tata Motor
Page 33: ase and continues to improve on the
Page 36 and 37: cheaper but equally effective subst
Page 38 and 39: and SnowLeopard. Series B round of
Page 40 and 41: later in October 2015, the company'
Page 44 and 45: SIM card and means that the subscri
Page 48 and 49: History Back in 2007, when Flipkart
Page 50 and 51: SUCCESS STORY OF JACK MA, ALIBABA F
Page 52 and 53: Success Story of Sunil Bharti Mitta
Page 55 and 56: Accrual Accounting : When transacti
Page 57 and 58: for the same where all the outstand
Page 61 and 62: SOME QUESTIONS WITH MULTIPLE-CHOICE
Page 63: Q.16. Q.17. Contributed by: Tanvi (
Page 66 and 67: 28. Kalraj Mishra is Union cabinet
Page 68 and 69: Vacancies and Eligibility: Post Age
Page 70 and 71: Officers Scale 1 - Prelims and Main
Page 72 and 73: Activities Organized in Club PRESEN

MAGAZINE

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?