mobile id public_2
Post on 21-Jan-2017
180 Views
Preview:
TRANSCRIPT
Mobile ID
© Kyivstar, 2015 | 2
Mobile ID infographics
© Kyivstar, 2015 | 3
Levels of AssuranceLevel of
assuranceConfidence and
Asserted IdentityAuthentication Factors Mobile Operators
OptionsLoA1 Little or no confidence Single Factor Authentication
“Something I have”MSISDN default authentication
LoA2 Some confidence Single Factor Authentication“Something I know”
SMS, USSD, APP
LoA3 High confidence Multifactor Authentication“Something I know”“Something I have”
PIN or Password
LoA4 Very High confidence Multifactor Authentication“Something I know”“Something I have”+ PKI for Digital signature
Mobile Signature
© Kyivstar, 2015 | 4
What is Mobile Signature or Mobile ID?
Public and Private KeysRSA1024,RSA2048,ECC256
Secured OTA Protocol
Mobile Operator GSM Network Internet
© Kyivstar, 2015 | 5
Mobile ID use casesSubscriber with secured sim
Banking E-Government E-Health Corporate
Transaction or Authentication, Digital Signature
• Single-sign on• Doc Flow• VPN• Mobility
• Internet shopping• Bidding shopping
• Driver license• Car registration• Income reporting• Taxes• E-Voting• Social declaration
E-Commerce Gaming
• Account open• Transfer orders• Insurance
Subscription• Loans• Bill Payment
• Mobile and internet
transactions• Secure Gambling
• Health records• Data exchange with
doctors• Real-time
monitoring
© Kyivstar, 2015 | 6
E-government portal
Kyivstar
Government Authentication Portal
Certificate Authority
WEB, SMS, IVR, APP1
8 Authentication Signature verification6
7 Verification Result2 5Signing Request
Signed Data
3
4
E-Government services using Mobile ID
Signing request + Info
Signed Data
Agree? Input PIN to confirm
E-Government Service 1
E-Government Service 2
E-Government Service 3
MSSP Protocol
oAuth/Saml
© Kyivstar, 2015 | 7
Mobile operators use cases
• Corporate application• Consumers Portal• Government Services
• Certificate center• Launched in 2013• Solution Provider - Valimo
• Financial Services• Online bidding• Document sign• E-Government• E-commerce
• Launched in 2009
• E-ID, • Bank services• Government Services
• Launched in 2009• Solution Provider - Methics
© Kyivstar, 2015 | 8
Norwegian Bank ID Use CaseTypes Private Key stored Access to Sign
Bank Stored Bank ID Bank Login/Password, PIN
Bank ID on Mobile phones
SIM PIN
Bank Axess (a payment service for online shopping) Log-in and payment via internet bank Change of address with the postal service Placing a bid when buying property Login on municipal websites Purchasing units in equities funds
“The Mobile Bank ID story is not about the technology. This story is about
getting two industries to work together to bring about mutual benefits for all of
our customers.”
© Kyivstar, 2015 | 9
Norwegian Bank ID Key Facts
© Kyivstar, 2015 | 10
Open Questions
• Впровадити міжнародні стандарти захисту даних: RSA, ЕСС (компетенція Державної Служби
Спеціального Зв'язку та Захисту Інформації);
• Розробити дорожню карту легалізації Mobile ID (компетенція Міністерства юстиції);
• Впровадити цифровий паспорт (e-ID картку) (компетенція Міністерства юстиції та Держагенції
з питань електронного урядування.
Thank you!
top related