100,000 delegates recently spent four days in Barcelona in what can be considered the biggest ‘Mobile Everything’ event in the world. Eight big halls were packed with everything to do with mobile.
On February 26th, there were 200,000 very sore feet and 200,000 baggy eyes with vacant stares slowly leaving Barcelona with heads spinning and empty wallets – the food stalls really knew how to capitalize… Next year, I’m going to IKEA and will stock up on meatballs and bring my own BBQ.
Connected Cars and IoT
I counted at least four Audi R8s, one BMW X5, one Skoda, one Ford, two Fiats and one weird little car. Connected car and IoT were big themes in Barcelona this year. I had a few discussions with the IoT exhibitors and it seems that they are actually aware of the security issues, or at least they seem to be paying attention. As an old PKI product manager, it warmed up my heart to hear that certificates were mentioned in more than a few places.
Mobile Authentication
One big number was announced in the MWC. Two billion! There are now two billion Mobile Connect enabled users in the world. The goal of the GSMA was to announce the one billion mark, but mobile network operators thought differently and had adopted Mobile Connect in a very rapid pace – especially in the Asian markets. This is a huge number, but how many active users are out there?
The Mobile Connect initiative (or MNOs) tries to break the chicken and the egg problem by saturating the market with enabled users and then go after the service providers. This is blindingly obvious when you look at some real-life online services that can accept Mobile Connect authentication / identities. There are less than ten, or was at the time of the MWC. This is going to change – the number of enabled users is too tempting for the online services and the number of enabled users is only going to grow.
Ubisecure had many interesting discussions about Mobile Connect with various parties and gained a lot of insight. We also got labelled as an “impure” vendor, meaning Ubisecure is not a pure-play Mobile Connect technology vendor. And they were right, kind of – you can use Ubisecure Mobile Connect solution for just Mobile Connect and remain a pure-play provider, but from our perspective and for the success of acquiring service providers and becoming a true identity provider, you should offer alternatives for Mobile Connect. If you restrict yourself as a Mobile Network Operator to single technology, you will restrict your potential customers – the service providers.
On-boarding service providers to Mobile Connect is crucial. If the mobile network operators fail in that, Mobile Connect will fail. There are multiple paths to Mobile Connect for the service provider. They can start by integrating social identities to their services, and grow to Mobile Connect. For B2B cases, it might start with O365, or Google for Business identities and grow to Mobile Connect. For governmental services, it could be an eID card, or in some countries, Mobile PKI or Bank IDs and then Mobile Connect, or they can go straight to Mobile Connect. The options are there and if you as the Mobile Network Operator can facilitate these paths, make it smoother for the online service provider, you’ll be making sure Mobile Connect becomes a success.
There’s also the fact that with a product, like Ubsiecure’s Mobile Connect Identity Gateway, you can link social, business, bank, service provider and government online identities to Mobile Connect. Your online service providers most probably have vast identity databases and utilize these third party identities. With user-driven federation, you let the user create link between these identities and switch from the third party identity to Mobile Connect. Our product ensures that the same information that was available from the third party source is delivered to the online service provider (with the user consent).
This is why Ubisecure has multiple protocols supported, extensive and flexible management features and identity and delegated authorization management functions to complement Mobile Connect. But like I said – you can use our technology to become a pure-play Mobile Connect provider and if you later find out you’d like to extend your support to other protocols, it will just be a five minute configuration task using our admin console.
Mobile App Security
At Mobile World Congress, we shared a stand with MePIN. Their smart phone app was also demoed in the innovation city. I must admit, it’s a very smooth and elegant app. The perception that many of the new people coming to our stand counted MePIN as just another smart phone authentication app. It’s easy to make that mistake because of the good user experience and the smooth functionality.
What’s hard is to develop a secure app, like MePIN has done. Within the system, there’s a number of security measures implemented so that the app is as secure it can be. One of the leading security consultancies / integrators in our market, Nixu, happened to come there too and they have independently evaluated the app and made sure that the security mechanisms work as advertised. But under the hood, security is hard to display.
We face the same dilemma, our IAM products are flexible, easy to deploy and within the system, there’s also a solution that has been independently audited when our customers have deployed our solutions.
For us, being a GSMA Mobile Connect Technology Vendor partner for Mobile Connect, the news about the two billion enabled users was great news. This will drive mobile network operators, who have not yet deployed to look for a way to do it. We can help there and we can make sure that on-boarding the service providers is as smooth as possible, thus making the Mobile Connect a success.
We would love to talk to you today about how you get started implementing a Mobile Connect solution.
About The Author: Petteri Ihalainen
More posts by Petteri Ihalainen