More Related Content
Similar to Mobile id public_2
Similar to Mobile id public_2 (20)
Mobile id public_2
- 3. © Kyivstar, 2015 | 3
Levels of Assurance
Level of
assurance
Confidence and
Asserted Identity
Authentication Factors Mobile Operators
Options
LoA1 Little or no confidence Single Factor Authentication
“Something I have”
MSISDN default
authentication
LoA2 Some confidence Single Factor Authentication
“Something I know”
SMS, USSD, APP
LoA3 High confidence Multifactor Authentication
“Something I know”
“Something I have”
PIN or Password
LoA4 Very High confidence Multifactor Authentication
“Something I know”
“Something I have”
+ PKI for Digital signature
Mobile Signature
- 4. © Kyivstar, 2015 | 4
What is Mobile Signature or Mobile ID?
Public and Private Keys
RSA1024,RSA2048,ECC256
Secured OTA Protocol
Mobile Operator GSM Network Internet
- 5. © Kyivstar, 2015 | 5
Mobile ID use cases
Subscriber with secured sim
Banking
E-
Government
E-Health Corporate
Transaction or Authentication, Digital Signature
• Single-sign on
• Doc Flow
• VPN
• Mobility
• Internet shopping
• Bidding shopping
• Driver license
• Car registration
• Income reporting
• Taxes
• E-Voting
• Social declaration
E-Commerce Gaming
• Account open
• Transfer orders
• Insurance
Subscription
• Loans
• Bill Payment
• Mobile and internet
transactions
• Secure Gambling
• Health records
• Data exchange with
doctors
• Real-time
monitoring
- 6. © Kyivstar, 2015 | 6
E-government portal
Kyivstar
Government Authentication
Portal
Certificate
Authority
WEB, SMS, IVR, APP
1
8 Authentication Signature verification6
7 Verification Result
2 5
Signing
Request
Signed
Data
3
4
E-Government services using Mobile ID
Signing request + Info
Signed Data
Agree?
Input PIN
to confirm
E-Government
Service 1
E-Government
Service 2
E-Government
Service 3
MSSP Protocol
oAuth/Saml
- 7. © Kyivstar, 2015 | 7
Mobile operators use cases
• Corporate application
• Consumers Portal
• Government Services
• Certificate center
• Launched in 2013
• Solution Provider - Valimo
• Financial Services
• Online bidding
• Document sign
• E-Government
• E-commerce
• Launched in 2009
• E-ID,
• Bank services
• Government Services
• Launched in 2009
• Solution Provider - Methics
- 8. © Kyivstar, 2015 | 8
Norwegian Bank ID Use Case
Types Private Key stored Access to Sign
Bank Stored Bank ID Bank Login/Password, PIN
Bank ID on Mobile
phones
SIM PIN
Bank Axess (a payment service for online shopping)
Log-in and payment via internet bank
Change of address with the postal service
Placing a bid when buying property
Login on municipal websites
Purchasing units in equities funds
“The Mobile Bank ID story is not about
the technology. This story is about
getting two industries to work together
to bring about mutual benefits for all of
our customers.”
- 10. © Kyivstar, 2015 | 10
Open Questions
• Впровадити міжнародні стандарти захисту даних: RSA, ЕСС (компетенція Державної Служби
Спеціального Зв'язку та Захисту Інформації);
• Розробити дорожню карту легалізації Mobile ID (компетенція Міністерства юстиції);
• Впровадити цифровий паспорт (e-ID картку) (компетенція Міністерства юстиції та Держагенції
з питань електронного урядування.