Who ownes the SIM? a user-centric view on future networks
1. Who owns the SIM card?
-
The Trusted Third Party Control
of the Secure Element
5 June 2007
Josef Noll
Senior Advisor, Movation AS
josef.noll@movation.no, +47 9083 8066
Prof. stip., UniK/University of Oslo
josef.noll@unik.no
MOVATION – A competitive advantage for ALL invited companies and for Norwegian Innovation
1
Josef Noll, “Who owns the SIM?”, 5 June 2007
2. e best
ome of th rwegian
where s e No
initiative o build th
iting selves t
ery exc
tion is a v mit them ation”
quot;Mova om
Norway c technology innov
es in
compani y, Abelia
less
m in wire aul Chaffe
tea –P
national
“Innovation by Design”
2
Josef Noll, “Who owns the SIM?”, 5 June 2007
3. Movation’s Open Innovation Arena
Mobile Services
Arena
innovator
mentor
innovator
core
research
partnership
research
mentor
Innovation in an open network, supported by mentors and innovators
3
Josef Noll, “Who owns the SIM?”, 5 June 2007
4. Movation owners
4
Josef Noll, “Who owns the SIM?”, 5 June 2007
5. Our owners
- SmartConnect – Seamless connectivity
- Web miner, Music Search
- (Mobile) Search Platform
- Mobile browser, desktop, Opera Mini
- Indoor location, Wireless equipment
- Worldwide operator > 120 Mio customers
- Satellite phones and communications at sea
and on land.
Mobile services with an international perspective
5
Josef Noll, “Who owns the SIM?”, 5 June 2007
6. Movation focus areas
• Mobile Landing Pads
– Mobile Semantic Web: Service world on the mobile
• Personalised Mobile
– personalised services on the mobile
– learning and adaptation
• Mobile Marketing
– personalised and context related services
• Mobile Security
– Security platform for Internet banking, service access, mobile
content handling -> Attila.no
• Convenience
• using Domain Names instead of numbers
Innovative services for the mobile world – from Movation and Partners
6
Josef Noll, “Who owns the SIM?”, 5 June 2007
7. Content
• NFC market actors
– Telecom Operators, SIM card provider, Equipment manufacturers
– Bank, Mastercard, Visa,
– Regulatory bodies, customers
• I-centric vision - customer view
– management, trust
– new roles in NFC business
• Business solution
– third party business model
– role of secure element
• Challenges and benefits
7
Josef Noll, “Who owns the SIM?”, 5 June 2007
8. Mobile Market
• 2006:
• Mobile workforce:
40-70 % of a group in • 1020 million mobiles
different locations • 209 million PCs
• 90 % of the employees • 4 Billion people with
mobile in 2009
away from HQ
• Q4/2006: > 30 %
smartphones in Norway
• 20-30 % smartphones by 2009.
Nordic European
65.00
Opera Desktop Adobe Flash J2ME (Opera Mini)
90.0
48.75
67.5
32.50
45.0
16.25
22.5
0
2006 2008 2010
0
Smartphone penetration [%] in Europe and the
2006 2008 2010
Nordic
Handset functionality in market share [%] for the Nordic market
[“Mobile Phone Evolution”, Movation White paper, May 2007]
8
Josef Noll, “Who owns the SIM?”, 5 June 2007
9. Mobile Services, incl. NFC
• NFC needs next
• Focus in 2008 on
generation phones
mobile web
• S60, UIQ, ...
• Push content upcoming
• Common Application
development
• Integrated
SMS authentication Mobile Web
Push context NFC payment
60
development
45
30
15
0
2006 2008 2010
Expected customer usage [%] “have tried” of mobile
services in the Nordic Market
[“Mobile Phone Evolution”, Movation White paper, May 2007]
9
Josef Noll, “Who owns the SIM?”, 5 June 2007
10. One natural NFC player?
• Telecom Operators
✓ have established customer and content provider relation
✓ current business (content provider access) gets less important
✓ NFC is opportunity for new business
– inhomogenous infrastructure at operators
• Bank, Mastercard, Visa,...
✓ natural choice for payment solutions
– micro-payment and small transactions not successful
– integration of content providers is new area, mobile is Telecom
• SIM card provider: Gemalto, G&D
✓ harmonised infrastructure
– unknown for the customer, no trust relationship
• Handset manufacturers
– global market players
No obvious NFC player, need Innovation partnership
10
Josef Noll, “Who owns the SIM?”, 5 June 2007
11. Content
• NFC market actors
• I-centric vision - customer view
– management
– trust
• Business solution
– Third party solution business model
– Role of security element
• Challenges and benefits
11
Josef Noll, “Who owns the SIM?”, 5 June 2007
12. Customer view
• Regulatory bodies
– Following national laws
Content
– Customer protection (privacy) Content
provider
provider
• Customer preferences Content
provider
– Trust relation
– Clear value proposition (convenience)
Content
– Information/advertisement overload aggregator
Customer care
provider
• Main duties for NFC players
Trust provider
– Customer relation (paying the bill) Privacy
Personalisation
– Service integration
– New business concepts
– Customer protection (information
overload)
Convenient user services, covering trust, privacy, providing personalisation
12
Josef Noll, “Who owns the SIM?”, 5 June 2007
13. Identity handling
• Identity is attributes of your persona
– Social, Corporate and Private IDs
• Internet was built without an identity layer
– Identity 2.0 stems from Web 2.0
– People, information and software
– More user-oriented (wikis, comments, tags)
– More seamless web services (AJAX)
• Service related security
– Provide just the information which is necessary
• Mobile challenges
– Traceability
– 24/7 availability
Josef Noll, “Who owns the SIM?”, 5 June 2007
14. Customer care
through Identity management
• User centric ID management Identity
– More like real life ID’s (passport, license)
– Multiple ID’s (PID, SID, CID)
Personal
– Certificates and preferences
(PID)
– Choose attributes
~more privacy
• ID providers Corporate
Social (CID)
– Multiple providers
(SID)
– Own certificates
• Mobile, and de-centralised
Customer care
provider
Trust provider
Privacy
Personalisation
Josef Noll, “Who owns the SIM?”, 5 June 2007
15. Content
• NFC market actors
• I-centric vision - customer view
• Business solution
– Third party solution business model
– Role of security element
• Challenges and benefits
15
Josef Noll, “Who owns the SIM?”, 5 June 2007
16. Authentication provider
Seamless
authentication
Auth.
provider
Content
Service Physical access, .mp3,
VPN
access access .jpg
Josef Noll, “Who owns the SIM?”, 5 June 2007
17. ID, trust and
personalisation provider
Who provides?
Certifica
Remote services ID provider te
–
Where to store?
Network
–
Phone
–
How to store/backup?
long term, short term
–
Proximity services
Josef Noll, “Who owns the SIM?”, 5 June 2007
18. Third party business model
• Media,
• Banks, Service providers
Content
provider
• Telecom, Corporate, Home
Service Payment
aggregator
• Service aggregator
provider
• Convenient interfaces
• Ease of use
Identity and
personalisation
• Identity and personalisation
provider
provider
Customer
Authentication
care
and Access • Convenience
provider
• Trust
18
Josef Noll, “Who owns the SIM?”, 5 June 2007
19. The secure element:
SIM card
Identity and
personalisation Service
Authentication
provider aggregator
and Access
provider
Send key and Send info to
• SIM is secure credentials recipient
element NFC
communication
Send service to
unit
• controlled environment phone
NFC2SIM
• over-the-air update
• open for applications
SIM
Smartcard interfaces
ISO/IEC 7816
• SIM will be owned
by user
• managed by trusted
third party
Josef Noll, “Who owns the SIM?”, 5 June 2007
20. Challenges and Benefits
200 Convenience
How insecure is the
of usage
Internet?
Will the phone be the only
secure element?
150
Visa and Mastercard
100 enable convenient small amount
purchases
Are facebook and flickr more
trusted than telecom operators?
50
Dynamic service environment?
On-the-fly creation of services?
0
2006 2008 2010
Telco favourite Third party favourite 20
Josef Noll, “Who owns the SIM?”, 5 June 2007
21. Conclusions
• The user is always connected to services using
multiple networks
• Service related information
– privacy (just what is needed)
– application security
• Personalisation is based on Identity management
– Identity provision from public authorities, banks, mobile operators, …
– using preferences, keys and certificates
• Operators have to face a dynamic service
landscape
– Content provider access (CPA) becomes less important
– Convenience and user focus are key issues
– Open co-operation (SIM, handset, operator, content provider) is key
to success
Movation - Open Innovation Arena
Josef Noll, “Who owns the SIM?”, 5 June 2007