SlideShare a Scribd company logo
MODRNA
Torsten Lodderstedt, John Bradley, Bjorn
Hjelm
The Mobile Profile
• GSMA created Mobile Connect for secure universal digital
authentication leveraging OpenID Connect.
• OpenID Foundation MODRNA WG created to support this
evolution.
– Stands for Mobile Operator Discovery, Registration, aNd
Authentication
– Developing (1) a profile of and (2) an extension to OpenID
Connect for use by MNOs providing identity services.
– Serve as technical input to Mobile Connect development.
– OIDFs IPR framework ensures that all specifications can can be
freely implemented.
– WG members from OpenID community as well as MNOs.
• Deutsche Telekom, Ping Identity, Orange, Verizon Wireless, Telefonica,
Telenor, Telstra, GlobalSign.
Mobile Connect
• Mobile phone number as user identifier
• Mobile phone as authenticator
• MNO as authentication/identity provider
• Replace passwords and hardware security
tokens
Mobile Connect
Reference Architecture
2. The service provider requests the
authenticating operator from the API
Exchange.
3. The service provider makes a
request for authentication.
4. The operator selects the appropriate
authenticator depending on the request for
assurance and capabilities
1. The user clicks on a Mobile
Connect button to access a
service.
• SIM Applet
• USSD
• SMS
• Smartphone App
• FIDO
MNO
Service access request
Authentication
Service Provider
Authentication
request
Authentication
server
Identity
Gateway
MNO Discovery
MODRNA WG
2. The service provider requests the
authenticating operator from the API
Exchange.
3. The service provider makes a
request for authentication.
4. The operator selects the appropriate
authenticator depending on the request for
assurance and capabilities
1. The user clicks on a Mobile
Connect button to access a
service.
• SIM Applet
• USSD
• SMS
• Smartphone App
• FIDO
MNO
Service access request
Authentication
Service Provider
Authentication
request
Authentication
server
Identity
Gateway
MNO Discovery
1
2 3
Set up
credentials
MODRNA Specifications
• Discovery (draft-mobile-discovery) - Editors: John Bradley, Torsten
Lodderstedt
– Dedicated discovery service
– Account Chooser integration
• Client registration (draft-mobile-registration) – Editor: Bjorn Hjelm
– OIDC Dynamic Client Registration with software statements (RFC 7591)
– Mandatory claims in the statements
– Signature algorithms
– Lifecycle management, e.g. revocation of statements/blocking of RPs
• Authentication (draft-mobile-authentication) – Editor: Jörg
Connotte
– ACR values
– Additional parameters: login_token_hint, context
Auxiliary MODRNA Work
• Client Initiated Backchannel Authentication (CIBA) - Editors:
Gonzalo Fernandez Rodriguez, Florian Walter
– Mechanism to perform authentication (out-of-band) when there is no
user agent available (such as Call Center) and the authentication
process needs to initiated via server-to-server communication.
• User Questioning API – Editors: Charles Marais, Nicola Aillery
– Mechanism to perform transaction authorizations.
– Define additional OpenID Connect endpoint (UserInfo) that RP would
use (server-to-server) to initiate transaction authorization processes.
• Account migration (draft-account-migration) – Editor: James
Manger, Torsten Lodderstedt, Arne Gleditsch
– Mechanism to allow the migration of user account from old to new OP.
– Protocol allowing new OP to obtain the necessary user data from the
old OP and provide every RP with the necessary data to migrate the
RP's local user account data in a secure way.
The Onion
OpenID Connect 1.0
OAuth2.0
MODRNA 1.0
Mobile Connect Profile 1.2
MODRNA - GSMA Status
• Mobile Connect Profile 1.2 partly incorporate Authentication spec.
• Collaboration identified and resolved security issue with original
GSMA account migration proposal resulting in MODRNA Account
Migration spec.
• Discovery/Credential Management:
– Mobile Connect Release 2 now utilizes and favors OIDC
openid_configuration over endpoint URLs from OneAPI Exchange.
– MODRNA input to ongoing discussions about architecture evolutions
towards more distributed approach based on security, privacy, and
operational considerations.
• New specs for transaction authorization and server-initiated
authentication (for later adoption by GSMA).
• Regular technical workshops with GSMA CPAS group significantly
improved collaboration.
Thanks!

More Related Content

What's hot

Overview of the OpenID Foundation's Mobile Profile of OpenID Connect MODRNA WG
Overview of the OpenID Foundation's Mobile Profile of OpenID Connect MODRNA WGOverview of the OpenID Foundation's Mobile Profile of OpenID Connect MODRNA WG
Overview of the OpenID Foundation's Mobile Profile of OpenID Connect MODRNA WG
Bjorn Hjelm
 
Mobile identity in network
Mobile identity in networkMobile identity in network
Mobile identity in network
loan
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics Poster
Faisal Razzak
 
Voxeo Summit Day 2 - Securing customer interactions
Voxeo Summit Day 2 - Securing customer interactionsVoxeo Summit Day 2 - Securing customer interactions
Voxeo Summit Day 2 - Securing customer interactions
Voxeo Corp
 
Mobile_Security_En
Mobile_Security_EnMobile_Security_En
Mobile_Security_En
de77
 
CIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open StandardsCIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open Standards
CloudIDSummit
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
KrutiShah114
 
Provable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain TransactionsProvable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain Transactions
Rivetz
 
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok LabsFIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
Nok Nok Labs, Inc
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Melwin Mathew
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_eng
Frank Mercado
 
Iot security and Authentication solution
Iot security and Authentication solutionIot security and Authentication solution
Iot security and Authentication solution
Pradeep Jeswani
 
Usher overview.2014.02 hi
Usher overview.2014.02 hiUsher overview.2014.02 hi
Usher overview.2014.02 hi
Mark Fazackerley
 
VidSigner by ValidatedID Biometric Signature
VidSigner by ValidatedID Biometric SignatureVidSigner by ValidatedID Biometric Signature
VidSigner by ValidatedID Biometric Signature
Daniel Translateur
 
Smart card kantara pids presentation grey
Smart card kantara pids presentation greySmart card kantara pids presentation grey
Smart card kantara pids presentation grey
Dan Combs
 
Hotpin datasheet
Hotpin datasheetHotpin datasheet
Hotpin datasheet
Hai Nguyen
 
Access management
Access managementAccess management
Access management
kmehul
 
Evolution of digital government services and trust services in the basque gov...
Evolution of digital government services and trust services in the basque gov...Evolution of digital government services and trust services in the basque gov...
Evolution of digital government services and trust services in the basque gov...
PEGIP2020
 
Provisioning IoT...Oh Baby You Know Meeee!
Provisioning IoT...Oh Baby You Know Meeee!Provisioning IoT...Oh Baby You Know Meeee!
Provisioning IoT...Oh Baby You Know Meeee!
ForgeRock
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
Maxim Salnikov
 

What's hot (20)

Overview of the OpenID Foundation's Mobile Profile of OpenID Connect MODRNA WG
Overview of the OpenID Foundation's Mobile Profile of OpenID Connect MODRNA WGOverview of the OpenID Foundation's Mobile Profile of OpenID Connect MODRNA WG
Overview of the OpenID Foundation's Mobile Profile of OpenID Connect MODRNA WG
 
Mobile identity in network
Mobile identity in networkMobile identity in network
Mobile identity in network
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics Poster
 
Voxeo Summit Day 2 - Securing customer interactions
Voxeo Summit Day 2 - Securing customer interactionsVoxeo Summit Day 2 - Securing customer interactions
Voxeo Summit Day 2 - Securing customer interactions
 
Mobile_Security_En
Mobile_Security_EnMobile_Security_En
Mobile_Security_En
 
CIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open StandardsCIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open Standards
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
 
Provable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain TransactionsProvable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain Transactions
 
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok LabsFIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_eng
 
Iot security and Authentication solution
Iot security and Authentication solutionIot security and Authentication solution
Iot security and Authentication solution
 
Usher overview.2014.02 hi
Usher overview.2014.02 hiUsher overview.2014.02 hi
Usher overview.2014.02 hi
 
VidSigner by ValidatedID Biometric Signature
VidSigner by ValidatedID Biometric SignatureVidSigner by ValidatedID Biometric Signature
VidSigner by ValidatedID Biometric Signature
 
Smart card kantara pids presentation grey
Smart card kantara pids presentation greySmart card kantara pids presentation grey
Smart card kantara pids presentation grey
 
Hotpin datasheet
Hotpin datasheetHotpin datasheet
Hotpin datasheet
 
Access management
Access managementAccess management
Access management
 
Evolution of digital government services and trust services in the basque gov...
Evolution of digital government services and trust services in the basque gov...Evolution of digital government services and trust services in the basque gov...
Evolution of digital government services and trust services in the basque gov...
 
Provisioning IoT...Oh Baby You Know Meeee!
Provisioning IoT...Oh Baby You Know Meeee!Provisioning IoT...Oh Baby You Know Meeee!
Provisioning IoT...Oh Baby You Know Meeee!
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
 

Viewers also liked

OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
Nat Sakimura
 
Allergie alimentaire
Allergie alimentaireAllergie alimentaire
Allergie alimentaire
Mî Rã
 
La ética según protágoras
La ética según protágorasLa ética según protágoras
La ética según protágoras
jonatan morales palacios
 
Multimedia matefisíca
Multimedia matefisícaMultimedia matefisíca
Multimedia matefisíca
JOHAN ANDRES VALLEJO RAMIREZ
 
Ristorante Al Fresco di Milano zona Tortona
Ristorante Al Fresco di Milano zona Tortona Ristorante Al Fresco di Milano zona Tortona
Ristorante Al Fresco di Milano zona Tortona
Alessia Feliciano
 
Primera guerra mundia l
Primera guerra mundia lPrimera guerra mundia l
Primera guerra mundia l
angelo efrain lobaton rodriguez
 
Plandemejoradelosaprendizajes2016 160430053429 (1)
Plandemejoradelosaprendizajes2016 160430053429 (1)Plandemejoradelosaprendizajes2016 160430053429 (1)
Plandemejoradelosaprendizajes2016 160430053429 (1)
Rigoberto Coronel Torres
 
Ανατομια εγκεφάλου αρνιου
Ανατομια εγκεφάλου αρνιουΑνατομια εγκεφάλου αρνιου
Ανατομια εγκεφάλου αρνιου
arlap
 
Ket readwrite
Ket readwriteKet readwrite
Ket readwrite
Karen Arteaga
 
PRACTICAS DE REDES: PRÁCTICA 17
PRACTICAS DE REDES: PRÁCTICA 17PRACTICAS DE REDES: PRÁCTICA 17
PRACTICAS DE REDES: PRÁCTICA 17
Jacinto Cabrera Rodríguez
 
14699775563. feedback amplifiers
14699775563. feedback amplifiers14699775563. feedback amplifiers
14699775563. feedback amplifiers
Muntaseer Rahman
 
PRACTICAS DE REDES: PRÁCTICA 18
PRACTICAS DE REDES: PRÁCTICA 18PRACTICAS DE REDES: PRÁCTICA 18
PRACTICAS DE REDES: PRÁCTICA 18
Jacinto Cabrera Rodríguez
 
Cosas que debe saber sobre botellas de agua reutilizables
Cosas que debe saber sobre botellas de agua reutilizablesCosas que debe saber sobre botellas de agua reutilizables
Cosas que debe saber sobre botellas de agua reutilizables
Serina Fournier
 
The Next Half Century of Co-operation
The Next Half Century of Co-operationThe Next Half Century of Co-operation
The Next Half Century of Co-operation
NFCACoops
 
Biochimie alimentaire
Biochimie alimentaireBiochimie alimentaire
Biochimie alimentaire
Mî Rã
 
Federation
Federation Federation
Federation
Amazon Web Services
 
Robot paralelo
Robot paraleloRobot paralelo
Robot paralelo
sanieto
 
18. Искусство первой половины ХХ в.
18. Искусство первой половины ХХ в.18. Искусство первой половины ХХ в.
18. Искусство первой половины ХХ в.
AnastasiyaF
 
Урок Написання прислівників через дефіс
Урок Написання прислівників через дефісУрок Написання прислівників через дефіс
Урок Написання прислівників через дефіс
school
 

Viewers also liked (20)

OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
 
Allergie alimentaire
Allergie alimentaireAllergie alimentaire
Allergie alimentaire
 
La ética según protágoras
La ética según protágorasLa ética según protágoras
La ética según protágoras
 
Multimedia matefisíca
Multimedia matefisícaMultimedia matefisíca
Multimedia matefisíca
 
Ristorante Al Fresco di Milano zona Tortona
Ristorante Al Fresco di Milano zona Tortona Ristorante Al Fresco di Milano zona Tortona
Ristorante Al Fresco di Milano zona Tortona
 
Primera guerra mundia l
Primera guerra mundia lPrimera guerra mundia l
Primera guerra mundia l
 
Plandemejoradelosaprendizajes2016 160430053429 (1)
Plandemejoradelosaprendizajes2016 160430053429 (1)Plandemejoradelosaprendizajes2016 160430053429 (1)
Plandemejoradelosaprendizajes2016 160430053429 (1)
 
Ανατομια εγκεφάλου αρνιου
Ανατομια εγκεφάλου αρνιουΑνατομια εγκεφάλου αρνιου
Ανατομια εγκεφάλου αρνιου
 
Ket readwrite
Ket readwriteKet readwrite
Ket readwrite
 
PRACTICAS DE REDES: PRÁCTICA 17
PRACTICAS DE REDES: PRÁCTICA 17PRACTICAS DE REDES: PRÁCTICA 17
PRACTICAS DE REDES: PRÁCTICA 17
 
14699775563. feedback amplifiers
14699775563. feedback amplifiers14699775563. feedback amplifiers
14699775563. feedback amplifiers
 
Hojas para-dictados
Hojas para-dictadosHojas para-dictados
Hojas para-dictados
 
PRACTICAS DE REDES: PRÁCTICA 18
PRACTICAS DE REDES: PRÁCTICA 18PRACTICAS DE REDES: PRÁCTICA 18
PRACTICAS DE REDES: PRÁCTICA 18
 
Cosas que debe saber sobre botellas de agua reutilizables
Cosas que debe saber sobre botellas de agua reutilizablesCosas que debe saber sobre botellas de agua reutilizables
Cosas que debe saber sobre botellas de agua reutilizables
 
The Next Half Century of Co-operation
The Next Half Century of Co-operationThe Next Half Century of Co-operation
The Next Half Century of Co-operation
 
Biochimie alimentaire
Biochimie alimentaireBiochimie alimentaire
Biochimie alimentaire
 
Federation
Federation Federation
Federation
 
Robot paralelo
Robot paraleloRobot paralelo
Robot paralelo
 
18. Искусство первой половины ХХ в.
18. Искусство первой половины ХХ в.18. Искусство первой половины ХХ в.
18. Искусство первой половины ХХ в.
 
Урок Написання прислівників через дефіс
Урок Написання прислівників через дефісУрок Написання прислівників через дефіс
Урок Написання прислівників через дефіс
 

Similar to OpenID Foundation MODRNA WG

OpenID Connect: The Mobile Profile
OpenID Connect: The Mobile ProfileOpenID Connect: The Mobile Profile
OpenID Connect: The Mobile Profile
Bjorn Hjelm
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
Bjorn Hjelm
 
An Overview of the interface of MODRNA and GSMA Mobile Connect
An Overview of the interface of MODRNA and GSMA Mobile ConnectAn Overview of the interface of MODRNA and GSMA Mobile Connect
An Overview of the interface of MODRNA and GSMA Mobile Connect
Bjorn Hjelm
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
Bjorn Hjelm
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
Bjorn Hjelm
 
OpenID Foundation MODRNA WG overview at EIC 2018
OpenID Foundation MODRNA WG overview at EIC 2018OpenID Foundation MODRNA WG overview at EIC 2018
OpenID Foundation MODRNA WG overview at EIC 2018
Bjorn Hjelm
 
OpenID Foundation MODRNA WG overview at EIC 2019
OpenID Foundation MODRNA WG overview at EIC 2019OpenID Foundation MODRNA WG overview at EIC 2019
OpenID Foundation MODRNA WG overview at EIC 2019
Bjorn Hjelm
 
OpenID Foundation MODRNA WG Overview
OpenID Foundation MODRNA WG OverviewOpenID Foundation MODRNA WG Overview
OpenID Foundation MODRNA WG Overview
Bjorn Hjelm
 
NFC Basic Concepts
NFC Basic ConceptsNFC Basic Concepts
NFC Basic Concepts
Ade Okuboyejo
 
Enabling Technologies for Branded Wireless Services - Boris Klots, Motorola, ...
Enabling Technologies for Branded Wireless Services - Boris Klots, Motorola, ...Enabling Technologies for Branded Wireless Services - Boris Klots, Motorola, ...
Enabling Technologies for Branded Wireless Services - Boris Klots, Motorola, ...
mfrancis
 
Mtel Cash Mobile Commerce Suite
Mtel Cash Mobile Commerce SuiteMtel Cash Mobile Commerce Suite
Mtel Cash Mobile Commerce Suite
watsongallery
 
WSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected TelcoWSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected Telco
Mifan Careem
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems
Maganathin Veeraragaloo
 
Mobile Network Operators and Identity – Crossing the Chasm
Mobile Network Operators and Identity – Crossing the ChasmMobile Network Operators and Identity – Crossing the Chasm
Mobile Network Operators and Identity – Crossing the Chasm
Bjorn Hjelm
 
From the Internet of Things to Intelligent Systems A Developer's Primer - Gar...
From the Internet of Things to Intelligent Systems A Developer's Primer - Gar...From the Internet of Things to Intelligent Systems A Developer's Primer - Gar...
From the Internet of Things to Intelligent Systems A Developer's Primer - Gar...
Rick G. Garibay
 
Trade Digitalisation - Trade Trust
Trade Digitalisation - Trade TrustTrade Digitalisation - Trade Trust
Trade Digitalisation - Trade Trust
ssuserab62ef
 
Blockchain Explored: A technical deep-dive
Blockchain Explored: A technical deep-diveBlockchain Explored: A technical deep-dive
Blockchain Explored: A technical deep-dive
Binh Nguyen
 
Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?
Ivona M
 
Internet of things
Internet of thingsInternet of things
Internet of things
Selvaraj Kesavan
 
Connecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldConnecting The Real World With The Virtual World
Connecting The Real World With The Virtual World
Ping Identity
 

Similar to OpenID Foundation MODRNA WG (20)

OpenID Connect: The Mobile Profile
OpenID Connect: The Mobile ProfileOpenID Connect: The Mobile Profile
OpenID Connect: The Mobile Profile
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
 
An Overview of the interface of MODRNA and GSMA Mobile Connect
An Overview of the interface of MODRNA and GSMA Mobile ConnectAn Overview of the interface of MODRNA and GSMA Mobile Connect
An Overview of the interface of MODRNA and GSMA Mobile Connect
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
 
OpenID Foundation MODRNA WG overview at EIC 2018
OpenID Foundation MODRNA WG overview at EIC 2018OpenID Foundation MODRNA WG overview at EIC 2018
OpenID Foundation MODRNA WG overview at EIC 2018
 
OpenID Foundation MODRNA WG overview at EIC 2019
OpenID Foundation MODRNA WG overview at EIC 2019OpenID Foundation MODRNA WG overview at EIC 2019
OpenID Foundation MODRNA WG overview at EIC 2019
 
OpenID Foundation MODRNA WG Overview
OpenID Foundation MODRNA WG OverviewOpenID Foundation MODRNA WG Overview
OpenID Foundation MODRNA WG Overview
 
NFC Basic Concepts
NFC Basic ConceptsNFC Basic Concepts
NFC Basic Concepts
 
Enabling Technologies for Branded Wireless Services - Boris Klots, Motorola, ...
Enabling Technologies for Branded Wireless Services - Boris Klots, Motorola, ...Enabling Technologies for Branded Wireless Services - Boris Klots, Motorola, ...
Enabling Technologies for Branded Wireless Services - Boris Klots, Motorola, ...
 
Mtel Cash Mobile Commerce Suite
Mtel Cash Mobile Commerce SuiteMtel Cash Mobile Commerce Suite
Mtel Cash Mobile Commerce Suite
 
WSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected TelcoWSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected Telco
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems
 
Mobile Network Operators and Identity – Crossing the Chasm
Mobile Network Operators and Identity – Crossing the ChasmMobile Network Operators and Identity – Crossing the Chasm
Mobile Network Operators and Identity – Crossing the Chasm
 
From the Internet of Things to Intelligent Systems A Developer's Primer - Gar...
From the Internet of Things to Intelligent Systems A Developer's Primer - Gar...From the Internet of Things to Intelligent Systems A Developer's Primer - Gar...
From the Internet of Things to Intelligent Systems A Developer's Primer - Gar...
 
Trade Digitalisation - Trade Trust
Trade Digitalisation - Trade TrustTrade Digitalisation - Trade Trust
Trade Digitalisation - Trade Trust
 
Blockchain Explored: A technical deep-dive
Blockchain Explored: A technical deep-diveBlockchain Explored: A technical deep-dive
Blockchain Explored: A technical deep-dive
 
Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
Connecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldConnecting The Real World With The Virtual World
Connecting The Real World With The Virtual World
 

More from Bjorn Hjelm

MODRNA WG Update - Oct 2023
MODRNA WG Update - Oct 2023MODRNA WG Update - Oct 2023
MODRNA WG Update - Oct 2023
Bjorn Hjelm
 
MODRNA WG Update - Apr 2023
MODRNA WG Update - Apr 2023MODRNA WG Update - Apr 2023
MODRNA WG Update - Apr 2023
Bjorn Hjelm
 
MODRNA WG Update - Nov 2022
MODRNA WG Update - Nov 2022MODRNA WG Update - Nov 2022
MODRNA WG Update - Nov 2022
Bjorn Hjelm
 
MODRNA WG update - OpenID Foundation Workshop at EIC 2022
MODRNA WG update - OpenID Foundation Workshop at EIC 2022MODRNA WG update - OpenID Foundation Workshop at EIC 2022
MODRNA WG update - OpenID Foundation Workshop at EIC 2022
Bjorn Hjelm
 
MODRNA WG Update - Apr. 2022
MODRNA WG Update - Apr. 2022MODRNA WG Update - Apr. 2022
MODRNA WG Update - Apr. 2022
Bjorn Hjelm
 
MODRNA WG update - OpenID Foundation Workshop at EIC 2021
MODRNA WG update - OpenID Foundation Workshop at EIC 2021 MODRNA WG update - OpenID Foundation Workshop at EIC 2021
MODRNA WG update - OpenID Foundation Workshop at EIC 2021
Bjorn Hjelm
 
MODRNA WG Update - Dec 2021
MODRNA WG Update - Dec 2021MODRNA WG Update - Dec 2021
MODRNA WG Update - Dec 2021
Bjorn Hjelm
 
MODRNA WG Update - April 2021
MODRNA WG Update - April 2021MODRNA WG Update - April 2021
MODRNA WG Update - April 2021
Bjorn Hjelm
 
MODRNA WG Overview - October 2020
MODRNA WG Overview - October 2020MODRNA WG Overview - October 2020
MODRNA WG Overview - October 2020
Bjorn Hjelm
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
Bjorn Hjelm
 
Development of 5G IAM Architecture
Development of 5G IAM ArchitectureDevelopment of 5G IAM Architecture
Development of 5G IAM Architecture
Bjorn Hjelm
 
Development of 5G IAM Architecture
Development of 5G IAM ArchitectureDevelopment of 5G IAM Architecture
Development of 5G IAM Architecture
Bjorn Hjelm
 
NSTIC Panel on Mobile-based Identity and Access Management
NSTIC Panel on Mobile-based Identity and Access ManagementNSTIC Panel on Mobile-based Identity and Access Management
NSTIC Panel on Mobile-based Identity and Access Management
Bjorn Hjelm
 
IIW 27 Wednesday Session 3
IIW 27 Wednesday Session 3IIW 27 Wednesday Session 3
IIW 27 Wednesday Session 3
Bjorn Hjelm
 
Integration of FIDO and Mobile Connect to deliver authentication globally wor...
Integration of FIDO and Mobile Connect to deliver authentication globally wor...Integration of FIDO and Mobile Connect to deliver authentication globally wor...
Integration of FIDO and Mobile Connect to deliver authentication globally wor...
Bjorn Hjelm
 
FIDO and Mobile Connect
FIDO and Mobile ConnectFIDO and Mobile Connect
FIDO and Mobile Connect
Bjorn Hjelm
 

More from Bjorn Hjelm (16)

MODRNA WG Update - Oct 2023
MODRNA WG Update - Oct 2023MODRNA WG Update - Oct 2023
MODRNA WG Update - Oct 2023
 
MODRNA WG Update - Apr 2023
MODRNA WG Update - Apr 2023MODRNA WG Update - Apr 2023
MODRNA WG Update - Apr 2023
 
MODRNA WG Update - Nov 2022
MODRNA WG Update - Nov 2022MODRNA WG Update - Nov 2022
MODRNA WG Update - Nov 2022
 
MODRNA WG update - OpenID Foundation Workshop at EIC 2022
MODRNA WG update - OpenID Foundation Workshop at EIC 2022MODRNA WG update - OpenID Foundation Workshop at EIC 2022
MODRNA WG update - OpenID Foundation Workshop at EIC 2022
 
MODRNA WG Update - Apr. 2022
MODRNA WG Update - Apr. 2022MODRNA WG Update - Apr. 2022
MODRNA WG Update - Apr. 2022
 
MODRNA WG update - OpenID Foundation Workshop at EIC 2021
MODRNA WG update - OpenID Foundation Workshop at EIC 2021 MODRNA WG update - OpenID Foundation Workshop at EIC 2021
MODRNA WG update - OpenID Foundation Workshop at EIC 2021
 
MODRNA WG Update - Dec 2021
MODRNA WG Update - Dec 2021MODRNA WG Update - Dec 2021
MODRNA WG Update - Dec 2021
 
MODRNA WG Update - April 2021
MODRNA WG Update - April 2021MODRNA WG Update - April 2021
MODRNA WG Update - April 2021
 
MODRNA WG Overview - October 2020
MODRNA WG Overview - October 2020MODRNA WG Overview - October 2020
MODRNA WG Overview - October 2020
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
 
Development of 5G IAM Architecture
Development of 5G IAM ArchitectureDevelopment of 5G IAM Architecture
Development of 5G IAM Architecture
 
Development of 5G IAM Architecture
Development of 5G IAM ArchitectureDevelopment of 5G IAM Architecture
Development of 5G IAM Architecture
 
NSTIC Panel on Mobile-based Identity and Access Management
NSTIC Panel on Mobile-based Identity and Access ManagementNSTIC Panel on Mobile-based Identity and Access Management
NSTIC Panel on Mobile-based Identity and Access Management
 
IIW 27 Wednesday Session 3
IIW 27 Wednesday Session 3IIW 27 Wednesday Session 3
IIW 27 Wednesday Session 3
 
Integration of FIDO and Mobile Connect to deliver authentication globally wor...
Integration of FIDO and Mobile Connect to deliver authentication globally wor...Integration of FIDO and Mobile Connect to deliver authentication globally wor...
Integration of FIDO and Mobile Connect to deliver authentication globally wor...
 
FIDO and Mobile Connect
FIDO and Mobile ConnectFIDO and Mobile Connect
FIDO and Mobile Connect
 

Recently uploaded

Lordsexch ID: An Ultimate Online Cricket ID Provider In India
Lordsexch ID: An Ultimate Online Cricket ID Provider In IndiaLordsexch ID: An Ultimate Online Cricket ID Provider In India
Lordsexch ID: An Ultimate Online Cricket ID Provider In India
exchangeid32
 
Dewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show caseDewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show case
DEWANSTUDIO.COM
 
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai AvailableChennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
shamrisumri
 
Network Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptxNetwork Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptx
Infotainmentforall
 
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
shamrisumri
 
UMN degree offer diploma Transcript
UMN degree offer diploma TranscriptUMN degree offer diploma Transcript
UMN degree offer diploma Transcript
cenocb
 
202254.com香蕉影视,在线观看《我才不要和你做朋友呢》在线观看最新电影,香蕉影视在线观看《我才不要和你做朋友呢》在线观看高清电影
202254.com香蕉影视,在线观看《我才不要和你做朋友呢》在线观看最新电影,香蕉影视在线观看《我才不要和你做朋友呢》在线观看高清电影202254.com香蕉影视,在线观看《我才不要和你做朋友呢》在线观看最新电影,香蕉影视在线观看《我才不要和你做朋友呢》在线观看高清电影
202254.com香蕉影视,在线观看《我才不要和你做朋友呢》在线观看最新电影,香蕉影视在线观看《我才不要和你做朋友呢》在线观看高清电影
ffg01100
 
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
elbertablack
 
How Salesforce Development in the UK is Driving Digital Transformation
How Salesforce Development in the UK is Driving Digital TransformationHow Salesforce Development in the UK is Driving Digital Transformation
How Salesforce Development in the UK is Driving Digital Transformation
Sweet Potato Tec
 
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
shamrisumri
 
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptxDraya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
ashishkumarrana9
 
optimized green synthesis characterization and evaluation
optimized green synthesis characterization and evaluationoptimized green synthesis characterization and evaluation
optimized green synthesis characterization and evaluation
ManojKumarr75
 
Web development Platform Constraints.pptx
Web development Platform Constraints.pptxWeb development Platform Constraints.pptx
Web development Platform Constraints.pptx
ssuser2f6682
 
Why Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAEWhy Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAE
adelewhite125
 
DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33
APNIC
 
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
samyanvichadda
 
IPv6 Deployment Planning and Security Considerations
IPv6 Deployment Planning and Security ConsiderationsIPv6 Deployment Planning and Security Considerations
IPv6 Deployment Planning and Security Considerations
Bangladesh Network Operators Group
 
Digital ethnography of the Polish darknet drug trade community
Digital ethnography of the Polish darknet drug trade communityDigital ethnography of the Polish darknet drug trade community
Digital ethnography of the Polish darknet drug trade community
Piotr Siuda
 
Saint Louis University diploma
Saint Louis University diplomaSaint Louis University diploma
Saint Louis University diploma
eufdev
 
University of California, Riverside diploma
University of California, Riverside diplomaUniversity of California, Riverside diploma
University of California, Riverside diploma
eufdev
 

Recently uploaded (20)

Lordsexch ID: An Ultimate Online Cricket ID Provider In India
Lordsexch ID: An Ultimate Online Cricket ID Provider In IndiaLordsexch ID: An Ultimate Online Cricket ID Provider In India
Lordsexch ID: An Ultimate Online Cricket ID Provider In India
 
Dewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show caseDewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show case
 
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai AvailableChennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
 
Network Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptxNetwork Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptx
 
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
 
UMN degree offer diploma Transcript
UMN degree offer diploma TranscriptUMN degree offer diploma Transcript
UMN degree offer diploma Transcript
 
202254.com香蕉影视,在线观看《我才不要和你做朋友呢》在线观看最新电影,香蕉影视在线观看《我才不要和你做朋友呢》在线观看高清电影
202254.com香蕉影视,在线观看《我才不要和你做朋友呢》在线观看最新电影,香蕉影视在线观看《我才不要和你做朋友呢》在线观看高清电影202254.com香蕉影视,在线观看《我才不要和你做朋友呢》在线观看最新电影,香蕉影视在线观看《我才不要和你做朋友呢》在线观看高清电影
202254.com香蕉影视,在线观看《我才不要和你做朋友呢》在线观看最新电影,香蕉影视在线观看《我才不要和你做朋友呢》在线观看高清电影
 
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
 
How Salesforce Development in the UK is Driving Digital Transformation
How Salesforce Development in the UK is Driving Digital TransformationHow Salesforce Development in the UK is Driving Digital Transformation
How Salesforce Development in the UK is Driving Digital Transformation
 
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
 
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptxDraya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
 
optimized green synthesis characterization and evaluation
optimized green synthesis characterization and evaluationoptimized green synthesis characterization and evaluation
optimized green synthesis characterization and evaluation
 
Web development Platform Constraints.pptx
Web development Platform Constraints.pptxWeb development Platform Constraints.pptx
Web development Platform Constraints.pptx
 
Why Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAEWhy Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAE
 
DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33
 
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
 
IPv6 Deployment Planning and Security Considerations
IPv6 Deployment Planning and Security ConsiderationsIPv6 Deployment Planning and Security Considerations
IPv6 Deployment Planning and Security Considerations
 
Digital ethnography of the Polish darknet drug trade community
Digital ethnography of the Polish darknet drug trade communityDigital ethnography of the Polish darknet drug trade community
Digital ethnography of the Polish darknet drug trade community
 
Saint Louis University diploma
Saint Louis University diplomaSaint Louis University diploma
Saint Louis University diploma
 
University of California, Riverside diploma
University of California, Riverside diplomaUniversity of California, Riverside diploma
University of California, Riverside diploma
 

OpenID Foundation MODRNA WG

  • 1. MODRNA Torsten Lodderstedt, John Bradley, Bjorn Hjelm
  • 2. The Mobile Profile • GSMA created Mobile Connect for secure universal digital authentication leveraging OpenID Connect. • OpenID Foundation MODRNA WG created to support this evolution. – Stands for Mobile Operator Discovery, Registration, aNd Authentication – Developing (1) a profile of and (2) an extension to OpenID Connect for use by MNOs providing identity services. – Serve as technical input to Mobile Connect development. – OIDFs IPR framework ensures that all specifications can can be freely implemented. – WG members from OpenID community as well as MNOs. • Deutsche Telekom, Ping Identity, Orange, Verizon Wireless, Telefonica, Telenor, Telstra, GlobalSign.
  • 3. Mobile Connect • Mobile phone number as user identifier • Mobile phone as authenticator • MNO as authentication/identity provider • Replace passwords and hardware security tokens
  • 4. Mobile Connect Reference Architecture 2. The service provider requests the authenticating operator from the API Exchange. 3. The service provider makes a request for authentication. 4. The operator selects the appropriate authenticator depending on the request for assurance and capabilities 1. The user clicks on a Mobile Connect button to access a service. • SIM Applet • USSD • SMS • Smartphone App • FIDO MNO Service access request Authentication Service Provider Authentication request Authentication server Identity Gateway MNO Discovery
  • 5. MODRNA WG 2. The service provider requests the authenticating operator from the API Exchange. 3. The service provider makes a request for authentication. 4. The operator selects the appropriate authenticator depending on the request for assurance and capabilities 1. The user clicks on a Mobile Connect button to access a service. • SIM Applet • USSD • SMS • Smartphone App • FIDO MNO Service access request Authentication Service Provider Authentication request Authentication server Identity Gateway MNO Discovery 1 2 3 Set up credentials
  • 6. MODRNA Specifications • Discovery (draft-mobile-discovery) - Editors: John Bradley, Torsten Lodderstedt – Dedicated discovery service – Account Chooser integration • Client registration (draft-mobile-registration) – Editor: Bjorn Hjelm – OIDC Dynamic Client Registration with software statements (RFC 7591) – Mandatory claims in the statements – Signature algorithms – Lifecycle management, e.g. revocation of statements/blocking of RPs • Authentication (draft-mobile-authentication) – Editor: Jörg Connotte – ACR values – Additional parameters: login_token_hint, context
  • 7. Auxiliary MODRNA Work • Client Initiated Backchannel Authentication (CIBA) - Editors: Gonzalo Fernandez Rodriguez, Florian Walter – Mechanism to perform authentication (out-of-band) when there is no user agent available (such as Call Center) and the authentication process needs to initiated via server-to-server communication. • User Questioning API – Editors: Charles Marais, Nicola Aillery – Mechanism to perform transaction authorizations. – Define additional OpenID Connect endpoint (UserInfo) that RP would use (server-to-server) to initiate transaction authorization processes. • Account migration (draft-account-migration) – Editor: James Manger, Torsten Lodderstedt, Arne Gleditsch – Mechanism to allow the migration of user account from old to new OP. – Protocol allowing new OP to obtain the necessary user data from the old OP and provide every RP with the necessary data to migrate the RP's local user account data in a secure way.
  • 8. The Onion OpenID Connect 1.0 OAuth2.0 MODRNA 1.0 Mobile Connect Profile 1.2
  • 9. MODRNA - GSMA Status • Mobile Connect Profile 1.2 partly incorporate Authentication spec. • Collaboration identified and resolved security issue with original GSMA account migration proposal resulting in MODRNA Account Migration spec. • Discovery/Credential Management: – Mobile Connect Release 2 now utilizes and favors OIDC openid_configuration over endpoint URLs from OneAPI Exchange. – MODRNA input to ongoing discussions about architecture evolutions towards more distributed approach based on security, privacy, and operational considerations. • New specs for transaction authorization and server-initiated authentication (for later adoption by GSMA). • Regular technical workshops with GSMA CPAS group significantly improved collaboration.