GSMA-FIDO Collaboration a Step Towards Secure Authentication

The recent collaborative agreement between the GSMA and the FIDO Alliance, the ecosystem for standards-based, interoperable authentication, is a sign that the digital community is moving closer towards delivering a mass-market identity solution.

Forged in May this year, the partnership will explore how FIDO Authentication and Mobile Connect complement each other from both a technical and market perspective. The arrangement gives the organisations the opportunity to leverage each other’s ecosystems and for Mobile Connect to increase the range of authentication options offered to Mobile Connect users, for example, by allowing them to use in-built biometric authenticators on smartphones, tablets, and PCs

Both FIDO and GSMA set out with a common mission of providing a safer, more convenient approach for user authentication. Whilst FIDO focuses on providing a strong authentication capability, the GSMA, through Mobile Connect, provides a framework for supporting a variety of identity services, including authentication.

Mobile Connect provides a federated framework through which third party service providers can authenticate users, seek their authorisation of transactions and access information about the user, with user consent.  A core part of Mobile Connect is a pluggable framework to support a variety of authentication subsystems – FIDO plugs straight into this framework hence adds its robust authentication capability and variety of strong authenticators to the Mobile Connect offering.

Given the clear synergies between FIDO and Mobile Connect, the liaison that has now been put in place between FIDO and GSMA will enable much closer cooperation going forward as the two initiatives seek to improve authentication capabilities for online services thereby giving users peace of mind and the ability to transact safely online.

With hundreds of millions of handsets supporting FIDO Authentication estimated to have shipped, and Mobile Connect available to 52 operators in 29 markets, a huge chunk of the market now has the potential to be password-free and serviced by the highest authentication standards instead.