With over 3 billion enabled users worldwide and its federated distributed architecture, Mobile Connect is a leading example of a mobile identity and authentication solution for governments, mobile network operators and private sector service providers.
Having been designed to meet eIDAS requirements, there are many ways in which the identity solution can be used to improve the security, privacy and convenience of public sector services across Europe. With the deadline for eIDAS mandatory recognition of notified EU identity schemes rapidly approaching, the need for industry cooperation is becoming more urgent.
In November 2015, mobile operators and government agencies successfully launched a pilot to demonstrate how Mobile Connect can be used to identify an EU-citizen of one Member State in order to gain access to a public service in another. Operating in Spain (Catalunia) and Finland, the pilot established proof-of-concept for cross-border authentication to e-Government services, in line with the requirements of the eIDAS regulation.
The pilot enabled customers of participating Spanish operators to login to Finnish eGovernment services and vice versa. The login through a digital identity validator granted access to a complete public services portfolio. By pressing the Mobile Connect button, entering their mobile number and fulfilling a PIN request, the user’s identity was confirmed and they were logged in to the eGovernment service.
The two-month pilot was the result of collaboration between organisations seeking to accelerate the uptake of trusted and secure digital authentication in response to the eIDAS Regulation. The GSMA, with major operators, Orange Spain, Telefónica, TeliaSonera, and Vodafone Spain, supported the trial, alongside Gemalto, Mobile World Capital, the Catalonia Regional Government, the Finnish Ministry of Finance and Finnish Population Registration Centre. As a result of the trial, all parties improved their understanding of the architectural options available for the implementation of eIDAS compliant cross-border services and the key issues that determine such options.
The meaning of being eIDAS compliant: Update on the eIDAS-Mobile Connect pilot phase two
This year, the GSMA will execute phase 2 of the pilot to demonstrate the scalability of Mobile Connect as a Europe-wide solution for eIDAS. The pilot will enable cross-border authentication of EU-citizens from five different countries and will be serviced by more than nine mobile operators. This phase will also test different architectural options to demonstrate the flexibility of Mobile Connect to meet government requirements across the EU.
The overarching goal of the pilot is to create an operational forum for public–private cooperation to accelerate eIDAS implementations/notifications for mobile operators and the wider digital identity ecosystem through Mobile Connect. It will also help to ensure the interoperability of Mobile Connect with eIDAS technical specifications and facilitate a common understanding of terminology and requirements across stakeholders. At the same time, the pilot will clarify the role of new technologies and illustrate the business opportunities arising from eIDAS in the digital identity ecosystem.
The kick-off call for this pilot took place last 16th March and was very well attended by mobile operators, technology partners and government representatives, all of whom confirmed their commitment to participate in this pilot. The first Meeting of this Working Group is scheduled on 4th May in Brussels and will focus on agreeing on the use-cases and architectural options. if you are interested in joining this pilot, please contact Marta Ienco at [email protected] with the details of your organisations and email address.