Global Scale user Authentication – Simple and Secure
MC Authenticate allows a Service Provider (SP) to use a mobile device to authenticate the user. In order to address the needs of different SPs and to cover various use case scenarios Authenticate provides 2 levels of assurance (LoA) in order to make sure that security is maintained without inconveniencing the user
MC Authenticate: Gives 1-factor of authentication (LoA2). Enables SP to ascertain the ownership, possession and control of a mobile device associated with a particular MSISDN(Mobile Station International Subscriber Directory Number). MC Authenticate Plus: Gives 2 factors of authentication (LoA3). In addition to the possession and control function of MC Authenticate, PLUS also include a biometric or PIN authentication option. If a user is accessing a service provide through a mobile, the network operator (MNO) can easily authenticate the user without any interaction from the user themselves, providing a seamless experience. The SP can then choose whether or not to request user acknowledgement.
How does it work?
The Service Provider requests user authentication to the User’s operator. This involves stipulating the required level of authentication (LoA) via the Mobile Connect OIDC API.
The Operator will then process that request and based on the LoA will supply an authenticator to the SP via the user’s mobile device.
The Operator the provides the SP with a success or failure response. This is sent alongside a PCR (pseudonymous customer reference). This PCR is unique for each user. The SP can then use the PCR for identifying a returning user, or identifying an existing user account.
How is it used?
During login to user’s account on websites.
To ensure a new user’s identity. Replaces an SMS One Time Password (OTP).
Captcha replacements prove the SP is interacting with a human.
Secure authentication for online banking and other high value or sensitive online transactions Saves on costs by replacing hardware tokens.
Customer Care Centre authentication is easier when the user is not contacted via an IP-connected device.
Allows for secure verification for users with forgotten passwords and assists account recovery.
Mobile Identity benefits and features
Does not rely on passwords and has the option of using biometrics; simplifying the authentication process.
Confirmation of user identity at point of use reduces fraud.
Different levels of security lends easy of access for users and allows SP to set a suitable level of security offsetting security with user convenience.
Authentication is seamless if the user connects to the SP via mobile network.
The method of interaction does not affect the authentication experience of the user. Works identically on tablet, PC, mobile devices and so on.
Mitigates the effect of malware on the device, SS7 hacks and VOIP numbers.
Single contract to access the service and a single open standard API (OIDC) from multiple operators worldwide.
Can be initiated by the user on their own browser when entering the SP’s website. Alternatively, the SP can run it in the background making it available for many different use cases.
With the consent of the user MC Authenticate can be combined with the MC Phone Number to allow the SP to have access to the user’s unique MSISDN.
Where MC National ID service is supported it can be combined MC Authenticate Plus enabling an SP to obtain information on the real identify of the user (with their consent) and obtain authentication of that identity.
Where the MC APT service is supported it can be combined with MC Authenticate Plus. This enables the SP to authenticate the user and check to see if the SIM has recently been changed, thus providing more assurance that authorisation has been received by the correct person.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.