Mobile Connect Authorisation

Direct – Fast – Safe

Contextual authorisation direct to the user's mobile phone

Mobile Connect Authorise: End users can authorise any request from a Digital Service Provider (DSP) direct from their mobile phone. The DSP provides details specific to their request in the Mobile Connect API, displayed on the user’s mobile phone. The user approves or rejects the request (a simple ‘Yes’ or ‘No’ response), which is relayed to the DSP in the API response.

Mobile Connect Authorise Plus: This works in the same way, with an additional requirement for the end user to authenticate first by entering the Mobile Connect PIN prior to authorising the request.

Product features

End user always authorises on the mobile phone (SIM card present)
Supports single-factor (LoA2) and two-factor (LoA3) authorisation
Implicit or explicit authentication of authorising a user
Mobile Connect API leverages the OpenID Connect standard
Authorisation response includes explicit approval from the user

Four stages of secure interaction

Authenticate

The DSP triggers a Mobile Connect request. Mobile Connect identifies the serving operator and asks the operator to obtain authorisation from an end user on a specific request. The service authenticates the end user.

Authorise

The request is displayed on the end user’s mobile phone for the end user to authorise.

Verify

The end user verifies or refutes the request with a Yes/No response.

Confirm

The operator provides an authorisation success or failure notification back to the service provider.

1
2
3
4
KEEP IT SIMPLE TO KEEP CUSTOMERS ENGAGED
Secure online approvals that move things along faster, with better outcomes all round

Chen has crammed full his shopping cart at his favourite fashion site. He goes to check out, selects his payment method, and clicks "Pay". In line with the 3D Secure process, the merchant redirects Chen's request to the bank. The bank knows that Chen uses Mobile Connect, so they send an authorisation request to Chen's phone, prompting him for his PIN. Chen correctly enters it; the bank is now confident that it is the right person performing the transaction, so approves it.

Shopping with a smile

Improved transaction rates through a simple, intuitive, user experience.

Buyer and seller are both confident in a strong 2-factor security process, resilient against cyber-attack.

KEEP THE INFORMATION FLOWING

Rapidly approve the sharing of medical records

Jim has a pain in his wrist, and his GP recommends seeing a specialist. The specialist asks the GP for Jim's medical file. Jim has set up Mobile Connect for this purpose, so before the file can be transmitted, Jim receives a prompt on his phone telling him that the GP wants to share his record with the specialist. Jim approves the request (pressing "Yes") and enters his PIN to confirm. The record can now be transferred.

Faster and better outcomes

The process is swift and convenient for all parties.

No one else can use the patient’s account to log-in so the process is secure and the data is safe.