Mobile Connect in action

From e-commerce, banking and retail, to public sector and parental controls, Mobile Connect is a global solution that spans operators and industries.

Travel and hospitality providers are increasingly offering loyalty schemes, but nearly 60% of memberships become inactive within a year. Loyalty scheme accounts are also a target for hackers.

Authentication

Increase loyalty programme activation & engagement

Mary is going on holidays by the beach. When checking in the hotel, she is given information about signing up to the loyalty scheme. On the website, there is an option to ‘Join with Mobile Connect’: she clicks the button and is asked to enter her mobile number. She receives a message on his phone asking her to confirm her sign up. She clicks ‘yes’ and is registered. She has made her booking using Mobile Connect, so her points are added automatically. Next time she wants to login, she can simply use Mobile Connect.

    • More convenient for the user and more secure for the hotel
    • Faster, easier and more cost effective than paperwork
    • Anonymous registration lets the user control of when to share personal information

Wi-Fi providers may ask customers to create an account with a username and password. But 88% of users admit to giving incorrect or incomplete information on the forms, and 90% of them will abandon the process if they forget their username or password.

Authentication

Improve Wi-Fi registration and activation

Tom is at a new coffee shop, and wants to access the Wi-Fi. He goes onto the portal, and sees that he needs to create an account. He can either create a username and password, or use Mobile Connect. He chooses the latter. He enters his phone number and receives a prompt on his phone asking him to confirm that he wants to log in to the Wi-Fi. He accepts and is granted access to the network. Next time he comes, he knows he does not have to remember his username or password to log in.

    • Convenient, no typing of usernames and passwords on phone screens
    • Speeds up registration process, reduces friction and drop-out rates
    • End-users control what personal data they share
    • Generates improved customer insights as end users log-in more often

Banks must protect customers accounts and do so in a way that is low cost and user-friendly. Hard tokens are being replaced with less intrusive, cheaper self-service authentication methods.

Authentication

Alternative option for 2-factor authentication

Rithika is logging into her bank from a computer in the business centre of the hotel that she is staying in. As this computer is unknown to the bank, the bank requires a 2 factor authentication Interactive Voice Response call-back to the phone Rithika registered with the bank, which is her home phone, which she does not have access to. Instead, she uses Mobile Connect with her secret PIN to access the site.

    • Simpler to use with a device that is always with the user
    • Cheaper for the bank as they do not incur the cost of the Interactive Voice Response.

3D Secure is widely used to counteract fraud in online shopping but it adds an extra step to the process and is not always easy to use, leading to abandoned transactions.

Authorisation

Secure, simplified online approvals

Chen is shopping online; he has now filled his cart and proceeds to check out. He selects his payment method and clicks pay. The merchant redirects the request to the bank as part of the 3D Secure process. The bank knows that Chen uses Mobile Connect, so they send an authorisation request to Chen’s phone, prompting him for his secret PIN. Chen correctly enters it; the bank is now confident that it is the right person performing the transaction, so approves it.

    • Simple user experience, encouraging transaction
    • Strong 2-factor security, resilient against cyber attack

In-App purchases are a major revenue source for digital content producers. But purchase controls, especially for children, are a concern for the industry, parents and regulators.

Authorisation

Enable parental control of in-App purchases

Diya’s daughter Padma loves playing Club Penguin. Diya is out, but Padma wants to buy furniture for her igloo. She accesses the shop and selects the items, to be paid with Diya’s pre-defined payment details. Diya gets a Mobile Connect prompt asking her to authorise the purchase and enters her PIN to confirm. Padma receives a message from Club Penguin that her furniture is ready to use.

    • Convenient: the parent doesn’t need to be present to approve the purchase
    • Secure: no one else can use the parent’s account to log-in and make purchases

In-App purchases are a major revenue source for digital content producers. But purchase controls, especially for children, are a concern for the industry, parents and regulators.

Authorisation

Approve the transfer of medical records

Jim has a pain in his wrist, and has talked to his GP, Dr Smith, about it. After examination, the GP tells him to go to see a physiologist, and recommends Dr Black. Dr Black needs all the relevant information to perform the medical examination, so he requests the medical file from the Dr Smith. Jim has set up Mobile Connect for this purpose, so before the file can be transmitted, Jim receives a prompt on his phone telling him that Dr Smith would like to share his record with doctor Black. Jim says yes and enters his secret PIN to confirm. The record can now be transferred over to Dr Black.

    • Convenient: the parent doesn’t need to be present to approve the purchase
    • Secure: no one else can use the parent’s account to log-in and make purchases

Health records contain very sensitive data. In order to coordinate treatment effectively this data needs to be able to be transferred between health service providers, securely.

Identity

Verifying citizen attributes

Mobile operators hold information regarding their customers’ identity. When a citizen tries to access a public service requiring an identity proof online, the service triggers a Mobile Connect request. The operator checks that the alleged details match with their own database – in hashed form, and return an indication of whether the records concur. The service can then make a decision regarding the validity of the citizen’s identity.

    • Gives both government services and mobile operators more confidence in the quality of their information
    • Makes it possible to spot wrong information
    • Protects customers’ privacy: the matching of hashed information ensures that no party learns anything during the transaction which they did not know before

Identity

Data sharing with appropriate consent mechanisms

Anika is using a new shopping app. The app needs her phone number in order to notify her when her orders arrive at her chosen delivery point. She can provide it via SMS OTP or Mobile Connect. Selecting Mobile Connect, she receives a prompt on her phone asking for permission to share her number with the app. She clicks ‘Yes’, and the app gets her number.

    • Convenient, reduces friction of providing number and verification codes
    • Accelerates registration process, reduces friction and drop-out rates
    • End user knows their number has been shared

Detecting fraudulent transactions is an ongoing challenge – especially without disrupting the user experience. Mobile operators have dynamic information on their customers’ devices and SIMs.

Identity

Account takeover protection

Jim is shopping online for a present and checks out. The merchant redirects the payment request to the bank. The amount it higher than the bank’s usual threshold, so they run an additional check: the bank sends a background Mobile Connect request to check for fraud signals. The customer’s operator checks that the SIM has not been swapped recently, that the customer is in their usual country, etc. They send a confidence score back to the bank, indicating that the signals are normal. The bank is now confident that it is the right person performing the transaction, so approves it.

    • Invisible user experience, enhancing conversion rates.
    • Dynamic information allows for real-time check
    • Complements existing fraud detection systems to achieve more precise detection.

Gaming and gambling companies are required to ensure that their customers are the appropriate age in order to access certain content.

Attributes

Know Your Customer (KYC)

Jim wants to sign up to a gambling site. When he enters his name and date of birth, the site informs him that in order to comply with the age policy, they will check his information with his mobile operator. Jim agrees and the site triggers a Mobile Connect request using his phone number. The operator checks that the alleged details match with their own database (in hashed form). The response confirms that Jim’s date of birth is correct and the site lets him register.

    • Enables age-restricted websites to comply without undermining the user experience
    • Protects customers’ privacy: the matching of hashed information ensures that no party learns anything during the transaction that they did not know before

Some applications need to verify the user’s mobile number. However, this extra step in the journey can cause friction for users.

Attributes

Verified mobile number

June wants to redeem a deal and sign up for a new car ride sharing app. When June accesses the app for the first time, she is required to create an account tied to her verified mobile number. She selects Mobile Connect as a log-in mechanism and receives notification that her mobile number will be shared with the app. She agrees, and her number is seamlessly retrieved to create her account and bind it to her mobile.

    • Fast and mobile-optimised user experience combining account creation and number verification in a single easy step
    • Reduces friction and drop-outs during the crucial registration step
    • Explicit permission is obtained from user to retrieve the mobile number, ensuring transparency and compliance with privacy regulations

Detecting fraudulent transactions is an ongoing challenge – especially when attempting to do so without disrupting the user experience. Mobile operators have dynamic information on their customers’ devices and SIMs.

Attributes

Account takeover protection

Tom is shopping online for a present. When he checks out, the merchant redirects the payment request to the bank. The amount is higher than the bank’s usual threshold, so they run an additional check: the bank sends a background Mobile Connect request to check for fraud signals. The customer’s operator checks that the SIM has not been swapped recently and that the customer is in their usual country. They send a confidence score back to the bank, indicating that the signals are normal. The bank is now confident that it is a legitimate person performing the transaction, so approves it.

    • Invisible user experience, enhancing conversion rates
    • Dynamic information allows for real-time check
    • Complements existing fraud detection systems to achieve more precise detection

Latest news


Markets Turn Their Focus to Cross-Border Trade of Digital Services

  Since the drafting of eIDAS in 2014, there has been a renewed interest from businesses, particularly in Europe, in secure cross-border trade using digital services. Initiatives such as the Mobile Connect-eIDAS pilots, both in 2015 and the upcoming pilot, which demonstrate how mobile networks can be used to identify an EU-citizen of one Member State … Continued


Mobile Connect-eIDAS Pilot Prepares for Secure Cross-Border Trade

  Marta Ienco, Head of the Government & Regulatory affairs, Personal Data   As we draw closer to the implementation of the eIDAS Regulation in September 2018, both governments and private-sector service providers prepare to capitalise on its impact. Designed to enable citizens to carry out secure cross-border electronic transactions such as university enrollment, bank … Continued


Asia’s Mobile Industry Unites behind Mobile Connect

  Download presentations from the event Shanghai—A broad array of MNO’s across Asia have underscored their commitment to Mobile Connect after revealing how the identity solution is central to their aims of enabling more digital services and revenues across the region. During last week’s industry event ‘Deploying Mobile Identity Services Across Asia’ at Mobile World … Continued