Search :
Join mGov Group:
  Practitioner View  Point
  In Practice

Mobile Government Observatory Visitors

Valid XHTML 1.0 Transitional


SIM based digital signatures on mobile phones to make plastic cards obsolete

Turkey's Turkcell has signed a deal to offer mobile "signatures" to all its customers, using security platforms from Gemalto, a leader in digital security with pro forma 2006 annual revenues of 1.7 billion euros.

Explaining Turkcell's motivation for the deal, "Ease of use and security were critical when we decided to implement our m-signature program," Cenk Serdar, chief executive for value added services, Turkcell said. "We wanted to spare our subscribers the hassle of buying and setting up a smart card reader and carrying an extra smartcard to perform secure online transactions with qualified digital signatures. The Gemalto solution transforms the handset into a highly secure digital signature creation device they feel familiar with."

   "Turkcell's early launch of mobile digital signature further underlines their innovative profile," added Xavier Chanay, president CIS, Middle East, Africa at Gemalto. "Gemalto is proud to support Turkcell in staying ahead of the market by offering its subscribers highly attractive services and making secure transactions wherever they are."

  The Gemalto solution will allow Turkcell subscribers to securely access services requiring strong authentication, such as Internet banking or e-government applications, using their mobile phone to generate a legally binding electronic signature. Turkcell's mobile signature program, the largest in the world, will allow users to perform secure online transactions through their handset, anytime, anywhere.

  The program is based on qualified digital certificates by E-Guven, a Turkish Certificate Authority. Subscribers will be able to access a banking site from their mobile phone, home PC or an Internet café, and enter their customer ID to login or conduct a transaction. The bank then sends an authentication request that prompts the user to enter the secret code they chose when they activated the mobile signature service, using their GSM phone. The SIM card then checks the secret code, creates the digital signature and sends it back to the bank to enable the corresponding transaction on the banking account.

  What makes this Gemalto mobile signature solution more secure is that it relies on something you own (the private key of your digital signature that is securely carried on the SIM card) and something you know (the secret code). Turkcell's m-signature program is designed to work with any digital service or application that requires legally binding identity confirmation and approval.

  Gemalto provided Turkcell with a PKI-based strong authentication solution that ensures the highest levels of security for online transactions. Upon the operator's activation request, the SIM card itself creates the secret keys. This on-board key generation (OBKG) process is performed after personalization and issuance to the consumer. It allows Turkcell customers to generate secret keys based on their own secret code, with the highest of privacy.

Source : Turkish Daily News

©  Copyright mGovworld. All Rights Reserved