Online guide to the Russian tech market
Home News Robin Munby

No more passwords - how mobile identification could change our web experience

0 4 March 2014

Bercut, a global telecoms services firm and Digital Zone, a Moscow-based tech company have teamed up to create a password-free authentication system for mobile devices. The system, called Mobile Identity, combines the ip-address of the mobile device user with information about their location provided by the operator to confirm the user's identity, eliminating the need to enter passwords. The system could also be used for financial operations and in place of electronic signatures. 

Digital Zone was founded in 2005, and develops various kinds of software including its own operating system ‘Phantom’. The Moscow-based company also has offices in St Petersburg, Kazan, Ulyanovsk and Krasnodar. Around 170 developers and IT specialists work for the firm, which had a turnover of around $5 million in 2013. 

Bercut is a world-leading company in telecommunication services, whose clients include top-20 global network operators and whose services, in total, are used by 300 million mobile users. The initial idea behind Mobile Identity came from Bercut, who approached Digital Zone in order to add the tech company's programming expertise to the project.  

Dmitry Zavalishin, Digital Zone's director, explains that Mobile Identity technology should make carrying out financial operations from mobile phones simpler without compromising the security of the user’s bank account. It functions as an ‘ecosystem’, linking banks and online retailers with telecommunications companies. 

An example of how the technology will work is this: the user enters the website of the online retailer and chooses their products, then proceeds to the online checkout and enters the cardholder’s details. Once the bank has received the request from the client for an online transaction, it determines their location via their ip address. The cardholder’s name and the address from which the transaction request was received are sent to the network operator. They then confirm whether or not the client is at the address determined by the bank from the ip address. If the verification by the bank and operator are confirmed, then the transaction is approved. 

Even if the software’s location check could be cracked, the identification of the client’s position by the mobile operator is impossible to falsify, explained Zavalishin. 

Mobile Identity technology also offers the opportunity to enter internet sites without creating an account. Rather like it is possible to enter multiple sites using registration on one site - such as Facebook or Google, Mobile Identity would provide an alternative over-arching login service for multiple sites. 

During registration the details of the user would be verified with the help of the network operator, after which they would be assigned a unique identifier. This would allow them to avoid creating an account – with the help of the UID Mobile Identity would ‘recognise’ the visitor upon returning to the site, without having to ask for any details. 

Using this identifier, the company would even be able to send the user messages, without even having their phone number. “This is very useful, but of course it does depersonalise the service. However it is possible to request that the user send the application or website personal details such as their name (which will already be known to the mobile network operator). The user will then have the opportunity to create a full account,” said Zavalishin.

Vitaly Balanda, director of Business Development at Bercut, explained that Mobile Identity's effectiveness is related to the role played by mobile operators - 

“Mobile Identity brings together network operators’ strong points - infrastructure for authorizing sim-cards, the knowledge and trust of sim-card holders, the absence of a financial and legal relationship - in order to make sim-card holders’ relationships with online and offline businesses simpler, safer and more convenient. Bercut's long history of business cooperation with mobile operators in Russia and the CIS makes the development of Mobile Identity a natural step for us. We believe that the biggest advantage of Mobile Identity for banks is that it can increase their clients’ security when making different financial transactions.” 

Full scale implementation of the product will require legal support, as the law concerning personal details forbids network operators from disclosing much of the information about the user. For the moment Mobile Identity’s basic services do not involve personal details. All of their services will be anonymous, or will require the user’s approval when disclosing personal details. 

For example, upon receiving a request location request from a user, the bank will independently identify the current location of the client concerned, confirming it via their ip address. The network operator will then only have to confirm the details received. 

In the future, through requesting more detailed personal information about the customer, such as sex, age, size of phone bill and the way they spend money on their phone,  Mobile Identity will be able to help banks and online retailers to personalise their services. They will be able to assess the amount of credit to offer clients based on their spending, or check foreign transactions based on their roaming details.

Mobile Identity can also provide an electronic signature with the help of a key saved to the sim card. “Technically, this will allow you to sign electronic documents using your mobile phone. Unfortunately, however, some of the legal questions regarding this technology are yet to be solved,” said Zavalishin, adding that another interesting application of this technology is in withdrawing cash from an ATM using your mobile, without the need for a card.

As well as Digital Zone and Bercut, the company e-Legion are also working on the development of the product, having become part of holding company DZ Systems (of which Zavalishin owns 51%, and founder Alexander Zverev 49%) in 2013. 

The pilot will run for 2 months, after which the company plans to launch the product commercially, with results expected by autumn 2014.

Source: CNews

Top image via Shutterstock

More on the topic

comments powered by Disqus
via social network

Facebook
Google
Twitter
Linked in
Vkontakte