Mobile Connect is a portfolio of mobile-based secure universal authentication, authorisation and identity solutions. Learn more about various Mobile Connect products.

 

Mobile Connect Technical Overview

Mobile Connect is based on the OpenID Connect & OAuth2 - you can learn more about OpenID Connect here.

 

Operators

Mobile Connect is provided by a global network of Mobile Network Operators and delivered via a standardised technical interface.

Authentication is always provided by the end-users' Mobile Operator.

Within a local market, there may be a locally provided Discovery service which will allow developers to identify the end user's operator. Developers will need to contact an operator, within the local market to get details of any available Discovery service.

APIs

Mobile Connect currently uses the following APIs:

  • The Mobile Connect Profile v1.1 API allows the end-user to authenticate themselves using their Mobile Connect user account while Mobile Connect Profile v1.2 API adds support for authorisation and identity services in addition to authentication.
  • These APIs are based on industry standard RESTful API principles. Each API is provided over HTTP protocols so that you can incorporate Mobile Connect in your application regardless of the programming language or operating system you are using for development.

    Level of Assurance

    A Level of Assurance, describes the degree of confidence in the processes leading up to and including an authentication. It provides assurance that the entity claiming a particular identity, is the entity to which that identity was assigned.

    During a Mobile Connect API authentication request, the application declares the degree of confidence that is required in the returned (asserted) identity. The greater the risk associated with an erroneous authentication, the higher the Level of Assurance recommended.

    Authenticators

    Mobile Connect allows end-users to verify themselves using their mobile phone. An authenticator is the method by which this verification takes place. A number of different authenticators are supported by Mobile Connect.

    The authenticator used will depend upon the individual operator and the Level of Assurance requested. To improve the customer experience, operators in a particular country will normally work together to provide the authenticator options for all end-users.

    The table below illustrates the different authenticators and the Level of Assurance they offer..

    Authenticator Description. LoA2 LoA3 LoA4
    Seamless Authentication Authentication is automatically handled by the operator is the user is connected via the operator network.    
    SMS+URL The end-user verifies themselves by clicking on a link in an SMS.  
    USSD A USSD session is initiated allowing the end-user to verify themselves.  
    SIM Application Toolkit A Sim Toolkit session is initiated allowing the enduser to verify themselves.
    Smartphone application A native application that allows the end-user to manage their verification.

    A more detailed overview of authenticators can be found in the documentation section.

    The PCR

    PCR stands for "Pseudonymous Customer Reference". This is a unique identifier that Mobile Connect uses to reference a specific end-user. A PCR is used to ensure that the end-user's privacy is protected while the developer can be confident that a PCR represents an actual end-user.

    The same PCR will be returned for each authentication request, this enables you to identify your end-users based on the PCR value.

    A more detailed discussion of PCRs including how they should be used can be found here.

    Integration with existing account systems

    Mobile Connect integrates easily with existing account systems by using the PCR as the key identifier. The PCR should be paired to the existing user-id so that receiving an end-users authenticated PCR allows the user-account to be identified. Any existing account features remain unchanged.

    Next Steps

    You can read a more about the steps involved in implementing Mobile Connect here or you can jump straight with the step-by-step guide. To read more about Mobile Connect products click here.