Mobile Connect is a portfolio of mobile-based secure universal authentication, authorisation and identity solutions. Learn more about various Mobile Connect products.

 

Mobile Connect Technical Overview

Mobile Connect is based on the OpenID Connect & OAuth2 - you can learn more about OpenID Connect here.

 

Operators

Mobile Connect is provided by a global network of Mobile Network Operators and delivered via a standardised technical interface.

Authentication is always provided by the end-users' Mobile Operator. The GSMA provides the API Exchange which brings the operators and developer together by providing the Discovery API that allows developers to identify the end-users operator.

APIs

Mobile Connect currently uses two APIs:

These APIs are based on industry standard RESTful API principles. Each API is provided over HTTP protocols so that you can incorporate Mobile Connect in your application regardless of the programming language or operating system you are using for development.

Level of Assurance

A Level of Assurance, describes the degree of confidence in the processes leading up to and including an authentication. It provides assurance that the entity claiming a particular identity, is the entity to which that identity was assigned.

During a Mobile Connect API authentication request, the application declares the degree of confidence that is required in the returned (asserted) identity. The greater the risk associated with an erroneous authentication, the higher the Level of Assurance recommended.

Authenticators

Mobile Connect allows end-users to verify themselves using their mobile phone. An authenticator is the method by which this verification takes place. A number of different authenticators are supported by Mobile Connect.

The authenticator used will depend upon the individual operator and the Level of Assurance requested. To improve the customer experience, operators in a particular country will normally work together to provide the authenticator options for all end-users.

The table below illustrates the different authenticators and the Level of Assurance they offer..

Authenticator Description. LoA2 LoA3 LoA4
Seamless Authentication Authentication is automatically handled by the operator is the user is connected via the operator network.    
SMS+URL The end-user verifies themselves by clicking on a link in an SMS.  
USSD A USSD session is initiated allowing the end-user to verify themselves.  
SIM Application Toolkit A Sim Toolkit session is initiated allowing the enduser to verify themselves.
Smartphone application A native application that allows the end-user to manage their verification.

A more detailed overview of authenticators can be found in the documentation section.

The PCR

PCR stands for "Pseudonymous Customer Reference". This is a unique identifier that Mobile Connect uses to reference a specific end-user. A PCR is used to ensure that the end-user's privacy is protected while the developer can be confident that a PCR represents an actual end-user.

The same PCR will be returned for each authentication request, this enables you to identify your end-users based on the PCR value.

A more detailed discussion of PCRs including how they should be used can be found here.

Integration with existing account systems

Mobile Connect integrates easily with existing account systems by using the PCR as the key identifier. The PCR should be paired to the existing user-id so that receiving an end-users authenticated PCR allows the user-account to be identified. Any existing account features remain unchanged.

Next Steps

You can read a more about the steps involved in implementing Mobile Connect here or you can jump straight with the step-by-step guide. To read more about Mobile Connect products click here.