Taking a break from work at the National Theatre.

15.01.2016

Mobile technology security demands transparency: the case of the United Kingdom

Image | Garry Knight

In the United Kingdom there are more mobile devices than people. With a smartphone penetration rate of 80%, it is essential to develop products and solutions to ensure the security of personal information.

In short, a few years ago privacy became one of the British government’s primary concerns in relation to its public digitalisation strategy. The objective was to create a unique and secure identity so that each user could easily access any government service: whether health, social services, employment portals or tax payments.

This mobile identity enables users to track all their personal data at all times, knowing the exact terms and conditions of each of the services they use. In a context in which most online service platforms design terms and conditions that allow companies to sell users’ data to third parties at any time, it was essential to come up with a 100% transparent security system that would generate confidence amongst users. The IDAP (Identity Assurance Programme) programme, launched in 2013 by the United Kingdom’s Cabinet Office, would be responsible for developing this security system.

Five companies providing secure identification services and four operators, coordinated by the Open Identity Exchange (OIX) organisation and GSMA, designed and developed a mobile identity pilot service based on data records generated by users themselves.

Captura de pantalla 2016-01-15 a las 11.07.06

The service prototype created by the governmental secure identification programme in the UK is based on a new identification layer that uses mobiles as way to validate users’ identities. Thus, to verify that a user is really who he says he is, he only has to answer questions related to operations carried out in the past. For example, to access one’s social security records he would have to provide, as a password, the amount of his last phone bill. Moreover, the system also included plans to perfect the capabilities of SIM cards.

The new mobile identity system was tested through a pilot programme carried out with a limited number of users. After the test it was concluded that the solution could be really attractive to users, who understood that if their data records were only used to verify their identities, the danger of them being used illegally was minimal.

Mobile phones are becoming users’ preferred device to perform all kinds of digital operations. It is about time that solutions such as the one designed by the British government are implemented and accepted by the majority of the population, and with the approval of official organisations and companies providing services.

Why are we talking about this?

Mobile World Capital Barcelona, in collaboration with GSMA, Accenture, NXP and T-Systems has drafted the ID_M, Mobile Identity report, a study that analyses smartphones’ potential as a new tool for secure, reliable and private identification. It analyses European success stories and provides recommendations for their potential implementation in Catalonia.

Download the report in PDF format, or check the online version.