Mobile Identity is a development of the traditional online authentication and digital signing; the SIM card of one’s mobile phone works as an identity tool. Mobile Identity enables legally binding authentication and transaction signing for online banking, payment confirmation, corporate services, and consuming online content. The user’s certificates are maintained on the telecom operator’s SIM card and in order to use them, the user has to enter a personal, secret PIN code. When using Mobile Identity, no separate card reader is needed, as the phone itself already performs both functions.
In contrast to other approaches, the mobile phone in conjunction with a mobile signature-enabled SIM card offers the same security and superior ease of use than for example Smart cards in existing Digital identity management systems. Smart card-based digital identities can only be used in conjunction with a card reader and a PC. In addition, distributing and managing the cards has become a logistical nightmare, exacerbated by the lack of interoperability between services relying on such a digital identity.
With the mobile signature concept, there are a number of private company stakeholders that have an inherent interest in setting up a mobile signature service infrastructure thus offering mobile identity services. These stakeholders are mobile network operators and to a certain extent financial institutions or service providers with an existing large customer base, that could leverage the use of mobile signatures across several applications.