YOU ARE AT:AmericasTelefónica to take eDNI to mobile SIM cards

Telefónica to take eDNI to mobile SIM cards

Telefonica | February 14, 2011 | Press Release

Today Telefónica, at the Mobile World Congress shows their pioneering Project which enables customers to store their eDNI data on the SIM card of their mobile phones. This innovative project will allow customers to identify themselves securely and automatically via their mobiles in order to access webpages.

At the Mobile World Congress, which kicks off today and ends on Thursday, Telefónica is presenting a pioneering project which enables customers to store their eDNI data on the SIM card of their mobile phones. The project will showcase the scope to securely store eDNI data on this smart card and to use it to access web pages that require identification using a personal identity number (banks, utility companies, public institutions, etc)

The aim is to find other uses for the SIM card, a smart card carried by most people which by default contains a secure cryptographic processor, a filing system and a protocol that permits the completely secure exchange of data for mobile communications in line with all prevailing security standards.

This innovative venture, which Telefónica has developed in conjunction with Telefónica R+D (TRD) andSecuware, the Spanish leader in information security, enables Telefónica to explore the potential of the technologies involved and to pave the way for their future commercial exploitation.

The scope of this innovative project is limited to the management of the customer’s identity when accessing webpages where identification is obligatory (banks, service companies, public entities). The fact that an ever increasing number of web pages require proof of identity before they can be accessed has prompted Telefónica to reflect on the added value and convenience for customers of a solution that identifies them securely and automatically from their mobile phone.

This service will also be useful for validating the identification of the customer or their age when physically accessing buildings – discotheques, offices, …- or virtually accessing social networks or pages for adults that are age restricted, as well as the immediate creation of customer loyalty cards on phones by major retailers, brands, etc.

Extraction of data

Extracting eDNI data is a simple process. The customer uses a PC with an electronic DNI reader and connects to a webpage where the eDNI data extraction proceeds. The user must indicate the number of the mobile phone or phones on which he wishes to store this data and a text message confirming the operation is immediately sent to these numbers (One Time Password).

Once the data have been extracted from the PC containing the reader, they are visualised on screen and another encrypted communication channel is set up linking the PC with Secuware’s servers and a request sent to verify the validity of the eDNI in question. The system verifies that the eDNI has not been reported lost or stolen and the data is then sent via OTA (Over The Air) to the customer’s SIM card using secure information packages where they will be stored in the secure files of the SIM card’s memory.

Communication between the eDNI and the dni-web application, which ensures that Secuware’s servers check the validity of the eDNI data with those held by the Police, is encrypted using the component certificate, guaranteeing data privacy.

DNI information stored on the SIM card will only be accessible by applications signed with the Telefonica certificate (such as ‘cartera movistar’), thereby preventing access by non-authorised parties.

The process meets all the requirements of the Data Protection Act since all personal data management and communication is carried out using Secuware’s Crypt4000a encryption module. The data is only stored on an encrypted server and the SIM card, and a secure channel is established between both.

Access from the customer’s mobile phone to web pages that require identification using the DNI is swift as the mobile automatically includes this number without the customer having type it in; all the customer has to do is enter their password, which is unknown to anyone else. The same procedure can be used to access webpages from a PC connected via a 3D modem, provided that the eDNI data has been stored on its SIM card.

The Sim ID movistar application is a modification of the existing ‘cartera movistar’ or virtual mobile wallet, and permits the DNI data to be viewed on the mobile phone (name, surnames, number of document, …). Via the various links that appear by clicking on the ‘Acceso Servicios DNIWeb’ option the customer can connect to the selected webpage and automatically fill in the user ID field with their ID number. In this way the user can enter their bank account, the Telefónica website, bank sites, online supermarkets, government websites, service companies, etc. Once these pages have been accessed they will be immediately added to favourites.

Press Release via Telefonica

ABOUT AUTHOR