id-cloud message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Mobile ID
- From: chris.kappler@pwc.be
- To: id-cloud@lists.oasis-open.org
- Date: Mon, 13 May 2013 20:47:24 +0200
All,
As requested a short description of
the mobile authentication we use.
The goal is to identify a user using
a secure channel.
The channel itself is set up by sending
a hash consisting of the combination of the phoneID and the simcard serial
number.
The reason we picked those attributes
is because they are common to all manufacturers and all carriers. They
can also be obtained in the same manner independent to a manufacturer and
carrier.
The hashing is done so none of the info
is send into clear text over a carrier.
There's 2 ways of provisioning:
* Either the device is company owned
and then the hash result is directly inserted in the system
* Either the device is not company owned
and then the hash is sent out at first installation by a secure channel.
Once a secure channel is established
user authentication is done by means of a certificate and pin.
Regards,
Chris Kappler
PwC | Manager
Direct: +32 2 7104176 | Mobile: +32 477 520606 | Fax: +32 2 7104299
Email: chris.kappler@pwc.be
Ascure nv
Firm legal information, click here
*Professional Mail*------------------------------------------------------------------------------------------
This e-mail is intended only for the person to whom it is addressed.
If an addressing or transmission error has misdirected this e-mail,
please notify the author by replying to this e-mail. If you are not
the intended recipient you must not use, disclose, copy, print or
rely on this e-mail.
PwC may monitor outgoing and incoming e-mails and
other telecommunications on its e-mail and telecommunications systems.
------------------------------------------------------------------------------------------
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]