LIVE FROM GSMA MOBILE 360 – PRIVACY & SECURITY, THE HAGUE: Speakers from Telefonica, MasterCard, Callsign and Morpho agreed the password is bust, or at least has some serious shortcomings, but there was less consensus on what comes next.

Oscar Mancebo Ortiz, head of Mobile Connect, Telefonica Group, was clear the problem is not one of technology but identity; how customers make use of passwords.

“They always choose the same password.  The only way to manage so many passwords is to choose the same one each time. That’s the reason [for vulnerability].” Ortiz’s solution is to turn a user’s mobile number into an internet ID, which is the principle behind the GSMA’s Mobile Connect project.

Starting in February 2014, Telefonica identified service providers to partner for Mobile Connect and started trials. “We did it and they told us, there is a problem, we don’t want to be first.” Telefonica enabled two billion users for Mobile Connect, and then headed back to the service providers. “They said they.don’t want to be first to educate users.” So now the operator is implementing an initiative with internal service providers to educate users.

Telefonica launched Mobile Connect in four countries in 2015, with a further four scheduled for 2016.

Biometrics
For MasterCard, the solution could be biometrics, at least that was the message from a pilot, said Veronika Colucci, Mastercard business leader, product development.

A survey by the credit card giant found users wanting an alternative to passwords. A pilot produced some interesting results, including that more than 75 per cent preferred fingerprint verification over facial, or selfie, recognition.

Meanwhile, James Bradley, CTO of Callsign, a UK authentication firm, made fun of existing means of verifying user identity.

He said the next generation will think “this is silly, there are different ways, why is my life being made complicated?”

Key to integration efforts for authentication are connectivity, identity mapping and access control, said Bradley. Then there is the issue of channel owners having different rules around policies, authentication methods, geolocation and behavioural analytics, app and device integrity, step-up authentication and the cloud.

His solution? Make it easy for users.

Meanwhile, Olivier Clemot, VP of digital trust solutions, Morpho, commented: “There are different form factors of authentication. Do I see convergence in future? Biometrics is performing because it is frictionless.”

But he added: “I have been in the industry for a long time and I have learnt it is always a race, I don’t see a single thing winning right now.”