SIMalliance, a trade association intended to “support the creation, deployment and management of secure mobile services and applications across the globe,” announced availability of its Open Mobile API. This will enable developers to access and use the “secure element” within a mobile device to provide two-factor authentication, to enable the delivery of a “host of NFC, payment and identity services.” The SIMalliance said that “current levels of single factor authentication, where users log in to a mobile application or service using a password, have shown to be inadequate as attacks on smartphone and tablet applications increase in number and sophistication.”

According to Frederic Vasnier, chairman of the SIMalliance, the development of a standardised API is a “very significant step” in reducing the potential for the use of apps for identity theft or fraud. “Knowing their data is safe will increase consumer confidence and stimulate growing demand for new services – and that is good news for the user, the mobile operator and the hundreds of brands that now recognise the opportunities of engaging with their consumers on the mobile,” Vasnier said.

In a whitepaper, the SIMalliance said that “the most common secure element within the mobile space, and indeed the most widely used security platform in the world, is the SIM – or more accurately in today’s world, the Universal Integrated Circuit Card (UICC).” However, a secure element can also be provided by an embedded into the device or via a secure memory card, “both of which can also be delivered simply and cost effectively into the mobile environment.” It consists of a combination of hardware and software, “built to exacting standards and developed and delivered in controlled white room manufacturing environments.”

Created by the SIMalliance Open Mobile API workgroup, release v1.01 of the API delivers the transport layer between the smartphone app and the secure element. It said that this delivers a “single, consistent specification and interface across multiple operating systems,” eliminating the need to reengineer apps for each specific platform.