Convenience Without Sacrifices in Security
Strong, PKI-based digital identification systems involve 2-factor authentication, i.e. the presence of a physical object of some sort (a smart card or an RFID token) besides a typical PIN-code or password. These tokens also require a specific reader, so the user ends up carrying two extra items.
Wireless PKI (WPKI) provides an elegant solution to this clutter – the PKI token is incorporated into a mobile phone. The “physical factor” token is manifested by a certificate pair that is held on the mobile phone SIM-card, and the mobile phone acts as the reader.
Mobile Phone as an Authentication Device
WPKI enables the users to access a secure online resource such as an online bank or an e-service on their computers or smart devices, using a mobile phone as a means of authentication. The authentication process is handled through cellular network between user’s mobile phone and the authetication server.
WPKI web authentication process from user’s perspective:
- Direct browser to the website that you want to log in to.
- Enter your login ID (e.g. phone number).
- Your mobile phone prompts for a PIN code.
- Website access is granted.
Please note that the users are not required to access the resource on the same mobile phone that is used for authentication (although this is also possible). The WPKI authentication process is handled separately and users can access the resource on any device, and use the phone only for entering the PIN code.
Authentication and Signature, Web and Apps
Besides the above scenario of web authentication, WPKI also supports authentication in desktop or mobile apps, and digital signature.
Any Phone Will Do
WPKI works on all phones, not just the latest ones, nor does it require a smartphone. An overwhelming majority of even the simplest phones produced within the last decade support WPKI.