03 April, 2007
One of Turkey’s leading mobile operators has elected Gemalto’s SIM-enabled qualified electronic signature solution that could potentially benefit some 30 million subscribers, allowing them, via their cell phones, to securely access services that require strong authentication, such as Internet banking or e-government applications.
Amsterdam, The Netherlands – Gemalto, a world leader in digital security, announced that Turkcell, Turkey’s leading mobile operator with more than 30 million subscribers, has selected its SIM-based identification solution to implement a large-scale mobile signature program. The program is based on qualified digital certificates by E-Guven, a Turkish Certificate Authority. Digital certificates are created under Turkish Digital Signature Law that is also in accordance with EU’s Digital Signature Directive. The Gemalto solution will allow Turkcell subscribers to securely access services that require strong authentication, such as internet banking or e-government applications, using their mobile phone to generate a legally binding electronic signature.
Turkcell’s mobile signature program, the largest in the world, will allow users to perform secure online transactions through their handset, anytime, anywhere. From their mobile phone, home PC, or from an Internet café, the subscriber accesses, for instance, the banking site and enters their customer ID for login or giving a transaction order. The bank then sends an authentication request that prompts the user to enter the secret code they chose when they activated the mobile signature service, using their GSM phone. The SIM card then checks the secret code, creates the digital signature and sends it back to the bank to enable the corresponding transaction on the banking account. What makes this Gemalto mobile signature solution more secure is that it relies on something you own (the private key of your digital signature that is securely carried on the SIM card) and something you know (the secret code). Turkcell’s m-signature program is designed to work with any digital service or application that requires legally binding identity confirmation and approval.
Gemalto provided Turkcell with a PKI-based strong authentication solution that ensures the highest levels of security for online transactions. Upon the operator’s activation request, the SIM card itself creates the secret keys. This on-board key generation (OBKG) process is performed after personalization and issuance to the consumer. It allows Turkcell customers to generate secret keys based on their own secret code, with highest privacy.
“Ease of use and security were critical when we decided to implement our m-signature program”, commented Cenk Serdar Chief Executive for Value Added Services, Turkcell. “We wanted to spare our subscribers the hassle of buying and setting up a smart card reader and carry an extra smartcard to perform secure online transactions with qualified digital signatures. The Gemalto solution transforms the handset into a highly secure digital signature creation device they feel familiar with.”
“Turkcell’s early launch of mobile digital signature further underlines their innovative profile,” added Xavier Chanay, president CIS, Middle East, Africa at Gemalto. “Gemalto is proud to support Turkcell in staying ahead of the market by offering its subscribers highly attractive services and making secure transactions wherever they are.”
Gemalto was formed in June 2006 by the combination of Axalto and Gemplus. For more information please visit www.gemalto.com.