MSign

Mobile signature is a digital signature verifying the identity of the signer to third-parties without requiring face-to-face communication and thus is the digital equivalent of the wet signature for many transactions.

For more information

By deploying a mobile signature service, operators can enjoy the following benefits:

  • Increased service revenues due to mobile signature usage by subscribers
  • Increased customer retention due to mobile signature coupling with the MSISDN number
  • Service differentiation for corporate and residential customers

Benefits are also abundant for subscribers using a mobile signature service:

  • Solve security problems of the online world with identity confirmation.
  • Make a legally-binding commitment by sending a confirmed message to another party
  • No need to memorize different passwords
  • No more continuous password changes
  • Accounts are kept safe even if the password gets stolen, since no transactions are possible without the mobile signature.

Enabling the mobile signature service requires many parties involving Certificate Authorities (CA), Registration Authorities (RA), Application Service Providers (ASP), Standardization Authorities and the mobile terminals. Managing these parties and devices, applying standards and regulations necessitates a Mobile Signature Service Provider (MSSP) platform on the operator’s side.

Turkcell Technology’s Mobile Signature Service Platform MSign has been developed according to the following guidelines:

  • Delivering a consistent end user experience
  • Providing an authentication mechanism for interactive community including end users and application providers
  • Promoting interoperability and ease of integration

The purpose of the registration flow is to gather necessary documents and personal identity information from the subscriber; install and activate the MSign SIM applet on the subscribers SIM card; create public key, private key, and signing PIN; provision the subscriber to the MSign platform; and create a certificate for the subscriber on the Certificate Authority.

 

msign-1

 

The purpose of the signing flow is to validate the identity of the subscriber to the 3rd party Application Provider by requesting the subscriber to sign a hash code of a document or transaction generated by the application provider.

msign-2