• Vodafone Carrier Services set to roll out Vodafone Identity Hub to five more European markets.
  • Built on industry initiative MobileConnect, platform uses network data for authentication and identity verification services for businesses.

Vodafone Carrier Services expands fraud prevention for businesses

Vodafone Carrier Services expands fraud prevention for businesses

Source: George Prentzas / Unsplash

Vodafone Carrier Services set to roll out Vodafone Identity Hub to five more European markets.

Built on industry initiative MobileConnect, platform uses network data for authentication and identity verification services for businesses.

Vodafone Carrier Services (VCS) plans to expand its Vodafone Identity Hub (VIH) fraud prevention service for businesses to five additional European markets by the end of 2021, more than doubling the platform’s service footprint.

Since launch in 2020, VIH has operated in Germany, Greece, Spain, and the UK (Vodafonewatch, #179–#180 and #186). In the second half of 2021, VIH will be made available in Hungary, Italy, the Netherlands, Portugal, and Romania, according to Fraser King, Global Head of Business Development & Commercial Strategy for VIH, speaking during the Messaging& SMSWorld virtual event in June 2021.

Born out of the mobile industry’s secure identity initiative MobileConnect, the VIH service uses Vodafone’s network to provide user authentication and identity verification for companies that require secure mobile sales channels. Rather than relying solely on two‑factor authentication, VIH confirms identities in the background of mobile transactions.

With VIH, Vodafone is taking its own customer authentication capabilities and offering those to enterprise customers via application programming interfaces (API), creating a new revenue stream for VCS.

Nearly a dozen APIs utilising Vodafone network data via VIH have been bundled into services that aim to thwart identity fraud tactics, such as account takeovers or SIM swapping, and validate customer identity against registered account details linked to phone numbers.

The goal is “seamless authentication” for businesses and users that overcomes the trade‑off between security and simplicity — that is, with multiple layers of security, services are cumbersome. For businesses that use VIH services, the idea is that customers can register or login to services or reinstall applications “without having to go through many steps and without compromising on the level of security”, said King.

While VIH will be available in a total of nine countries in Europe, one of the services, NumberVerify, is already available in eleven markets and has 104 million addressable mobile users. The service validates customers’ mobile numbers in registration processes and removes the need for one‑time passwords to sign up for services.

Vodafone also positions VIH services as tools for complying with digital services regulations, such as the European Revised Payment Services Directive (PSD2).

“PSD2 has made it pretty clear that you shouldn’t be sending one‑time passwords to users unless you have conducted some form of additional check to ensure that user is still under the control of the same SIM card or the same number. We see [VIH services] very much as creating a PSD2‑compliant solution for anyone sending a one‑time password.”  

— King.

VIH is based on the GSM Association’s (GSMA) MobileConnect standard and the open source OpenIDConnect identity standard for authentication services. MobileConnect is a long‑running digital identity security initiative that the GSMA launched in 2014 (Vodafonewatch, #178 and passim). The GSMA says that 70 operators have launched the services in nearly 40 countries. Deutsche Telekom, Telefónica Deutschland, and Vodafone Germany released the services in Germany together in late‑2019.

In June 2021, the European Union (EU) announced plans to create a standard system for digital identity across member states, and the GSMA hopes mobile operators will be part of the solutions via MobileConnect. The group has previously worked with the European Commission to pilot a private sector, cross‑border public service authentication solution that integrated the mobile identity standard in line with existing identity regulation. The GSMA said the EU’s new digital identity proposal will “continue to build on the mobile industry assets to enable trusted, simple, and secure access to online services”.