Friday, March 02, 2007

Provisioning identity to mobile applications

Not to long ago I decided to try and set up the instant messaging client on my cell phone. I dutifully went through the painful process of entering my authentication credentials (loginid and password). However, when I got to my password, I couldn't find one of the characters in my password using the phone character entry system. This was rather frustrating and I gave up using the instant messaging client for a while. Later I tried a different account where I knew I could find the characters for the password and the mobile application worked.

This got me thinking that there has to be a better way to provision the identity to the phone for use with mobile applications. One possible process flow would be...
  1. User authenticates to web site of mobile application provider
  2. User enters their phone #, and carrier to the web site
  3. The web site sends a code to the phone
  4. User receives the code and enters it into the web site
  5. The web site generates a unique set of authentication credentials for the phone
  6. The web site sends a binary SMS message to the phone with the mobile application identity configuration
  7. User starts up mobile application and is automatically authenticated

This should all be doable with today's technology. Of course, the next step would be secure provisioning of multiple identities for the device, where the identities are consumable by multiple applications. For this, the Advanced Client work underway in the Liberty Alliance should help.

Tags: Identity, Mobile, Instant Message, Liberty Alliance