Subscribers to Canada’s three biggest cellphone companies are a step closer to getting a secure system on handsets for e-commerce and other transactions that require assured user authentication.
That’s as a result of a deal announced Tuesday between EnStream LP — a joint venture between Bell Mobility, Rogers Communications Inc. and Telus Corp. – and Toronto’s SecureKey Technologies, a startup which makes authentication and identity credential solutions.
Once the carriers have capable handsets and have signed up financial institutions, users will be able wave a phone near a wireless receiver or enter a code on screen to pay for items.
“This deal is about enabling more devices that can work more securely with our cloud-based service,” said Robert Blumenthal, SecureKey’s vice-president of business development.
“By embedding a little bit of our technology in different phones, they become a secure terminal for authentication and identity applications.”
However, it will take some months before Bell, Rogers and Telus subscribers can take advantage of the possibilities. Two things have to happen first:
–The SIM cards in the handsets have to be programmed to work with SecureKey’s solution. This can be done wirelessly when subscribers sign up, said Pawel Chrobok, EnStream’s director of business development if the SIM card has the capability;
–and ideally, subscribers will have handsets with Near Field Communications (NFC) capability, which is a short-range wireless technology for communicating ‘tap and go’ with a retailer’s cash register. Right now a handful of the handsets sold in Canada have NFC capability, although a Blumenthal estimates it will be 60 per cent by the end of the year.
But those who don’t have NFC handsets, or are engaging in a transaction that doesn’t offer NFC, will be able to enter a password on the handset.
SecureKey’s cloud-based authentication service verifies the owner of the phone’s identity through an encrypted credential on the device.
EnStream facilitates NFC transactions for the three carriers by connecting them to credit and bank card issuers.
“We’re dependent on these handsets getting into the hands of the population,” Chrobok said.
This is the second big deal for SecureKey, which last year became the federal government’s identity authentication service for accessing Service Canada and other departments’ Web sites.
The system lets people use their bank card access numbers to log onto government sites rather than have to create a new password. It also has a deal with Intel Corp., which is putting SecureKey authentication technology in some CPUs.