We all know the importance of having a secure password.
Even if we didn’t, websites have already been forcing us to come up with strings of letters, punctuation, and numbers before we can proceed to create a brand new account.
And if that isn’t enough, the cold, faceless machines which solely exist to crush our egos taunt our attempts by stating how “Weak” our password’s strength is.
Thus, whenever we finally manage to get a decent enough password pat down, our forgetful and most lazy selves tend to stick to using the same password across all our online accounts – from those we shop, to those we work on.
Granted, it’s efficient and won’t need us to click on the button of shame (aka “Forgot your password?”), but security-wise, this practice could very well make us easy targets for hackers.
Another issue arises when you use similar passwords for sites which have strong login security (eg. banks) and those with weaker ones (eg. a gossip site). Given that hackers will have an easier time getting your login details from the latter, the strong security features that the former might have in place will then be rendered completely useless.
In fact, security experts have warned that bank customers that use similar passwords to sign up to other online accounts and apps are “unwittingly fuelling a spike in current account fraud”.
All of this is common sense and knowledge, but the impending launch of a service which promises that all we’ll need is one password shatters whatever we’ve learnt over the years of fear-mongering.
Mobile Connect To Be Launched By Singtel, Starhub, and M1
Said Singtel, Starhub and M1 yesterday in a joint statement, a new identity-authentication platform, Mobile Connect, will be launched by the second half of next year.
What the service promises is we can now have the thrill of living dangerously, as all we’ll need to log into various accounts is our mobile phone number – but that’s only if the websites are signed onto its platform.
“If consumers log in from their mobile phones, their telcos will verify over the cellular or Wi-Fi network that the number entered matches the credentials on the SIM card. They may be prompted to enter a code, which they must remember.
When logging in via the computer or tablet, consumers may also be prompted to enter a one-time password sent to their mobile phone.”
The first batch of online services supported by the Mobile Connect will be announced in the second half of 2017, and is said to potentially include telecommunications, banking, e-commerce, entertainment, government, travel services, and apps.
The telcos also emphasised that they will be working to attract more sites to sign onto the platform, which will lead to increased consumer convenience.
“We are keen to engage with all parties, including government agencies, so consumers can enjoy a wide selection of Mobile Connect-enabled services. As a first step, we are targeting online service providers with whom we have an existing relationship.”
Developed by GSM Association (GSMA), which represents the interests of close to 800 mobile providers worldwide, Mobile Connect was launched last year, and as of February this year, is now working with 34 operators in 21 countries worldwide. These include Indonesia, China, France, Malaysia, and Switzerland.
According to their research factsheet, 86% of consumers leave a website when asked to register, and 87% would prefer having one strong password to remember – which is what Mobile Connect wants to address.
Not just for consumers’ convenience, the service also promises providers and owners of sites more engagement, given that consumers are now less likely to shun a site which would previously require them to sign up/in.
…But Is It Safe?
In the similar research factsheet, GSMA also found out that 86% of consumers are concerned about security when online, and 88% want reduced risk of identity theft and credit card fraud – which brings in the need to address the elephant in the room – how safe is this service, actually?
While Mr Clement Teo, principal analyst at research firm Ovum, says that Mobile Connect’s system “authenticates a user’s identity using a mobile network operator’s private and secure channels, [making it] harder for hackers to send fraudulent messages or authentication prompts to users”, losing one’s mobile phone will prove to be even more risky now.
The 3 telcos advice consumers to be vigilant and increase the security measures on their phones, but have also declined to comment on who would underwrite losses due to fraud – which is pretty unsettling.
Regardless, while the fact that the big 3 have come to a consensus in advocating the service makes it seem safer and more legitimate, there’s no doubt that many will still be initially wary of something that seems too good to be true.