When they are connected to unsecure networks and log into unsecure services, users make it possible for others to access their personal data. For example, when they are connected from a shared access point, in a public place, to a service that does not provide TLS (Transport Layer Security) support, users transmit their logins and passwords without encryption. A malicious user could then easily intercept that data, retrieve the session identifier, and access the user session.
There is therefore a need to reduce such risks whenever a user accesses a service via a telecommunications network.