Mobile wireless mobile communication devices such as mobile handsets can have multiple applications concurrently or sequentially running on them. Some applications use secure data as part of their operation, including secure data storing user identification information, account information, payment information, or other data to which user access is to be authorized only for an authenticated user. Each application using the secure data thus needs to validate the user by asking the user for authentication information. A user of multiple applications is therefore presented with a different authentication prompt for each of the applications, thereby causing both inconvenience and frustration to the user required to log in with the same authentication information for each of the multiple applications. Additionally, each one of the applications is sending the same authentication data to a backend server across the communication network, and the repeated transmissions of the authentication data causes unnecessary load on the communication resources of the network and may increase the probability that the authentication data is intercepted and is fraudulently re-used.
Additionally, mobile wireless communication devices execute various types of applications including both native applications and hybrid applications. Native applications are standalone applications that can independently execute on the mobile device. Hybrid applications, on the other hand, can only execute within a container or other application executing on the mobile device such as within a web browser executing on the mobile device. Hybrid applications may be written in hypertext markup language (HTML, or HTML5) code, or the like. Both native and hybrid applications may use secure data as part of their operation, and both types of applications can therefore need to authenticate their users.
A need therefore exists for methods and systems supporting single sign on (SSO) functionalities for automatically authenticating users across applications on mobile communication devices, including across applications of different types such as native/standalone and hybrid/browser-based applications. Specifically, a need exits for enabling a user to provide authentication a single time in order to gain access to multiple different application's secure data and authenticated services and functionalities.