In recent years, there have been several approaches by operators and their industrial associations (GSMA) to strengthen their position in the value chain as identity provider of the digital world. The last approach is called Mobile Connect and uses the subscriber identity module (SIM) or its derivatives for a secure identification and authentication of a customer and offers respective application programming interfaces (APIs) to service providers (like Spotify or Banks) to enable a secure and easy login process. Nevertheless, Facebook and Google are front runners in this area, because of their global reach.
In addition, they are favored by the Over The Top (OTT) services like online shops or streaming services as partner for identity and login because Facebook/Google deliver several personal information and preferences about the user/customer to the respective service provider.
For operators, there is a chance to become the advocate of the consumer with a privacy and security proposition which gives more control about personal data to the consumer, which is the main issue of Facebook and Google. Operators are perceived as more reliable with regard to privacy and security in comparison to OTT competitors (especially for financial institutions). And in fact they are more reliable in most of the cases because they have to follow standards of their related regulating authorities. However, existing and currently proposed solutions by the operators are subscriber-related and not user-related (e.g., based on SIM or embedded SIM (eSIM)). Thereby, user devices need to support the hardware-based solution of the respective operators, besides, users cannot simply share their devices.