With the new VeriSign service, however, subscribers with SIM-based GSM phones only would have to authenticate once, says Ajay Nigam, director of communication security services for VeriSign, adding the cell phone in this case acts as a sort of token.
The idea behind this service, explains Nigam
, is to help service providers increase their average revenue per user and to build customer loyalty by facilitating transactions with third-party entities.Nigam
says there are two potential models for that.In one, the cellular service provider could charge the subscriber a nominal fee for the one-step authentication.A second option would be for the service provider to charge third-party vendors a per-transaction fee for this "trusted identity" capability relative to its subscribers, which would have the potential to open a whole new group of users to the third-party providers' offerings, he
The VeriSign Unified Authentication Service employs SIM card technology from Gemplus and IBM's single sign-on capability, which is enabled by IBM server software sitting within the carrier cloud, Nigam
adds that VeriSign
already offers this one-step authentication service for BlackBerry devices, which use CDMA cellular networks, and that the service can also be used at subscriber PCs using USB tokens.