Working with our awesome friends at 3fs, our full-stack engineers developed MDI - a cutting-edge platform addressing the need for robust multi-level authentication and authorization. Utilizing SIM cards as secure digital identities, MDI ensures heightened security for accessing applications. The PHP-based API orchestrates authentication, while a Go-based API manages database interactions with Cassandra. The User Management Portal and Admin Application enhance user control, customization, and administrative functions. MDI offers a simple yet secure solution, allowing users to choose authentication methods like SMS codes or mobile applications. The platform pioneers innovative cybersecurity, leveraging SIM card identities for enhanced digital security.
Ericsson recognized the need for a robust and multi-level authentication and authorization system that leveraged the unique digital identity capabilities of the SIM cards. To address the evolving landscape of digital security, the company gave us the responsibility to develop MDI - a comprehensive platform that uses SIM cards as a secure digital identity for multi-level access control. The primary goal of MDI was to provide a highly secure, user-friendly authentication and authorization platform that hinged on the use of SIM cards. The platform aimed to support multi-level authentication methods, enhance user experiences, and strengthen digital security measures for accessing various applications.
MDI was designed as an integrated solution comprising several key components:
API for Main Functionalities
The PHP-based API, implemented in PHP with Symfony framework, serves as the core of the platform, handling authentication and authorization requests. It orchestrates the interaction between different components and ensures secure communication.
Database Management API
The Go-based API, manages the database interactions, leveraging Cassandra as the database system for its scalability and efficiency.
User Management Portal
The User Management Portal, implemented in PHP with Twig Template, provides users with the tools to manage their digital identities and configure authentication methods, enhancing user control and customization.
The admin application, implemented in AngularJS, empowers administrators to manage user accounts, whitelist external applications, and enforce authentication policies for the users.
Custom Authenticator Applications
These applications enable users to access external applications using multiple authentication methods, such as receiving SMS codes or utilizing a mobile application. The authenticators were implemeneted in PHP and GO, and ensured seamless user experiences across various devices.
The end product provided a really simple solution for the users, who were able to use the platform with a simple purchase of SIM card from operators that were supporting the MDI platform. Mobile operators registered their SIM cards with the platform, while SIM card users linked their digital identities to their accounts. Upon login attempts, users could choose between receiving an SMS code or using a mobile application for authentication. The chosen authentication method triggered the appropriate custom authenticator application, which communicated with the main API for verification. The API interfaced with the database management API to validate the user's identity and retrieve authorization levels. After successful authentication, users gained access to their authorized applications and services.
The MDI platform offered numerous benefits to mobile operators and its users. The use of SIM card identities added an additional layer of security to the authentication process, safeguarding user accounts against unauthorized access. The multi-level authentication options provided users with flexibility to choose their preferred method, contributing to a personalized and user-centric experience. The user management application and admin application streamlined account management, authentication monitoring, and security policy enforcement. MDI demonstrated the innovative approach to authentication and authorization, harnessing the capabilities of SIM cards for heightened digital security. Ericsson successfully created a comprehensive platform that seamlessly integrated various components and technologies. By offering a user-friendly experience, enhanced security measures, and flexible authentication methods, the company underscored its commitment to pioneering cybersecurity solutions in the rapidly evolving digital landscape.