France’s mobile operators tackle online fraud with digital identity protections

France’s four major mobile operators, Bouygues Telecom, Free, Orange, and SFR, have announced a joint initiative to strengthen digital identity protection and combat online fraud. The collaboration is part of the global GSMA Open Gateway initiative, which seeks to standardize network-based services for developers and enterprises worldwide.

The operators will introduce two Application Programmable Interfaces (APIs), KYC match and SIM swap, based on the CAMARA standard, designed to unify specifications across mobile networks. The service APIs are accessible via the CAMARA repository, an open-source project developed by the Linux Foundation.

With this, France becomes the first country where all major operators have jointly launched the KYC Match API to improve identity verification for online businesses. Additionally, several operators are offering a third service, number verification, to the developer community.

Orange and Bouygues Telecom have a history of investing in digital identity advancements. Orange, for instance, partnered with Onfido to integrate facial biometrics and identity verification into its mobile services in 2021, and Bouygues Telecom extended its collaboration with Telecom Paris and Thales through the renewal of the Digital Identity Research Chair.

“GSMA Open Gateway has gone from strength to strength since launching last year. This aligned market launch of CAMARA APIs from France’s leading operators will make it easier to keep people safe from the growing threat of fraud,” says Henry Calvert, head of networks at the GSMA.

“The initiative benefits businesses, mobile operators, and their customers, saving developers time, money and effort while allowing for the quick launch of innovative new services.”

Rising need for fraud prevention

The push comes amid rising online fraud. Since the COVID-19 pandemic, France has experienced a 37 percent increase in online transactions, totaling €2.35 billion (roughly US$2,47 billion) in 2023, with 77 percent conducted via mobile devices, according to data published by GSMA.

However, this growth has been accompanied by a surge in fraud attempts, with 80 percent of French companies reporting incidents. The French Ministry of Interior notes a 40 percent increase in digital identity theft over the past four years. The new APIs aim to address these threats by improving mobile identity protections.

These APIs have undergone testing with financial institutions like BforBank, Credit Agricole’s online arm, and Fortuneo, a subsidiary of Credit Mutuel Arkéa. Both institutions use the KYC match API, developed with DQE Software, to verify customer identities and prevent account takeovers during onboarding and transactions.

How it works

KYC match allows businesses to verify customer information against records maintained by mobile operators without sharing personal identifiable information (PII), while SIM swap identifies recent SIM card changes for institutions to detect and block potential account takeovers during high-risk transactions. Number verification, as implied in the name, provides verification of mobile numbers without relying on SMS-based one-time passwords.

Article Topics

API  |  digital identity  |  France  |  fraud prevention  |  KYC  |  Orange  |  telecom