OTT Apps Challenge Mobile Operators’ Dominance in Mobile Identity

David Ramos,
Linkedin

The use of one-time passwords sent via OTT platforms will grow by 600% over the next five years, challenging the dominance of mobile operators.

Digital identity management is an issue that we have yet to resolve. We all have dozens of passwords, so it is completely impossible to remember them all if we follow all the security recommendations and do not always use the same password, change it frequently, avoid classic passwords (000000, 123456, etc.).

In this situation, mobile phones have become a widely used tool for verifying our identity, using one-time passwords (OTPs) that we receive on our devices and that can be used for a short period of time to access a specific platform or service.

According to the study ‘Global Mobile Identity Market 2025-2029’, conducted by Juniper Research, the mobile identity market will grow by 67.5% over the next five years, raising revenues to $42.7 billion in 2029, compared to $25.5 billion at the end of this financial year.

These OTPs are usually sent to our mobile phones via a simple SMS, but this could change promtly, forcing telephone operators to share a large part of this pie.

OTT companies are signing up for mobile identity

According to the consultancy firm, OTT channels, such as WhatsApp and Viber, are the main threat to telecoms companies. ‘Companies will be attracted by the channel’s end-to-end encryption, amid the high levels of fraud currently present in operators’ SMS networks,’ it says.

It therefore encourages telecommunications companies to take action on this issue in order to avoid seeing their market share eroded. It indicates that operators should offer APIs that provide greater value to companies than OTPs sent through OTT channels.

For example, he mentions the SIM swap API, which detects illegitimate SIM swaps. He believes that this service offers additional verification that OTT channels cannot provide, thereby increasing the value of APIs for businesses.

‘Unlike one-time passwords (OTPs), which are susceptible to social engineering attacks, APIs provide robust authentication that is less vulnerable to these attacks. As operators launch these APIs, they must inform businesses of these benefits or risk losing authentication traffic to OTT channels,’ warns Georgia Allen, author of the research.