The purpose of this challenge is to assess the potential of storing ‘mobile application authentication credentials’ in a secure location on the SIM card. There are several goals PSCR hopes to achieve through this challenge. By leveraging solvers’ outside-of-the-box thinking to create innovative two-factor authentication solutions while educating public safety stakeholders on the benefit of authentication standards.
Public Safety personnel use their mobile devices to access sensitive information during their everyday job requirements and in emergency situations. For improved mobile communications, public safety personnel need to be able to securely store, process and share sensitive information. However, current external secure storage solutions can be bulky and cumbersome to use in emergency situations. They can also be expensive for public safety organizations to acquire and manage with their limited budgets. Current best practices recommend standards-based two-factor authentication, which often requires extra hardware, such as a token or a smart card, further inflating costs and increasing time in an emergency.
The Challenge includes three phases and requires contestants to: securely store a file on a SIM card; create a mobile application that accesses a user’s credentials stored on a SIM card; and authenticates to a FIDO2 service provider. This Challenge also seeks to convene first responders, mobile device providers, network providers, authentication providers, researchers, and innovators to work together and advance the state of mobile device security for public safety.
Solvers are encouraged to participate in the Expanding the SIM Card Use for Public Safety Challenge with prizes totaling
Increased security of public safety data on mobile and wearable devices
Separate hardware storage container without an external, bulky device
Sharing of mobile devices by multiple users by exchanging SIMs
Spur ideas for other potential hardware authentication solutions on mobile devices
Increased versatility by adding the ability to provision credentials to the SIM card remotely
Potential cost savings, since public safety organization would not need to purchase separate hardware authentication tokens.
The Expanding the SIM Card Use for Public Safety Challenge website is implemented by Circuit Media under contract with NIST PSCR. This website is not owned or operated by the Government. All content, data, and information included on or collected by this site is created, managed, and owned by parties other than the Government.