Turkcell initially launched their mobile signature program with the deployment of Internet banking services. This second phase sees the roll out of a broader range of online applications that subscribers can access from their mobile phone, home PC, or even an Internet café. Turkcell subscribers can perform stock exchange operations and follow the status of their investments. In the e-government sector, users can sign official documents such as tax or custom declarations, wedding application forms or patent registration requests. Users authenticate themselves at login with the digital signature generated by their SIM card and they can sign secure e-commerce transactions through their handset. Subscribers need to respond to an authentication request received via SMS, which requires them to enter a secret code. Then the digital signature is sent automatically to Turkcell’s validation server. Gemalto provided Turkcell with a PKI-based strong authentication solution that ensures the highest levels of security for online operations. Upon the operator’s activation request, the SIM card itself creates the secret keys. This on-board key generation (OBKG) process is performed after the SIM card has been personalized and issued to the subscriber. It allows him or her to generate a secret signature key and passwords for accessing the application, in complete privacy and security. remi.calvet@gemalto.com www.gemalto.com