In an increasingly digital world, the battle against online fraud and digital identity theft has become a critical challenge for businesses and consumers alike. In a landmark move, Malaysia’s leading mobile operators—CelcomDigi, Maxis, U Mobile, Telekom Malaysia (TM), and YTL Communications—have announced a collective effort to tackle this issue head-on. The telcos have unveiled plans to launch a new federated network service under the global GSMA Open Gateway initiative, providing a more secure and seamless way for online businesses to verify user identities.
The new service is centered around a Number Verification API (Application Programmable Interface). This API is designed to be a more secure and efficient replacement for traditional SMS OTPs (One-Time Passwords), which are often vulnerable to interception and fraud. The service works on a “federated” model, which is a key aspect of the GSMA Open Gateway initiative. This means developers can build a single service that works across all participating operators, while each operator retains full control over its data and policies. This interoperability and cross-market coverage make it an attractive solution for businesses looking to scale their services in a secure manner.

Albern Murty, CelcomDigi’s Acting CEO, underscored the significance of this collaboration, calling it a “technological milestone” that will help build a safer digital ecosystem for everyone. The sentiment was echoed by other industry leaders, including Goh Seow Eng of Maxis, who noted that the Number Verification API has already proven its power to combat digital fraud and that this industry-wide collaboration will accelerate API-driven innovation.
The impact on the user experience is designed to be both secure and seamless. For businesses, the API allows for strong authentication by matching a customer’s phone number against real-time network data. This process is not only more robust than an SMS-based method but also much faster and more user-friendly. For consumers, the direct benefit is enhanced protection against digital scams, as the API helps to verify identity without the vulnerabilities associated with SMS messaging. As a result, users can feel more confident when transacting with online businesses, inspiring greater trust in digital services.
This Malaysian initiative is part of the global GSMA Open Gateway programme, which now includes more than 79 mobile operator groups representing almost 80% of mobile connections worldwide. By adopting this standardized approach, Malaysia’s operators are not only tackling a local problem but also aligning with a global effort to create a more secure and interoperable digital ecosystem. Julian Gorman, Head of Asia Pacific at GSMA, commended the initiative, stating that it is a “milestone” for the programme that will help accelerate the industry’s efforts to tackle online crime across the ASEAN region.