EP1832133A1 - System zum zuordnen einer chipkarte zu einem netzwerkbetreiber - Google Patents

System zum zuordnen einer chipkarte zu einem netzwerkbetreiber

Info

Publication number
EP1832133A1
EP1832133A1 EP05850439A EP05850439A EP1832133A1 EP 1832133 A1 EP1832133 A1 EP 1832133A1 EP 05850439 A EP05850439 A EP 05850439A EP 05850439 A EP05850439 A EP 05850439A EP 1832133 A1 EP1832133 A1 EP 1832133A1
Authority
EP
European Patent Office
Prior art keywords
allocation
card
key
operator
final
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP05850439A
Other languages
English (en)
French (fr)
Inventor
Max De Groot
Gary Chew
Lionel Merrien
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Thales DIS France SA
Original Assignee
Gemplus Card International SA
Gemplus SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemplus Card International SA, Gemplus SA filed Critical Gemplus Card International SA
Publication of EP1832133A1 publication Critical patent/EP1832133A1/de
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • G06Q20/3552Downloading or loading of personalisation data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • H04W8/205Transfer to or from user equipment or user record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support
    • H04W8/265Network addressing or numbering for mobility support for initial activation of new user

Definitions

  • the present invention relates to a system for allocating a smart card to a specific network operator. More particularly, it relates to the allocation of a smart card to an operator once the card is produced, customized by a manufacturer and sent, for example, to a service provider (service provider) offered by a service provider. the operator .
  • service provider service provider
  • the smart cards are microcontroller cards of the Universal Integrated Circuit (s) Card (UICC) type, for example a Subcriber Identity Module (SIM) card for a GSM type cellular radio network, or a USIM identity module ( Universal Subcriber Identity Module) for a third-generation code division multiple access (CDMA) multiple access code (3GPP) network of the Universal Mobile Telecommunications System (UMTS) type.
  • UICC Universal Integrated Circuit
  • SIM Subcriber Identity Module
  • 3GPP Universal Mobile Telecommunications System
  • UMTS Universal Mobile Telecommunications System
  • a service provider may also be an authentication provider, for example a bank, which issues an identification card that can be inserted into an identification terminal and includes an identifier and an authentication key.
  • an authentication provider for example a bank, which issues an identification card that can be inserted into an identification terminal and includes an identifier and an authentication key.
  • SIM cards comprise, after their personalization, at least one International Mobile Subscriber Identity (IMSI) international identity number assigned to a subscriber of an operator and an authentication key Ki also allocated to said subscriber.
  • IMSI International Mobile Subscriber Identity
  • the authentication key Ki and the associated IMSI number already loaded in the card are allocated to a user when subscribing to a communication service offered by an operator.
  • the key Ki is stored in the SIM card of the subscriber and also in a database of the operator also called authentication center. In order to limit the possibilities of reading the key Ki, it has never been transmitted through the network.
  • Figure 1 illustrates the known allocation of mobile cellular network operator cards.
  • MNOl Mobile Network Operator
  • MN02 Mobile Network Operator
  • MN03 Mobile Network Operator
  • MN02 and MN03 order a manufacturer F for a given number of smart cards and transmit to the manufacturer, respectively, incoming files with their own identity numbers IMSI1, IMS12 and IMSI3.
  • a manufacturer's card personalization device F After receiving the incoming files, a manufacturer's card personalization device F generates KiI authentication keys Ki2, Ki3 respectively for the received numbers IMSI1, IMSI2, IMSI3 by means of a known key generation algorithm.
  • the card personalization device loads in each card the IMSI number of an operator and the associated authentication key Ki and transmits outgoing files including the numbers and the authentication keys associated respectively with the operators. which integrate them into their databases. For example two cards memorize respectively couples of number and key IMSIIa and KiIa, IMSIIb and KiIb allocated to a common operator MNOl.
  • This known allocation of cards does not allow to allocate to a second operator a card already allocated to a first operator. Each card can only be permanently allocated to an operator.
  • This disadvantage is highlighted, for example, when selling services offered by different operators to a single service provider, also said virtual network operator, not having a network.
  • the supplier orders from a number of operators a fixed number of cards each comprising a respective IMSI number and a respective key Ki specific to an operator to resell for example in a subsidiary store. Since each card is allocated to a specific operator, the supplier must continually manage his stock of cards already allocated. A supplier can sell many more cards from a first operator than cards from a second operator, and therefore cards from the second operator not assigned to subscribers remain stored at the provider. The management of this stock causes a significant cost to the supplier. To remedy this, a post-allocation of cards is now provided when selling service subscriptions to users.
  • the postallocation has the advantage that the cards stored at the supplier are neutral and independent of any operator 's allocation and can be allocated progressively at the time of their sale according to the wishes of the users. Card postallocation does not require any operator specific customization for the allocation of each card produced. It is known to post-allocate smart cards by generating a key to f authentication encrypted Ki either on the map or in an external entity such as in a card manufacturer, and transmitting the encrypted key eg SMS message short either from the card to the operator or from the external entity to the card and to the operator. These post-allocations are not very secure since the authentication keys are transmitted through telecommunication networks.
  • the object of the invention is to overcome the aforementioned drawbacks by post-allocating cards via telecommunications networks in a secure manner, without authentication keys being transmitted through the telecommunications networks.
  • a method of allocating a smart card to a network operator through a personalization means to determine a final authentication key assigned to a subscriber of the operator comprises the following steps: loading in the card located in the personalization means of an allocation algorithm and an allocation key, and a key determination algorithm of authentication and at least one intermediate authentication key not assigned to the operator, transmission of an allocation message including a final identity number assigned to the subscriber of the operator, a random number relative to the subscriber and an allocation signature resulting from applying the final identity number, the random number and the allocation key to the allocation algorithm, from the personalization means to the card, authentication of the allocation message by the allocation algorithm in the map according to the allocation key and the allocation signature, and determining the final authentication key assigned to the subscriber by the authentication key determination algorithm in the card according to the the middle key and the random number.
  • This method combines the three following advantages: not to transmit the authentication key specific to each subscriber of a network operator by network, to determine this key directly in the card during the transmission via the network of an optionally encrypted random data element not allowing, once intercepted by a third party, to disclose the authentication key and not store the final authentication key in the personalization means.
  • boot program When loading the card is further loaded into the card a boot program a first communication between the card and the customization means, the boot program having a boot ID number and a d key. boot authentication that can be replaced by the final identity number and the final authentication key after the determination of the final authentication key.
  • the invention also relates to a smart card allocation system for a network operator. through personalization means to determine a final authentication key assigned to an operator subscriber.
  • the system is characterized in that it comprises: means for loading into the card located in the personalization means an allocation algorithm and an allocation key, and an authentication key determination algorithm and at least one intermediate authentication key not assigned to the operator, means for transmitting an allocation message including a final identity number assigned to the subscriber of the operator, a random number relating to the subscriber and a signature of allocation resulting from the application of the final identity number, the random number and the allocation key to the allocation algorithm, from the personalization means to the card, a means for authenticating the allocation message in the card by the allocation algorithm in the card according to the allocation key and the allocation signature, and means for determining the final authentication key assigned to the subscriber by the authentication key determination algorithm according to the intermediate key and the random number.
  • the invention also relates to a smart card to be allocated to a network operator via a personalization means so as to determine a final authentication key assigned to a subscriber of the operator, the card having at least one memory and a microprocessor.
  • the smart card is characterized in what the memory comprises after a loading of the card by the personalization means: an allocation key and an allocation algorithm in order to authenticate by the microprocessor during the allocation of the card to the operator a message of allocation transmitted by the personalization means and including a final identity number assigned to the subscriber of the operator, a random number and an allocation signature resulting from the application of the final identity number, the random number and the allocation key to the allocation algorithm, and an authentication key determination algorithm and at least one intermediate authentication key not assigned to the operator to determine by the microprocessor based on the number randomizes a final authentication key assigned to the subscriber.
  • the smart card may further comprise a boot program of a first communication between the card and the personalization means during the allocation of the card to a subscriber of the operator, the program comprising an identity number a boot key and a boot authentication key that can be replaced by the final identity number and the final authentication key after determining the final authentication key.
  • FIGS. 2 and 3 are block diagrams of a card allocation system of the invention relating respectively to card personalization and card allocation;
  • FIG. 4 is an algorithm of a post-allocation method of a smart card according to the invention
  • FIG. 5 is an algorithm of a smart card personalization method according to the invention.
  • FIG. 6 is an algorithm of a chip card allocation method according to the invention.
  • FIGS. 2 and 3 shows a smart card allocation system to a digital mobile cellular radio network operator according to the invention.
  • a smart card is post-allocated to a specific operator when, for example, a user subscribes to a telecommunication service subscription sold by a service provider such as said network operator or a virtual network operator, also says distributor or reseller.
  • the card is not directly allocated during its manufacture, but is allocated when it is purchased from the supplier as soon as the user has chosen an operator and a service from this operator.
  • the system of the invention comprises a personalization center CE for personalizing CP smart cards in connection with one or more network operators, for example three MNO1, MN02 and MNO3 operators.
  • the system manufactures SIM cards and allocates them to GSM network operators.
  • the invention can be applicable to any type of smart card and any type of network.
  • the CE personalization center is for example a server managed by the card manufacturer and accessible via the Internet or by dedicated lines. It comprises an MP card personalization module and an MA card allocation module for example in the form of a computer program, as well as a BD database storing all the data relating to the MNO operators.
  • the MP and MA modules are detailed in the description of the process of the invention.
  • the MP and MA modules are servers located in different locations and managed by separate entities, and the database is a database management server, the three servers being connected by the Internet or by specialized lines.
  • a smart card CP also called microcontroller card, mainly comprises a PC processor, memories MCI to MC3 and a PES input / output port with or without electrical contact.
  • the different elements of the CP card are connected to each other by a bidirectional bus BC.
  • the MCI memory is of the ROM or Flash type and includes the operating system of the card.
  • the memory MC2 is a nonvolatile memory for example EEPROM or Flash to store particular keys, identity numbers and other characteristics of the subscription profile of the user having the card.
  • the memory MC3 is a RAM or SRAM used for data processing.
  • the card post-allocation method of the invention comprises two main stages E1 and E2.
  • step E1 consists of manufacturing the M cards and customizing them by the personalization center CE without allocating the cards. to a specific operator. Once manufactured and customized, the cards are delivered to the supplier.
  • a user subscribes to a service offered by an operator, for example the MNO1 operator according to FIG. 2, at a provider such as an MNO or a virtual network operator, the provider sends the service provider to the service center.
  • CE customization an OA allocation order to allocate smart cards, such as the CP card, to the MNOl operator.
  • the personalization center CE allocates the CP card to the MNO1 operator, in the step E2, without there being any specific authentication key transmission Ki of the subscriber between the personalization center CE and the card CP via the network of the MNOl operator.
  • the CP card personalization comprises steps ElO to E17 represented in FIG. 5, itself associated with FIG. 2.
  • the personalization module MP of the personalization center CE loads in the memories MCI and MC2 of the card CP an algorithm AD implemented in the personalization module MP to subsequently determine a final authentication key Ki allocated to a user.
  • an allocation algorithm AA implemented in the allocation module MA to subsequently authenticate a MES allocation message, and a Boot boot program of a first communication via a network between the personalization center and the card during the allocation of said card.
  • the algorithms AD and AA may be known and be one-way, that is, it is impossible to determine an input variable of the algorithm from the result of the algorithm.
  • the boot program Boot includes for each card manufactured CP an IMSIA boot ID number and a boot authentication key KiA necessary for the authentication of a first communication network between the CP card and the center.
  • CE customization The final IMSI identity number and the final authentication key Ki assigned to a subscriber when subscribing to a subscription are not known until the CP card is allocated to the network operator offering the subscription.
  • the IMSIA boot ID number and the KiA boot authentication key can be assigned to the personalization center and provided by a first operator according to a contract between the card manufacturer and the first operator that authorizes initial communications. between the CP cards and the CE personalization center, regardless of the second operators finally chosen by the subscribers of the cards.
  • the IMSIA number and the key KiA are then replaced by the final identity number IMSI and the final authentication key Ki allocated to a subscriber of a second operator during the allocation of the card in step E2.
  • a write / read interface (not shown) of the MP module connects with or without a contact to the input / output port PES of the card to load the AD and AA algorithms and the Boot program.
  • the provider sends an M card AC command associated with a M subscriptions command to the personalization center CE which receives the command CA in step E1.
  • the module MP transmits the command CA to at least one MNO operator with which the manufacturer works and securely receives an encrypted file including IMSI identity numbers not yet assigned to subscribers, in response to the
  • the three operators MN01, MN02 and MN03 respectively send final identity numbers IMSI1, IMSI2 and IMSI3 relating to the purchase of cards. operator transmitting as many IMSI numbers as there are subscriptions for this operator and ordered by the provider.
  • the ID number file is decrypted by the personalization module.
  • the steps E12 and E13 are not executed as long as the provider is the operator offering his own subscriptions.
  • the personalization center receives in step ElI the CA command with the encrypted file of identity numbers sent by the operator.
  • the module MP generates in step E14, at least one Kint authentication intermediate key required for the determination of the final authentication keys Ki, and M Kalloc allocation keys respectively allocated to the M cards for authenticating allocation messages. received by the cards. In order to protect the Kint intermediate key and not to transmit it to the personalization center, it is hidden by applying it with a number random to an exclusive-OR function so that the result of this function is passed instead of the intermediate key.
  • a key intermediate d f authentication Kint is not attributed to a single card. Several cards can contain the same intermediate key to f authentication and more intermediate keys may be generated in step E12.
  • a pseudo-random generator in the MP module generates a respective random number RND for each final IMSI sent identity number. Then, the module MP determines a final authentication key Ki not yet assigned to a card for each IMSI number sent.
  • the authentication key Ki is determined by the algorithm AD, which has been loaded in the card, according to the generated Kint authentication intermediate key and the generated RND random number associated with the IMSI number.
  • KiI AD (Kint, RND1)
  • Ki2 AD (Kint, RND2)
  • Ki3 AD (Kint, RND3)
  • the module MP stores, in step E16, the Kalloc allocation keys of each fabricated card and the pairs composed of a final identity number IMSI and the associated RND random number. in the BD database of the CE Customization Center.
  • the pairs IMSI1-RND1, IMS12-RND2 and IMS13-RND3 are respectively stored in memory spaces dedicated to the operators MN01, MN02 and MN03 in the database BD.
  • the MP module loads the intermediate key d f Kint authentication and key to respective Kalloc allocation in the memory MC2 of each PC card via the interface to read / write.
  • the CE personalization center securely communicates to the MNO operator an encrypted file comprising the final numbers IMSI and the final keys Ki associated.
  • the operators MNO1, MN02 and MN03 respectively receive the number and key pairs IMSI1 -
  • KiI KiI, IMSI2 - Ki2 and IMSI3 - Ki3.
  • the final numbers and the final keys are stored in the respective databases of the operators while waiting to be interrogated during the allocation of cards comprising Kint authentication intermediate keys involved in the determination of the final authentication keys Ki.
  • the manufactured and customized cards are delivered to the communication service provider.
  • the allocation of cards to a specific operator comprises steps E20 to E28 represented in FIG. 6, itself associated with FIG. 3.
  • the personalization center transmits the allocation message to a terminal in which is inserted the card to allocate.
  • the allocation module MA of the personalization center CE receives from the provider an order of allocation OA of a card CP to the user becoming a subscriber, in step E20; the card is identified by the Kalloc allocation key thereof, or by an identifier associated with the Kalloc allocation key sent to the supplier upon delivery of the card.
  • the module MA searches in database BD for an IMSI-RND pair associated with the MNO operator chosen by the user according to the Kalloc allocation key in the allocation order OA, or a Kalloc-IMSI-RND triplet associated with the MNO operator according to said identifier in the OA allocation order. Referring to FIG.
  • the chosen operator is the MNO1 operator and the MA module searches for the IMSI1-RND1 pair in the database BD.
  • the Salloc signature is used to later authenticate the card when it is allocated to the operator.
  • the module MA forms and encrypts according to an encryption algorithm a MES allocation message including the Salloc signature, the IMSI number and the RND number.
  • the module MA transmits the allocation message MES by the network associated with the first operator relating to the Boot program, for example in the form of a short message via a short message server of the network of the first operator, to the CP card inserted in a mobile terminal.
  • the card CP receives the message MES in the memory MC3 and the PC processor thereof deciphers it according to a decryption algorithm pre-installed in the card during its manufacture and corresponding to an encryption algorithm.
  • the PC processor authenticates the MES message by executing the allocation algorithm AA according to the received IMSI - RND pair and the Kalloc key stored in the memory MC2 of the card, and compares the resulting signature with the Salloc signature extracted from the message. received MES.
  • the processor If the compared signatures are identical, the processor writes the IMSI identity number extracted from the received message MES, in the memory MC2 of the card, in step E25. Then, in step E26, the processor determines the final authentication key Ki of the card by executing the algorithm AD according to the key Kint stored in the memory MC2 of the card and the number RND extracted from the received message MES. The final authentication key Ki is stored in the memory MC2. The final authentication key Ki and the final identity number IMSI replace the boot authentication key KiA and the boot ID number IMSIA that can be cleared.
  • the card issues an acknowledgment message OK indicating that the allocation to the personalization center CE, in step E27, has been successful. If the allocation is defective during steps E24 to E26, for example if the MES message has not been authenticated, the CP card signals it to the personalization center by sending another message. In step E28, the personalization center transmits the activation of the subscription to the chosen operator. Once the subscription is activated at the operator, a server of this one can download various applications according to the subscription subscribed in the card CP designated by the final key Ki and the final number IMSI.
  • each manufactured and customized card includes a boot boot program, including a KiA boot key and an IMSIA boot number.
  • the manufacturer having the personalization center acquires from the first operator a predetermined number of subscriptions each associated with a KiA key and an IMSIA number to be stored in cards manufactured via the boot program.
  • the predetermined number of subscriptions acquired is naturally much less than the number of cards to be manufactured and customized, and the KiA keys and IMSIA numbers must be reusable.
  • the personalization center assigns after the Card allocation Key KiA and IMSIA number replaced to another card to customize.
  • several intermediate authentication keys are generated by the MP module and stored in each CP card.
  • a provider acquires a first batch of 15 subscriptions distributed among different operators MNO1, MN02 and MNO3.
  • the module MP receives the numbers IMSI1 to IMSI15 and stores them in the memory spaces dedicated to the operators MN01, MN02 and MN03 in the database BD.
  • the MP module generates 15 allocation keys Kallocl to Kallocl5 respectively for 15 cards and stores in each card the respective allocation key and the three intermediate keys KintA, KintB and KintC.
  • the MP module also generates 15 RND1 to RND15 random numbers associated with the IMSI1 to IMSI15 identity numbers and determines 15 KiI - to - Kil5 final authentication keys associated with the ID numbers by the algorithm AD based on the random numbers.
  • the pairs of identity number and random number are stored in the personalization center database BD under the reference of the intermediate key KintA in the memory spaces dedicated to the various operators MNO1, MN02 and MNO3.
  • the Kallocl5 Kallocl5 allocation keys are also stored in the CE database of the Customization Center.
  • the data IMSI1 to IMSI15 and KiI to Kil5 associated are sent to the operators to be stored respectively in their databases. This first batch of custom cards is delivered to the service provider.
  • the supplier acquires from the operators a second batch of 15 subscriptions distributed among operators.
  • the module MP applies to the second batch the same personalization steps as for the first batch of subscriptions, but determines 15 final authentication keys Kil ⁇ to Ki30 associated with 15 numbers IMSI16 to IMSI30 according to the second intermediate authentication key KintB .
  • This second batch of custom cards is delivered to the service provider.
  • Subscriptions of the first batch of subscriptions are allocated to users and the IMSI-RAND couples associated with the selected operators are searched for in the database BD and transmitted for example by short messages to the user cards, as explained in steps E20 to E28. .
  • the subscriptions of the first batch have been allocated, they are activated by the MA module of the personalization center at the chosen operators, without other subscriptions of other operators that have not been selected being deactivated.
  • intermediate keys d f authentication kinta, KintB and KintC sufficient number are defined a priori and stored in each card.
  • a card belonging to the second batch of produced cards can be attributed to a subscription belonging to the first batch of subscriptions acquired by the supplier, the keys f authentication associated with the first batch of subscriptions being determined by the first intermediate key to f authentication kinta also stored with the second intermediate key d f KintB authentication in the card.
  • a card belonging to the first batch of cards manufactured may be allocated to a subscription belonging to the second set of subscriptions acquired by the supplier. This embodiment avoids the deactivation of unassigned subscriptions waiting at the operators and is better adapted to the choices of operators by users. These subscriptions will all be allotted later thanks to the larger number of cards manufactured which all include the intermediate authentication key related to the determination of the final authentication keys associated with said subscriptions.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Databases & Information Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)
  • Storage Device Security (AREA)
EP05850439A 2004-12-22 2005-12-06 System zum zuordnen einer chipkarte zu einem netzwerkbetreiber Withdrawn EP1832133A1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0413714A FR2879867A1 (fr) 2004-12-22 2004-12-22 Systeme d'allocation de carte a puce a un operateur de reseau
PCT/EP2005/056535 WO2006067037A1 (fr) 2004-12-22 2005-12-06 Systeme d'allocation de carte a puce a un operateur de reseau

Publications (1)

Publication Number Publication Date
EP1832133A1 true EP1832133A1 (de) 2007-09-12

Family

ID=34952924

Family Applications (1)

Application Number Title Priority Date Filing Date
EP05850439A Withdrawn EP1832133A1 (de) 2004-12-22 2005-12-06 System zum zuordnen einer chipkarte zu einem netzwerkbetreiber

Country Status (5)

Country Link
US (1) US8032748B2 (de)
EP (1) EP1832133A1 (de)
CN (1) CN101120604B (de)
FR (1) FR2879867A1 (de)
WO (1) WO2006067037A1 (de)

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2009837A1 (de) * 2007-06-26 2008-12-31 Gemplus Verfahren zur Erzeugung eines Identifikators und eines dazugehörigen Schlüssels in einem tragbaren Kommunikationsgerät in dem Gerät
EP2200253A1 (de) 2008-12-19 2010-06-23 Gemalto SA Verfahren zur Verwaltung von sensiblen Daten in einem elektronischen Token
FR2947410A1 (fr) * 2009-06-30 2010-12-31 France Telecom Procede de changement d'une cle d'authentification
WO2011079369A1 (en) * 2009-12-30 2011-07-07 Gemalto Canada Method for unlocking a secure device
GB2486461B (en) 2010-12-15 2015-07-29 Vodafone Ip Licensing Ltd Key derivation
DE102011001430A1 (de) * 2011-03-21 2012-09-27 Wincor Nixdorf International Gmbh Verfahren zum Betreiben einer Geldkassette mit kundenspezifischen Schlüsseln
EP2704467A1 (de) * 2012-09-03 2014-03-05 Alcatel Lucent Chipkartenerstpersonalisierung mit lokaler Erzeugung von Schlüsseln
US8898769B2 (en) 2012-11-16 2014-11-25 At&T Intellectual Property I, Lp Methods for provisioning universal integrated circuit cards
US8959331B2 (en) * 2012-11-19 2015-02-17 At&T Intellectual Property I, Lp Systems for provisioning universal integrated circuit cards
US9036820B2 (en) 2013-09-11 2015-05-19 At&T Intellectual Property I, Lp System and methods for UICC-based secure communication
US9124573B2 (en) 2013-10-04 2015-09-01 At&T Intellectual Property I, Lp Apparatus and method for managing use of secure tokens
US9208300B2 (en) 2013-10-23 2015-12-08 At&T Intellectual Property I, Lp Apparatus and method for secure authentication of a communication device
US9240994B2 (en) 2013-10-28 2016-01-19 At&T Intellectual Property I, Lp Apparatus and method for securely managing the accessibility to content and applications
US9313660B2 (en) 2013-11-01 2016-04-12 At&T Intellectual Property I, Lp Apparatus and method for secure provisioning of a communication device
US9240989B2 (en) 2013-11-01 2016-01-19 At&T Intellectual Property I, Lp Apparatus and method for secure over the air programming of a communication device
WO2015080460A1 (ko) * 2013-11-26 2015-06-04 엘지전자 주식회사 무선 통신 시스템에서 ae id 할당 방법
US9713006B2 (en) 2014-05-01 2017-07-18 At&T Intellectual Property I, Lp Apparatus and method for managing security domains for a universal integrated circuit card
CN104519480B (zh) 2014-12-30 2016-02-17 悠游宝(天津)网络科技有限公司 通信控制装置、鉴权装置、中心控制装置及通信系统
CN106465095B (zh) * 2016-07-29 2018-07-24 北京小米移动软件有限公司 信息写入方法及装置
US10749867B1 (en) * 2020-05-19 2020-08-18 Inmobiles B.V. Systems and methods for device detection and registration
GB2600500B (en) * 2020-10-22 2023-01-11 Kigen Uk Ltd An apparatus and method for managing the provisioning of security modules

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SE468068C (sv) * 1991-09-30 1994-04-11 Comvik Gsm Ab Förfarande för personifiering av ett aktivt kort, för användning i ett mobiltelefonsystem
DE19733662C2 (de) * 1997-08-04 2001-05-23 Deutsche Telekom Mobil Verfahren und Vorrichtung zur kundenseitigen Personalisierung von GSM-Chips
DE19820422A1 (de) * 1998-05-07 1999-11-11 Giesecke & Devrient Gmbh Verfahren zur Authentisierung einer Chipkarte innerhalb eines Nachrichtenübertragungs-Netzwerks
FR2779896B1 (fr) * 1998-06-15 2000-10-13 Sfr Sa PROCEDE POUR PAYER A DISTANCE, AU MOYEN D'UN RADIOTELEPHONIQUE MOBILE, l'ACQUISITION D'UN BIEN ET/OU D'UN SERVICE ET SYSTEME ET RADIOTELEPHONE MOBILE CORRESPONDANTS
JP2004503031A (ja) * 2000-07-11 2004-01-29 カバ・シュリースジステーメ・アー・ゲー 移動データ記憶媒体の初期化のための方法
EP1209934A1 (de) * 2000-11-27 2002-05-29 Siemens Aktiengesellschaft Verfahren und Vorrichtung zur Bekämpfung der Rogue-Shell-Bedrohung mittels lokaler Schlüsselableitung
US7587600B2 (en) * 2002-09-16 2009-09-08 Telefonaktiebolaget L M Ericsson (Publ.) Loading data onto an electronic device
CN1501322A (zh) * 2002-11-15 2004-06-02 上海市社会保障和市民服务信息中心上 一种适合于批量发卡需要的识别卡个人化制作方法

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
None *
See also references of WO2006067037A1 *

Also Published As

Publication number Publication date
CN101120604B (zh) 2011-09-07
US8032748B2 (en) 2011-10-04
FR2879867A1 (fr) 2006-06-23
CN101120604A (zh) 2008-02-06
WO2006067037A1 (fr) 2006-06-29
US20080276090A1 (en) 2008-11-06

Similar Documents

Publication Publication Date Title
EP1832133A1 (de) System zum zuordnen einer chipkarte zu einem netzwerkbetreiber
US9326322B2 (en) Virtual access module distribution apparatus and methods
EP2410777B1 (de) Virtuelle Zugangsmodul-Verteilungsvorrichtung und Verfahren
FR2877521A1 (fr) Dispositif, procede, programme et support de distribution d'informations, d'initialisation, dispositif, procede, programme et support de transfert d'initialisation d'authentification et programme de reception ...
FR2748834A1 (fr) Systeme de communication permettant une gestion securisee et independante d'une pluralite d'applications par chaque carte utilisateur, carte utilisateur et procede de gestion correspondants
EP2820795A1 (de) Verfahren zur überprüfung der identität eines kommunikationsendgeräts und zugehöriges system
WO2003077586A1 (fr) Mise a jour d'un algorithme d'authentification dans un systeme informatique
EP3651408A1 (de) Anonymes identifizierungsverfahren eines sicherheitsmoduls
WO2015059389A1 (fr) Procede d'execution d'une transaction entre un premier terminal et un deuxieme terminal
FR2820848A1 (fr) Gestion dynamique de listes de droits d'acces dans un objet electronique portable
EP1176844B1 (de) Telekommunikationssystemen und Verfahren zur Authentifizierung von einem Teilnehmer betreffende Informationen
EP1142193A1 (de) Verfahren zum gesicherten laden von daten zwischen sicherheitsmodulen
EP0996300A1 (de) Verfahren zum mobilstationseitigem Zugriff auf von einem Server gelieferten Dienste, Teilnehmeridentitätsmodul und Endgerät dafür
EP3278542B1 (de) System und verfahren zur ausführung einer anwendung auf einem mit einer chipkarte ausgestattetem endgerät
EP1413158B1 (de) Zugangsverfahren zu einem von einem virtuellen operator vorgeschlagenen spezifischen dienst und chipkarte für eine entsprechende vorrichtung
EP1636767A1 (de) Verfahren zum zuteilen gesicherter betriebsmittel in einem sicherheits-modul
FR2814021A1 (fr) Procede et dispositif de coordination de services de telecommunication
EP1321005B1 (de) Verfahren zum laden von informationen auf einem identifizierungsmittel
FR3018021A1 (fr) Procede et systeme de securisation de transactions offertes par une pluralite de services entre un appareil mobile d'un utilisateur et un point d'acceptation
FR3128089A1 (fr) Procédé et dispositif de sélection d’une station de base
FR3105703A1 (fr) Technique d’administration d’un profil d’accès à un réseau de communication
EP1398983B1 (de) Fernprogrammierungsverfahren eines Mobiltelefons und System dafür
US9544760B2 (en) Method of activation on a second network of a terminal comprising a memory module associated with a first network
FR2993424A1 (fr) Procede de fourniture de donnees d'identification d'un utilisateur et procede d'identification d'un utilisateur

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20070723

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

DAX Request for extension of the european patent (deleted)
RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: GEMALTO SA

17Q First examination report despatched

Effective date: 20110405

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

RIC1 Information provided on ipc code assigned before grant

Ipc: H04W 8/26 20090101ALI20170926BHEP

Ipc: H04L 9/32 20060101ALI20170926BHEP

Ipc: G07F 7/10 20060101ALI20170926BHEP

Ipc: H04W 8/20 20090101ALI20170926BHEP

Ipc: G06Q 20/34 20120101AFI20170926BHEP

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

GRAJ Information related to disapproval of communication of intention to grant by the applicant or resumption of examination proceedings by the epo deleted

Free format text: ORIGINAL CODE: EPIDOSDIGR1

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

INTG Intention to grant announced

Effective date: 20171102

RIN1 Information on inventor provided before grant (corrected)

Inventor name: MERRIEN, LIONEL

Inventor name: DE GROOT, MAX

Inventor name: CHEW, GARY

INTG Intention to grant announced

Effective date: 20171120

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20180404