KR20230131081A - Electronic device supporting reuse of profile of embedded subscriber identity module and method for operating thereof - Google Patents

Abstract

According to various embodiments, an electronic device includes an embedded universal integrated circuit card (eUICC) and at least one processor electrically connected to the eUICC, wherein the at least one processor is connected to an external electronic device. Based on confirming at least one user input causing movement of the first profile stored in the eUICC, transmitting a first message requesting movement of the first profile to the external electronic device, and sending the first message Based on receiving a second message requesting deletion of the first profile corresponding to, delete the first profile and send a third message indicating deletion of the first profile to the SM-DP+ server, The SM-DP+ server, which has received the third message, receives a fourth message from the entitlement server indicating that preparation of the first profile is complete, and downloads it to the entitlement server based on the fourth message. Transmitting a fifth message for requesting information, receiving a sixth message containing the download information corresponding to the fifth message from the entitlement server, and the download information confirmed based on the sixth message It can be set to provide. Various other embodiments are possible.

Description

Electronic device supporting reuse of profile of embedded SIM and operating method thereof {ELECTRONIC DEVICE SUPPORTING REUSE OF PROFILE OF EMBEDDED SUBSCRIBER IDENTITY MODULE AND METHOD FOR OPERATING THEREOF}

Various embodiments relate to an electronic device that supports delivery of a profile of an embedded subscriber identity module (SIM) and a method of operating the same.

In a wireless communication system, an electronic device (eg, user equipment (UE)) can access a wireless communication network and use voice communication or data communication services at a designated location or while moving. In order to provide communication services to electronic devices, an appropriate authentication process is required. Generally, a universal integrated circuit card (UICC) is inserted into an electronic device, and the electronic device and a mobile network operator (MNO) are connected through a universal subscriber identity module (USIM) installed inside the UICC. Authentication is performed between servers. UICC is a SIM (subscriber identity module) card for GSM (global system for mobile communications), and USIM (universal subscriber identity) for WCDMA (wideband code division multiple access), LTE (long term evolution), and NR (new radio) methods. module) card.

When a user of an electronic device subscribes to a wireless communication service provided by a telecommunication service provider, the telecommunication service provider provides the user with a UICC (e.g. SIM card or USIM card), and the user can insert the provided UICC into his or her electronic device. there is. When the UICC is inserted into an electronic device, the USIM application installed inside the UICC is executed and the same value is stored using the IMSI (international mobile subscriber identity) value stored inside the UICC and the encryption key value for authentication. An appropriate authentication process may be performed with the operator's server. Wireless communication services can be used after the appropriate authentication process has been performed.

The UICC is manufactured as a dedicated card for a specific communication service provider at the request of a specific communication service provider when manufacturing the card, and includes authentication information for network access of the communication service provider (e.g., USIM application and subscriber identification ID (e.g., IMSI)), An encryption key (eg, a known K value or Ki value) may be preloaded. The UICC is provided to subscribers of communication services through the relevant communication service provider, and the communication service provider can then manage the installation, modification, and deletion of applications within the UICC by utilizing technologies such as OTA (over the air) when necessary. there is. Users can use the network and application services of the relevant communication service provider by inserting the UICC into the terminal. When replacing the terminal, the user can insert the removable UICC from the existing terminal to a new terminal, thereby storing the authentication information, phone number, and personal phone book stored in the UICC. etc. can be used as is in the new terminal.

Unlike UICCs that are manufactured and distributed exclusively for specific telecommunication carriers, users purchase a specific UICC or subscribe to (or purchase) a telecommunication service at the point after acquiring a UICC, and the user subscribes to, cancels, or opens a specific wireless telecommunication service provider. , or when changing subscription to another communication service provider (e.g., line transfer), remotely install the communication service provider's USIM application, subscriber identification ID, encryption key, etc. on the UICC, and the authentication information of various communication service providers is safe and secure. A flexible installation and management method is being proposed.

For example, a so-called embedded UICC (eUICC) is being proposed that allows a user to remotely install a profile for providing communication services through a network without replacing the UICC even if the user changes the communication service provider. The eUICC can be manufactured as a UICC that is fixed and pre-mounted in the terminal, for example, in the form of a chip, during the terminal manufacturing process. Therefore, the eUICC can be used not only in general wireless terminals such as mobile phones, but also in various terminals that may have a structure in which physical attachment and detachment of the UICC is not easy, such as M2M (machine to machine) or D2D (device to device) terminals. The eUICC may also be referred to as eSIM.

In the case of an electronic device based on a physical SIM card, a user can remove the physical SIM from one electronic device and then insert the physical SIM into another electronic device. Accordingly, the subscription of the corresponding SIM can be moved to another electronic device. There has been no disclosure regarding a method of moving a line while reusing a profile.

An electronic device and a method of operating the same according to various embodiments may delete a stored profile based on receiving a profile deletion command and provide download information for the profile in order to move the profile to another electronic device. An electronic device and a method of operating the same according to various embodiments may perform an operation to induce deletion based on receipt of a deletion command of the profile in order to receive a profile stored in another electronic device, and then receive download information. there is.

According to various embodiments, an electronic device includes an embedded universal integrated circuit card (eUICC) and at least one processor electrically connected to the eUICC, wherein the at least one processor includes a memory stored in the eUICC. Based on confirmation of at least one user input causing movement of the first profile to another electronic device, sending a first message requesting movement of the first profile to the external electronic device, and sending the first message Based on receiving a second message requesting deletion of the first profile corresponding to, delete the first profile and send a third message indicating deletion of the first profile to the SM-DP+ server, The SM-DP+ server, which has received the third message, receives a fourth message from the entitlement server indicating that preparation of the first profile is complete, and downloads it to the entitlement server based on the fourth message. Transmitting a fifth message for requesting information, receiving a sixth message containing the download information corresponding to the fifth message from the entitlement server, and the download information confirmed based on the sixth message It can be set to provide.

According to various embodiments, a method of operating a server includes receiving a first message requesting a new profile of a specific ICCID from an entitlement server, and based on reception of the first message, sending the specific ICCID to the SM-DP+ server. An operation of transmitting a second message requesting a new profile of an ICCID, after transmitting the second message, an operation of receiving a third message indicating that the specific ICCID is in use from the SM-DP+ server, the third Based on reception of the message, it may include transmitting a fourth message requesting deletion of the profile of the specific ICCID to the entitlement server.

According to various embodiments, a method of operating an entitlement server includes receiving a first message requesting a profile movement from an electronic device, and secondly requesting a new profile of a specific ICCID based on the first message. Transmitting a message to the BSS/OSS, receiving a third message indicating that deletion of the profile of the specific ICCID is requested, and based on reception of the third message, deleting the profile of the specific ICCID is requested. It may include an operation of transmitting the fourth message indicating the message to the electronic device.

According to various embodiments, an electronic device includes an embedded universal integrated circuit card (eUICC) and at least one processor electrically connected to the eUICC, wherein the at least one processor is connected to an external electronic device. Based on confirmation of at least one user input causing movement of the first profile stored in the electronic device, send a first message requesting movement of the first profile to the electronic device, and Based on receiving a second message requesting deletion of the first profile corresponding to the message, performing an operation associated with inducing deletion of the first profile, and requesting deletion of the first profile, SM-DP+ Receiving a third message from the entitlement server indicating that preparation of the first profile is completed at the server, and based on the third message, transmitting a fourth message for requesting download information to the entitlement server And, a fifth message containing the download information corresponding to the fourth message is received from the entitlement server, and based on the download information confirmed based on the fifth message, from the SM-DP+ server. The first profile may be acquired, the first profile may be installed in the eUICC, and the first profile may be activated.

According to various embodiments, in order to move a profile to an external electronic device, an electronic device capable of deleting a stored profile based on reception of a profile deletion command and providing download information of the profile and a method of operating the same may be provided. . An external electronic device may acquire download information and download the profile, thereby enabling reuse of the profile.

According to various embodiments, in order to receive a profile stored in an external electronic device, an operation to induce deletion may be performed based on reception of a profile deletion command, and then download information may be received. The external electronic device may delete the existing profile, thereby enabling reuse of the profile.

1A is a block diagram of an electronic device in a network environment, according to various embodiments.
FIG. 1B is a diagram illustrating a network environment including electronic devices according to various embodiments.
FIG. 2 is a diagram illustrating a system that provides a profile-based communication connection to an electronic device according to various embodiments.
Figure 3 is a block diagram showing the configuration of an electronic device according to various embodiments.
Figure 4 is a diagram for explaining the internal structure of an eUICC according to various embodiments.
Figure 5 is a block diagram illustrating a network system for downloading a profile according to various embodiments.
Figure 6 is a flowchart showing a profile download method according to various embodiments.
FIG. 7 illustrates a flowchart for explaining a method of operating an electronic device according to various embodiments.
8A and 8B show flowcharts for explaining a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.
Figure 9 shows a flowchart for explaining a method of operating an operator server according to various embodiments.
10A to 10G are diagrams for explaining screens displayed on an electronic device according to various embodiments.
FIG. 11 illustrates a flowchart illustrating a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.
12A and 12B show flowcharts for explaining a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.
13A to 13G are diagrams for explaining screens displayed on an electronic device according to various embodiments.
FIG. 14 illustrates a flowchart illustrating a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.
FIG. 15 is a flowchart illustrating a method of operating at least one entity of an electronic device and/or an operator server according to an embodiment.
FIG. 16A is a flowchart illustrating a method of operating an electronic device according to various embodiments.
FIG. 16B is a diagram for explaining a screen displayed by an electronic device according to various embodiments.
FIG. 17 illustrates a flowchart illustrating a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.
FIG. 18A is a flowchart illustrating a method of operating an external electronic device according to various embodiments.
FIG. 18B is a diagram for explaining a screen displayed by an external electronic device according to various embodiments.
FIG. 19 illustrates a flowchart illustrating a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.

1A is a block diagram of an electronic device 101 in a network environment 100, according to various embodiments. Referring to FIG. 1A, in the network environment 100, the electronic device 101 communicates with the electronic device 102 through a first network 198 (e.g., a short-range wireless communication network) or a second network 199. It is possible to communicate with the electronic device 104 or the server 108 through (e.g., a long-distance wireless communication network). According to one embodiment, the electronic device 101 may communicate with the electronic device 104 through the server 108. According to one embodiment, the electronic device 101 includes a processor 120, a memory 130, an input module 150, an audio output module 155, a display module 160, an audio module 170, and a sensor module ( 176), interface 177, connection terminal 178, haptic module 179, camera module 180, power management module 188, battery 189, communication module 190, subscriber identification module 196 , or may include an antenna module 197. In some embodiments, at least one of these components (eg, the connection terminal 178) may be omitted or one or more other components may be added to the electronic device 101. In some embodiments, some of these components (e.g., sensor module 176, camera module 180, or antenna module 197) are integrated into one component (e.g., display module 160). It can be.

The processor 120, for example, executes software (e.g., program 140) to operate at least one other component (e.g., hardware or software component) of the electronic device 101 connected to the processor 120. It can be controlled and various data processing or calculations can be performed. According to one embodiment, as at least part of data processing or computation, the processor 120 stores commands or data received from another component (e.g., sensor module 176 or communication module 190) in volatile memory 132. The commands or data stored in the volatile memory 132 can be processed, and the resulting data can be stored in the non-volatile memory 134. According to one embodiment, the processor 120 includes a main processor 121 (e.g., a central processing unit or an application processor) or an auxiliary processor 123 that can operate independently or together (e.g., a graphics processing unit, a neural network processing unit ( It may include a neural processing unit (NPU), an image signal processor, a sensor hub processor, or a communication processor). For example, if the electronic device 101 includes a main processor 121 and a secondary processor 123, the secondary processor 123 may be set to use lower power than the main processor 121 or be specialized for a designated function. You can. The auxiliary processor 123 may be implemented separately from the main processor 121 or as part of it.

The auxiliary processor 123 may, for example, act on behalf of the main processor 121 while the main processor 121 is in an inactive (e.g., sleep) state, or while the main processor 121 is in an active (e.g., application execution) state. ), together with the main processor 121, at least one of the components of the electronic device 101 (e.g., the display module 160, the sensor module 176, or the communication module 190) At least some of the functions or states related to can be controlled. According to one embodiment, co-processor 123 (e.g., image signal processor or communication processor) may be implemented as part of another functionally related component (e.g., camera module 180 or communication module 190). there is. According to one embodiment, the auxiliary processor 123 (eg, neural network processing unit) may include a hardware structure specialized for processing artificial intelligence models. Artificial intelligence models can be created through machine learning. For example, such learning may be performed in the electronic device 101 itself, where artificial intelligence is performed, or may be performed through a separate server (e.g., server 108). Learning algorithms may include, for example, supervised learning, unsupervised learning, semi-supervised learning, or reinforcement learning, but It is not limited. An artificial intelligence model may include multiple artificial neural network layers. Artificial neural networks include deep neural network (DNN), convolutional neural network (CNN), recurrent neural network (RNN), restricted boltzmann machine (RBM), belief deep network (DBN), bidirectional recurrent deep neural network (BRDNN), It may be one of deep Q-networks or a combination of two or more of the above, but is not limited to the examples described above. In addition to hardware structures, artificial intelligence models may additionally or alternatively include software structures.

The memory 130 may store various data used by at least one component (eg, the processor 120 or the sensor module 176) of the electronic device 101. Data may include, for example, input data or output data for software (e.g., program 140) and instructions related thereto. Memory 130 may include volatile memory 132 or non-volatile memory 134.

The program 140 may be stored as software in the memory 130 and may include, for example, an operating system 142, middleware 144, or application 146.

The input module 150 may receive commands or data to be used in a component of the electronic device 101 (e.g., the processor 120) from outside the electronic device 101 (e.g., a user). The input module 150 may include, for example, a microphone, mouse, keyboard, keys (eg, buttons), or digital pen (eg, stylus pen).

The sound output module 155 may output sound signals to the outside of the electronic device 101. The sound output module 155 may include, for example, a speaker or a receiver. Speakers can be used for general purposes such as multimedia playback or recording playback. The receiver can be used to receive incoming calls. According to one embodiment, the receiver may be implemented separately from the speaker or as part of it.

The display module 160 can visually provide information to the outside of the electronic device 101 (eg, a user). The display module 160 may include, for example, a display, a hologram device, or a projector, and a control circuit for controlling the device. According to one embodiment, the display module 160 may include a touch sensor configured to detect a touch, or a pressure sensor configured to measure the intensity of force generated by the touch.

The audio module 170 can convert sound into an electrical signal or, conversely, convert an electrical signal into sound. According to one embodiment, the audio module 170 acquires sound through the input module 150, the sound output module 155, or an external electronic device (e.g., directly or wirelessly connected to the electronic device 101). Sound may be output through the electronic device 102 (e.g., speaker or headphone).

The sensor module 176 detects the operating state (e.g., power or temperature) of the electronic device 101 or the external environmental state (e.g., user state) and generates an electrical signal or data value corresponding to the detected state. can do. According to one embodiment, the sensor module 176 includes, for example, a gesture sensor, a gyro sensor, an air pressure sensor, a magnetic sensor, an acceleration sensor, a grip sensor, a proximity sensor, a color sensor, an IR (infrared) sensor, a biometric sensor, It may include a temperature sensor, humidity sensor, or light sensor.

The interface 177 may support one or more designated protocols that can be used to connect the electronic device 101 directly or wirelessly with an external electronic device (eg, the electronic device 102). According to one embodiment, the interface 177 may include, for example, a high definition multimedia interface (HDMI), a universal serial bus (USB) interface, an SD card interface, or an audio interface.

The connection terminal 178 may include a connector through which the electronic device 101 can be physically connected to an external electronic device (eg, the electronic device 102). According to one embodiment, the connection terminal 178 may include, for example, an HDMI connector, a USB connector, an SD card connector, or an audio connector (eg, a headphone connector).

The haptic module 179 can convert electrical signals into mechanical stimulation (e.g., vibration or movement) or electrical stimulation that the user can perceive through tactile or kinesthetic senses. According to one embodiment, the haptic module 179 may include, for example, a motor, a piezoelectric element, or an electrical stimulation device.

The camera module 180 can capture still images and moving images. According to one embodiment, the camera module 180 may include one or more lenses, image sensors, image signal processors, or flashes.

The power management module 188 can manage power supplied to the electronic device 101. According to one embodiment, the power management module 188 may be implemented as at least a part of, for example, a power management integrated circuit (PMIC).

The battery 189 may supply power to at least one component of the electronic device 101. According to one embodiment, the battery 189 may include, for example, a non-rechargeable primary battery, a rechargeable secondary battery, or a fuel cell.

Communication module 190 is configured to provide a direct (e.g., wired) communication channel or wireless communication channel between electronic device 101 and an external electronic device (e.g., electronic device 102, electronic device 104, or server 108). It can support establishment and communication through established communication channels. Communication module 190 operates independently of processor 120 (e.g., an application processor) and may include one or more communication processors that support direct (e.g., wired) communication or wireless communication. According to one embodiment, the communication module 190 is a wireless communication module 192 (e.g., a cellular communication module, a short-range wireless communication module, or a global navigation satellite system (GNSS) communication module) or a wired communication module 194 (e.g., : LAN (local area network) communication module, or power line communication module) may be included. Among these communication modules, the corresponding communication module is a first network 198 (e.g., a short-range communication network such as Bluetooth, wireless fidelity (WiFi) direct, or infrared data association (IrDA)) or a second network 199 (e.g., legacy It may communicate with an external electronic device 104 through a telecommunication network such as a cellular network, a 5G network, a next-generation communication network, the Internet, or a computer network (e.g., LAN or WAN). These various types of communication modules may be integrated into one component (e.g., a single chip) or may be implemented as a plurality of separate components (e.g., multiple chips). The wireless communication module 192 uses subscriber information (e.g., International Mobile Subscriber Identifier (IMSI)) stored in the subscriber identification module 196 to communicate within a communication network such as the first network 198 or the second network 199. The electronic device 101 can be confirmed or authenticated.

The wireless communication module 192 may support 5G networks after 4G networks and next-generation communication technologies, for example, NR access technology (new radio access technology). NR access technology provides high-speed transmission of high-capacity data (eMBB (enhanced mobile broadband)), minimization of terminal power and access to multiple terminals (mMTC (massive machine type communications)), or high reliability and low latency (URLLC (ultra-reliable and low latency). -latency communications)) can be supported. The wireless communication module 192 may support high frequency bands (eg, mmWave bands), for example, to achieve high data rates. The wireless communication module 192 uses various technologies to secure performance in high frequency bands, for example, beamforming, massive array multiple-input and multiple-output (MIMO), and full-dimensional multiplexing. It can support technologies such as input/output (FD-MIMO: full dimensional MIMO), array antenna, analog beam-forming, or large scale antenna. The wireless communication module 192 may support various requirements specified in the electronic device 101, an external electronic device (e.g., electronic device 104), or a network system (e.g., second network 199). According to one embodiment, the wireless communication module 192 supports Peak data rate (e.g., 20 Gbps or more) for realizing eMBB, loss coverage (e.g., 164 dB or less) for realizing mmTC, or U-plane latency (e.g., 164 dB or less) for realizing URLLC. Example: Downlink (DL) and uplink (UL) each of 0.5 ms or less, or round trip 1 ms or less) can be supported.

The antenna module 197 may transmit or receive signals or power to or from the outside (eg, an external electronic device). According to one embodiment, the antenna module 197 may include an antenna including a radiator made of a conductor or a conductive pattern formed on a substrate (eg, PCB). According to one embodiment, the antenna module 197 may include a plurality of antennas (eg, an array antenna). In this case, at least one antenna suitable for the communication method used in the communication network, such as the first network 198 or the second network 199, is connected to the plurality of antennas by, for example, the communication module 190. can be selected Signals or power may be transmitted or received between the communication module 190 and an external electronic device through the at least one selected antenna. According to some embodiments, in addition to the radiator, other components (eg, radio frequency integrated circuit (RFIC)) may be additionally formed as part of the antenna module 197.

According to various embodiments, the antenna module 197 may form a mmWave antenna module. According to one embodiment, a mmWave antenna module includes a printed circuit board, an RFIC disposed on or adjacent to a first side (e.g., bottom side) of the printed circuit board and capable of supporting a designated high frequency band (e.g., mmWave band); And a plurality of antennas (e.g., array antennas) disposed on or adjacent to the second side (e.g., top or side) of the printed circuit board and capable of transmitting or receiving signals in the designated high frequency band. can do.

At least some of the components are connected to each other through a communication method between peripheral devices (e.g., bus, general purpose input and output (GPIO), serial peripheral interface (SPI), or mobile industry processor interface (MIPI)) and signal ( (e.g. commands or data) can be exchanged with each other.

According to one embodiment, commands or data may be transmitted or received between the electronic device 101 and the external electronic device 104 through the server 108 connected to the second network 199. Each of the external electronic devices 102 or 104 may be of the same or different type as the electronic device 101. According to one embodiment, all or part of the operations performed in the electronic device 101 may be executed in one or more of the external electronic devices 102, 104, or 108. For example, when the electronic device 101 needs to perform a certain function or service automatically or in response to a request from a user or another device, the electronic device 101 may perform the function or service instead of executing the function or service on its own. Alternatively, or additionally, one or more external electronic devices may be requested to perform at least part of the function or service. One or more external electronic devices that have received the request may execute at least part of the requested function or service, or an additional function or service related to the request, and transmit the result of the execution to the electronic device 101. The electronic device 101 may process the result as is or additionally and provide it as at least part of a response to the request. For this purpose, for example, cloud computing, distributed computing, mobile edge computing (MEC), or client-server computing technology can be used. The electronic device 101 may provide an ultra-low latency service using, for example, distributed computing or mobile edge computing. In another embodiment, the external electronic device 104 may include an Internet of Things (IoT) device. Server 108 may be an intelligent server using machine learning and/or neural networks. According to one embodiment, the external electronic device 104 or server 108 may be included in the second network 199. The electronic device 101 may be applied to intelligent services (e.g., smart home, smart city, smart car, or healthcare) based on 5G communication technology and IoT-related technology.

FIG. 1B is a diagram illustrating a network environment 100 including electronic devices according to various embodiments. Referring to FIG. 1B, a network according to various embodiments of the present invention may include an electronic device 101, a first communication network 111a, and/or a second communication network 112a.

According to various embodiments, the electronic device 101 may operate as a dual SIM dual standby (DSDS) or dual SIM dual active (DSDA) electronic device that supports two SIMs in one device. For example, the electronic device 101 may include a first SIM 111 and an eSIM 201. The first SIM 111 may be an rSIM. For example, the electronic device 101 may be equipped with a SIM card. Hereinafter, for convenience of explanation, the SIM card will be referred to as SIM. The electronic device 101 may include a slot (not shown) to accommodate the first SIM 111. According to one embodiment, although not shown, the electronic device 101 can accommodate two or more SIMs. In this case, the electronic device 101 may include a plurality of slots to accommodate a plurality of SIMs.

For example, the first SIM 111 is a SIM subscribed to a communication service provider of the first communication network 111a, and the electronic device 101 connects to the first communication network 111a using the first SIM 111 to wirelessly connect to the first communication network 111a. Communication services can be provided. According to various embodiments, the electronic device 101 may include an embedded subscriber identity module (eSIM) 201. eSIM may also be named eUICC. The electronic device 101 can receive a wireless communication service by connecting to the second communication network 112a using the eSIM 201. The first communication network 111a and the second communication network 112a may be provided by the same communication service provider, or may be provided by different communication service providers.

FIG. 2 is a diagram illustrating a system that provides a profile-based communication connection to an electronic device according to various embodiments.

Referring to FIG. 2, the system 200 according to various embodiments includes an electronic device 101, an SM-DS server 210, an SM-DP+ server 220, an MNO server 230, and a communication service server 240. ) may include.

According to various embodiments, the electronic device 101 (eg, the electronic device 101 of FIG. 1B) may include an eSIM 201. Although not shown for convenience of explanation, the electronic device 101 may include at least one slot capable of accommodating at least one rSIM. According to various embodiments, the electronic device 101 may include or accommodate N SIMs (eSIMs or rSIMs) (N is a natural number), and may perform switching to use some of them. There is no limit to the combination of N SIMs, and there is no limit to their number.

According to various embodiments, the eSIM 201 may be inserted into the electronic device 101, provided integrally with the electronic device 101, or implemented to be accessible to the electronic device 101. According to various embodiments, the eSIM 201 is a mobile network operator (mobile network operator) that uses information in the eSIM 201 (eg, a profile including USIM (universal subscriber identity module) information). Authentication can be performed with the MNO) server. According to one embodiment, the eSIM 201 is called a subscriber identity module (SIM) card, wideband code division multiple access (WCDMA) in the case of GSM (global system for mobile communications), or long term evolution (LTE), NR ( In the case of the new radio) method, it can be called a USIM (universal subscriber identity module) card, and it can also be called by various names depending on the communication method. For example, when the user of the electronic device 101 subscribes to a wireless communication service provided by a telecommunication service provider, the electronic device 101 receives information in the eSIM 201, such as an international mobile subscriber identity (IMSI) value and authentication. You can use the wireless communication service by using the K value, which is the encryption key for , and performing an appropriate authentication process with the communication service provider's server where the same value is stored. For example, the appropriate authentication process may be AKA (authentication and key agreement) authentication, and other authentication methods may also be used.

According to various embodiments, the eSIM 201 may be manufactured as a dedicated card for a specific communication service provider at the request of the communication service provider, and may contain authentication information (e.g., USIM application and subscriber identification ID) for network access of the communication service provider. For example, IMSI), an encryption key (for example, a known K value or Ki value) may be preloaded. Applications (or information) within the eSIM 201 can be installed, modified, deleted, or updated using technologies such as OTA (over the air) when necessary.

According to various embodiments, the eSIM 201 may download and/or store information for providing communication services in the form of a profile. According to one embodiment, the profile may be installed or saved during the manufacturing process of the eSIM (201), or may be downloaded by the terminal in an OTA (over the air) manner and installed or stored in the eSIM (201). For example, the profile may include a provisioning profile and an operational profile. Even if the provisioning profile is not installed, the electronic device 101 may download the operational profile through a short-distance Wi-Fi connection or an Internet connection, and the provisioning profile must be installed on the electronic device 101. Those skilled in the art will understand that there is no such thing. For example, the operational profile may be a profile that includes subscriber identification information of the user of the electronic device, and the provisioning profile may be subscriber identification information or subscriber identification information (hereinafter referred to as 'first subscriber identification information') on the electronic device. It may include information (hereinafter also referred to as “first information”) for downloading a profile including (hereinafter also referred to as “first operational profile”). The electronic device may download the first operational profile based on the first information on the provisioning profile in the eSIM 201.

According to various embodiments, the electronic device 101 may store subscriber identification information (hereinafter also referred to as 'second subscriber identification information') of the operational profile (hereinafter also referred to as 'second operational profile') installed or stored in the eSIM 201. You can receive communication services using . For example, a profile containing subscriber identification information may be a subscriber identity module (SIM) profile.

According to one embodiment, the operational profile includes, in addition to subscriber identification information, the subscriber's network access authentication information, the subscriber's phone book, the subscriber's personal information (e.g., SMS), the name of the subscribed communication service provider, available services, and the amount of available data. , rate or service provision speed, or information that enables safe wireless communication by performing subscriber authentication and generating a traffic security key when connecting to a wireless communication network such as GSM, WCDMA, LTE, or NR may be further included.

According to various embodiments, the first information for downloading data including first subscriber identification information (e.g., a first operational profile) is provided for a first communication connection designated for downloading the first operational profile. May contain communication session information. For example, the communication session information may be SM-DS (subscription manager discovery service) server 210 connection information for downloading the first operational profile or communication service provider network information available for connection to the SM-DS server 210. may include.

According to various embodiments, the SM-DS server 210 may provide the electronic device 101 with the address of the SM-DP+ server 220 from which the first operational profile can be downloaded based on the provisioning profile. .

According to various embodiments, the SM-DP+ (subscription manager data preparation plus) server 220 is a profile providing server, an off-card entity of profile domain, a profile encryption server, a profile creation server, and a profile. It may be a profile provisioner or profile provider. The SM-DP+ server 220 may perform a first communication connection 22 with the electronic device 101 through a wireless communication network based on a first communication connection request based on a provisioning profile from the electronic device 101, , the first operational profile may be provided to the electronic device 101 through the first communication connection 22. According to various embodiments, the wireless communication network may be a specific node of the wireless communication network. For example, the wireless communication network may be a base station, a subscriber information management node, or a mobility management node, etc. of the wireless communication network. According to one embodiment, the wireless communication network may include a home location register (HLR) and/or an authentication center (AuC) server that the electronic device 101 connects to and performs a subscriber authentication function, and connects after authentication to perform voice communication. Alternatively, it may be connected to a communication service server 240 that can provide communication services such as data communication.

According to various embodiments, the mobile network operator (MNO) server 230 may be a server associated with a mobile communication network operator. According to various embodiments, the MNO server 230 may prepare at least one profile (or profile package) (e.g., first operational profile) associated with at least one subscriber identification information (e.g., first subscriber identification information). A request may be made to the SM-DP+ server 220, and information associated with the first operational profile may be transmitted to the SM-DP+ server 220. According to one embodiment, the MNO server 230 may transmit a signal for updating and managing the first operational profile to the SM-DP+ server 220. The MNO server 230 may allow a second communication connection 24 between the electronic device 101 and the communication service server 240 through a second operational profile installed on the eSIM 201 of the electronic device 101. there is.

According to various embodiments, the communication service server 240 may be a server that provides a communication service. According to various embodiments, a communication service may be a service associated with transmission or reception of data through a wireless communication network. According to one embodiment, the communication service may include downloading an operational profile (e.g., a first operational profile including first subscriber identifying information) and transmitting or receiving other profiles (or data) that do not include subscriber identifying information. May include services related to . For example, the communication service server 240 may include service servers associated with various data transmission and reception, such as servers associated with each of various applications, a push server, a search server, or a market server, and communication by the communication service server 240 Services may include various services such as data transmission and reception by an application, notification reception, push message reception, link reception and connection, or service request.

According to various embodiments, the electronic device 101 connects the communication service server 240 and the second operational profile based on the second operational profile when requesting a service associated with transmission or reception of a profile (or data) that does not include subscriber identification information. 2 Communication connection (24) can be performed.

According to various embodiments, the SM-DS server 210, SM-DP+ server 220, MNO server 230, or communication service server 240 merely explains implementation examples of servers for performing each function. , may be called by other names, and each of the SM-DS server 210, SM-DP+ server 220, MNO server 230, or communication service server 240 may be composed of one or more servers. Some or all of the SM-DS server 210, SM-DP+ server 220, MNO server 230, or communication service server 240 may be configured as one integrated server.

Figure 3 is a block diagram showing the configuration of an electronic device according to various embodiments.

Referring to FIG. 3, the electronic device 101 of FIG. 1A or 1B, or the electronic device 101 of FIG. 2 according to various embodiments includes a processor 120, an eSIM 201, a communication module 190, and a display. It may include a module 160 and an input module 150. Although not shown for convenience of explanation, the electronic device 101 may include two or more slots that can accommodate two or more rSIMs.

According to various embodiments, the processor 120 (e.g., the processor 120 of FIG. 1A) may include one or a plurality of processors (e.g., the main processor 121 and the auxiliary processor 123 of FIG. 1A or an application processor and a communication processor). ) and may include a local profile assistant (LPA) 312 (eg, LPAd (device)) according to an embodiment. According to various embodiments, when the processor 120 includes a plurality of processors, some of the plurality of processors may include part of the LPA 312, and other parts may include another part of the LPA 312. According to various embodiments, the LPA 312 may be included in the eSIM 201, and in this case, the LPA 312 may be referred to as LPAe (eUICC).

According to various embodiments, the LPA 312 may perform an operation to communicate with a server to support profile download, installation, and management operations of the eSIM 201, or to provide a user interface necessary for profile download, installation, and management operations. You can. The LPA 312 includes local discovery services (LDS) 31, local profile download (LPD) 33, and a local user interface within the electronic device 101. It may be a module that provides LUI (35) operations.

According to various embodiments, the LDS 31 communicates with the SM-DS server 210 and uses the SM-DP+ server 220 to download the operational profile based on the provisioning profile from the SM-DS server 210. You can perform an operation to receive an address.

According to various embodiments, the LPD 33 performs a first communication connection 22 with the SM-DP+ server 220 through a wireless communication network based on the address of the SM-DP+ server 220, and makes the first communication connection An operation of receiving the first operational profile from the SM-DP+ server 220 can be performed through (22). According to various embodiments, the LPD 33 supports network-initiated profile download, enable, disable, delete, or profile policy rule (PPR) download operations; Profile activation, deactivation, deletion, or eUICC reset operations by an electronic device may be supported.

According to various embodiments, the LUI 35 may perform an operation of providing various user interfaces when downloading the operational profile. According to one embodiment, the LUI 35 may support data exchange between the LDS 31 and the LPD 33 and a user, and includes a UI that conveys the user's input to the LDS 31 or LPD 33. can do.

According to one embodiment, the processor 120 may use (or execute) the LPA 312 to perform a communication service based on information stored in the eSIM 201. For example, the processor 120 includes the SM-DP+ server 220 and first subscriber identification information through the communication module 190 based on the provisioning profile stored in the eSIM 201 using the LPA 312. A first communication connection may be made to download a profile (e.g., first operational profile). The processor 120 uses the LPA 312 to terminate the first communication connection when requesting transmission or reception of a profile or data that does not include subscriber identification information during the first communication connection, and to send or receive a second communication connection based on the second subscriber identification information. A communication connection may be established to transmit or receive a profile or data that does not include the subscriber identification information.

According to various embodiments, the eSIM 201 (e.g., the subscriber identification module 196 in FIG. 1A or the eSIM 201 in FIG. 2) may include one or more profiles as information for providing a communication service. You can. The profile may mean packaging at least one of the application, file system, and authentication key value stored in the eSIM 201 in software form. For example, the profile may include a provisioning profile and an operational profile. The operational profile may include subscriber identification information, and in addition to subscriber identification information, the subscriber's network access authentication information, the subscriber's phone book, the subscriber's personal information (e.g. SMS), the name of the subscribed telecommunication service provider, available services, It may further include information that enables safe use of wireless communication by performing subscriber authentication and generating a traffic security key when connecting to a wireless communication network such as available data amount, rate or service provision speed, or GSM, WCDMA, LTE, NR, etc. there is. According to one embodiment, the operational profile may include a SIM profile. For example, a SIM profile includes a SIM file system (master file (MF), dedicated file (DF), elementary files (EF)), and a subscriber identification information (IMSI) value may be stored in the elementary file.

According to various embodiments, the provisioning profile may be a profile including first information for downloading the first operational profile from an electronic device. For example, the first information may include communication session information for a first communication connection designated for downloading the first operational profile. For example, the communication session information may include SM-DS server (e.g., SM-DS server 210 in FIG. 2) connection information for downloading the first operational profile, and SM-DS server connection. It may include information on available telecommunications carrier networks.

According to various embodiments, the communication module 190 (e.g., the communication module 190 of FIG. 1A) may perform first communication based on a provisioning profile or second communication based on a second operational profile. At least one screen related to a first communication based on a provisioning profile or a second communication based on a second operational profile may be displayed on the display module 160.

According to one embodiment, the LPA 312 has been described as being included in the processor 120, but at least some functions of the LPA 312 are performed in the processor 120 or a separate LPA 312 is used in the processor 120. It may also operate in conjunction with the processor 120. For example, the LPA 312 may be included in a program (e.g., program 140 in FIG. 1A), and may be loaded and executed on the processor 120, and the LPA 312 may be loaded on the processor 120 and executed. If so, it can be understood as the operation of the processor 120. According to various embodiments, the functional modules included in the LPA 312 (e.g., LDS 31, LPD 33, or LUI 35) are illustratively separated and may be expressed as different functional modules. It may not be limited to this example. According to various embodiments, the LPA 312 may be included in the eSIM 201.

Figure 4 is a diagram for explaining the internal structure of an eUICC according to various embodiments.

The eUICC 401 (e.g., eSIM 201 in FIG. 2 or 3) according to an embodiment may be in the form of a card or chip, and has at least one profile 410, 420, 430 in software format. Can be installed. According to various embodiments, each of the at least one profiles 410, 420, and 430 may be a provisioning profile or an operational profile. At least one profile (410, 420, 430) may operate on the eUICC operating system (OS) 450. Each of the at least one profiles 410, 420, and 430 is enabled or disabled by a processor or an LPA (e.g., the LPA 312 in FIG. 3 or the LPA 480 in FIG. 4). It can be. Referring to FIG. 4, one profile 410 according to one embodiment may be in an enabled state, and the remaining profiles 420 and 430 may be in a disabled state. According to various embodiments, two or more profiles may be active.

According to various embodiments, the eUICC operating system (OS) 450 of the eUICC 401 may include a profile policy enabler (452), a profile package interpreter (454), and a telecom framework (456). According to one embodiment, the profile policy enabler 452 may manage a policy rule (profile policy rule (PPR)) for each of at least one profile 410, 420, and 430. According to one embodiment, the profile package interpreter 454 may unpackage the profile package received from the SM-DP+ (220) into a form that can be installed in the eUICC (401). According to one embodiment, the telecom framework 556 may perform functions related to communication of applications within the eUICC 401. According to various embodiments, the eUICC 401 may include an issuer security domain root (ISD-R) 460 and an ECASD 470. According to one embodiment, the ISD-R (460) can manage at least one profile (410, 420, 430) installed in the eUICC (401). For example, ISD-R 460 may include LPA services 462, which may be a processor or LPA (e.g., LPA 312 in FIG. 3 or LPA 480 in FIG. 4). It is possible to manage at least one profile (410, 420, 430) installed in the eUICC (401) through the interface. According to one embodiment, ECASD (eUICC controlling authority security domain) 470 may perform security processing of at least one profile (410, 420, 430) installed in the eUICC (401).

According to various embodiments, each of the at least one profiles 410, 420, and 430 is ISD-P (410-1, 420-1, or 430-1), MNO-SD (410-2, 420-2, or 430- 2), SSD (supplementary security domain) (410-3, 420-3 or 430-3), CASD (controlling authority security domain) (410-4, 420-4 or 430-4), Applets (410-5, 420-5 or 430-5), network access applications (NAAs) (410-6, 420-6 or 430-6), file system (410-7, 420-7 or 430-7), or profile metadata (410) -8, 420-8 or 430-8).

According to one embodiment, ISD-P (410-1, 420-1, or 430-1) may include information for decoding and interpreting the profile package and cooperates with the profile package interpreter (454) to generate SM-DP+ (220). ) can be used to unpackage and install profile packages received from ).

According to one embodiment, the MNO-SD (410-2, 420-2, or 430-2) may include an OTA (over the air) key of MN0, and is used to provide a secure OTA channel to communicate with MN0. May contain information.

According to one embodiment, a supplementary security domain (SSD) (410-3, 420-3, or 430-3) and a controlling authority security domain (CASD) (410-4, 420-4, or 430-4) perform security processing of the profile. It may contain information to carry out.

According to one embodiment, Applets 410-5, 420-5, or 430-5 may include various application information associated with the user of the profile.

According to one embodiment, network access applications (NAAs) 410-6, 420-6, or 430-6 may include application information that allows the profile to access the network.

According to one embodiment, the file system (410-7, 420-7, or 430-7) may include a file system associated with each piece of information in the profile.

According to one embodiment, profile metadata (410-8, 420-8, or 430-8) may also be referred to as a profile record, and may include metadata information about the profile in text form. The metadata information includes at least one of the profile's integrated circuit card ID (ICCID), profile name, name of the MNO providing the profile, user's profile nickname, icon, profile class, notification configuration information, profile owner information, or profile policy rule (PPR). may include.

According to various embodiments, the ICCID of a profile may represent a unique identifier of each profile as a profile identifier. The name of the profile may include the name of each profile. The name of the profile providing MNO may include the name of the telecommunication operator that provided the profile. The user's profile nickname may include a user-specified profile nickname. The icon may include an icon corresponding to the profile. The profile class may include information indicating whether the type of profile is a provisioning profile or an operational profile. Notification configuration information may include the address of a server (eg, SM-DP+ server 220) to receive notification. Profile owner information may include mobile country code (MCC), mobile network code (MNC), and group identifier (GID) 1 or 2 information associated with the profile owner. For example, MCC (mobile country code) may be a code to identify a country, and MNC (mobile network code) may be a code to identify a mobile communication service provider. GID (group identifier) 1 or 2 may be code area information to identify the group or area to which the profile belongs. Region information may include a group including multiple countries. A profile policy rule (PPR) may include policy rule information for managing the profile.

According to various embodiments, the electronic device 101 includes profile metadata (410-8, 420-8, or 430-8) included in each of the at least one profiles (410, 420, and 430) included in the eUICC (401). Using profile class information, it is possible to identify whether it is a provisioning profile or an operational profile, and the provisioning profile or the operational profile can be activated or activated through the LPA (LPA 312 in FIG. 3 or LPA 480 in FIG. 4). It can be disabled.

Figure 5 is a block diagram illustrating a network system for downloading a profile according to various embodiments. Referring to FIG. 5, a network system according to various embodiments may include an electronic device 101 and a communication service provider server 500. The communication service provider server 500 includes an entitlement server (or, entitlement configuration server) 520, SM-DP+ server 530, authentication server 540, or BSS (business support systems)/OSS (operations support systems) 550. According to various implementations, the communication service provider server 500 may include a web server 510 or may not include a web server 510. For example, at least one of the web server 510, entitlement server 520, SM-DP+ server 530, authentication server 540, or BSS/OSS 550 is managed by a communication service provider. It may be included in the operator server 500. According to various embodiments, the web server 510 and the entitlement server 520 may be servers managed by the same communication service provider or different communication service providers. According to various embodiments, the entitlement server 520 and the SM-DP+ server 530 may be servers managed by the same communication service provider or different communication service providers. The eSIM 201 may be inserted or built into the electronic device 101. A profile can be downloaded and installed on the eSIM 201. A service client 202 may be installed in the electronic device 101 for communication with the communication service provider server 500 according to embodiments described later.

According to various embodiments, the electronic device 101 may connect to the entitlement server 520 by, for example, the service client 202, and a web server ( 510). For example, when the electronic device 101 connects to the entitlement server 520, the entitlement server 520 connects the electronic device 101 or The user of the electronic device 101 can be authenticated and an eligibility test can be performed. If the entitlement server 520 determines that the electronic device 101 or the user of the electronic device 101 is properly authenticated and eligible, the entitlement server 520 sends information accessible to the web server 510 to the electronic device 101. Can be sent. The electronic device 101 can access the web server 510 using information accessible to the web server 510 received through the entitlement server 520. According to various embodiments, the electronic device 101 may request subscription, opening, or line movement through a web page provided by the web server 510, and according to other embodiments, entitlement may be requested without the web server 510. You may also request subscription, opening, or line transfer through the server 520. For example, if the communication service provider server 500 does not include the web server 510 or includes the web server 510 but provides information related to the web server 510 (e.g., address information of the web server 510) If not (e.g., if a web service or web page is not provided through a web server), the electronic device 101 may subscribe, open, and operate through the entitlement server 520. Alternatively, you can request a line transfer. According to various embodiments, the web server 510 may provide a user interface (UI) or web page for the entitlement server 520. For example, the electronic device 101 may request to subscribe to, open, or move to a specific profile through a web page provided from the web server 510. According to various embodiments, the entitlement server 520 may manage and create communication lines, provide service control, and status information. For example, the entitlement server 520 supports the GSMA standard document TS. It may include an entitlement server or an entitlement setting server disclosed at 43. In the standard document, the term entitlement refers to the applicability, availability, or status of a service required before providing a service (e.g., communication service) to the user of the electronic device 101. may include the meaning of For example, the entitlement server 520 may perform a function of delivering information related to the profile provided to the electronic device 101 (eg, profile download information or profile download-related information). In the description described later, profile information may include information related to the profile, and for convenience of explanation, it will be referred to as profile download information or profile download-related information. The entitlement server 520 includes discovery and push function (DPF), subscription manager discovery service (SM-DS), subscription manager secure routing (SM-SR), subscription manager secure routing plus (SM-SR+), off- It may include, but is not limited to, a card entity of eUICC Profile Manager or PMC holder (profile management credentials holder), or EM (eUICC manager).

According to various embodiments, the SM-DP+ server 530 may perform the function of managing and downloading profiles. For example, the SM-DP+ server 530, in addition to SM-DP+, supports SM-DP (subscription manager data preparation), off-card entity of Profile Domain, profile encryption server, profile creation server, and profile provider (PP). ), a profile provider, or a PPC holder (profile provisioning credentials holder), but is not limited thereto.

Figure 6 is a flowchart showing a profile download method according to various embodiments. Referring to FIG. 6 , according to various embodiments, the electronic device 101 (eg, processor 120) may access the web server 510 through the entitlement server 520. In operation 602, the electronic device 101 may request a new eSIM profile or request to subscribe to, open, or move a new communication service through a web page provided by the web server 510. For example, the electronic device 101 may transmit a message containing a subscription-related operation (e.g., subscription, opening, line movement) through a web page provided by the web server 510, and according to various embodiments, The transmission of messages containing subscription-related actions is covered by the GSMA standard document TS. The procedure disclosed in 43 may be followed, but is not limited thereto. For example, the electronic device 101 may read the standard document TS. According to the procedure disclosed in 43, an eligibility check can be requested from the entitlement server 520, and the entitlement server 520, in response to the request, sends another server (in the communication service provider server 500) For example, eligibility can be checked by sending a profile query to BSS/OSS (550). After completing the eligibility test, the entitlement server 520 may transmit the test result to the electronic device 101. The electronic device 101 may confirm that the eligibility check has been completed normally and request a subscription-related operation (eg, subscription, opening, or line transfer) from the entitlement server 520. The entitlement server 520 may authenticate the electronic device 101 or the user of the electronic device 101 through the authentication server 540.

According to various embodiments, the entitlement server 520 sends the SM-DP+ server 530 in response to a request for a subscription-related operation (e.g., subscription, opening, line transfer) through the electronic device 101 in operation 604. ), you can request profile preparation. The information transmitted from the entitlement server 520 to the SM-DP+ server 530 according to the profile preparation request includes an eUICC identifier (e.g., EID (eUICC identifier)), information on the profile information delivery server, profile identifier, or profile. It may include the request time, profile installation key, information on the electronic device 101, or information on the eUICC. The profile identifier may be referred to as a factor matching a profile identifier (Profile ID), integrated circuit card ID (ICCID), ISD-P, or profile domain (PD). The profile identifier may represent a unique identifier for each profile. The eUICC identifier (eUICC ID) may be a unique identifier of the eSIM 201 (or eUICC) embedded in the electronic device 101, and may be referred to as the EID. For example, if a provisioning profile is preloaded on the eUICC, the eUICC ID may be the identifier of the corresponding provisioning profile (profile ID of the provisioning profile). For example, if the electronic device 101 and the eSIM 201 are not separated, the eUICC ID may be the ID of the electronic device 101. The eUICC ID may refer to a specific security domain of the eUICC chip.

According to various embodiments, the entitlement server 520 may notify the electronic device 101 of the profile preparation status while the SM-DP+ server 530 prepares the profile in operation 606. The message for notifying the profile readiness status may include a callback message (eg, a JS (java script) callback message). For example, the callback message may be transmitted when the electronic device 101 terminates a web page provided by the web server 510, but the callback message is not limited to this.

According to various embodiments, the callback message transmitted from the entitlement server 520 to the electronic device 101 may be implemented in the form of “onPlanSelectionCompleted(ServiceStatus=9, smdpAddress or Activation Code).” The callback message may include service status information, the address (or address information) of the profile providing server (e.g., SM-DP+ (220)) 530, or an activation code. For example, the service status information (ServiceStatus) can be displayed as 9 to indicate that the profile is delayed, and the service status information (ServiceStatus) can be displayed as 1 to indicate that profile preparation is complete. According to various embodiments, the activation code may include information corresponding to the address of the SM-DP+ server 530. The electronic device 101 can check the address of the SM-DP+ server 530 based on the activation code. Meanwhile, the above-mentioned content is merely illustrative, and in another example, the entitlement server 520 does not provide download information instead of notifying the profile preparation status, and terminates the end-end user flow through the JS callback function. may be announced, but there are no restrictions.

According to various embodiments, the SM-DP+ server 530 may prepare a profile in operation 608. For example, when a profile identifier (eg, ICCID) value is transmitted in the profile preparation request, the SM-DP+ server 530 can prepare a profile corresponding to the profile identifier. As another example, if there is no profile identifier, one or more of the profile request type, information on the electronic device 101, eUICC information, and eUICC identifier can be used to distinguish the profiles and specify the profile identifier. Additionally, if the profile preparation request includes an eUICC identifier, the SM-DP+ server 530 may later download and install the specified profile only on the specific eUICC. If the profile preparation request does not include an eUICC identifier, the SM-DP+ server 530 may prepare a profile without associating the specified profile with a specific eUICC, and later receives the eUICC identifier from the electronic device 101. If a suitable request containing is received, the profile may be downloaded by associating it with the corresponding eUICC.

In addition, if there is a profile installation key in the profile preparation request, the SM-DP+ server 530 manages the profile installation key in association with the specific profile, and later downloads the profile using the profile installation key from the electronic device 101. You can also download the specific profile if requested. The profile installation key may also be called an event identifier (EventID), a matching identifier (MatchingID), an activation code, or an activation code token (AC_Token). On the other hand, if the profile preparation request does not include a profile installation key, the SM-DP+ server 530 can directly generate the profile installation key during the profile preparation process, and after the profile preparation, the SM-DP+ server 530 The profile installation key can also be delivered to the entitlement server 520.

According to various embodiments, the SM-DP+ server 530 may transmit profile download information (or profile download-related information) to the entitlement server 520 in operation 610. Delivery of the profile download information may mean registration of the profile download information in the entitlement server 520. The entitlement server 520 may receive profile download information and register the received profile download information. When registered in this way, the profile download information may be stored in the entitlement server 520. For example, the profile download information may include at least one of the address of the SM-DP+ server 530, the profile installation key, and eUICC information. The address of the SM-DP+ server 530 may include at least one of a server address in full qualified domain name (FQDN) format, an address in full uniform resource locator (URL) format, or an Internet protocol (IP) server address. . The eUICC information may be a specific EID or a value or EID provided as a hash function operation result for a specific EID. The hash function operation for the EID refers to the calculation included in the hash operation, for example, performing the EID once with a hash function, performing the EID twice with the hash function, or performing the secret code along with the EID as an argument of the hash function. You can also add information. The secret code may be a value delivered to the user.

According to various embodiments, the electronic device 101 performs an eSIM profile download function before receiving a push message indicating that the profile is ready (or without receiving a push message indicating that the profile is ready) in operation 612, which will be described later. You can also request profile download through the SIM card management screen. For example, the electronic device 101 may transmit a profile confirmation request message to the SM-DP+ server 530 as a menu for adding a profile is selected. Meanwhile, in another example, the electronic device 101 may perform timer-based polling (eg, based on expiration of a specific timer). According to various embodiments, when the address of the SM-DP+ server 530 is not confirmed in the electronic device 101 (e.g., the memory of the electronic device 101 (e.g., the memory 130 of FIG. 1)), the SM -If the address of the DP+ server 530 is not stored), the electronic device 101 may request profile download information from the entitlement server 520. The entitlement server 520 may transmit profile download information to the electronic device 101 in response to the request. Profile download information transmitted from the entitlement server 520 to the electronic device 101 may include the address of the SM-DP+ server 530. According to various embodiments, the electronic device 101 may request a profile from the SM-DP+ server 530 based on the address of the SM-DP+ server 530. According to various embodiments, when the profile is ready in the SM-DP+ server 530, the profile can be downloaded from the SM-DP+ server 530 even before receiving the push message.

According to various embodiments, when the profile download information is delivered or registered in the entitlement server 520 in operation 610, the profile download information may be delivered to the electronic device 101 connected to the eUICC corresponding to the eUICC information. there is. For example, the entitlement server 520 of the communication service provider server 500 may transmit profile download information to the electronic device 101 through a push message in operation 612. For example, the entitlement server 520 may deliver the push message to the electronic device 101 through a web push server (not shown). According to various embodiments, the push message may be implemented in the form shown in <Table 1> below.

{
"data":
{
"app": "PrimaryDevice",
"notifEvent": "{Push Behavior key value}",
"downloadInfo":"{downloadInfo value}",
"timestamp": "{time stamp value}"
}
}

In Table 1 above, “downloadInfo” may mean the address or activation code of the SM-DP+ server 530 (e.g., SM-DP+ 220). According to various embodiments, in <Table 1> above, “notifEvent” may include information or an identifier indicating a state in which a profile is ready or a state in which the profile is ready for download (e.g., “READY_TO_DOWNLOAD_PROFILE”).

According to various embodiments, when the communication service provider server 500 provides a profile through a plurality of SM-DP+ servers 530, the address of the SM-DP+ server 530 may not be included in the push message. For example, the address of the SM-DP+ server 530 is not stored in the memory of the electronic device 101 (e.g., memory 130 in FIG. 1), or the address of the SM-DP+ server 530 is not included in the push message. If not included, or if the address of the SM-DP+ server 530 is not included in the callback message indicating the profile readiness status notification in operation 606, the electronic device 101 may call the entitlement server 520 in operation 614. Low profile download information (eg, information corresponding to the address of the SM-DP+ server 530) may be requested. The entitlement server 520 may transmit profile download information to the electronic device 101 in operation 616 in response to the request. The profile download information transmitted from the entitlement server 520 to the electronic device 101 is information corresponding to the address of the SM-DP+ server 530 (e.g., server address in FQDN format, address in Full URL format) , or IP server address, activation code).

According to various embodiments, in operation 618, the electronic device 101 requests a profile from the SM-DP+ server 530 using the address and profile installation key of the SM-DP+ server 530 included in the profile download information. You can. The electronic device 101 may obtain an IP address from a domain name server using the FQDN address of the profile providing server included in the profile download information and request provision of a profile to the corresponding IP address. According to various embodiments, the electronic device 101 may directly transmit the profile installation key to the SM-DP+ server 530, or install the profile after authenticating the SM-DP+ server 530 through the authentication server 540. The key may be provided to the SM-DP+ server 530.

According to various embodiments, the SM-DP+ server 530 may perform an authentication process and then download the profile to the electronic device 101 in operation 620. The electronic device 101 may download and install the profile on the eSIM 201 (eg, eUICC) in operation 622. The electronic device 101 may activate the profile after installing the profile. Through profile activation, a subscription, opening, or line transfer procedure for using a communication service by downloading a profile to the electronic device 101 may be completed. The electronic device 101 can use the mobile communication network after authentication with the mobile communication system using the profile installed on the eSIM 201.

FIG. 7 illustrates a flowchart for explaining a method of operating an electronic device according to various embodiments.

According to various embodiments, the electronic device 101 (e.g., the processor 120 of FIG. 1) moves (or moves a line) the first profile stored in the eUICC to an external electronic device in operation 701. Based on confirmation of at least one first user input causing , a first message requesting movement of the first profile (or line) to an external electronic device may be transmitted. For example, the electronic device 101 may transmit the first message to an entitlement server including the web server 510 (eg, the entitlement server 520 of FIG. 5). Alternatively, if the entitlement server 520 and the web server 510 are implemented independently, the electronic device 101 may transmit the first message to the web server 510, but there is no limitation. For example, the electronic device 101 may provide at least one UI for causing a profile movement, and may receive at least one first user input through at least one UI. Examples of UI will be described later, and there is no limit to the types. The UI may include information to move the first profile, or it may include information to move the line for the user's intuitive recognition. Meanwhile, before transmitting at least a portion of at least one first message to the entitlement server 520, the electronic device 101 performs an authentication procedure, eligibility check, and subscription-related operations (e.g., You can also perform at least one more of: ManageSubscription). The entitlement server 520 may request a new line from BSS/OSS (eg, BSS/OSS 550 in FIG. 5) based on reception of the first message. The BSS/OSS 550 may request a new profile based on the ICCID currently being used in the electronic device 101 from the SM-DP+ server 530 through the ES2+ interface. The SM-DP+ server 530 can provide the response currently being used by ICCID to the BSS/OSS 550. The BSS/OSS 550 may request the entitlement server 520 to delete the ICCID based on the response.

According to various embodiments, the electronic device 101, in operation 703, based on receiving a second message requesting deletion of the first profile corresponding to the first message from the entitlement server 520, the first You can delete a profile. As described above, the BSS/OSS 550 may request deletion of the ICCID from the entitlement server 520, and the entitlement server 520 may request deletion of the first profile based on the request. A message can be transmitted to the electronic device 101. The second message may include the ICCID to be deleted, and the electronic device 101 may delete the first profile corresponding to the ICCID. Meanwhile, those skilled in the art will understand that ICCID is an example and that there are no restrictions on the profile identifier.

According to various embodiments, the electronic device 101 may transmit a third message indicating deletion of the first profile to the SM-DP+ server 530 in operation 705. The third message may include information on the result of profile deletion, or at least part of the identification information in the third message may be managed by the SM-DP+ server 530 as indicating profile deletion. The SM-DP+ server 530 may notify the BSS/OSS 550 of deletion of the first profile based on confirmation of deletion of the first profile. Based on confirmation of deletion of the first profile, the BSS/OSS 550 may request a new profile from the SM-DP+ server 530. For example, the BSS/OSS 550 may request the SM-DP+ server 530 for a new profile that specifies the ICCID of the first profile. When preparation (or preparation for download) of the first profile is completed, the SM-DP+ server 530 may notify the BSS/OSS 550 that preparation (or preparation for download) of the first profile is complete. The BSS/OSS 550 may notify the entitlement server 520 that preparation (or preparation for download) of the first profile is complete.

According to various embodiments, in operation 707, the electronic device 101 sends a fourth message indicating that the preparation for downloading the first profile is completed from the SM-DP+ server 530, which has received the third message, to the entitlement server. You can receive it from (520). As described above, when the BSS/OSS 550 notifies that preparation (or preparation for download) of the first profile is complete, the entitlement server 520 transmits a fourth message to the electronic device 101. can do.

According to various embodiments, the electronic device 101 may transmit a fifth message for requesting download information to the entitlement server 520 based on the fourth message in operation 709. The entitlement server 520 may provide a sixth message including download information in response to the fifth message. The electronic device 101 may receive a sixth message including download information corresponding to the fifth message in operation 711. The electronic device 101 may provide the download information confirmed based on the sixth message in operation 713. In one example, the electronic device 101 may output download information or information confirming the download information (eg, QR code) through the display module 160. In one example, the electronic device 101 may provide download information or information that can confirm the download information to an external electronic device with which a communication connection has been established through a communication connection. Meanwhile, there are no restrictions on the method of providing download information. The external electronic device can check the provided download information (or information that can confirm the download information). For example, when the electronic device 101 displays a QR code, the user can photograph the QR code using the camera of the external electronic device, and the external electronic device can check download information based on the QR code. . For example, an external electronic device may check download information based on information received through a communication connection. The external electronic device may activate the first profile based on download information. Accordingly, the first profile stored in the electronic device 101 may be deleted, and the corresponding first profile may be activated in the external electronic device, which may be called profile reuse, profile movement, or line movement.

8A and 8B show flowcharts for explaining a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.

According to various embodiments, the electronic device 101 (e.g., the processor 120 of FIG. 1) may, in operation 801, check the user input that causes the first profile to move. . For example, the electronic device 101 may provide a UI for causing profile movement (or line movement) and may receive user input through the UI. The UI may include information to move the first profile, or it may include information to move the line for the user's intuitive recognition. Based on the user input, the electronic device 101 may perform an authentication procedure with the entitlement server 520 in operation 803. For example, the electronic device 101 may perform EAP-AKA (Extensible Authentication Protocol-Authentication and Key Agreement)-based authentication, but there is no limitation. EAP-AKA is an EAP mechanism for authentication and session key distribution using SIM, and can follow RFC 4187, for example, but is not limited. When the authentication process is completed, the electronic device 101 may request an eligibility check (CheckEligibility). A request for qualification testing can be sent by GET method or POST method. For example, the electronic device 101 may be configured according to the standard document TS. According to the on-device service activation (ODSA) procedure disclosed at 43, a request message can be sent to the entitlement server 520, including any one of the ODSA operations shown in Table 2 below.

ODSA operation explanation CheckEligibility To verify if end-user is allowed to invoke the ODSA application Manage Subscription To request for subscription-related action on a primary or companion device. ManageService To activate / deactivate the service on the primary or companion device. AcquireConfiguration To provide service-related data about a primary or companion device AcquirePlan To request available plans to be offered by the MNO to a specific user or MDM

Referring to <Table 2>, the electronic device 101 generates a standard document TS in operation 805. According to the procedure disclosed in 43, an eligibility check can be requested by transmitting a request message including “CheckEligibility” as operation information to the entitlement server 520. According to various embodiments, the request message for the eligibility check may further include identification information (eg, IMEI, UUID) or an authentication token of the electronic device 101. Meanwhile, although not shown, the entitlement server 520 may transmit a profile query to the BSS/OSS 550. The profile query may include subscription identification information (eg, “SubscriptionID”). The BSS/OSS 550 may transmit a profile response corresponding to the profile query to the entitlement server 520. The entitlement server 520 may transmit a 200 OK message to the electronic device 101 in operation 807. For example, if the qualification test is completed normally, the 200 OK message may include information of “enabled”.

According to various embodiments, the electronic device 101 may transmit a subscription-related operation request message to the entitlement server 520 in operation 809. The subscription-related operation request message may include information in “ManageSubscription” for requesting a line-related operation in Table 2. The subscription-related operation request message may further include identification information (eg, IMEI, UUID) or an authentication token of the electronic device 101. According to various embodiments, the subscription-related operation request message may further include type information in Table 3 below as parameter information.

Parameter type Values explanation Operation type Integer 0-SUBSCRIBE to activate a subscription for the eSIM device. 1-UNSUBSCRIBE to cancel a subscription for the eSIM device. 2-CHANGE SUBSCRIPTION to manage an existing subscription on the eSIM device. 3-TRANSFER SUBSCRIPTION to transfer a subscription from an existing device (with physical SIM or eSIM) to the eSIM device 4-UPDATE SUBSCRIPTION to inform the network of a subscription update on the eSIM device

Referring to <Table 3>, the subscription-related operation request message including "ManageSubscription" as operation information in <Table 2> includes "SUBSCRIBE", "UNSUBSCRIBE", "CHANGE SUBSCRIPTION", "TRANSFER SUBSCRIPTION", " It may contain at least one parameter among “UPDATE SUBSCRIPTION”. The electronic device 101 may transmit a subscription-related request message including a value of “3-TRANSFER SUBSCRIPTION” among the types in Table 3 to the entitlement server 520. “TRANSFER SUBSCRIPTION” may be a request to transfer subscription information existing in the eSIM to an external electronic device or another eSIM. Meanwhile, although not shown, the entitlement server 520 may transmit a subscription query to the BSS/OSS 550. Subscription queries may include subscription identification information (e.g. "SubscriptionID") or IMEI. BSS/OSS 550 may transmit a subscription response message to the entitlement server 520 in response to receiving the subscription query. According to various embodiments, the subscription response message may include address information (eg, URL information) that can access the web server 510. In response to receiving the subscription response message, the entitlement server 520 may transmit a response message (eg, a “200 OK” message) to the subscription-related operation request to the electronic device 101 in operation 811.

According to various embodiments, the response message to the subscription-related operation request may further include subscription result (“SubscriptionResult”) information shown in Table 4 below as parameter information.

Parameter type Values explanation SubscriptionResult Integer 1-CONTINUE TO WEBSHEET Indicates that end-user must go through the subscription web view procedure, using information included below. 2-DONWLOAD PROFILE Indicates that a communication profile must be downloaded by the eSIM device, with further information included in response 3-DONE Indicates that subscription flow has ended and the end-user has already downloaded the profile so there is no need to perform any other action.This value is only present as part of the ManageSubscription request where operation_type="4 ? UPDATE SUBSCRIPTION" 4-DELAYED DOWNLOAD Indicates that a profile is not ready to be downloaded when a user request to transfer subscription or to add the new subscription through native UX on the eSIM device. 5 - DISMISS Indicates that subscription flow has ended without completing the ODSA procedure. An eSIM profile is not available. 6 - DELETE PROFILE IN USE Indicates that the profile in use needs to be deleted to complete the subscription transfer.

According to various embodiments, referring to <Table 4> above, a response message (e.g., a “200 OK” message) to a subscription-related operation request includes “CONTINUE TO WEBSHEET”, “DOWNLOAD PROFILE”, “DONE”, and “DELAYED”. DOWNLOAD" may include at least one parameter. For example, the 200 OK message may include “CONTINUE TO WEBSHEET” and may include address information accessible to the web server 510 (e.g., SubscriptionURL) and/or user-related data (e.g., SubscriberData). You can. Meanwhile, in another example, “6-DELETE PROFILE IN USE” may be used, which will be described with reference to FIG. 15. In operation 813, the electronic device 101 may perform connection using accessible address information (eg, SubscriptionURL) and/or user-related data (eg, SubscriberData). By performing a connection, the electronic device 101 can obtain a business web page and provide (eg, display) it. After providing (e.g., displaying) a UI (e.g., a business web page), the electronic device 101 may check a user input indicating a profile movement (or line movement). The UI may include, for example, an object to confirm the movement of a profile (or line), but there is no limitation. Based on confirmation of the user input, the electronic device 101 may request the entitlement server 520, including the web server 510, to move the profile (or line), for example, in operation 815. . Meanwhile, if the web server 510 is implemented independently from the entitlement server 520, the electronic device 101 may request the web server 510 to move a profile (or line). The entitlement server 520 (or web server 510) may transmit an Activation Subscription message to the BSS/OSS 550 in operation 817. The Activation Subscription message may be named, for example, new subscription request. For example, the Activation Subscription message may include information requesting that the electronic device 101 move a profile. The BSS/OSS 550 may request a new profile from the SM-DP+ server 530 through the ES2+ interface in operation 819. The request for a new profile may include an ICCID (eg, the ICCID in use in the electronic device 101), but there is no limitation on the identifier of the profile. The SM-DP+ server 530 can confirm that the ICCID is already in use, and accordingly can provide the DownloadOrder Specific Status Code to the BSS/OSS (550). For example, the SM-DP+ server 530 may confirm that the ICCID is already in use based on a request for a new profile of the same ICCID being received, even though the profile has not been deleted after being provided, as shown in FIG. 6 . DownloadOrder Specific Status Code may include information, for example, Subject code: 8.2.1, subject: ICCID, Reason code: 3.3, Reason: Already in Use, which means that the profile identified by the provided ICCID can be used. It can indicate none.

According to various embodiments, the BSS/OSS 550 may confirm that deletion of the ICCID is required based on receipt of the DownloadOrder Specific Status Code from the SM-DP+ server 530. For example, the BSS/OSS 550 may confirm that deletion of the ICCID of the profile for which movement is requested is required based on the fact that the ICCID is already in use. The BSS/OSS 550 may provide the Activation Subscription Answer to the entitlement server 520 in operation 823. The Activation Subscription Answer may include information indicating that a specific ICCID is required to be deleted (e.g., “NeedToDelete ICCID”). The entitlement server 520 can confirm that deletion of a specific ICCID is required based on the Activation Subscription Answer. The entitlement server 520 may transmit a JS callback message indicating deletion of the ICCID to the electronic device 101 in operation 825. For example, the JS callback message may include information that deletion of the ICCID is requested (e.g., “deleteICCID”) and/or the value of the ICCID for which deletion is requested. The electronic device 101 may delete the profile of the corresponding ICCID in operation 827, based on the JS callback message. In one example, the electronic device 101 may delete the profile based on receipt of a JS callback message. In another example, the electronic device 101 may provide (for example, display) a UI for inquiring whether to delete a profile and/or receiving confirmation based on reception of a JS callback message. The electronic device 101 may delete the profile based on confirmation of a user input indicating deletion of the profile through the UI.

Referring to FIG. 8B, in operation 829, the electronic device 101 may transmit HandleNotification to the SM-DP+ server 530, for example, through an ES9+ interface. HandleNotification may include the profile deletion result (e.g., ProfileDeletionResult). The SM-DP+ server 530 can confirm that the profile of a specific ICCID is deleted based on the information included in HandleNotification. The SM-DP+ server 530 may transmit an OK message corresponding to HandleNotification to the electronic device 101 in operation 831. In operation 833, the SM-DP+ server 530 may transmit a HandleNotification indicating that the corresponding profile is deleted to the BSS/OSS 550, for example, through the ES+2 interface. BSS/OSS 550 can confirm that the corresponding profile is deleted based on HandleNotification. Based on confirmation of deletion of the profile, the BSS/OSS 550 may request a new profile from the SM-DP+ server 530, for example, through the ES2+ interface, in operation 835. A new profile request may include a previously deleted ICCID, but this is an example and there is no limit to the profile identifier. The SM-DP+ server 530 may prepare a profile of the corresponding ICCID based on the new profile request. When the preparation of the profile of the corresponding ICCID is completed, the SM-DP+ server 530 may transmit the ICCID of the prepared profile to the BSS/OSS 550 in operation 837, for example, through the ES2+ interface. BSS/OSS 550 may transmit Subscription Status Updated to entitlement server 520 in operation 839. Subscription Status Updated may also be named active subscription answer and may include profile information, for example. The entitlement server 520 may transmit a push notification to the electronic device 101 in operation 841. Push notification may include, for example, profile information. The electronic device 101 may transmit AquireConfiguration to the entitlement server 520 in operation 843, based on reception of the push notification. AquireConfiguration may be, for example, a message requesting profile download information, but there is no limitation. The entitlement server 520 may transmit 200 OK to the electronic device 101 in operation 845. 200 OK may include, for example, download information. Meanwhile, in another example, the electronic device 101 may check download information in the push notification received in operation 841, and in this case, operations 843 and/or 845 may not be performed. The electronic device 101 may perform an operation to provide download information in operation 847. The external electronic device 800 may obtain download information in operation 849. In one example, the electronic device 101 may output (e.g., display) download information or information that can confirm the download information (e.g., QR code). For example, the user can check the download information (or information mapped to the download information) displayed on the electronic device 101 and input it into the external electronic device 800, and accordingly, the external electronic device (800) 800) can obtain download information. Alternatively, the user can use the camera of the external electronic device 800 to photograph the QR code displayed on the electronic device 101, and the external electronic device 800 uses the captured image of the QR code to provide download information. can be obtained. In another example, the electronic device 101 may provide download information or information that can confirm the download information to the external electronic device 800 through a communication connection. The external electronic device 800 may obtain download information based on a communication signal received through a communication connection. Meanwhile, there is no limitation to the method in which the electronic device 101 provides download information and/or the method in which the external electronic device 800 obtains download information. The external electronic device 800 may perform an operation to obtain a profile (eg, Get Communication profile) in operation 851 using the download information, for example, through an ES9+ interface. The external electronic device 800 may activate the acquired profile in operation 853. Accordingly, the profile of the specific ICCID may be deleted from the electronic device 101, the profile of the specific ICCID may be activated in the external electronic device 800, and the profile of the specific ICCID may be moved (or line moved). .

Figure 9 shows a flowchart for explaining a method of operating an operator server according to various embodiments.

According to various embodiments, the operator server (e.g., BSS/OSS 550 of FIG. 5), in operation 901, receives a new profile from the entitlement server (e.g., entitlement server 520 of FIG. 5). Requests can be received. For example, as described with reference to FIG. 8A, the entitlement server 520 may transmit a new profile to the BSS/OSS 550 using activation subscription. The new profile request may include, for example, information associated with the movement of the profile (or line). Accordingly, the operator server can confirm that the request for a new profile is for movement of the profile (or line). In operation 903, the operator server may request a new profile from the SM-DP+ server 530, for example, through the ES2+ interface, based on receipt of the new profile request. A request for a new profile may include a specific ICCID, but there is no limit to the profile identifier. In operation 905, the operator server may confirm that the DownloadOrder Specific Status Code received from the SM-DP+ server 530 is Already in Use. For example, the operator server can confirm that the corresponding ICCID is already in use. The operator server, in operation 907, may check whether the new profile request is associated with a profile move. If the new profile request is associated with profile movement (907-Yes), the operator server may provide a profile deletion command of a specific ICCID to the entitlement server 520 in operation 909. If the new profile request is associated with profile movement (907-No), the operator server may terminate the operation or, for example, determine that there is an error in the management of the profile of a specific ICCID, but there is no limitation.

FIG. 10A is a diagram for explaining a screen displayed on an electronic device according to various embodiments. For example, the electronic device 101 may display a screen 1010 that includes information 1011 associated with an inserted SIM and information 1012 associated with an activated profile. When designation 1013 (eg, touch input) of an area where information 1012 related to the activated profile is displayed is confirmed, the electronic device 101 may provide detailed information related to the profile. FIG. 10B is a diagram for explaining a screen displayed on an electronic device according to various embodiments. For example, the electronic device 101 may provide the screen 1020 based on the designation 1013 on the screen 1010 of FIG. 10A. The screen 1020 may include detailed information about the designated profile (1013) and/or information related to the control function. The screen 1020 may include, for example, an area 1021 that causes profile (or line) movement to an external electronic device. Based on the area 1021 being designated 1022, the electronic device 101 may perform, for example, authentication, eligibility check, and/or subscription-related operations. Meanwhile, as described with reference to FIG. 8A, the electronic device 101 can display a business page from the web server 510. FIG. 10C is a diagram for explaining a screen displayed on an electronic device according to various embodiments. For example, the electronic device 101 may display the screen 1030 as a business page from the web server 510. The screen 1030 may include a text 1031 to inquire about moving the profile, a button 1032 for confirmation, and a button 1033 for rejection. For example, if the button 1033 for rejection is designated, the electronic device 101 may stop moving the profile. For example, when button 1032 is designated, electronic device 101 moves the profile to entitlement server 520 including web server 510 (or web server 510 in case of independent implementation). You can send a message requesting . Afterwards, as described above, activation subscription is transmitted from the entitlement server 520 to the BSS/OSS (e.g., BSS/OSS (550)), and from the BSS/OSS (550) to the SM-DP+ server (e.g., SM-DP+ server) New profile request to (530)), transmission of DownloadOrder Specific Status Code from SM-DP+ server 530 to BSS/OSS (550), transmission of profile deletion request from BSS/OSS (550) to entitlement server 520 This can be done. The entitlement server 520 may transmit a JS callback message to the electronic device 101 requesting deletion of a profile of a specific ICCID. The electronic device 101 may display the screen 1040 of FIG. 10D based on reception of the JS callback message. The screen 1040 may include text about deletion of a specific profile (eg, %s) and a button 1041 for confirming it. When the button 1041 is designated, the electronic device 101 can delete a specific profile. The electronic device 101 may notify the SM-DP+ server 530 of the deletion of a specific profile. The electronic device 101 may display, for example, a screen 1050 as shown in FIG. 10E. The screen 1050 may include a button 1051 along with a message indicating that the current profile is being prepared. When it is confirmed that the button 1051 is designated, the electronic device 101 requests information about the profile readiness status from the entitlement server 520 and/or SM-DP+ server 530, and a response is received. If so, information about the profile preparation status may be provided. Thereafter, the electronic device 101 may receive a push notification from the entitlement server 520 indicating that the preparation of the profile in the SM-DP+ server 530 is complete, as described in FIG. 8B. Based on reception of the push notification, the electronic device 101 may display, for example, the screen 1060 of FIG. 10F. The screen 1060 may include text 1061 indicating that the profile is ready and a button 1062 for proceeding to the next step. When the button 1062 is designated, the electronic device 101 may obtain download information, for example, from the entitlement server 520. The electronic device 101 may display a screen 1070 including a QR code 1071 corresponding to download information, as shown in FIG. 10G, for example. As described above, the user can capture an image including the QR code 1071 of the electronic device 1010 using the external electronic device 800. Accordingly, the external electronic device 800 may obtain download information based on the image including the QR code 1071 and download the profile from the SM-DP+ server 530 based on this.

FIG. 11 illustrates a flowchart illustrating a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.

According to various embodiments, the electronic device 101 (eg, the processor 120 of FIG. 1) may delete the profile in operation 1101. For example, as described in FIG. 8A, the electronic device 101 may delete a profile based on a profile deletion request from the entitlement server 520. The electronic device 101 may transmit HandleNotification to the SM-DP+ server 530 in operation 1103. HandleNotification may include information about the profile deletion result (e.g., ProfileDeletionResult). The SM-DP+ server 530 may transmit OK to the electronic device 101 in operation 1105. In contrast to FIG. 8B, in the embodiment of FIG. 11 an interface may be provided between the entitlement server 520 and the SM-DP+ server 530. Accordingly, the SM-DP+ server 530 may transmit a Notify ProfileDeletionResult indicating the result of profile deletion to the entitlement server 520 in operation 1107. Based on receipt of Notify ProfileDeletionResult, the entitlement server 520 may request Activation Subscription, for example, a new profile, from the BSS/OSS 550 in operation 1109. The BSS/OSS 550 may request a new profile from the SM-DP+ server 530 in operation 1111, based on receipt of the Activation Subscription. The SM-DP+ server 530 may prepare a profile of the corresponding ICCID based on the new profile request. When the preparation of the profile of the corresponding ICCID is completed, the SM-DP+ server 530 may transmit the ICCID to the BSS/OSS 550 in operation 1113, for example, through the ES2+ interface. BSS/OSS 550 may transmit Subscription Status Updated to entitlement server 520 in operation 1115. The entitlement server 520 may transmit a push notification to the electronic device 101 in operation 1117. Push notification may include, for example, profile information. The electronic device 101 may transmit AquireConfiguration to the entitlement server 520 in operation 1119, based on reception of the push notification. AquireConfiguration may be, for example, a message requesting profile download information, but there is no limitation. The entitlement server 520 may transmit 200 OK to the electronic device 101 in operation 1121. 200 OK may include, for example, download information (e.g., dwonloadinfo=profileActivationCode=<ActivationCode>). The electronic device 101 may perform an operation to provide download information in operation 1123. The external electronic device 800 may obtain download information in operation 1125. The external electronic device 800 may perform an operation to obtain a profile (eg, Get Communication profile) in operation 1127 using the download information, for example, through an ES9+ interface. The external electronic device 800 may activate the acquired profile in operation 1129.

12A and 12B show flowcharts for explaining a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.

According to various embodiments, the electronic device 101 (e.g., the processor 120 of FIG. 1), in operation 1201, causes the first profile stored in the external electronic device 1200 to be moved to the electronic device. You can check user input. For example, it is assumed that the first profile may be stored in the external electronic device 1200, but the first profile is not stored in the electronic device 101. For example, the electronic device 101 may provide (eg, display) a UI to explain the purpose of “moving a profile from another electronic device to the current electronic device.” The electronic device 101 may check a user input that causes movement of the first profile stored in the external electronic device to the electronic device 101 through the UI. According to various embodiments, the electronic device 101 may display an additional UI for selecting one of a plurality of business operators and may obtain additional user input for selecting a business operator. Based on the user input, the electronic device 101 may perform an authentication procedure with the entitlement server 520 in operation 1203. The electronic device 101 may perform OPEN ID-based authentication and/or SMS-OTP-based authentication. Once the authentication process is completed, the electronic device 101 and/or the entitlement server 520 can confirm the user to whom the profile (or line) is being moved, and/or use the profile identifier associated therewith (e.g., ICCID ) can be confirmed.

According to various embodiments, the electronic device 101 may request an eligibility check from the entitlement server 520 in operation 1205. The entitlement server 520 may transmit a 200 OK message to the electronic device 101 in operation 1207. For example, if the qualification test is completed normally, the 200 OK message may include information of “enabled”. The electronic device 101 may transmit a subscription-related operation request message to the entitlement server 520 in operation 1209. The subscription-related operation request message may include information in “ManageSubscription” for requesting a line-related operation in Table 2. The electronic device 101 may transmit a subscription-related request message including a value of “3-TRANSFER SUBSCRIPTION” among the types in Table 3 to the entitlement server 520. In response to receiving the subscription response message, the entitlement server 520 may transmit a response message (eg, a “200 OK” message) to the subscription-related operation request to the electronic device 101 in operation 1211. For example, the 200 OK message may include “CONTINUE TO WEBSHEET,” address information (e.g., SubscriptionURL) reachable by a web server (e.g., web server 510 of FIG. 5), and/or user-related data. (For example, SubscriberData) may be included. In operation 1213, the electronic device 101 may perform connection using accessible address information (eg, SubscriptionURL) and/or user-related data (eg, SubscriberData). By performing a connection, the electronic device 101 can obtain a business web page and provide (eg, display) it. After providing (e.g., displaying) a UI (e.g., a business web page), the electronic device 101 may check a user input indicating a profile movement (or line movement). The UI may include, for example, an object to confirm the movement of a profile (or line), but there is no limitation. Based on the user input being confirmed, the electronic device 101, in operation 1215, sends a profile (or , line) can be requested to move. The entitlement server 520 may transmit an Activation Subscription message to the BSS/OSS 550 in operation 1217. For example, the Activation Subscription message may include information requesting that the electronic device 101 move a profile. The BSS/OSS 550 may request a new profile from the SM-DP+ server 530 through the ES2+ interface in operation 1219. The request for a new profile may include an ICCID (eg, the ICCID in use in the electronic device 101), but there is no limitation on the identifier of the profile. The SM-DP+ server 530 can confirm that the ICCID is already in use, and accordingly can provide the DownloadOrder Specific Status Code to the BSS/OSS (550). For example, the SM-DP+ server 530 may confirm that the ICCID is already in use based on a request for a new profile of the same ICCID being received, even though the profile has not been deleted after being provided, as shown in FIG. 6 . DownloadOrder Specific Status Code may include information, for example, Subject code: 8.2.1, subject: ICCID, Reason code: 3.3, Reason: Already in Use, which means that the profile identified by the provided ICCID can be used. It can indicate none.

According to various embodiments, the BSS/OSS 550 may confirm that deletion of the ICCID is required based on receipt of the DownloadOrder Specific Status Code from the SM-DP+ server 530. For example, the BSS/OSS 550 may confirm that deletion of the ICCID of the profile for which movement is requested is required based on the fact that the ICCID is already in use. The BSS/OSS 550 may provide the Activation Subscription Answer to the entitlement server 520 in operation 1223. The Activation Subscription Answer may include information indicating that a specific ICCID is required to be deleted (e.g., “NeedToDelete ICCID”). The entitlement server 520 can confirm that deletion of a specific ICCID is required based on the Activation Subscription Answer. The entitlement server 520 may transmit a JS callback message indicating that deletion of the ICCID is requested to the electronic device 101 in operation 1225. For example, the JS callback message may include information that deletion of the ICCID is requested (e.g., “deleteICCID”) and/or the value of the ICCID for which deletion is requested. Based on the JS callback message, the electronic device 101 may perform an operation related to inducing deletion of the profile of the corresponding ICCID in operation 1227. In one example, the electronic device 101 may display text indicating that a profile on the external electronic device 1200 is requested to be deleted. In another example, the electronic device 101 may transmit a communication signal indicating a request for deletion of a profile to the external electronic device 1200 through a communication connection.

Referring to FIG. 12B, the external electronic device 1200 may delete the first profile in operation 1228. For example, the user checks the text displayed on the electronic device 101 (e.g., text indicating that the profile of the corresponding ICCID is requested to be deleted) and operates the external electronic device 1200 based on this. 1 You can delete a profile. The external electronic device 1200 may delete the first profile based on a user input that causes profile deletion. Alternatively, the external electronic device 1200 may receive a communication signal indicating that deletion of the profile is requested from the electronic device 101 through a communication connection. The external electronic device 1200 may delete the first profile based on the communication signal. In operation 1229, the external electronic device 1200 may transmit HandleNotification to the SM-DP+ server 530, for example, through an ES9+ interface. HandleNotification may include the profile deletion result (e.g., ProfileDeletionResult). The SM-DP+ server 530 can confirm that the profile of a specific ICCID is deleted based on the information included in HandleNotification. The SM-DP+ server 530 may transmit an OK message corresponding to HandleNotification to the electronic device 101 in operation 1231. In operation 1233, the SM-DP+ server 530 may transmit a HandleNotification indicating that the corresponding profile is deleted to the BSS/OSS 550, for example, through the ES+2 interface. BSS/OSS 550 can confirm that the corresponding profile is deleted based on HandleNotification. Based on confirmation of deletion of the profile, the BSS/OSS 550 may request a new profile from the SM-DP+ server 530 in operation 1235, for example, through the ES2+ interface. A new profile request may include a previously deleted ICCID, but this is an example and there is no limit to the profile identifier. The SM-DP+ server 530 may prepare a profile of the corresponding ICCID based on the new profile request. When the preparation of the profile of the corresponding ICCID is completed, the SM-DP+ server 530 may transmit the ICCID to the BSS/OSS 550 in operation 1237, for example, through the ES2+ interface. BSS/OSS 550 may transmit Subscription Status Updated to entitlement server 520 in operation 1239. Subscription Status Updated may also be named active subscription answer and may include profile information, for example. The entitlement server 520 may transmit a push notification to the electronic device 101 in operation 1241. Push notification may include, for example, profile information. The electronic device 101 may transmit AquireConfiguration to the entitlement server 520 in operation 1243, based on reception of the push notification. AquireConfiguration may be, for example, a message requesting profile download information, but there is no limitation. The entitlement server 520 may transmit 200 OK to the electronic device 101 in operation 1245. 200 OK may include, for example, download information (e.g., dwonloadinfo=profileActivationCode=<ActivationCode>), which may be download information, for example. Meanwhile, in another example, the electronic device 101 may check download information in the push notification received in operation 1241, and in this case, operations 1243 and/or 1245 may not be performed. In operation 1247, the electronic device 101 may perform an operation to obtain a profile (eg, Get Communication profile) through, for example, an ES9+ interface. The electronic device 101 may activate the acquired profile in operation 1249. Accordingly, the profile of the specific ICCID may be deleted from the external electronic device 1200, the profile of the specific ICCID may be activated in the electronic device 101, and the profile movement (or line movement) of the specific ICCID may be performed. .

FIG. 13A is a diagram for explaining a screen displayed on an electronic device according to various embodiments. For example, the electronic device 101 may display a screen 1310 including an area 1311 that causes the profile stored in the external electronic device to be moved to the electronic device 101. When the designation 1312 for the area 1311 is confirmed, the electronic device 101 may display a screen 1320 as shown in FIG. 13B for selecting a carrier. When it is confirmed that the area 1321 for selecting a specific carrier (e.g., Carrier name_3) is designated 1322, the electronic device 101 can perform authentication, eligibility check, and/or subscription-related operations. there is. Meanwhile, as described with reference to FIG. 12A, the electronic device 101 may display a business page from a web server (eg, the web server 510 of FIG. 5). FIG. 13C is a diagram for explaining a screen displayed on an electronic device according to various embodiments. For example, the electronic device 101 may display the screen 1330 as a business page from the web server 510. The screen 1330 may include a text 1331 to inquire about moving the profile, a button 1332 for confirmation, and a button 1333 for rejection. For example, if the button 1333 for rejection is designated, the electronic device 101 may stop moving the profile. For example, when the button 1332 is designated, the electronic device 101 requests the movement of the profile to the entitlement server including the web server 510 (or the web server 510 in case of independent implementation). You can send a message. Afterwards, as described above, activation subscription is sent from the entitlement server 520 to BSS/OSS (e.g., BSS/OSS (550)), and a new profile request is made from BSS/OSS (550) to SM-DP+ server (530). , transmission of the DownloadOrder Specific Status Code from the SM-DP+ server 530 to the BSS/OSS 550, and transmission of a profile deletion request from the BSS/OSS 550 to the entitlement server 520 may be performed. The entitlement server 520 may transmit a JS callback message indicating that the profile of a specific ICCID is requested to be deleted to the electronic device 101. The electronic device 101 may display the screen 1340 of FIG. 13D based on reception of the JS callback message. The screen 1340 may include text about deleting a specific profile (eg, %s) from the existing device and a button 1341 for confirming it. Meanwhile, the electronic device 101 may notify an external electronic device that deletion of the profile is requested based on communication, and in this case, the external electronic device may provide a UI for deleting the profile. When the button 1341 is designated, the electronic device 101 may display a screen 1350 as shown in FIG. 13E. The screen 1350 may include text 1351 to the effect that deletion of the profile from the existing electronic device is requested to complete the profile movement. As described above, the external electronic device 1200 can delete the existing profile. The external electronic device 1200 may notify the SM-DP+ server 530 of the deletion of a specific profile. Thereafter, the electronic device 101 may receive a push notification from the entitlement server 520 indicating that the preparation of the profile in the SM-DP+ server 530 is complete, as described in FIG. 12B. Based on reception of the push notification, the electronic device 101 may display, for example, screen 1360 of FIG. 13F. The screen 1360 may include text 1361 indicating that the profile is ready and a button 1362 for proceeding to the next step. When the button 1362 is designated, the electronic device 101 can obtain download information, for example, from the entitlement server 520. Before downloading a profile based on download information, the electronic device 101 may display a screen 1370 to check whether the profile is downloaded, as shown in FIG. 13G. The screen 1370 may include text asking whether to add a profile and a button 1371 for confirming the addition of the profile. When the button 1371 is designated, the electronic device 101 may perform an operation to obtain a profile (eg, Get Communication profile) through, for example, an ES9+ interface. The electronic device 101 can download the profile from the SM-DP+ server 530.

FIG. 14 illustrates a flowchart illustrating a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.

According to various embodiments, the external electronic device 1200 may delete the profile in operation 1401. The external electronic device 1200 may transmit HandleNotification to the SM-DP+ server 530 in operation 1403. HandleNotification may include information about the profile deletion result (e.g., ProfileDeletionResult). The SM-DP+ server 530 may transmit OK to the electronic device 101 in operation 1405. In contrast to FIG. 12B, in the embodiment of FIG. 14 an interface may be provided between the entitlement server 520 and the SM-DP+ server 530. Accordingly, the SM-DP+ server 530 may transmit a Notify ProfileDeletionResult indicating the result of profile deletion to the entitlement server 520 in operation 1407. Based on receipt of Notify ProfileDeletionResult, the entitlement server 520 may request Activation Subscription, for example, a new profile, from the BSS/OSS 550 in operation 1409. The BSS/OSS 550 may request a new profile from the SM-DP+ server 530 in operation 1411, based on receipt of the Activation Subscription. The SM-DP+ server 530 may prepare a profile of the corresponding ICCID based on the new profile request. When the preparation of the profile of the corresponding ICCID is completed, the SM-DP+ server 530 may transmit the ICCID to the BSS/OSS 550 in operation 1413, for example, through the ES2+ interface. BSS/OSS 550 may transmit Subscription Status Updated to entitlement server 520 in operation 1415. The entitlement server 520 may transmit a push notification to the electronic device 101 in operation 1417. Push notification may include, for example, profile information. The electronic device 101 (e.g., processor 120) may transmit AquireConfiguration to the entitlement server 520 in operation 1419, based on reception of the push notification. AquireConfiguration may be, for example, a profile It may be a message requesting download information, but there is no limitation. The entitlement server 520 may transmit 200 OK to the electronic device 101 in operation 1421. 200 OK may include, for example, download information. (For example, dwonloadinfo=profileActivationCode=<ActivationCode>) may be included, which may be, for example, download information. In operation 1423, the electronic device 101 performs an operation to obtain a profile using the download information. (For example, Get Communication profile) can be performed through, for example, an ES9+ interface. The electronic device 101 can activate the acquired profile in operation 1425.

FIG. 15 is a flowchart illustrating a method of operating at least one entity of an electronic device and/or an operator server according to an embodiment.

According to various embodiments, the electronic device 101 (e.g., the processor 120 of FIG. 1) may, in operation 1501, check the user input that causes the first profile to move. . As described above, for example, the electronic device 101 may provide a UI for causing profile movement (or line movement), may receive user input through the UI, and may implement the UI. There is no limit to Based on the user input, the electronic device 101 may perform an authentication procedure with the entitlement server 520 in operation 1503. For example, the electronic device 101 may perform authentication based on Extensible Authentication Protocol-Authentication and Key Agreement (EAP-AKA), but there is no limitation. When the authentication process is completed, the electronic device 101 may request an eligibility check (CheckEligibility). A request for qualification testing can be sent by GET method or POST method. The electronic device 101 may request an eligibility check by transmitting a request message including “CheckEligibility” as operation information to the entitlement server 520 in operation 1505. As described above, although not shown, the entitlement server 520 may transmit a profile query to the BSS/OSS 550. The BSS/OSS 550 may transmit a profile response corresponding to the profile query to the entitlement server 520. The entitlement server 520 may transmit a 200 OK message to the electronic device 101 in operation 1507. For example, if the qualification test is completed normally, the 200 OK message may include information of “enabled”.

According to various embodiments, the electronic device 101 may transmit a subscription-related operation request message to the entitlement server 520 in operation 1509. The subscription-related operation request message may include information in “ManageSubscription” for requesting a line-related operation in Table 2. The subscription-related operation request message may further include identification information (eg, IMEI, UUID) or an authentication token of the electronic device 101. For example, the electronic device 101 may transmit a subscription-related request message including a value of “3-TRANSFER SUBSCRIPTION” among the types in Table 3 to the entitlement server 520. In operation 1511, the entitlement server 520 may confirm that a profile movement is requested.

According to various embodiments, the entitlement server 520 may transmit an Activation Subscription message to the BSS/OSS 550 in operation 1515 without causing a connection to the web server 510 through the web sheet. For example, the Activation Subscription message may include information associated with the movement of the profile (eg, SubscriptionID, PlanID, but without limitation). The BSS/OSS 550 may request a new profile from the SM-DP+ server 530 through the ES2+ interface in operation 1515. The request for a new profile may include an ICCID (eg, the ICCID in use in the electronic device 101), but there is no limitation on the identifier of the profile. The SM-DP+ server 530 can confirm that the ICCID is already in use, and accordingly can provide the DownloadOrder Specific Status Code to the BSS/OSS (550). For example, the SM-DP+ server 530 may confirm that the ICCID is already in use based on a request for a new profile of the same ICCID being received, even though the profile has not been deleted after being provided, as shown in FIG. 6 . DownloadOrder Specific Status Code may include information, for example, Subject code: 8.2.1, subject: ICCID, Reason code: 3.3, Reason: Already in Use, which means that the profile identified by the provided ICCID can be used. It can indicate none.

According to various embodiments, the BSS/OSS 550 may confirm that deletion of the ICCID is required based on receipt of the DownloadOrder Specific Status Code from the SM-DP+ server 530 in operation 1517. For example, the BSS/OSS 550 may confirm that deletion of the ICCID of the profile for which movement is requested is required based on the fact that the ICCID is already in use. The BSS/OSS 550 may provide the Activation Subscription Answer to the entitlement server 520 in operation 1519. The Activation Subscription Answer may include information indicating that a specific ICCID is required to be deleted (e.g., “NeedToDelete ICCID”). The entitlement server 520 can confirm that deletion of a specific ICCID is required based on the Activation Subscription Answer.

According to various embodiments, the entitlement server 520 may transmit a 200 OK message indicating deletion of the profile ICCID to the electronic device 101 in operation 1521. The 200 OK message may include information of SubscriptionResult=6-DELETE PROFILE IN USE in Table 4 and/or information of the profile to be deleted (eg, ICCID). As described in Table 4, SubscriptionResult=6-DELETE PROFILE IN USE may indicate that the profile currently in use must be deleted in order to move the line. The electronic device 101 may delete the profile in operation 1523, based on information of SubscriptionResult=6-DELETE PROFILE IN USE included in the received 200 OK. Profile download on a new device after operation 1523 may be substantially the same as in FIG. 8B, and thus the description herein is not repeated. As described above, by using the information of SubscriptionResult=6-DELETE PROFILE IN USE, without causing a connection to the web server 510 based on the web sheet, the entitlement server 520 allows the electronic device 101 to: The profile can be deleted without connecting to the web server 510.

FIG. 16A is a flowchart illustrating a method of operating an electronic device according to various embodiments. The embodiment of FIG. 16A will be described with reference to FIG. 16B. FIG. 16B is a diagram for explaining a screen displayed by an electronic device according to various embodiments.

According to various embodiments, the electronic device 101 (e.g., the processor 120) causes movement (or movement of a line) of the first profile stored in the eUICC to an external electronic device in operation 1601. Based on confirmation of at least one first user input, a first message requesting movement of the first profile (or line) to an external electronic device may be transmitted. In operation 1603, the electronic device 101 may delete the first profile based on receiving a second message from the entitlement server 520 requesting deletion of the first profile corresponding to the first message. Here, the second message may be implemented, for example, as a JS callback message as described with reference to FIG. 8A, or as a 200 OK message as described with reference to FIG. 15, but there is no limitation to the implementation. . The second message may include the ICCID to be deleted, and the electronic device 101 may delete the first profile corresponding to the ICCID.

According to various embodiments, the electronic device 101 may provide a screen requesting activation of another communication corresponding to profile deletion in operation 1605. For example, as shown in FIG. 16B, the electronic device 101 displays a screen 1630 (or a pop-up window) containing text indicating that a connection to Wi-Fi is required to transmit a SIM card. You can. Meanwhile, there is no limit to the timing at which the screen 1630 is displayed, and for example, it may be displayed before operation 1601 of FIG. 16A. The screen 1630 may include a button 1631 for confirmation and a button 1632 for moving to Wi-Fi settings. When it is confirmed that the button 1632 for moving to Wi-Fi settings is selected, the electronic device 101 may provide a screen for Wi-Fi settings. As described above, for example, as in operation 829 in FIG. 8B, a HandleNotification containing the result of deleting the profile (e.g., ProfileDeletionResult) must be transmitted, and a connection to Wi-Fi may be required, but this is an example. There are no restrictions on communication methods for data communication. In operation 1607, the electronic device 101 may transmit a third message indicating deletion of the first profile to the SM-DP+ server 530 based on newly connected communication (eg, Wi-Fi). In operation 1609, the electronic device 101 receives a fourth message from the entitlement server 520 indicating that preparation for downloading the first profile is completed in the SM-DP+ server 530 that received the third message. You can. In operation 1611, the electronic device 101 may transmit a fifth message to request download information to the entitlement server 520 based on the fourth message. The entitlement server 520 may provide a sixth message including download information in response to the fifth message. The electronic device 101 may receive a sixth message including download information corresponding to the fifth message in operation 1613. The electronic device 101 may provide the download information confirmed based on the sixth message in operation 1615. In one example, the electronic device 101 may output download information or information confirming the download information (eg, QR code) through the display module 160. Alternatively, when the electronic device 101 establishes a wired and/or wireless communication connection with an external electronic device, the electronic device 101 may provide download information through the established communication connection.

FIG. 17 illustrates a flowchart illustrating a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.

According to various embodiments, the electronic device 101 (e.g., the processor 120 of FIG. 1), in operation 1701, causes a movement of the first profile stored in the external electronic device 1200 to the electronic device. You can check user input. For example, it is assumed that the first profile may be stored in the external electronic device 1200, but the first profile is not stored in the electronic device 101. For example, the electronic device 101 may provide (eg, display) a UI to explain the purpose of “moving a profile from another electronic device to the current electronic device.” The electronic device 101 may check a user input that causes movement of the first profile stored in the external electronic device to the electronic device 101 through the UI. According to various embodiments, the electronic device 101 may display an additional UI for selecting one of a plurality of business operators and may obtain additional user input for selecting a business operator. Based on the user input, the electronic device 101 may perform an authentication procedure with the entitlement server 520 in operation 1703. The electronic device 101 may perform OPEN ID-based authentication and/or SMS-OTP-based authentication. Once the authentication process is completed, the electronic device 101 and/or the entitlement server 520 can confirm the user to whom the profile (or line) is being moved, and/or use the profile identifier associated therewith (e.g., ICCID ) can be confirmed.

According to various embodiments, the electronic device 101 may request an eligibility check from the entitlement server 520 in operation 1705. The entitlement server 520 may transmit a 200 OK message to the electronic device 101 in operation 1707. For example, if the qualification test is completed normally, the 200 OK message may include information of “enabled”. The electronic device 101 may transmit a subscription-related operation request message (eg, a message requesting transmission of a profile) to the entitlement server 520 in operation 1709. In response to receiving the subscription response message, the entitlement server 520 may transmit a response message (eg, a “200 OK” message) to the subscription-related operation request to the electronic device 101 in operation 1711. For example, the 200 OK message may include “CONTINUE TO WEBSHEET,” address information (e.g., SubscriptionURL) reachable by a web server (e.g., web server 510 of FIG. 5), and/or user-related data. (For example, SubscriberData) may be included. In operation 1713, the electronic device 101 establishes a connection to the web server 510 using accessible address information (e.g., SubscriptionURL) and/or user-related data (e.g., UserData). It can be done. By performing a connection, the electronic device 101 can obtain a business web page and provide (eg, display) it. After providing (e.g., displaying) a UI (e.g., a business web page), the electronic device 101 may check a user input indicating a profile movement (or line movement). If confirmation of the user input is provided to the web server 510, the web server 510 may confirm (or confirm) the movement request in operation 1715. The web server 510 may transmit an Activation Subscription message to the BSS/OSS 550 in operation 1717. The BSS/OSS 550 may request a new profile from the SM-DP+ server 530 through the ES2+ interface in operation 1719. The SM-DP+ server 530 can confirm that the ICCID is already in use, and accordingly can provide the DownloadOrder Specific Status Code to the BSS/OSS 550 in operation 1721. For example, the SM-DP+ server 530 may confirm that the ICCID is already in use based on a request for a new profile of the same ICCID being received, even though the profile has not been deleted after being provided, as shown in FIG. 6 . The BSS/OSS 550 may confirm that deletion of the ICCID is requested based on receipt of the DownloadOrder Specific Status Code from the SM-DP+ server 530. For example, the BSS/OSS 550 may confirm that deletion of the ICCID of the profile for which movement is requested is required based on the fact that the ICCID is already in use. The BSS/OSS 550 may provide the Activation Subscription Answer to the entitlement server 520 in operation 1723. The Activation Subscription Answer may include information indicating that a specific ICCID is required to be deleted (e.g., “NeedToDelete ICCID”). The entitlement server 520 may confirm that deletion of a specific ICCID is required based on the Activation Subscription Answer. The entitlement server 520 may transmit a JS callback message indicating that deletion of the ICCID is requested to the electronic device 101 in operation 1725. For example, the JS callback message may include information that deletion of the ICCID is requested (e.g., “deleteICCID”) and/or the value of the ICCID for which deletion is requested. Based on the JS callback message, the electronic device 101 may perform an operation related to inducing deletion of the profile of the corresponding ICCID in operation 1727. For example, as an operation associated with inducing deletion of a profile, the electronic device 101 may display a QR code that causes deletion of the profile. Alternatively, when the electronic device 101 establishes a wired and/or wireless communication connection with an external electronic device, the electronic device 101 provides a request (or command) to delete the profile through the established communication connection. You may. Meanwhile, operations after operation 1727 may be substantially the same as, for example, FIG. 12B, and the description herein is not repeated.

FIG. 18A is a flowchart illustrating a method of operating an external electronic device according to various embodiments. The embodiment of FIG. 18A will be described with reference to FIG. 18B. FIG. 18B is a diagram for explaining a screen displayed by an external electronic device according to various embodiments. The external electronic device 1200 can store a profile that requires movement, and assumes that the electronic device 101 causes, for example, deletion of the profile in operation 1727 through an operation as shown in FIG. 17 . For example, referring to FIG. 18B, the electronic device 101 may display a screen 1850 including a QR code 1851. Screen 1850 may include, but is not limited to, text indicating that a QR code will be scanned and/or that a profile stored within electronic device 101 will be deleted.

According to various embodiments, the external electronic device 1200 may acquire an image including a QR code in operation 1801. For example, the electronic device 101 may display a QR code that causes deletion of the profile, as in operation 1727 of FIG. 17, and the user of the external electronic device 1200 may You can take a picture of the QR code being displayed on the electronic device 101 using . Accordingly, the external electronic device 1200 can acquire an image including a QR code. The external electronic device 1200 may check the profile to be deleted based on analysis of the QR code in operation 1803. For example, the result of analyzing the QR code may include, but is not limited to, the identifier of the profile requiring deletion and/or information indicating that deletion is required. The external electronic device 1200 may delete the confirmed profile to be deleted in operation 1805. The external electronic device 1200 may report profile deletion in operation 1807. For example, the external electronic device 1200 may transmit HandleNotification to the SM-DP+ server 530, for example, through an ES9+ interface, as in operation 1229 of FIG. 12B.

FIG. 19 is a flowchart illustrating a method of operating at least one entity of an electronic device and/or an operator server according to various embodiments.

According to various embodiments, the electronic device 101 (e.g., the processor 120 of FIG. 1) causes a movement of the first profile stored in the external electronic device 1200 to the electronic device in operation 1901. You can check user input. For example, it is assumed that the first profile may be stored in the external electronic device 1200, but the first profile is not stored in the electronic device 101. For example, the electronic device 101 may provide (eg, display) a UI to explain the purpose of “moving a profile from another electronic device to the current electronic device.” The electronic device 101 may check a user input that causes movement of the first profile stored in the external electronic device to the electronic device 101 through the UI. According to various embodiments, the electronic device 101 may display an additional UI for selecting one of a plurality of business operators and may obtain additional user input for selecting a business operator. Based on the user input, the electronic device 101 may perform an authentication procedure with the entitlement server 520 in operation 1903. The electronic device 101 may perform OPEN ID-based authentication and/or SMS-OTP-based authentication. Once the authentication process is completed, the electronic device 101 and/or the entitlement server 520 can confirm the user to whom the profile (or line) is being moved, and/or use the profile identifier associated therewith (e.g., ICCID ) can be confirmed. The electronic device 101 may request an eligibility check from the entitlement server 520 in operation 1905. The entitlement server 520 may transmit a 200 OK message to the electronic device 101 in operation 1907. For example, if the qualification test is completed normally, the 200 OK message may include information of “enabled”. The electronic device 101 may transmit a subscription-related operation request message to the entitlement server 520 in operation 1909.

According to various embodiments, the entitlement server 520 may confirm that a profile move is requested in operation 1911 based on the subscription response message. The entitlement server 520 may transmit an Activation Subscription message to the BSS/OSS 550 in operation 1913. The BSS/OSS 550 may request a new profile from the SM-DP+ server 530 through the ES2+ interface in operation 1915. The SM-DP+ server 530 can confirm that the ICCID is already in use, and accordingly can provide the DownloadOrder Specific Status Code to the BSS/OSS 550 in operation 1917. For example, the SM-DP+ server 530 may confirm that the ICCID is already in use based on a request for a new profile of the same ICCID being received, even though the profile has not been deleted after being provided, as shown in FIG. 6 . The BSS/OSS 550 may confirm that deletion of the ICCID is requested based on receipt of the DownloadOrder Specific Status Code from the SM-DP+ server 530. For example, the BSS/OSS 550 may confirm that deletion of the ICCID of the profile for which movement is requested is required based on the fact that the ICCID is already in use. The BSS/OSS 550 may provide the Activation Subscription Answer to the entitlement server 520 in operation 1919. The Activation Subscription Answer may include information indicating that a specific ICCID is required to be deleted (e.g., “NeedToDelete ICCID”).

According to various embodiments, the entitlement server 520 may transmit a 200 OK message indicating deletion of the ICCID to the electronic device 101 in operation 1921. The 200 OK message may include information of SubscriptionResult=6-DELETE PROFILE IN USE in Table 4. As described in Table 4, SubscriptionResult=6-DELETE PROFILE IN USE may indicate that the profile currently in use must be deleted in order to move the line. The electronic device 101 may request deletion of the profile in operation 1923, based on information of SubscriptionResult=6-DELETE PROFILE IN USE included in the received 200 OK. For example, the electronic device 101 may display a QR code that causes deletion of the profile as shown in FIG. 18B, but is not limited to this. Profile download on a new device after operation 1923 may be substantially the same as in FIG. 12B, so the description herein is not repeated. As described above, by using the information of SubscriptionResult=6-DELETE PROFILE IN USE, without causing a connection to the web server 510 based on the web sheet, the entitlement server 520 allows the electronic device 101 to: The profile can be moved without connecting to the web server 510.

According to various embodiments, an electronic device includes an embedded universal integrated circuit card (eUICC) (e.g., eSIM 201) and at least one processor electrically connected to the eUICC (e.g., Processor 120), wherein the at least one processor is configured to configure the first profile stored in the eUICC based on confirming at least one user input that causes movement of the first profile stored in the eUICC to another electronic device. transmitting a first message requesting movement to an external electronic device, deleting the first profile based on receiving a second message requesting deletion of the first profile corresponding to the first message, and A third message indicating deletion of the first profile is sent to the SM-DP+ server, and the SM-DP+ server that has received the third message sends a fourth message indicating that preparation of the first profile is complete. Receive from a server, and based on the fourth message, transmit a fifth message for requesting download information to the entitlement server, and send a sixth message containing the download information corresponding to the fifth message. It may be configured to provide the download information received from the entitlement server and confirmed based on the sixth message.

According to various embodiments, the at least one processor may be further configured to perform Extensible Authentication Protocol-Authentication and Key Agreement (EAP-AKA)-based authentication with the entitlement server.

According to various embodiments, the at least one processor may be further configured to perform an eligibility check (CheckEligibility) with the entitlement server based on completion of the authentication.

According to various embodiments, the at least one processor, based on completion of the eligibility check, transmits a subscription-related action request message to the entitlement server, where the subscription-related action request message is configured to: It may be further set to receive a response message that includes information about and includes accessible address information and/or user-related data corresponding to the subscription-related operation request message.

According to various embodiments, the at least one processor obtains information capable of providing a user interface based on the accessible address information and/or the user-related data included in the response message, and displays the user interface. is further set to provide, and at least some of the at least one user input may be obtained through the user interface.

According to various embodiments, the electronic device further includes a display module, and the at least one processor is configured to display a QR code for obtaining the download information as at least part of an operation of providing the download information. can be set to control.

According to various embodiments, the at least one processor may be further configured to receive the second message based on a JS callback message requesting deletion of the first profile.

According to various embodiments, the at least one processor is further configured to receive the second message based on the 200 OK message requesting deletion of the first profile, and the second message may include information of SubscriptionResult=6-DELETE PROFILE IN USE.

According to various embodiments, the at least one processor may be further configured to provide information indicating that another communication connection is required based on deletion of the first profile.

According to various embodiments, a method of operating a server includes receiving a first message requesting a new profile of a specific ICCID from an entitlement server, and based on reception of the first message, sending the specific ICCID to the SM-DP+ server. An operation of transmitting a second message requesting a new profile of an ICCID, after sending the second message, an operation of receiving a third message indicating that the specific ICCID is in use from the SM-DP+ server, and the first Based on the reception of message 3, it may include transmitting a fourth message requesting deletion of the profile of the specific ICCID to the entitlement server.

According to various embodiments, a method of operating a server includes, based on the first message, confirming that movement of the profile of the specific ICCID is requested, and based on confirming that movement of the profile of the specific ICCID is requested. , It may further include an operation of confirming that deletion of the profile of the specific ICCID is requested based on the third message.

According to various embodiments, a method of operating a server includes, after transmitting the fourth message, receiving a fifth message indicating deletion of the profile of the specific ICCID from the SM-DP+ server, and the fifth message Based on reception, the method may further include transmitting a sixth message requesting a profile of the specific ICCID to the SM-DP+ server.

According to various embodiments, a method of operating a server includes, after transmitting the sixth message, receiving a seventh message from the SM-DP+ server indicating that preparation of the profile of the specific ICCID is complete, and the first Based on reception of message 7, the method may further include transmitting an eighth message including profile information of the profile of the specific ICCID to the entitlement server.

According to various embodiments, the fourth message requesting deletion of the profile of the specific ICCID may be based on a JS call back message.

According to various embodiments, the fourth message requesting deletion of the profile of the specific ICCID is based on the 200 OK message, and the fourth message may include information of SubscriptionResult=6-DELETE PROFILE IN USE.

According to various embodiments, a method of operating an entitlement server includes receiving a first message requesting a profile movement from an electronic device, and secondly requesting a new profile of a specific ICCID based on the first message. Transmitting a message to the BSS/OSS, receiving a third message indicating that deletion of the profile of the specific ICCID is requested, and based on reception of the third message, deleting the profile of the specific ICCID is requested. It may include an operation of transmitting the fourth message indicating the message to the electronic device.

According to various embodiments, the third message may be received from the BSS/OSS.

According to various embodiments, the third message may be received from an SM-DP+ server that communicates with the BSS/OSS, through an interface between the SM-DP+ server and the entitlement server.

According to various embodiments, a method of operating an entitlement server includes, after transmitting the fourth message, receiving a fifth message from the BSS/OSS indicating that the profile of the specific ICCID is ready, the first 5 Based on the reception of the message, transmitting a sixth message indicating that the profile of the specific ICCID is ready to the electronic device, after transmitting the sixth message, receiving the profile of the specific ICCID from the electronic device Receiving a seventh message requesting download information, and based on reception of the seventh message, transmitting an eighth message including the download information of the profile of the specific ICCID to the electronic device can do.

According to various embodiments, an electronic device includes an embedded universal integrated circuit card (eUICC) and at least one processor electrically connected to the eUICC, wherein the at least one processor is connected to an external electronic device. Based on confirmation of at least one user input causing movement of the first profile stored in the electronic device, send a first message requesting movement of the first profile to the electronic device, and Based on receiving a second message requesting deletion of the first profile corresponding to the message, performing an operation associated with inducing deletion of the first profile, and requesting deletion of the first profile, SM-DP+ Receiving a third message from the entitlement server indicating that preparation of the first profile is completed at the server, and based on the third message, transmitting a fourth message for requesting download information to the entitlement server And, a fifth message containing the download information corresponding to the fourth message is received from the entitlement server, and based on the download information confirmed based on the fifth message, from the SM-DP+ server. The first profile may be acquired, the first profile may be installed in the eUICC, and the first profile may be activated.

According to various embodiments, the at least one processor may be further configured to perform OPEN-ID-based authentication and/or SMS OTP-based authentication with the entitlement server.

According to various embodiments, the at least one processor may be further configured to perform an eligibility check (CheckEligibility) with the entitlement server based on completion of the authentication.

According to various embodiments, the at least one processor, based on completion of the eligibility check, transmits a subscription-related action request message to the entitlement server, where the subscription-related action request message is configured to: It may be further set to receive a response message that includes information about and includes accessible address information and/or user-related data corresponding to the subscription-related operation request message.

According to various embodiments, the at least one processor may be configured to display a QR code that causes deletion of the first profile, at least as part of performing an operation associated with inducing deletion of the first profile. .

According to various embodiments, the at least one processor obtains information capable of providing a user interface based on the accessible address information and/or the user-related data included in the response message, and displays the user interface. is further set to provide, and at least some of the at least one user input may be obtained through the user interface.

According to various embodiments, the electronic device further includes a display module, and the at least one processor is configured to delete the first profile at least as part of an operation related to inducing deletion of the first profile. The display module can be set to control the display module to display information indicating that deletion from the external electronic device is requested.

Electronic devices according to various embodiments disclosed in this document may be of various types. Electronic devices may include, for example, portable communication devices (e.g., smartphones), computer devices, portable multimedia devices, portable medical devices, cameras, wearable devices, or home appliances. Electronic devices according to embodiments of this document are not limited to the above-described devices.

The various embodiments of this document and the terms used herein are not intended to limit the technical features described in this document to specific embodiments, and should be understood to include various changes, equivalents, or replacements of the embodiments. In connection with the description of the drawings, similar reference numbers may be used for similar or related components. The singular form of a noun corresponding to an item may include one or more of the above items, unless the relevant context clearly indicates otherwise. As used herein, “A or B”, “at least one of A and B”, “at least one of A or B”, “A, B or C”, “at least one of A, B and C”, and “A Each of phrases such as “at least one of , B, or C” may include any one of the items listed together in the corresponding phrase, or any possible combination thereof. Terms such as "first", "second", or "first" or "second" may be used simply to distinguish one component from another, and to refer to that component in other respects (e.g., importance or order) is not limited. One (e.g., first) component is said to be “coupled” or “connected” to another (e.g., second) component, with or without the terms “functionally” or “communicatively.” When mentioned, it means that any of the components can be connected to the other components directly (e.g. wired), wirelessly, or through a third component.

The term “module” used in various embodiments of this document may include a unit implemented in hardware, software, or firmware, and is interchangeable with terms such as logic, logic block, component, or circuit, for example. It can be used as A module may be an integrated part or a minimum unit of the parts or a part thereof that performs one or more functions. For example, according to one embodiment, the module may be implemented in the form of an application-specific integrated circuit (ASIC).

Various embodiments of the present document are one or more instructions stored in a storage medium (e.g., built-in memory 136 or external memory 138) that can be read by a machine (e.g., electronic device 101). It may be implemented as software (e.g., program 140) including these. For example, a processor (e.g., processor 120) of a device (e.g., electronic device 101) may call at least one command among one or more commands stored from a storage medium and execute it. This allows the device to be operated to perform at least one function according to the at least one instruction called. The one or more instructions may include code generated by a compiler or code that can be executed by an interpreter. A storage medium that can be read by a device may be provided in the form of a non-transitory storage medium. Here, 'non-transitory' only means that the storage medium is a tangible device and does not contain signals (e.g. electromagnetic waves), and this term refers to cases where data is semi-permanently stored in the storage medium. There is no distinction between temporary storage cases.

According to one embodiment, methods according to various embodiments disclosed in this document may be included and provided in a computer program product. Computer program products are commodities and can be traded between sellers and buyers. The computer program product may be distributed in the form of a machine-readable storage medium (e.g. compact disc read only memory (CD-ROM)) or through an application store (e.g. Play StoreTM) or on two user devices (e.g. It can be distributed (e.g. downloaded or uploaded) directly between smart phones) or online. In the case of online distribution, at least a portion of the computer program product may be at least temporarily stored or temporarily created in a machine-readable storage medium, such as the memory of a manufacturer's server, an application store's server, or a relay server.

According to various embodiments, each component (e.g., module or program) of the above-described components may include a single or plural entity, and some of the plurality of entities may be separately placed in other components. there is. According to various embodiments, one or more of the components or operations described above may be omitted, or one or more other components or operations may be added. Alternatively or additionally, multiple components (eg, modules or programs) may be integrated into a single component. In this case, the integrated component may perform one or more functions of each component of the plurality of components in the same or similar manner as those performed by the corresponding component of the plurality of components prior to the integration. . According to various embodiments, operations performed by a module, program, or other component may be executed sequentially, in parallel, iteratively, or heuristically, or one or more of the operations may be executed in a different order, or omitted. Alternatively, one or more other operations may be added.

Claims (22)

In electronic devices,
embedded universal integrated circuit card (eUICC); and
At least one processor electrically connected to the eUICC, wherein the at least one processor:
Based on confirmation of at least one user input causing movement of the first profile stored in the eUICC to the external electronic device, transmitting a first message requesting movement of the first profile to the external electronic device,
Based on receiving a second message requesting deletion of the first profile corresponding to the first message, deleting the first profile,
Sending a third message indicating deletion of the first profile to the SM-DP+ server,
The SM-DP+ server, which has received the third message, receives a fourth message from the entitlement server indicating that preparation of the first profile is complete,
Based on the fourth message, a fifth message is sent to the entitlement server to request profile download information,
Receiving a sixth message containing the download information corresponding to the fifth message from the entitlement server,
An electronic device configured to provide the download information confirmed based on the sixth message. According to claim 1,
The at least one processor,
An electronic device further configured to perform EAP-AKA (Extensible Authentication Protocol-Authentication and Key Agreement)-based authentication with the entitlement server. According to claim 2,
The at least one processor,
The electronic device further configured to perform an eligibility check (CheckEligibility) with the entitlement server based on completion of the authentication. According to claim 3,
The at least one processor,
Based on completion of the eligibility check, a subscription-related action request message is sent to the entitlement server, where the subscription-related action request message includes information about movement of the profile,
The electronic device further configured to receive a response message containing accessible address information and/or user-related data corresponding to the subscription-related operation request message. According to claim 4,
The at least one processor,
Based on the accessible address information and/or the user-related data included in the response message, obtain information capable of providing a user interface,
further configured to provide the user interface,
An electronic device wherein at least some of the at least one user input is obtained through the user interface. According to claim 1,
Further comprising a display module,
The at least one processor is configured to control the display module to display a QR code for obtaining the download information as at least part of the operation of providing the download information. According to claim 1,
The electronic device is further configured to receive the second message based on a JS callback message, wherein the at least one processor requests deletion of the first profile. According to claim 1,
The at least one processor,
the at least one processor is further configured to receive the second message based on the 200 OK message requesting deletion of the first profile,
The second message includes information of SubscriptionResult=6-DELETE PROFILE IN USE. According to claim 1,
The electronic device is further configured to provide information indicating that another communication connection is required based on deletion of the first profile. In the operating method of the server,
Receiving a first message requesting a new profile of a specific ICCID from an entitlement server;
Based on reception of the first message, transmitting a second message requesting a new profile of the specific ICCID to the SM-DP+ server;
After transmitting the second message, receiving a third message from the SM-DP+ server indicating that the specific ICCID is in use; and
An operation of transmitting a fourth message requesting deletion of the profile of the specific ICCID to the entitlement server based on reception of the third message.
The operating method of the server including. According to claim 10,
Based on the first message, confirming that movement of the profile of the specific ICCID is requested; and
An operation of confirming that deletion of the profile of the specific ICCID is requested based on the third message, based on confirmation that the profile of the specific ICCID is requested to be moved.
A method of operating a server further comprising: According to claim 10,
After transmitting the fourth message, receiving a fifth message indicating deletion of the profile of the specific ICCID from the SM-DP+ server; and
An operation of transmitting a sixth message requesting a profile of the specific ICCID to the SM-DP+ server based on reception of the fifth message.
A method of operating a server further comprising: According to claim 12,
After transmitting the sixth message, receiving a seventh message from the SM-DP+ server indicating that preparation of the profile of the specific ICCID is complete; and
An operation of transmitting an eighth message including profile information of a profile of the specific ICCID to the entitlement server, based on reception of the seventh message.
A method of operating a server further comprising: According to claim 10,
The fourth message requesting deletion of the profile of the specific ICCID is a method of operating a server based on a JS callback message. According to claim 10,
The fourth message requesting deletion of the profile of the specific ICCID is based on the 200 OK message, and the fourth message includes information of SubscriptionResult=6-DELETE PROFILE IN USE. In the method of operating the entitlement server,
Receiving a first message requesting movement of a profile from an electronic device;
Based on the first message, transmitting a second message requesting a new profile of a specific ICCID to the BSS/OSS;
Receiving a third message indicating that deletion of the profile of the specific ICCID is requested; and
An operation of transmitting a fourth message indicating that deletion of the profile of the specific ICCID is requested based on reception of the third message to the electronic device.
A method of operating an entitlement server including. According to claim 16,
The third message is a method of operating an entitlement server received from the BSS/OSS. According to claim 16,
The third message is received from the SM-DP+ server that communicates with the BSS/OSS through an interface between the SM-DP+ server and the entitlement server. According to claim 16,
After transmitting the fourth message, receiving a fifth message from the BSS/OSS indicating that preparation of the profile of the specific ICCID is complete;
Based on reception of the fifth message, transmitting a sixth message indicating that preparation of the profile of the specific ICCID is complete to the electronic device;
After transmitting the sixth message, receiving a seventh message requesting download information of the profile of the specific ICCID from the electronic device; and
An operation of transmitting an eighth message including the download information of the profile of the specific ICCID to the electronic device based on reception of the seventh message.
A method of operating an entitlement server further comprising: In electronic devices,
embedded universal integrated circuit card (eUICC); and
At least one processor electrically connected to the eUICC, wherein the at least one processor:
Based on confirmation of at least one user input causing movement of a first profile stored in an external electronic device to the electronic device, transmitting a first message requesting movement of the first profile to the electronic device,
Based on receiving a second message requesting deletion of the first profile corresponding to the first message, performing an operation associated with inducing deletion of the first profile,
After requesting deletion of the first profile, the SM-DP+ server receives a third message from the entitlement server indicating that preparation of the first profile is complete,
Based on the third message, sending a fourth message to request download information to the entitlement server,
Receiving a fifth message containing the download information corresponding to the fourth message from the entitlement server,
Based on the download information confirmed based on the fifth message, obtain the first profile from the SM-DP+ server,
An electronic device that installs the first profile in the eUICC and activates the first profile. According to claim 20,
The at least one processor,
Based on completion of the eligibility check, a subscription-related action request message is sent to the entitlement server, where the subscription-related action request message includes information about movement of the profile,
The electronic device further configured to receive a response message containing accessible address information and/or user-related data corresponding to the subscription-related operation request message. According to claim 20,
The at least one processor is configured to display a QR code that causes deletion of the first profile, as at least part of performing an operation associated with inducing deletion of the first profile.

Images