WO2020205011A1 - Seamless embedded sim transfer - Google Patents

Seamless embedded sim transfer Download PDF

Info

Publication number
WO2020205011A1
WO2020205011A1 PCT/US2019/064742 US2019064742W WO2020205011A1 WO 2020205011 A1 WO2020205011 A1 WO 2020205011A1 US 2019064742 W US2019064742 W US 2019064742W WO 2020205011 A1 WO2020205011 A1 WO 2020205011A1
Authority
WO
WIPO (PCT)
Prior art keywords
user device
profile
mno
activation code
data processing
Prior art date
Application number
PCT/US2019/064742
Other languages
French (fr)
Inventor
Matthew RESMAN
Amol Tuli
Hassan Sipra
Qingxi Li
Jun Yin
Original Assignee
Google Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Google Llc filed Critical Google Llc
Publication of WO2020205011A1 publication Critical patent/WO2020205011A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/60Subscription-based services using application servers or record carriers, e.g. SIM application toolkits
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/50Service provisioning or reconfiguring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data
    • H04W8/245Transfer of terminal data from a network towards a terminal

Definitions

  • This disclosure relates to seamless transfer of an embedded subscriber identification module (eSIM).
  • eSIM embedded subscriber identification module
  • Telephony devices such as cellular phones and tablets, include subscriber identification modules (SIM) that are used by a mobile network operator (MNO) to identify and authenticate network subscribers.
  • SIM subscriber identification modules
  • MNO mobile network operator
  • pSIM physical SIM
  • One aspect of the disclosure provides a method for transferring a SIM profile between user devices associated with a common customer/subscriber of a mobile network operator.
  • the method includes receiving, at data processing hardware of a mobile network operator (MNO), a profile preparation request from a first user device associated with a customer of the MNO.
  • the received profile preparation request requests preparation of a new subscriber identification module (SIM) profile for a second user device.
  • SIM subscriber identification module
  • the second user device is in communication with the first user device and is associated with the same customer of the MNO.
  • the method includes (a) generating, by the data processing hardware, the new SIM profile for the second user device, and (b) generating, by the data processing hardware, an activation code associated with the new SIM profile.
  • the activation code uniquely identifies the new SIM profile.
  • the method further includes transmitting, by the data processing hardware, the activation code to the first user device. When the activation code is received by the first user device, the activation code causes the first user device to provide the activation code to the second user device.
  • the method includes receiving, at the data processing hardware, a profile download request from the second user device. The profile download request includes the activation code.
  • the method further includes determining, by the data processing hardware, whether the activation code is valid. When the activation code is valid, the method includes transmitting, by the data processing hardware, the new SIM profile to the second user device. When the new SIM profile is received by the second user device, the new SIM profile causes the second user device to install the new SIM profile in an embedded SIM residing on the second user device.
  • Implementations of the disclosure may include one or more of the following optional features.
  • the profile preparation request is received from the first user device over a first network.
  • the profile download request is received from the second user device via a second network different than the first network.
  • the profile preparation request includes one or more device identifiers associated with the second user device.
  • the one or more device identifiers may include at least one of an International Mobile Station Equipment Identity (IMEI) number or an electronic identification (EID) associated with the second user device.
  • IMEI International Mobile Station Equipment Identity
  • EID electronic identification
  • the activation code includes a location of a profile server associated with the data processing hardware of the MNO.
  • the first user device provides the activation code to the second user device over a secure wired or wireless connection.
  • the first user device provides the activation code to the second user device by rendering the activation code for display on the first user device.
  • the system includes data processing hardware of a mobile network operator (MNO), and memory hardware in communication with the data processing hardware.
  • the memory hardware stores instructions that, when executed on the data processing hardware, cause the data processing hardware to perform operations.
  • the operations include receiving a profile preparation request from a first user device associated with a customer of the MNO.
  • the received profile preparation request requests preparation of a new subscriber identification module (SIM) profile for a second user device, where the second user device is in communication with the first user device and associated with the same customer of the MNO.
  • the operations further include generating the new SIM profile for the second user device, and generating an activation code associated with the new SIM profile.
  • the activation code uniquely identifies the new SIM profile.
  • the operations further include transmitting the activation code to the first user device.
  • the activation code causes the first user device to provide the activation code to the second user device.
  • the operations include receiving a profile download request from the second user device.
  • the profile download request includes the activation code.
  • the operations further include determining whether the activation code is valid, and when the activation code is valid, transmitting the new SIM profile to the second user device.
  • the new SIM profile When received by the second user device, the new SIM profile causes the second user device to install the new SIM profile in an embedded SIM residing on the second user device.
  • This aspect may include one or more of the following optional features.
  • the profile preparation request is received from the first user device over a first network and the profile download request is received from the second user device via a second network different than the first network.
  • Implementations of the disclosure may include one or more of the following optional features.
  • the profile preparation request is received from the first user device over a first network.
  • the profile download request is received from the second user device via a second network different than the first network.
  • the profile preparation request includes one or more device identifiers associated with the second user device.
  • the one or more device identifiers may include at least one of an International Mobile Station Equipment Identity (IMEI) number or an electronic identification (EID) associated with the second user device.
  • IMEI International Mobile Station Equipment Identity
  • EID electronic identification
  • the activation code includes a location of a profile server associated with the data processing hardware of the MNO.
  • the first user device provides the activation code to the second user device over a secure wired or wireless connection.
  • the first user device provides the activation code to the second user device by rendering the activation code for display on the first user device.
  • Yet another aspect of the disclosure provides a method for transferring a SIM profile between user devices associated with a common customer/subscriber of a mobile network operator.
  • the method includes receiving, at data processing hardware of a first user device, a security token from a second user device in communication with the first user device.
  • the security token indicates that a customer associated with the first user device and the second user device is authorized to access an operator network provided by a mobile network operator (MNO).
  • MNO mobile network operator
  • the method further includes transmitting, by the data processing hardware, a profile preparation request to the MNO, where the profile preparation request includes the security token.
  • the profile preparation request requests preparation of a new subscriber identification module (SIM) profile for the first user device.
  • the method further includes receiving, at the data processing hardware, the new SIM profile for the first user device from the MNO, and installing, by the data processing hardware, the new SIM profile for the first user device on an embedded SIM residing on memory hardware of the first user device.
  • SIM subscriber identification module
  • Implementations of the disclosure may include one or more of the following optional features.
  • the method further includes, prior to transmitting the profile preparation request, executing, by the data processing hardware, a software application configured to interface with the MNO over a non-operator network.
  • the software application may provide mapping information to a profile server residing on the MNO, and the profile server may be configured to prepare the new SIM profile for the first user device in response to receiving the profile preparation request over the nonoperator network.
  • the profile preparation request includes one or more device identifiers associated with the first user device and/or the second user device.
  • the one or more device identifiers may include at least one of an International Mobile Station Equipment Identity (IMEI) number and/or an electronic identification (EID) associated with the first user device and/or second user device.
  • IMEI International Mobile Station Equipment Identity
  • EID electronic identification
  • the second user device is configured to obtain the security token from a backend service residing at the MNO over the operator network, the second user device comprising an existing SIM profile previously authorized by the MNO.
  • a first user device in another aspect of the disclosure, includes data processing hardware, and memory hardware in communication with the data processing hardware.
  • the memory hardware stores instructions that, when executed on the data processing hardware cause the data processing hardware to perform operations.
  • the operations include receiving a security token from a second user device in communication with the first user device.
  • the security token indicates that a customer associated with the first user device and the second user device is authorized to access an operator network provided by a mobile network operator (MNO).
  • MNO mobile network operator
  • the operations further include transmitting a profile preparation request to the MNO, where the profile preparation request includes the security token.
  • the profile preparation request requests preparation of a new subscriber identification module (SIM) profile for the first user device.
  • the operations further include receiving the new SIM profile for the first user device from the MNO, and installing the new SIM profile for the first user device on an embedded SIM residing on memory hardware of the first user device.
  • SIM subscriber identification module
  • Implementations of the disclosure may include one or more of the following optional features.
  • the operations further include, prior to transmitting the profile preparation request, executing a software application configured to interface with the MNO over a non-operator network.
  • the software application may provide mapping information to a profile server residing on the MNO, and the profile server may be configured to prepare the new SIM profile for the first user device in response to receiving the profile preparation request over the non-operator network.
  • the profile preparation request includes one or more device identifiers associated with the first user device and/or the second user device.
  • the one or more device identifiers may include at least one of an International Mobile Station Equipment Identity (IMEI) number and/or an electronic identification (EID) associated with the first user device and/or second user device.
  • IMEI International Mobile Station Equipment Identity
  • EID electronic identification
  • FIG. 1 A is a schematic view of an example of a wireless communication system.
  • FIG. IB is a schematic view of another example of a wireless communication system.
  • FIG. 2 is a schematic view of an example arrangement of operations for a method of providing a SIM profile to a user device.
  • FIG. 3 is a flowchart of an example method for preparing and providing a SIM profile for a user device.
  • FIG. 4 is a schematic view of an example arrangement of operations for a method of providing a SIM profile to a user device.
  • FIG. 5 is a schematic view of an example computing device that may be used to implement the systems and methods described herein.
  • SIM Subscriber identification modules
  • MNO mobile network operator
  • SIM profile associated with the subscriber must be transferred from the old device to the new device.
  • Some user devices are provided with physical SIM (pSIM) cards that can be easily transferred between compatible devices, thereby allowing the subscriber to transfer from one user device to another without support from the MNO.
  • pSIM physical SIM
  • eSIM embedded SIM
  • Implementations herein are directed towards facilitating a transfer of a SIM profile from a first, existing user device associated with a subscriber of an MNO, to a second, new user device associated with the same subscriber of the MNO.
  • the existing user device is a user device including a SIM profile that has already been authorized to connect to the MNO network.
  • the existing user device may include a pSIM or an eSIM.
  • the second, new user device includes an eSIM, but is initially provided without a SIM profile authorized to connect to the MNO network.
  • the MNO subscriber can request a new SIM profile using the existing user device, which is connected to the MNO through the MNO network, and the new user device, which is in communication with the MNO via a separate network.
  • the new user device sends a device identifier (e.g., IMEI, EID) to the existing user device, which transmits a request to the MNO for preparation of a new SIM profile for the new user device.
  • the MNO generates/creates the new SIM profile and returns an activation code associated with the new SIM profile to the existing user device.
  • the existing user device sends the activation code to the new user device.
  • the new user device uses the activation code to locate the MNO and to request download of the newly-created SIM profile.
  • the MNO may provide a security token to the existing user device. The security token is then transmitted to the new user device, which presents the security token to the MNO with a download request.
  • the implementations provided herein facilitate a seamless transfer of a SIM profile to a device having an eSIM without requiring the MNO subscriber to contact the MNO.
  • an example communications system 100 includes a first user device 160, 160a in communication with a carrier or mobile network operator (MNO) 110 via an operator network 120 (also referred to as“carrier network”) and a second user device 160, 160b which may establish a communication with the MNO 110 via a second, non-operator network 130.
  • MNO mobile network operator
  • the first user device 160a and the second user device 160b may be associated with a same user that is a customer/subscriber of the MNO 110.
  • the first user device 160a may have a corresponding SIM profile 168, 168a previously authorized by the MNO 110 to provide the first user device 160a access to the operator network 120, while the second user device 160b may be a new user device that needs a new SIM profile 168b authorized by the MNO 110 in order to access the operator network 120.
  • the MNO 110 may reside on a remote system or a computing device.
  • the remote system may be a single computer, multiple computers, or a distributed system (e.g., a cloud environment) having scalable elastic computing resources 112 (e.g., data processing hardware) and/or storage resources 114 (e.g., memory hardware).
  • the data processing hardware 112 e.g., using instructions stored on the memory hardware 114) executes a MNO backend 140 (e.g., one or more Entitlement Servers) configured to provide backend services to manage access to the operator network 120.
  • MNO backend 140 e.g., one or more Entitlement Servers
  • the data processing hardware 112 may also execute a profile server 150 (or optionally communicate with the profile server 150) configured to generate and provide SIM profiles 168 for use by user devices 160 of the operator network 120.
  • user devices 160 may be associated with customers of the MNO 110 that have access to the operator network 120 when the MNO 110 authorizes their respective SIM profiles 168.
  • the profile server 150 may be a Subscription Manager (SM), a
  • the MNO 110 may include multiple profile servers 150
  • the operator network 120 may include, but is not limited to, Wide Area Networks (WAN) such as a Long Term Evolution (LTE) network, a Global System for Mobile Communications (GSM) network, a Code Division Multiple Access (CDMA) network, a Wideband Code Division Multiple Access (WCDMA) network or an
  • WAN Wide Area Networks
  • LTE Long Term Evolution
  • GSM Global System for Mobile Communications
  • CDMA Code Division Multiple Access
  • WCDMA Wideband Code Division Multiple Access
  • EDGE Enhanced Data rates for GSM Evolution
  • WLAN Wireless Local Area Networks
  • Access to the operator network 120 is controlled by the MNO 110, which only grants access to user devices 160 having SIM profiles 168 that are authorized by the MNO backend 140.
  • the second network 130 may include a long range network (e.g., Internet or WAN), in some scenarios, the second network 130 includes a shorter range network, such as a local area network (LAN). In some implementations, the second network 130 uses standard communications technologies and/or protocols. Thus, the second network 130 can include links using technologies, such as Ethernet, Wireless Fidelity (WiFi) (e.g., 802.11), worldwide interoperability for microwave access
  • WiFi Wireless Fidelity
  • 802.11 worldwide interoperability for microwave access
  • the networking protocols used on the second network 130 can include multiprotocol label switching (MPLS), the transmission control protocol/Intemet protocol (TCP/IP), the User Datagram Protocol (UDP), the hypertext transport protocol (HTTP), the simple mail transfer protocol (SMTP), the file transfer protocol (FTP), etc.
  • MPLS multiprotocol label switching
  • TCP/IP transmission control protocol/Intemet protocol
  • UDP User Datagram Protocol
  • HTTP hypertext transport protocol
  • SMTP simple mail transfer protocol
  • FTP file transfer protocol
  • the data exchanged over the second network 130 can be represented using technologies and/or formats including the hypertext markup language (HTML), the extensible markup language (XML), etc.
  • all or some of the links can be encrypted using conventional encryption technologies, such as secure sockets layer (SSL), transport layer security (TLS), virtual private networks (VPNs), Internet Protocol security (IPsec), etc.
  • SSL secure sockets layer
  • TLS transport layer security
  • VPNs virtual private networks
  • IPsec Internet Protocol security
  • the network 130 can use custom and/or dedicated data
  • User devices 160 can be any computing devices that are capable of wireless communications via the operator network 120 and/or the non-operator network 130.
  • FIGS. 1 A and IB show example user devices having data processing hardware 161 and memory hardware 162 in communication with the data processing hardware 161.
  • User devices 160 include, but are not limited to, mobile computing devices, such as laptops, tablets, smart phones, and wearable computing devices (e.g., headsets and/or watches). User devices 160 could also include smart appliances (e.g., smart speakers/displays).
  • the user devices 160 are configured to support one or more of the types of the networks 120, 130 and may be in communication with each other via one or more secure connections 202.
  • the user devices 160a, 160b may be in direct communication with each other over a wired (e.g., USB) or wireless (e.g., Bluetooth, WiFi direct, Near Field Communication) connection, such that data can be communicated between the user devices 160a, 160b independent of either of the networks 120, 130.
  • the user devices 160a, 160b communicate with each other indirectly via the non-operator network 130.
  • both of the user devices 160a, 160b may be connected to the Internet, allowing the devices to communicate with each other.
  • the user devices 160a, 160b may use a variety of different operating systems 163.
  • a user device 160a, 160b may run an operating system including, but not limited to, ANDROID® developed by Google Inc., IOS® developed by Apple Inc., or WINDOWS PHONE® developed by Microsoft Corporation.
  • the operating system 163 running on the user device 160 may include, but is not limited to, one of ANDROID®, IOS®, or WINDOWS PHONE®.
  • a user device may run an operating system including, but not limited to, MICROSOFT WINDOWS® by Microsoft Corporation, MAC OS® by Apple, Inc., or Linux.
  • User devices 160a, 160b may also access the operator network 120 while running operating systems 163 other than those operating systems 163 described above, whether presently available or developed in the future.
  • the operating system 163 may execute one or more software applications 164.
  • a software application 164 may refer to computer software that, when executed by a computing device, causes the computing device to perform a task.
  • the software application 164 may be referred to as an "application”, an "app”, or a "program”.
  • Example software applications 164 include, but are not limited to, MNO access applications, word processing applications, spreadsheet applications, messaging applications, media streaming applications, social networking applications, and games.
  • Applications 164 can be executed on a variety of different user devices 160a, 160b. In some examples, applications 164 are installed on the user devices 160a, 160b prior to the user 10 purchasing the user device 160. In other examples, the user 10 may download and install applications 164 on the user devices 160a, 160b.
  • Each user device 160a, 160b further includes a corresponding subscriber identification module (SIM) 166 configured to store a corresponding SIM profile 168, 168a, 168b for identifying and connecting each user device 160a, 160b with certain types of wireless networks.
  • SIM subscriber identification module
  • the SIM 166 may include credentials for authorizing the first user device 160a to connect with the operator network 120.
  • the operator network 120 is within range of the first user device 160a, the first user device 160a will utilize the stored network credentials on the SIM 166 in order to gain access to the operator network 120.
  • the SIM 166 is a physical SIM card (pSIM) 166.
  • the pSIM 166 can be physically removed from the user device 160a and replaced with a different pSIM 166 having credentials associated with a different subscriber and/or a different operator network 120.
  • the SIM 166 may be an embedded SIM (eSIM) 166 with the credentials for connecting the user device 160 with the operator network 120 stored directly on the memory hardware 162 of the first user device 160a.
  • eSIM embedded SIM
  • the user device 160 may download the new SIM profile 168 from the MNO 110.
  • the user device 160 using the eSIM 166 may download the new SIM profile 168 from the MNO 110.
  • the first user device 160a may include either one of a pSIM 166 or an eSIM 166
  • the second user device 160b corresponds to a new user device that includes an eSIM 166 initially provided without a SIM profile 168b.
  • the second user device 160b must be authorized by the MNO backend 140 for connecting to the operator network 120. Accordingly, the second user device 160b must obtain a valid/authorized SIM profile 168b from the MNO 110 and install the SIM profile 168b on the eSIM 166.
  • the second user device 160b includes the eSIM 166 initially provided without a SIM profile 168b, thereby preventing the second user device 160b from having the ability to access the operator network 120.
  • the second user device 160b In order for the second user device 160b to be granted access to the operator network 120, the second user device 160b must download an authorized SIM profile 168b from the MNO 110 by presenting a valid activation code 50.
  • the first user device 160a is an existing user device that has a corresponding user profile 168a previously authorized by the MNO 110 to access the operator network 120.
  • the first user device 160a and the second user device 160b may connect to one another using the secured connection 202.
  • a secured connection 202 may be used as a means for connecting the first user device 160a and the second user device 160b to one another.
  • each of the user devices 160a, 160b may facilitate the secured connection 202 between the user devices 160a, 160b.
  • the operating system 163 may facilitate the secured connection 202 between the user devices 160a, 160b.
  • the secured connection 202 is established with the new second user device 160b initiates backup and restore
  • the second user device 160b transmits a device identifier 20 over the secured connection 202 to first user device 160a.
  • the device identifier 20 may be an International Mobile Station Equipment Identity (IMEI) number and/or an electronic identification (EID) associated with the second user device 160b.
  • IMEI International Mobile Station Equipment Identity
  • EID electronic identification
  • the first user device 160a Upon receipt of the device identifier 20 of the second user device 160b, the first user device 160a transmits a profile preparation request 30 including the device identifier 20 to the MNO backend 140 through the operator network 120 for preparation of a SIM profile 168b for the second user device 160b.
  • the profile server 150 prepares/generates the SIM profile 168b for the second user device 160b and generates a corresponding activation code 50 associated with the SIM profile 168b.
  • the profile server 150 provides the MNO backend 140 with the corresponding activation code 50.
  • the activation code 50 includes a unique code having information corresponding to a location (e.g., URL) of the profile server 150 and the SIM profile 168b generated/prepared by the profile server 150, and may be used to authorize/authenticate a profile download request 60 (discussed below) received from the second user device 160b for downloading the new SIM profile 168b.
  • the activation code 50 locates the profile server 150, uniquely identifies the SIM profile 168b generated by the profile server 150, and may provide a mapping between tire user identifier 20 associated with the second user device 160b and the corresponding SIM profile
  • the MNO backend 140 transmits the activation code 50 to the first user device 160a over the operator network 120, and the first user device 160a communicates the activation code 50 to the second user device 160b.
  • the first user device 160a communicates the activation code 50 using the secured connection 202 between the two user devices 160a, 160b.
  • the second user device 160b obtains the activation code 50 from the first user device 160a by other means.
  • a software application 164 executing on the first user device 160a may render the activation code 50 as a machine-readable code (e.g., a Quick Response (QR) code) for display on the first user device 160a, thereby enabling the second user device 160b to obtain die activation code 50 by
  • a machine-readable code e.g., a Quick Response (QR) code
  • the second user device 160b may interface with the profile server 150 at the MNO 110 to download the corresponding SIM profile 168b for accessing the operator network 120.
  • the second user device 160b is not yet provisioned with die authorized SIM profile 168b (e g., the SIM profile 168b is residing at the profile server 150) for the operator network 120, the second user device 160b must communicate with the profile server 150 via the non-operator network 130 (e g.,
  • the second user device 160b transmits a profile dowmload request 60 including the activation code 50 to the profile server 150 to request access to download the SIM profile 168b prepared/generated by the profile server 150.
  • the software application 164 may facilitate communication with the profile server 150 over the non-operator network 130.
  • the profile server 150 evaluates die activation code 50 to determine whether or not the second user device 160b is authorized to download the SIM profile 168b.
  • die second user device 160b may be authorized to dow'nload-'obtain the SIM profile 168b when the profile server 150 determines that activation code 50 includes the device identifier 20 associated with the SIM profile 168b.
  • the profile server 150 may push the SIM profile 168b in scenarios when the profile server 150 is able to locate the second user device 160b on die non-operator network 130. Once the second user device 160b obtains the SIM profile 168b from the profile server 150, the second user device 160b installs the SIM profile 168b on the eSIM 166 and connects to the operator netw'ork 120.
  • FIG. 1 A shows the second new user device 160b obtaining a new SIM profile 168b by leveraging access to the MNO 110 through the first user device 160a such that the first user device 160a requests 30 the new SIM profile 168b for the second user device 160b from the MNO backend 140 by providing the device identifier 20 associated with the second user device 160b. Thereafter, the MNO backend 140 instructs 40 the profile server 150 to generate the new SIM profile 168b and
  • the MNO backend 140 may provide the activation code 50 to the first user device 160a, enabling the second user device 160b to obtain the activation code 50 therefrom for inclusion in the profile download request 60 for obtaining the new SIM profile 168b from the profile server 150.
  • the second user device 160b may use backup and restore functionality to obtain the new SIM profile 168b from the profile server 150. For instance, the second user device 160b may be recently purchased by a user to replace the first user device 160a.
  • backup and restore functionality may transfer a profile for the user (e.g., contacts, applications, music, photos, etc.) from the first user device 160a to the second user device 160b, while simultaneously causing the first user device 160a to obtain the device identifier 20 for the second user device 160b and transmit profile preparation request 30 to the MNO backend 140.
  • the new SIM profile 168b may correspond to a swapping of the existing SIM profile 168a for the first user device 160a.
  • the new SIM profile 168b and the existing SIM profile 168a are distinguishable by the MNO 110 to enable the first user device 160a to access the operator network 120 at least until the new SIM profile 168b is installed on the second user device 160b and the second user device 160b is able to access the operator network 120.
  • FIG. 1 B shows the second user device 160b interfacing with the profile server 150 directly to request the profile server 150 to generate/prepare and provision the SIM profile 168b.
  • a user submits a request 70 for a security token to the MNO 110 using the first user device 160a.
  • the MNO 110 may identify the first user device 160a as a trusted device authorized to receive a security token 80.
  • the security token 80 is transmitted to the first user device 160a from the MNO 110.
  • the first user device 160a may then transmit the security token 80 to the second user device 160b over the connection 202.
  • the security token 80 may be received by the second user device 160b by other means.
  • a software application executing on the first user device 160a may render the security token 80 as machine- readable code (e.g., QR code) for display on the first user device 160a, thereby enabling the second user device 160b to obtain the security token 80 by scanning/capturing the QR code displayed on the first user device 160a.
  • machine- readable code e.g., QR code
  • the second user device 160b transmits the profile preparation request 30 directly to the MNO backend 140 to instruct the profile server 150 to prepare/generate the new SIM profile 168b.
  • the second user device 160b transmits the request 30 directly to the profile server 150.
  • the profile preparation request 30 includes the security token 80 and device identifier(s) 20 for the first user device 160a and/or the second user device 160b.
  • the second user device 160b may obtain die device identifier 20 for the first user device 160a over the secured connection 202.
  • the technique shown in FIG. IB allows the second user device 160b to provide the profile preparation request 30 along with the security token 80 directly to the profile server 150 via the non-operator network 130. Additionally, because the security token 80 does not provide the second user device 160b with a location of the profile server 150, the second user device 160b may execute an MNO-specific software application 164 configured to interface with the MNO 110. Accordingly, the software application 164 provides mapping information to the profile server 150 for transmittal of the profile preparation request 30 including the security token 80 and the identifiers 20 for the user devices 160a, 160b.
  • the profile server 150 validates that the security token 80 is associated with the authorized user/subscriber of the user devices 160a, 160b and prepares/generates the STM profile 168b for the second user device 160b. Once the SIM profile 168b is prepared by the profile server 150, the STM profile 168b is transmitted to the second user device 160b for downloading and installation on the second user device 160b. By- executing the MNO-specific software application 164 of the second user device 160b, the profile server 150 may push or transmit the SIM profile 168b to the second user device 160b. Alternatively, the second user device 160b may be authorized to download/obtain the SIM profile 168b when the profile server 150 determines that the security token 80 is associated with the second user device 160b. With the SIM profile 168b installed, the second user device 160b connects to the operator network 120.
  • FIG. 2 provides an example arrangement of operations for a method 200 of
  • the method 200 includes receiving, at data processing hardware 112 of a mobile network operator (MNO) 110, a profile preparation request 30 from a first user device 160a associated with a customer of the MNO 110.
  • the received profile preparation request 30 requests preparation of a new subscriber identification module (SIM) profile 168b for a second user device 160b.
  • SIM subscriber identification module
  • the second user device 160b is in communication with the first user device 160a and is associated with the same customer of the MNO 110.
  • the method 200 includes (204a) generating, by the data processing hardware 112, the new SIM profile 168b for the second user device 160b, and (204b) generating, by the data processing hardware 112, an activation code 50 associated with the new SIM profile 168b, the activation code 50 uniquely identifying the new SIM profile 168b.
  • the method 300 includes transmitting, by the data processing hardware 112, the activation code 50 to the first user device 160a.
  • the activation code 50 causes the first user device 160a to provide the activation code 50 to the second user device 160b.
  • the method 300 includes receiving, at the data processing hardware 112, a profile download request 60 from the second user device 160b.
  • the profile download request 60 includes the activation code 50.
  • the method 200 includes determining, by the data processing hardware 112, whether the activation code 50 is valid.
  • the method 200 includes transmitting, by the data processing hardware 112, the new SIM profile 168b to the second user device 160b.
  • the new SIM profile 168b When the new SIM profile 168b is received by the second user device 160b, the new SIM profile 168b causes the second user device 160b to install the new SIM profile 168b in an embedded SIM residing on the second user device 160b.
  • FIG. 3 is a diagram 300 illustrating example operations performed by the user devices 160a, 160b and the MNO 110 in the communication system 100 shown in FIG. 1 A, when a profile preparation request 30 is received from the first user device 160a.
  • the vertical y-axis indicates time increasing from the top to the bottom.
  • FIG. 4 provides an example of another arrangement of operations for a method 400 of transferring a SIM profile 168 between user devices 160 associated with a common customer/subscriber of a mobile network operator 110.
  • the method 400 includes receiving, at data processing hardware 161 of a first user device 160b, a security token 80 from a second user device 160a in communication with the first user device 160b.
  • the security token 80 indicates that a customer associated with the first user device 160b and the second user device 160a is authorized to access an operator network 120 provided by a mobile network operator (MNO) 110.
  • MNO mobile network operator
  • the method 400 includes executing, at the data processing hardware 161, a software application 164 configured to interface with the MNO 110 over a non-operator network 130.
  • the method 400 further includes transmitting, by the data processing hardware 161, a profile preparation request 30 to the MNO 110, where the profile preparation request 30 includes the security token 50.
  • the profile preparation request requests preparation of a new subscriber identification module (SIM) profile 168b for the first user device 160b.
  • method 400 further includes receiving, at the data processing hardware 161, the new SIM profile 168b for the first user device 160b from the MNO 110.
  • the method 400 includes installing, by the data processing hardware 161, the new SIM profile 168b for the first user device 160b on an embedded SIM 166 residing on memory hardware 162 of the first user device 160b.
  • FIG. 5 is schematic view of an example computing device 500 (e.g., data processing hardware) that may be used to implement the systems and methods described in this document.
  • the computing device 500 is intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers.
  • the components shown here, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed in this document.
  • the computing device 500 includes a processor 510, memory 520, a storage device 530, a high-speed interface/controller 540 connecting to the memory 520 and high-speed expansion ports 550, and a low speed interface/controller 560 connecting to low speed bus 570 and storage device 530.
  • Each of the components 510, 520, 530, 540, 550, and 560, are interconnected using various busses, and may be mounted on a common motherboard or in other manners as appropriate.
  • the processor 510 can process instructions for execution within the computing device 500, including instructions stored in the memory 520 or on the storage device 530 to display graphical information for a graphical user interface (GUI) on an external input/output device, such as display 580 coupled to high speed interface 540.
  • GUI graphical user interface
  • multiple processors and/or multiple buses may be used, as appropriate, along with multiple memories and types of memory.
  • multiple computing devices 500 may be connected, with each device providing portions of the necessary operations (e.g., as a server bank, a group of blade servers, or a multi-processor system).
  • the memory 520 stores information non-transitorily within the computing device 500.
  • the memory 520 may be a computer-readable medium, a volatile memory unit(s), or non-volatile memory unit(s).
  • the non-transitory memory 520 may be physical devices used to store programs (e.g., sequences of instructions) or data (e.g., program state information) on a temporary or permanent basis for use by the computing device 500.
  • non-volatile memory examples include, but are not limited to, flash memory and read-only memory (ROM) / programmable read-only memory (PROM) / erasable programmable read-only memory (EPROM) / electronically erasable programmable readonly memory (EEPROM) (e.g., typically used for firmware, such as boot programs).
  • volatile memory examples include, but are not limited to, random access memory (RAM), dynamic random access memory (DRAM), static random access memory (SRAM), phase change memory (PCM) as well as disks or tapes.
  • the storage device 530 (e.g. memory hardware) is capable of providing mass storage for the computing device 500.
  • the storage device 530 is a computer-readable medium.
  • the storage device 530 may be a floppy disk device, a hard disk device, an optical disk device, or a tape device, a flash memory or other similar solid state memory device, or an array of devices, including devices in a storage area network or other configurations.
  • a computer program product is tangibly embodied in an information carrier.
  • the computer program product contains instructions that, when executed, perform one or more methods, such as those described above.
  • the information carrier is a computer- or machine-readable medium, such as the memory 520, the storage device 930, or memory on processor 510.
  • the high speed controller 540 manages bandwidth-intensive operations for the computing device 900, while the low speed controller 560 manages lower bandwidthintensive operations. Such allocation of duties is exemplary only. In some
  • the high-speed controller 540 is coupled to the memory 520, the display 580 (e.g., through a graphics processor or accelerator), and to the high-speed expansion ports 550, which may accept various expansion cards (not shown).
  • the memory 520 e.g., the RAM 520
  • the display 580 e.g., through a graphics processor or accelerator
  • the high-speed expansion ports 550 which may accept various expansion cards (not shown).
  • the low-speed controller 560 is coupled to the storage device 530 and low-speed expansion port 570.
  • the low-speed expansion port 570 which may include various communication ports (e.g., USB, Bluetooth, Ethernet, wireless Ethernet), may be coupled to one or more input/output devices, such as a keyboard, a pointing device, a scanner, or a networking device such as a switch or router, e.g., through a network adapter.
  • the computing device 500 may be implemented in a number of different forms, as shown in the figure. For example, it may be implemented as a standard server 500a or multiple times in a group of such servers 500a, as a laptop computer 500b, or as part of a rack server system 500c.
  • a software application may refer to computer software that causes a computing device to perform a task.
  • a software application may be referred to as an“application,” an“app,” or a“program.”
  • Example applications include, but are not limited to, system diagnostic applications, system management applications, system maintenance applications, word processing
  • the non-transitory memory may be physical devices used to store programs (e.g., sequences of instructions) or data (e.g., program state information) on a temporary or permanent basis for use by a computing device.
  • the non-transitory memory may be volatile and/or non-volatile addressable semiconductor memory. Examples of nonvolatile memory include, but are not limited to, flash memory and read-only memory (ROM) / programmable read-only memory (PROM) / erasable programmable read-only memory (EPROM) / electronically erasable programmable read-only memory
  • EEPROM e.g., typically used for firmware, such as boot programs.
  • volatile memory include, but are not limited to, random access memory (RAM), dynamic random access memory (DRAM), static random access memory (SRAM), phase change memory (PCM) as well as disks or tapes.
  • RAM random access memory
  • DRAM dynamic random access memory
  • SRAM static random access memory
  • PCM phase change memory
  • Various implementations of the systems and techniques described herein can be realized in digital electronic and/or optical circuitry, integrated circuitry, specially designed ASICs (application specific integrated circuits), computer hardware, firmware, software, and/or combinations thereof. These various implementations can include implementation in one or more computer programs that are executable and/or
  • a programmable system including at least one programmable processor, which may be special or general purpose, coupled to receive data and instructions from, and to transmit data and instructions to, a storage system, at least one input device, and at least one output device.
  • a programmable processor which may be special or general purpose, coupled to receive data and instructions from, and to transmit data and instructions to, a storage system, at least one input device, and at least one output device.
  • the processes and logic flows described in this specification can be performed by one or more programmable processors executing one or more computer programs to perform functions by operating on input data and generating output.
  • the processes and logic flows can also be performed by special purpose logic circuitry, e.g., an FPGA (field programmable gate array) or an ASIC (application specific integrated circuit).
  • processors suitable for the execution of a computer program include, by way of example, both general and special purpose microprocessors, and any one or more processors of any kind of digital computer.
  • a processor will receive instructions and data from a read only memory or a random access memory or both.
  • the essential elements of a computer are a processor for performing instructions and one or more memory devices for storing instructions and data.
  • a computer will also include, or be operatively coupled to receive data from or transfer data to, or both, one or more mass storage devices for storing data, e.g., magnetic, magneto optical disks, or optical disks.
  • mass storage devices for storing data
  • a computer need not have such devices.
  • Computer readable media suitable for storing computer program instructions and data include all forms of non-volatile memory, media and memory devices, including by way of example semiconductor memory devices, e.g., EPROM, EEPROM, and flash memory devices; magnetic disks, e.g., internal hard disks or removable disks; magneto optical disks; and CD ROM and DVD-ROM disks.
  • the processor and the memory can be supplemented by, or incorporated in, special purpose logic circuitry.
  • one or more aspects of the disclosure can be implemented on a computer having a display device, e.g., a CRT (cathode ray tube), LCD (liquid crystal display) monitor, or touch screen for displaying information to the user and optionally a keyboard and a pointing device, e.g., a mouse or a trackball, by which the user can provide input to the computer.
  • a display device e.g., a CRT (cathode ray tube), LCD (liquid crystal display) monitor, or touch screen for displaying information to the user and optionally a keyboard and a pointing device, e.g., a mouse or a trackball, by which the user can provide input to the computer.
  • Other kinds of devices can be used to provide interaction with a user as well; for example, feedback provided to the user can be any form of sensory feedback, e.g., visual feedback, auditory feedback, or tactile feedback; and input from the user can be received in any form, including acoustic, speech, or tactile input

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method (200) includes receiving, at a mobile network operator (MNO) (110), a profile preparation request (30) from a first user device (l60a), which requests preparation of a new subscriber identification module (SIM) profile (l68b) for a second user device (l60b). In response to receiving the profile preparation request, the method includes generating the new SIM profile for the second user device, and generating an activation code (50) associated with the new SIM profile. The activation code uniquely identifies the new SIM profile. The method further includes transmitting the activation code to the first user device, which causes the first user device to provide the activation code to the second user device. A profile download request (60) including the activation code is received at the MNO from the second user device, and the new SIM profile is transmitted to the second user device for installation.

Description

Seamless Embedded SIM Transfer
TECHNICAL FIELD
[0001] This disclosure relates to seamless transfer of an embedded subscriber identification module (eSIM).
BACKGROUND
[0002] Telephony devices, such as cellular phones and tablets, include subscriber identification modules (SIM) that are used by a mobile network operator (MNO) to identify and authenticate network subscribers. When a subscriber wants to transfer cellular service from one device to another, the SIM profile associated with the subscriber must be transferred from the old device to the new device. Currently, this can be done by simply removing the physical SIM (pSIM) card from the old device and inserting it into the new device, providing the new device instant connectivity to the MNO network.
[0003] However, in devices having an embedded SIM (eSIM), physically switching the SIM profile from one device to another is not possible, as the eSIM is integrated into the circuitry of the device. Currently, in order to transfer an eSIM profile from one device to another, a subscriber must contact the MNO directly to request a transfer to the new device. Although effective, this process can be time-consuming and creates a barrier to entry for switching to new devices. Lastly, there is also a burden on the MNO due to the need for a customer service agent to work with the customer to initiate switching the SIM profile to the new device.
SUMMARY
[0004] One aspect of the disclosure provides a method for transferring a SIM profile between user devices associated with a common customer/subscriber of a mobile network operator. The method includes receiving, at data processing hardware of a mobile network operator (MNO), a profile preparation request from a first user device associated with a customer of the MNO. The received profile preparation request requests preparation of a new subscriber identification module (SIM) profile for a second user device. Here, the second user device is in communication with the first user device and is associated with the same customer of the MNO. In response to receiving the profile preparation request, the method includes (a) generating, by the data processing hardware, the new SIM profile for the second user device, and (b) generating, by the data processing hardware, an activation code associated with the new SIM profile. The activation code uniquely identifies the new SIM profile. The method further includes transmitting, by the data processing hardware, the activation code to the first user device. When the activation code is received by the first user device, the activation code causes the first user device to provide the activation code to the second user device. The method includes receiving, at the data processing hardware, a profile download request from the second user device. The profile download request includes the activation code. The method further includes determining, by the data processing hardware, whether the activation code is valid. When the activation code is valid, the method includes transmitting, by the data processing hardware, the new SIM profile to the second user device. When the new SIM profile is received by the second user device, the new SIM profile causes the second user device to install the new SIM profile in an embedded SIM residing on the second user device.
[0005] Implementations of the disclosure may include one or more of the following optional features. In some implementations, the profile preparation request is received from the first user device over a first network. Here, the profile download request is received from the second user device via a second network different than the first network.
[0006] In some examples the profile preparation request includes one or more device identifiers associated with the second user device. Here, the one or more device identifiers may include at least one of an International Mobile Station Equipment Identity (IMEI) number or an electronic identification (EID) associated with the second user device.
[0007] In some configurations, the activation code includes a location of a profile server associated with the data processing hardware of the MNO. Optionally, the first user device provides the activation code to the second user device over a secure wired or wireless connection. In some examples, the first user device provides the activation code to the second user device by rendering the activation code for display on the first user device.
[0008] Another aspect of the disclosure provides a system. The system includes data processing hardware of a mobile network operator (MNO), and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that, when executed on the data processing hardware, cause the data processing hardware to perform operations. The operations include receiving a profile preparation request from a first user device associated with a customer of the MNO.
Here, the received profile preparation request requests preparation of a new subscriber identification module (SIM) profile for a second user device, where the second user device is in communication with the first user device and associated with the same customer of the MNO. In response to receiving the profile preparation request, the operations further include generating the new SIM profile for the second user device, and generating an activation code associated with the new SIM profile. The activation code uniquely identifies the new SIM profile. The operations further include transmitting the activation code to the first user device. When received by the first user device, the activation code causes the first user device to provide the activation code to the second user device. The operations include receiving a profile download request from the second user device. Here, the profile download request includes the activation code. The operations further include determining whether the activation code is valid, and when the activation code is valid, transmitting the new SIM profile to the second user device.
When received by the second user device, the new SIM profile causes the second user device to install the new SIM profile in an embedded SIM residing on the second user device.
[0009] This aspect may include one or more of the following optional features.
In some examples, the profile preparation request is received from the first user device over a first network and the profile download request is received from the second user device via a second network different than the first network.
[0010] Implementations of the disclosure may include one or more of the following optional features. In some implementations, the profile preparation request is received from the first user device over a first network. Here, the profile download request is received from the second user device via a second network different than the first network.
[0011] In some examples the profile preparation request includes one or more device identifiers associated with the second user device. Here, the one or more device identifiers may include at least one of an International Mobile Station Equipment Identity (IMEI) number or an electronic identification (EID) associated with the second user device.
[0012] In some configurations, the activation code includes a location of a profile server associated with the data processing hardware of the MNO. Optionally, the first user device provides the activation code to the second user device over a secure wired or wireless connection. In some examples, the first user device provides the activation code to the second user device by rendering the activation code for display on the first user device.
[0013] Yet another aspect of the disclosure provides a method for transferring a SIM profile between user devices associated with a common customer/subscriber of a mobile network operator. The method includes receiving, at data processing hardware of a first user device, a security token from a second user device in communication with the first user device. Here, the security token indicates that a customer associated with the first user device and the second user device is authorized to access an operator network provided by a mobile network operator (MNO). The method further includes transmitting, by the data processing hardware, a profile preparation request to the MNO, where the profile preparation request includes the security token. The profile preparation request requests preparation of a new subscriber identification module (SIM) profile for the first user device. The method further includes receiving, at the data processing hardware, the new SIM profile for the first user device from the MNO, and installing, by the data processing hardware, the new SIM profile for the first user device on an embedded SIM residing on memory hardware of the first user device.
[0014] Implementations of the disclosure may include one or more of the following optional features. In some examples, the method further includes, prior to transmitting the profile preparation request, executing, by the data processing hardware, a software application configured to interface with the MNO over a non-operator network. Here, the software application may provide mapping information to a profile server residing on the MNO, and the profile server may be configured to prepare the new SIM profile for the first user device in response to receiving the profile preparation request over the nonoperator network.
[0015] In some examples, the profile preparation request includes one or more device identifiers associated with the first user device and/or the second user device. Here, the one or more device identifiers may include at least one of an International Mobile Station Equipment Identity (IMEI) number and/or an electronic identification (EID) associated with the first user device and/or second user device. Optionally, the second user device is configured to obtain the security token from a backend service residing at the MNO over the operator network, the second user device comprising an existing SIM profile previously authorized by the MNO.
[0016] In another aspect of the disclosure, a first user device is provided. The first user device includes data processing hardware, and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that, when executed on the data processing hardware cause the data processing hardware to perform operations. The operations include receiving a security token from a second user device in communication with the first user device. Here, the security token indicates that a customer associated with the first user device and the second user device is authorized to access an operator network provided by a mobile network operator (MNO). The operations further include transmitting a profile preparation request to the MNO, where the profile preparation request includes the security token. The profile preparation request requests preparation of a new subscriber identification module (SIM) profile for the first user device. The operations further include receiving the new SIM profile for the first user device from the MNO, and installing the new SIM profile for the first user device on an embedded SIM residing on memory hardware of the first user device.
[0017] Implementations of the disclosure may include one or more of the following optional features. In some examples, the operations further include, prior to transmitting the profile preparation request, executing a software application configured to interface with the MNO over a non-operator network. Here, the software application may provide mapping information to a profile server residing on the MNO, and the profile server may be configured to prepare the new SIM profile for the first user device in response to receiving the profile preparation request over the non-operator network.
[0018] In some examples, the profile preparation request includes one or more device identifiers associated with the first user device and/or the second user device. Here, the one or more device identifiers may include at least one of an International Mobile Station Equipment Identity (IMEI) number and/or an electronic identification (EID) associated with the first user device and/or second user device.
[0019] The details of one or more implementations of the disclosure are set forth in the accompanying drawings and the description below. Other aspects, features, and advantages will be apparent from the description and drawings, and from the claims.
DESCRIPTION OF DRAWINGS
[0020] FIG. 1 A is a schematic view of an example of a wireless communication system.
[0021] FIG. IB is a schematic view of another example of a wireless communication system.
[0022] FIG. 2 is a schematic view of an example arrangement of operations for a method of providing a SIM profile to a user device.
[0023] FIG. 3 is a flowchart of an example method for preparing and providing a SIM profile for a user device.
[0024] FIG. 4 is a schematic view of an example arrangement of operations for a method of providing a SIM profile to a user device.
[0025] FIG. 5 is a schematic view of an example computing device that may be used to implement the systems and methods described herein.
[0026] Like reference symbols in the various drawings indicate like elements. DETAILED DESCRIPTION
[0027] Subscriber identification modules (SIM) are used by a mobile network operator (MNO) to identify and authenticate user devices (e.g., mobile phones) used by network subscribers/customers. When a subscriber wants to transfer cellular service from one device to another, a SIM profile associated with the subscriber must be transferred from the old device to the new device. Some user devices are provided with physical SIM (pSIM) cards that can be easily transferred between compatible devices, thereby allowing the subscriber to transfer from one user device to another without support from the MNO. More recently, user devices are being provided with an embedded SIM (eSIM) integrated into the circuitry of the user device. Here, physically switching the SIM profile from one user device to another is not possible. Thus, in order to transfer a SIM profile onto a device having an eSIM, a subscriber must contact the MNO to initiate a download of the SIM profile onto the user device. Although effective, this process can be time-consuming and creates a barrier to entry for switching to new devices. Lastly, there is also a burden on the MNO due to the need for a customer service agent to work with the customer to initiate switching the SIM profile to the new device.
[0028] Implementations herein are directed towards facilitating a transfer of a SIM profile from a first, existing user device associated with a subscriber of an MNO, to a second, new user device associated with the same subscriber of the MNO. Here, the existing user device is a user device including a SIM profile that has already been authorized to connect to the MNO network. The existing user device may include a pSIM or an eSIM. The second, new user device includes an eSIM, but is initially provided without a SIM profile authorized to connect to the MNO network. To facilitate provision of a valid, authorized SIM profile to the new user device, the MNO subscriber can request a new SIM profile using the existing user device, which is connected to the MNO through the MNO network, and the new user device, which is in communication with the MNO via a separate network. In one example, the new user device sends a device identifier (e.g., IMEI, EID) to the existing user device, which transmits a request to the MNO for preparation of a new SIM profile for the new user device. The MNO generates/creates the new SIM profile and returns an activation code associated with the new SIM profile to the existing user device. In turn, the existing user device sends the activation code to the new user device. Here, the new user device uses the activation code to locate the MNO and to request download of the newly-created SIM profile. In other scenarios, the MNO may provide a security token to the existing user device. The security token is then transmitted to the new user device, which presents the security token to the MNO with a download request. Thus, the implementations provided herein facilitate a seamless transfer of a SIM profile to a device having an eSIM without requiring the MNO subscriber to contact the MNO.
[0029] Referring to FIGS. 1 A and IB, an example communications system 100 includes a first user device 160, 160a in communication with a carrier or mobile network operator (MNO) 110 via an operator network 120 (also referred to as“carrier network”) and a second user device 160, 160b which may establish a communication with the MNO 110 via a second, non-operator network 130. The first user device 160a and the second user device 160b may be associated with a same user that is a customer/subscriber of the MNO 110. Described in greater detail below, the first user device 160a may have a corresponding SIM profile 168, 168a previously authorized by the MNO 110 to provide the first user device 160a access to the operator network 120, while the second user device 160b may be a new user device that needs a new SIM profile 168b authorized by the MNO 110 in order to access the operator network 120.
[0030] The MNO 110 may reside on a remote system or a computing device. The remote system may be a single computer, multiple computers, or a distributed system (e.g., a cloud environment) having scalable elastic computing resources 112 (e.g., data processing hardware) and/or storage resources 114 (e.g., memory hardware). In some examples, the data processing hardware 112 (e.g., using instructions stored on the memory hardware 114) executes a MNO backend 140 (e.g., one or more Entitlement Servers) configured to provide backend services to manage access to the operator network 120. The data processing hardware 112 may also execute a profile server 150 (or optionally communicate with the profile server 150) configured to generate and provide SIM profiles 168 for use by user devices 160 of the operator network 120. For instance, user devices 160 may be associated with customers of the MNO 110 that have access to the operator network 120 when the MNO 110 authorizes their respective SIM profiles 168. The profile server 150 may be a Subscription Manager (SM), a
Subscription Manager Plus (SM+), a Subscription Manager Data Preparation (SM-DP), a Subscription Manager Data Preparation Plus (SM-DP+), a Subscription Manager Secure Routing Plus (SM-SR+), a Profile Delivery Platform, Profile Delivery Server, or any other server or combination of servers capable of generating SIM profiles 168. The MNO 110 may include multiple profile servers 150
[0031] The operator network 120 may include, but is not limited to, Wide Area Networks (WAN) such as a Long Term Evolution (LTE) network, a Global System for Mobile Communications (GSM) network, a Code Division Multiple Access (CDMA) network, a Wideband Code Division Multiple Access (WCDMA) network or an
Enhanced Data rates for GSM Evolution (EDGE) network, and Wireless Local Area Networks (WLAN) such as the various IEEE 802.11 standards, or any other kind of wireless network. Access to the operator network 120 is controlled by the MNO 110, which only grants access to user devices 160 having SIM profiles 168 that are authorized by the MNO backend 140.
[0032] Although the second network 130 may include a long range network (e.g., Internet or WAN), in some scenarios, the second network 130 includes a shorter range network, such as a local area network (LAN). In some implementations, the second network 130 uses standard communications technologies and/or protocols. Thus, the second network 130 can include links using technologies, such as Ethernet, Wireless Fidelity (WiFi) (e.g., 802.11), worldwide interoperability for microwave access
(WiMAX), 3G/4G/5G, Long Term Evolution (LTE), digital subscriber line (DSL), asynchronous transfer mode (ATM), InfiniBand, PCI Express Advanced Switching, etc. Similarly, the networking protocols used on the second network 130 can include multiprotocol label switching (MPLS), the transmission control protocol/Intemet protocol (TCP/IP), the User Datagram Protocol (UDP), the hypertext transport protocol (HTTP), the simple mail transfer protocol (SMTP), the file transfer protocol (FTP), etc. The data exchanged over the second network 130 can be represented using technologies and/or formats including the hypertext markup language (HTML), the extensible markup language (XML), etc. In addition, all or some of the links can be encrypted using conventional encryption technologies, such as secure sockets layer (SSL), transport layer security (TLS), virtual private networks (VPNs), Internet Protocol security (IPsec), etc.
In other examples, the network 130 can use custom and/or dedicated data
communications technologies instead of, or in addition to, the ones described above.
[0033] User devices 160 can be any computing devices that are capable of wireless communications via the operator network 120 and/or the non-operator network 130.
FIGS. 1 A and IB show example user devices having data processing hardware 161 and memory hardware 162 in communication with the data processing hardware 161. User devices 160 include, but are not limited to, mobile computing devices, such as laptops, tablets, smart phones, and wearable computing devices (e.g., headsets and/or watches). User devices 160 could also include smart appliances (e.g., smart speakers/displays). In the example shown, the user devices 160 are configured to support one or more of the types of the networks 120, 130 and may be in communication with each other via one or more secure connections 202. For example, the user devices 160a, 160b may be in direct communication with each other over a wired (e.g., USB) or wireless (e.g., Bluetooth, WiFi direct, Near Field Communication) connection, such that data can be communicated between the user devices 160a, 160b independent of either of the networks 120, 130. In other examples, the user devices 160a, 160b communicate with each other indirectly via the non-operator network 130. For example, both of the user devices 160a, 160b may be connected to the Internet, allowing the devices to communicate with each other.
[0034] The user devices 160a, 160b may use a variety of different operating systems 163. In examples where a user device 160a, 160b is a mobile device, the user device 160a, 160b may run an operating system including, but not limited to, ANDROID® developed by Google Inc., IOS® developed by Apple Inc., or WINDOWS PHONE® developed by Microsoft Corporation. Accordingly, the operating system 163 running on the user device 160 may include, but is not limited to, one of ANDROID®, IOS®, or WINDOWS PHONE®. In some examples a user device may run an operating system including, but not limited to, MICROSOFT WINDOWS® by Microsoft Corporation, MAC OS® by Apple, Inc., or Linux. User devices 160a, 160b may also access the operator network 120 while running operating systems 163 other than those operating systems 163 described above, whether presently available or developed in the future.
The operating system 163 may execute one or more software applications 164.
[0035] A software application 164 may refer to computer software that, when executed by a computing device, causes the computing device to perform a task. In some examples, the software application 164 may be referred to as an "application", an "app", or a "program". Example software applications 164 include, but are not limited to, MNO access applications, word processing applications, spreadsheet applications, messaging applications, media streaming applications, social networking applications, and games.
[0036] Applications 164 can be executed on a variety of different user devices 160a, 160b. In some examples, applications 164 are installed on the user devices 160a, 160b prior to the user 10 purchasing the user device 160. In other examples, the user 10 may download and install applications 164 on the user devices 160a, 160b.
[0037] Each user device 160a, 160b further includes a corresponding subscriber identification module (SIM) 166 configured to store a corresponding SIM profile 168, 168a, 168b for identifying and connecting each user device 160a, 160b with certain types of wireless networks. For instance, the SIM 166 may include credentials for authorizing the first user device 160a to connect with the operator network 120. In this regard, when the operator network 120 is within range of the first user device 160a, the first user device 160a will utilize the stored network credentials on the SIM 166 in order to gain access to the operator network 120.
[0038] In some examples, the SIM 166 is a physical SIM card (pSIM) 166. Here, the pSIM 166 can be physically removed from the user device 160a and replaced with a different pSIM 166 having credentials associated with a different subscriber and/or a different operator network 120. In other examples, the SIM 166 may be an embedded SIM (eSIM) 166 with the credentials for connecting the user device 160 with the operator network 120 stored directly on the memory hardware 162 of the first user device 160a. Here, when changing from one SIM profile 168 to a new SIM profile 168 on a user device 160 using eSIM 166, the user device 160 may download the new SIM profile 168 from the MNO 110. Similarly, when the user device 160 using the eSIM 166 is adding a new SIM profile 168 for the first time (i.e., the eSIM 166 is initially provided without a SIM profile 168), the user device 160 may download the new SIM profile 168 from the MNO 110. In the example shown, the first user device 160a may include either one of a pSIM 166 or an eSIM 166, while the second user device 160b corresponds to a new user device that includes an eSIM 166 initially provided without a SIM profile 168b. Thus, the second user device 160b must be authorized by the MNO backend 140 for connecting to the operator network 120. Accordingly, the second user device 160b must obtain a valid/authorized SIM profile 168b from the MNO 110 and install the SIM profile 168b on the eSIM 166.
[0039] Referring to FIG. 1 A, in some implementations, the second user device 160b includes the eSIM 166 initially provided without a SIM profile 168b, thereby preventing the second user device 160b from having the ability to access the operator network 120.
In order for the second user device 160b to be granted access to the operator network 120, the second user device 160b must download an authorized SIM profile 168b from the MNO 110 by presenting a valid activation code 50. Conversely, the first user device 160a is an existing user device that has a corresponding user profile 168a previously authorized by the MNO 110 to access the operator network 120.
[0040] During an initial step, the first user device 160a and the second user device 160b may connect to one another using the secured connection 202. Here, a
corresponding software application 164 executing on each of the user devices 160a, 160b may facilitate the secured connection 202 between the user devices 160a, 160b.
Similarly, the operating system 163 may facilitate the secured connection 202 between the user devices 160a, 160b. In some configurations, the secured connection 202 is established with the new second user device 160b initiates backup and restore
functionality to load information/data from the first user device 160a onto the second user device 160b. Once connected, the second user device 160b transmits a device identifier 20 over the secured connection 202 to first user device 160a. The device identifier 20 may be an International Mobile Station Equipment Identity (IMEI) number and/or an electronic identification (EID) associated with the second user device 160b. [0041] Upon receipt of the device identifier 20 of the second user device 160b, the first user device 160a transmits a profile preparation request 30 including the device identifier 20 to the MNO backend 140 through the operator network 120 for preparation of a SIM profile 168b for the second user device 160b. The device identifier 20 and the profile preparation request 30, when received at the MNO backend 140, causes the MNO backend 140 to send profile preparation instructions 40 to the profile server 150. The profile server 150 prepares/generates the SIM profile 168b for the second user device 160b and generates a corresponding activation code 50 associated with the SIM profile 168b. The profile server 150 provides the MNO backend 140 with the corresponding activation code 50. Here, the activation code 50 includes a unique code having information corresponding to a location (e.g., URL) of the profile server 150 and the SIM profile 168b generated/prepared by the profile server 150, and may be used to authorize/authenticate a profile download request 60 (discussed below) received from the second user device 160b for downloading the new SIM profile 168b. Simply put, the activation code 50 locates the profile server 150, uniquely identifies the SIM profile 168b generated by the profile server 150, and may provide a mapping between tire user identifier 20 associated with the second user device 160b and the corresponding SIM profile 168b.
[0042] With continued reference to FIG. 1 A, the MNO backend 140 transmits the activation code 50 to the first user device 160a over the operator network 120, and the first user device 160a communicates the activation code 50 to the second user device 160b. In some examples, the first user device 160a communicates the activation code 50 using the secured connection 202 between the two user devices 160a, 160b. However, in other examples, the second user device 160b obtains the activation code 50 from the first user device 160a by other means. For example, a software application 164 executing on the first user device 160a may render the activation code 50 as a machine-readable code (e.g., a Quick Response (QR) code) for display on the first user device 160a, thereby enabling the second user device 160b to obtain die activation code 50 by
scanning/capturing the QR code displayed on the first user device 160a. [0043] Once the second user device 160b obtains the activation code 50 from the first user device 160a, the second user device 160b may interface with the profile server 150 at the MNO 110 to download the corresponding SIM profile 168b for accessing the operator network 120. However, because the second user device 160b is not yet provisioned with die authorized SIM profile 168b (e g., the SIM profile 168b is residing at the profile server 150) for the operator network 120, the second user device 160b must communicate with the profile server 150 via the non-operator network 130 (e g.,
Internet). Here, the second user device 160b transmits a profile dowmload request 60 including the activation code 50 to the profile server 150 to request access to download the SIM profile 168b prepared/generated by the profile server 150. In some examples, the software application 164 may facilitate communication with the profile server 150 over the non-operator network 130. The profile server 150 then evaluates die activation code 50 to determine whether or not the second user device 160b is authorized to download the SIM profile 168b. Here, die second user device 160b may be authorized to dow'nload-'obtain the SIM profile 168b when the profile server 150 determines that activation code 50 includes the device identifier 20 associated with the SIM profile 168b. Alternatively, the profile server 150 may push the SIM profile 168b in scenarios when the profile server 150 is able to locate the second user device 160b on die non-operator network 130. Once the second user device 160b obtains the SIM profile 168b from the profile server 150, the second user device 160b installs the SIM profile 168b on the eSIM 166 and connects to the operator netw'ork 120.
[0044] Accordingly, FIG. 1 A shows the second new user device 160b obtaining a new SIM profile 168b by leveraging access to the MNO 110 through the first user device 160a such that the first user device 160a requests 30 the new SIM profile 168b for the second user device 160b from the MNO backend 140 by providing the device identifier 20 associated with the second user device 160b. Thereafter, the MNO backend 140 instructs 40 the profile server 150 to generate the new SIM profile 168b and
corresponding activation code 50. Using the operator network 120, the MNO backend 140 may provide the activation code 50 to the first user device 160a, enabling the second user device 160b to obtain the activation code 50 therefrom for inclusion in the profile download request 60 for obtaining the new SIM profile 168b from the profile server 150. The second user device 160b may use backup and restore functionality to obtain the new SIM profile 168b from the profile server 150. For instance, the second user device 160b may be recently purchased by a user to replace the first user device 160a. As such, backup and restore functionality may transfer a profile for the user (e.g., contacts, applications, music, photos, etc.) from the first user device 160a to the second user device 160b, while simultaneously causing the first user device 160a to obtain the device identifier 20 for the second user device 160b and transmit profile preparation request 30 to the MNO backend 140. Thus, the new SIM profile 168b may correspond to a swapping of the existing SIM profile 168a for the first user device 160a. However, the new SIM profile 168b and the existing SIM profile 168a, while substantially similar, are distinguishable by the MNO 110 to enable the first user device 160a to access the operator network 120 at least until the new SIM profile 168b is installed on the second user device 160b and the second user device 160b is able to access the operator network 120.
[0045] In another implementation, FIG. 1 B shows the second user device 160b interfacing with the profile server 150 directly to request the profile server 150 to generate/prepare and provision the SIM profile 168b. Initially, a user submits a request 70 for a security token to the MNO 110 using the first user device 160a. Because the first user device 160a is connected to the MNO 110, and particularly, the MNO backend 140, over the operator network 120, the MNO 110 may identify the first user device 160a as a trusted device authorized to receive a security token 80. Upon determination that the first user device 160a is authorized to receive the security token 80, the security token 80 is transmitted to the first user device 160a from the MNO 110. The first user device 160a may then transmit the security token 80 to the second user device 160b over the connection 202. However, in some examples, the security token 80 may be received by the second user device 160b by other means. For example, a software application executing on the first user device 160a may render the security token 80 as machine- readable code (e.g., QR code) for display on the first user device 160a, thereby enabling the second user device 160b to obtain the security token 80 by scanning/capturing the QR code displayed on the first user device 160a.
[0046] Once the security token 80 is received by the second user device 160b, the second user device 160b transmits the profile preparation request 30 directly to the MNO backend 140 to instruct the profile server 150 to prepare/generate the new SIM profile 168b. In other scenarios, the second user device 160b transmits the request 30 directly to the profile server 150. Here, the profile preparation request 30 includes the security token 80 and device identifier(s) 20 for the first user device 160a and/or the second user device 160b. The second user device 160b may obtain die device identifier 20 for the first user device 160a over the secured connection 202. Thus, unlike the technique described above in FIG. 1 A that relies on the MNO backend 140 receiving the profile preparation request 30 from the first user device 160a and then providing the profile preparation instructions 40 to the profile server 150 for preparing the new SIM profile 168b, the technique shown in FIG. IB allows the second user device 160b to provide the profile preparation request 30 along with the security token 80 directly to the profile server 150 via the non-operator network 130. Additionally, because the security token 80 does not provide the second user device 160b with a location of the profile server 150, the second user device 160b may execute an MNO-specific software application 164 configured to interface with the MNO 110. Accordingly, the software application 164 provides mapping information to the profile server 150 for transmittal of the profile preparation request 30 including the security token 80 and the identifiers 20 for the user devices 160a, 160b.
[0047] The profile server 150 validates that the security token 80 is associated with the authorized user/subscriber of the user devices 160a, 160b and prepares/generates the STM profile 168b for the second user device 160b. Once the SIM profile 168b is prepared by the profile server 150, the STM profile 168b is transmitted to the second user device 160b for downloading and installation on the second user device 160b. By- executing the MNO-specific software application 164 of the second user device 160b, the profile server 150 may push or transmit the SIM profile 168b to the second user device 160b. Alternatively, the second user device 160b may be authorized to download/obtain the SIM profile 168b when the profile server 150 determines that the security token 80 is associated with the second user device 160b. With the SIM profile 168b installed, the second user device 160b connects to the operator network 120.
[0048] FIG. 2 provides an example arrangement of operations for a method 200 of At block 202, the method 200 includes receiving, at data processing hardware 112 of a mobile network operator (MNO) 110, a profile preparation request 30 from a first user device 160a associated with a customer of the MNO 110. The received profile preparation request 30 requests preparation of a new subscriber identification module (SIM) profile 168b for a second user device 160b. Here, the second user device 160b is in communication with the first user device 160a and is associated with the same customer of the MNO 110. At block 204, in response to receiving the profile preparation request 30, the method 200 includes (204a) generating, by the data processing hardware 112, the new SIM profile 168b for the second user device 160b, and (204b) generating, by the data processing hardware 112, an activation code 50 associated with the new SIM profile 168b, the activation code 50 uniquely identifying the new SIM profile 168b. At block 206, the method 300 includes transmitting, by the data processing hardware 112, the activation code 50 to the first user device 160a. When the activation code 50 is received by the first user device 160a, the activation code 50 causes the first user device 160a to provide the activation code 50 to the second user device 160b. At block 208, the method 300 includes receiving, at the data processing hardware 112, a profile download request 60 from the second user device 160b. The profile download request 60 includes the activation code 50. At block 210, the method 200 includes determining, by the data processing hardware 112, whether the activation code 50 is valid. At block 212, when the activation code 50 is valid, the method 200 includes transmitting, by the data processing hardware 112, the new SIM profile 168b to the second user device 160b.
When the new SIM profile 168b is received by the second user device 160b, the new SIM profile 168b causes the second user device 160b to install the new SIM profile 168b in an embedded SIM residing on the second user device 160b.
[0049] FIG. 3 is a diagram 300 illustrating example operations performed by the user devices 160a, 160b and the MNO 110 in the communication system 100 shown in FIG. 1 A, when a profile preparation request 30 is received from the first user device 160a.
The vertical y-axis indicates time increasing from the top to the bottom.
[0050] FIG. 4 provides an example of another arrangement of operations for a method 400 of transferring a SIM profile 168 between user devices 160 associated with a common customer/subscriber of a mobile network operator 110. At block 402, the method 400 includes receiving, at data processing hardware 161 of a first user device 160b, a security token 80 from a second user device 160a in communication with the first user device 160b. The security token 80 indicates that a customer associated with the first user device 160b and the second user device 160a is authorized to access an operator network 120 provided by a mobile network operator (MNO) 110. Optionally, at block 404, the method 400 includes executing, at the data processing hardware 161, a software application 164 configured to interface with the MNO 110 over a non-operator network 130. At block 406, the method 400 further includes transmitting, by the data processing hardware 161, a profile preparation request 30 to the MNO 110, where the profile preparation request 30 includes the security token 50. The profile preparation request requests preparation of a new subscriber identification module (SIM) profile 168b for the first user device 160b. At block 408, method 400 further includes receiving, at the data processing hardware 161, the new SIM profile 168b for the first user device 160b from the MNO 110. At block 410, the method 400 includes installing, by the data processing hardware 161, the new SIM profile 168b for the first user device 160b on an embedded SIM 166 residing on memory hardware 162 of the first user device 160b.
[0051] FIG. 5 is schematic view of an example computing device 500 (e.g., data processing hardware) that may be used to implement the systems and methods described in this document. The computing device 500 is intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The components shown here, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed in this document. [0052] The computing device 500 includes a processor 510, memory 520, a storage device 530, a high-speed interface/controller 540 connecting to the memory 520 and high-speed expansion ports 550, and a low speed interface/controller 560 connecting to low speed bus 570 and storage device 530. Each of the components 510, 520, 530, 540, 550, and 560, are interconnected using various busses, and may be mounted on a common motherboard or in other manners as appropriate. The processor 510 can process instructions for execution within the computing device 500, including instructions stored in the memory 520 or on the storage device 530 to display graphical information for a graphical user interface (GUI) on an external input/output device, such as display 580 coupled to high speed interface 540. In other implementations, multiple processors and/or multiple buses may be used, as appropriate, along with multiple memories and types of memory. Also, multiple computing devices 500 may be connected, with each device providing portions of the necessary operations (e.g., as a server bank, a group of blade servers, or a multi-processor system).
[0053] The memory 520 stores information non-transitorily within the computing device 500. The memory 520 may be a computer-readable medium, a volatile memory unit(s), or non-volatile memory unit(s). The non-transitory memory 520 may be physical devices used to store programs (e.g., sequences of instructions) or data (e.g., program state information) on a temporary or permanent basis for use by the computing device 500. Examples of non-volatile memory include, but are not limited to, flash memory and read-only memory (ROM) / programmable read-only memory (PROM) / erasable programmable read-only memory (EPROM) / electronically erasable programmable readonly memory (EEPROM) (e.g., typically used for firmware, such as boot programs). Examples of volatile memory include, but are not limited to, random access memory (RAM), dynamic random access memory (DRAM), static random access memory (SRAM), phase change memory (PCM) as well as disks or tapes.
[0054] The storage device 530 (e.g. memory hardware) is capable of providing mass storage for the computing device 500. In some implementations, the storage device 530 is a computer-readable medium. In various different implementations, the storage device 530 may be a floppy disk device, a hard disk device, an optical disk device, or a tape device, a flash memory or other similar solid state memory device, or an array of devices, including devices in a storage area network or other configurations. In additional implementations, a computer program product is tangibly embodied in an information carrier. The computer program product contains instructions that, when executed, perform one or more methods, such as those described above. The information carrier is a computer- or machine-readable medium, such as the memory 520, the storage device 930, or memory on processor 510.
[0055] The high speed controller 540 manages bandwidth-intensive operations for the computing device 900, while the low speed controller 560 manages lower bandwidthintensive operations. Such allocation of duties is exemplary only. In some
implementations, the high-speed controller 540 is coupled to the memory 520, the display 580 (e.g., through a graphics processor or accelerator), and to the high-speed expansion ports 550, which may accept various expansion cards (not shown). In some
implementations, the low-speed controller 560 is coupled to the storage device 530 and low-speed expansion port 570. The low-speed expansion port 570, which may include various communication ports (e.g., USB, Bluetooth, Ethernet, wireless Ethernet), may be coupled to one or more input/output devices, such as a keyboard, a pointing device, a scanner, or a networking device such as a switch or router, e.g., through a network adapter.
[0056] The computing device 500 may be implemented in a number of different forms, as shown in the figure. For example, it may be implemented as a standard server 500a or multiple times in a group of such servers 500a, as a laptop computer 500b, or as part of a rack server system 500c.
[0057] A software application (i.e., a software resource) may refer to computer software that causes a computing device to perform a task. In some examples, a software application may be referred to as an“application,” an“app,” or a“program.” Example applications include, but are not limited to, system diagnostic applications, system management applications, system maintenance applications, word processing
applications, spreadsheet applications, messaging applications, media streaming applications, social networking applications, and gaming applications. [0058] The non-transitory memory may be physical devices used to store programs (e.g., sequences of instructions) or data (e.g., program state information) on a temporary or permanent basis for use by a computing device. The non-transitory memory may be volatile and/or non-volatile addressable semiconductor memory. Examples of nonvolatile memory include, but are not limited to, flash memory and read-only memory (ROM) / programmable read-only memory (PROM) / erasable programmable read-only memory (EPROM) / electronically erasable programmable read-only memory
(EEPROM) (e.g., typically used for firmware, such as boot programs). Examples of volatile memory include, but are not limited to, random access memory (RAM), dynamic random access memory (DRAM), static random access memory (SRAM), phase change memory (PCM) as well as disks or tapes.
[0059] Various implementations of the systems and techniques described herein can be realized in digital electronic and/or optical circuitry, integrated circuitry, specially designed ASICs (application specific integrated circuits), computer hardware, firmware, software, and/or combinations thereof. These various implementations can include implementation in one or more computer programs that are executable and/or
interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, coupled to receive data and instructions from, and to transmit data and instructions to, a storage system, at least one input device, and at least one output device.
[0060] These computer programs (also known as programs, software, software applications or code) include machine instructions for a programmable processor, and can be implemented in a high-level procedural and/or object-oriented programming language, and/or in assembly/machine language. As used herein, the terms“machine-readable medium” and“computer-readable medium” refer to any computer program product, non- transitory computer readable medium, apparatus and/or device (e.g., magnetic discs, optical disks, memory, Programmable Logic Devices (PLDs)) used to provide machine instructions and/or data to a programmable processor, including a machine-readable medium that receives machine instructions as a machine-readable signal. The term “machine-readable signal” refers to any signal used to provide machine instructions and/or data to a programmable processor.
[0061] The processes and logic flows described in this specification can be performed by one or more programmable processors executing one or more computer programs to perform functions by operating on input data and generating output. The processes and logic flows can also be performed by special purpose logic circuitry, e.g., an FPGA (field programmable gate array) or an ASIC (application specific integrated circuit). Processors suitable for the execution of a computer program include, by way of example, both general and special purpose microprocessors, and any one or more processors of any kind of digital computer. Generally, a processor will receive instructions and data from a read only memory or a random access memory or both. The essential elements of a computer are a processor for performing instructions and one or more memory devices for storing instructions and data. Generally, a computer will also include, or be operatively coupled to receive data from or transfer data to, or both, one or more mass storage devices for storing data, e.g., magnetic, magneto optical disks, or optical disks. However, a computer need not have such devices. Computer readable media suitable for storing computer program instructions and data include all forms of non-volatile memory, media and memory devices, including by way of example semiconductor memory devices, e.g., EPROM, EEPROM, and flash memory devices; magnetic disks, e.g., internal hard disks or removable disks; magneto optical disks; and CD ROM and DVD-ROM disks. The processor and the memory can be supplemented by, or incorporated in, special purpose logic circuitry.
[0062] To provide for interaction with a user, one or more aspects of the disclosure can be implemented on a computer having a display device, e.g., a CRT (cathode ray tube), LCD (liquid crystal display) monitor, or touch screen for displaying information to the user and optionally a keyboard and a pointing device, e.g., a mouse or a trackball, by which the user can provide input to the computer. Other kinds of devices can be used to provide interaction with a user as well; for example, feedback provided to the user can be any form of sensory feedback, e.g., visual feedback, auditory feedback, or tactile feedback; and input from the user can be received in any form, including acoustic, speech, or tactile input. In addition, a computer can interact with a user by sending documents to and receiving documents from a device that is used by the user; for example, by sending web pages to a web browser on a user's client device in response to requests received from the web browser.
[0063] A number of implementations have been described. Nevertheless, it will be understood that various modifications may be made without departing from the spirit and scope of the disclosure. Accordingly, other implementations are within the scope of the following claims. For example, the actions recited in the claims can be performed in a different order and still achieve desirable results.

Claims

WHAT IS CLAIMED IS:
1. A method (200) comprising;
receiving, at data processing hardware (112) of a mobile network operator (MNO) (110), a profile preparation request (30) from a first user device (160a) associated with a customer of the MNO, the profile preparation request (30) received requesting preparation of a new subscriber identification module (SIM) profile (168b) for a second user device (160b), the second user device (160b) in communication with the first user device (160a) and associated with the same customer of the MNO (110);
in response to receiving the profile preparation request (30):
generating, by the data processing hardware (112), the new SIM profile (168b) for the second user device (160b); and
generating, by the data processing hardware (112), an activation code (50) associated with the new SIM profile (168b), the activation code (50) uniquely identifying the new SIM profile (168b);
transmitting, by the data processing hardware (112), the activation code (50) to the first user device (160a), the activation code (50), when received by the first user device (160a), causing the first user device (160a) to provide the activation code (50) to the second user device (160b);
receiving, at the data processing hardware (112), a profile download request (60) from the second user device (160b), the profile download request (60) comprising the activation code (50);
determining, by the data processing hardware (112), whether the activation code (50) is valid; and
when the activation code is valid, transmitting, by the data processing hardware (112), the new SIM profile (168b) to the second user device (160b), the new SIM profile (168b) when received by the second user device (160b), causing the second user device (160b) to install the new SIM profile (168b) in an embedded SIM (166) residing on the second user device (160b).
2. The method (200) of claim 1, wherein the profile preparation request (30) is received from the first user device (160a) over a first network (120) and the profile download request (60) is received from the second user device (160b) via a second network (130) different than the first network (120).
3. The method (200) of claim 1 or 2, wherein the profile preparation request (30) comprises one or more device identifiers (20) associated with the second user device (168b).
4. The method (200) of claim 3, wherein the one or more device identifiers (20) comprise at least one of an International Mobile Station Equipment Identity (IMEI) number or an electronic identification (EID) associated with the second user device (160b).
5. The method (200) of any of claims 1-4, wherein the activation code (50) comprises a location of a profile server (150) associated with the data processing hardware (112) of the MNO (110).
6. The method (200) of any of claims 1-5, wherein the first user device (160a) provides the activation code (50) to the second user device (160b) over a secure wired or wireless connection (202).
7. The method (200) of any of claims 1-6, wherein the first user device (160a) provides the activation code (50) to the second user device (160b) by rendering the activation code (50) for display on the first user device (160a).
8. A system (100) comprising:
data processing hardware (112) of a mobile network operator (MNO) (110); and memory hardware (114) in communication with the data processing hardware (112), the memory hardware (114) storing instructions that when executed on the data processing hardware (112) cause the data processing hardware (112) to perform operations comprising:
receiving a profile preparation request (30) from a first user device (160a) associated with a customer of the MNO (110), the received profile preparation request (30) requesting preparation of a new subscriber identification module (SIM) profile (168b) for a second user device (160b), the second user device (160b) in communication with the first user device (160a) and associated with the same customer of the MNO
(no);
in response to receiving the profile preparation request (30):
generating the new SIM profile (168b) for the second user device
(160b); and
generating an activation code (50) associated with the new SIM profile (168b), the activation code (50) uniquely identifying the new SIM profile (168b);
transmitting the activation code (50) to the first user device (160a), the activation code (50), when received by the first user device (160a), causing the first user device (160a) to provide the activation code (50) to the second user device (160b);
receiving a profile download request (60) from the second user device (160b), the profile download request (60) comprising the activation code (50);
determining whether the activation code (50) is valid; and when the activation code is valid, transmitting the new SIM profile (168b) to the second user device (160b), the new SIM profile (168b) when received by the second user device (160b), causing the second user device (160b) to install the new SIM profile (168b) in an embedded SIM (166) residing on the second user device (160b).
9. The system (100) of claim 8, wherein the profile preparation request (30) is received from the first user device (160a) over a first network (120) and the profile download request (60) is received from the second user device (160b) via a second network (130) different than the first network (120).
10. The system (100) of claim 8 or 9, wherein the profile preparation request (30) comprises one or more device identifiers (20) associated with the second user device (168b).
11. The system (100) of claim 10, wherein the one or more device identifiers (20) comprise at least one of an International Mobile Station Equipment Identity (IMEI) number or an electronic identification (EID) associated with the second user device (160b).
12. The system (100) of any of claims 8-11, wherein the activation code (50) comprises a location of a profile server (150) associated with the data processing hardware (112) of the MNO (110).
13. The system (100) of any of claims 8-12, wherein the first user device (160a) provides the activation code to the second user device (160b) over a secure wired or wireless connection.
14. The system (100) of any of claims 8-13, wherein the first user device (160a) provides the activation code (50) to the second user device (160b) over a secure wired or wireless connection (202).
15. A method (400) comprising:
receiving, at data processing hardware (161) of a first user device (160b), a security token (80) from a second user device (160a) in communication with the first user device (160b), the security token (80) indicating that a customer associated with the first user device (160b) and the second user device (160a) is authorized to access an operator network (120) provided by a mobile network operator (MNO) (110);
transmitting, by the data processing hardware (161), a profile preparation request (30) to the MNO (110), the profile preparation request (30) requesting preparation of a new subscriber identification module (SIM) profile (168b) for the first user device (160b), the profile preparation request (30) comprising the security token (80);
receiving, at the data processing hardware (161), the new SIM profile (168b) for the first user device (160b) from the MNO (110); and
installing, by the data processing hardware (161), the new SIM profile (168b) for the first user device (160b) on an embedded SIM (166) residing on memory hardware (162) of the first user device (160b).
16. The method (400) of claim 15, further comprising, prior to transmitting the profile preparation request (30), executing, by the data processing hardware (161), a software application (164) configured to interface with the MNO (110) over a non-operator network (130).
17. The method (400) of claim 16, wherein the software application (164) provides mapping information to a profile server (150) residing on the MNO (110), the profile server (150) configured to prepare the new SIM profile (168b) for the first user device (160b) in response to receiving the profile preparation request (30) over the non-operator network (130).
18. The method (400) of any of claims 15-17, wherein the profile preparation request (30) comprises one or more device identifiers (20) associated with the first user device (160b) and/or the second user device (160a).
19. The method (400) of claim 18, wherein the one or more device identifiers (20) comprise at least one of an International Mobile Station Equipment Identity (IMEI) number and/or an electronic identification (EID) associated with the first user device (160b) and/or second user device (160a).
20 The method (400) of any of claims 15-19, wherein the second user device (160a) is configured to obtain the security token (80) from a backend service residing at the MNO (110) over the operator network (120), the second user device (160a) comprising an existing SIM profile (168a) previously authorized by the MNO (110).
21. A first user device (160b) comprising:
data processing hardware (161); and
memory hardware (162) in communication with the data processing hardware (161), the memory hardware (162) storing instructions that when executed on the data processing hardware cause the data processing hardware (161) to perform operations comprising:
receiving a security token (80) from a second user device (160a) in communication with the first user device (160b), the security token (80) indicating that a customer associated with the first user device (160b) and the second user device (160a) is authorized to access an operator network (120) provided by a mobile network operator
(MNO) (110);
transmitting the profile preparation request (30) requesting preparation of a new subscriber identification module (SIM) profile (168b) for the first user device (160b), the profile preparation request (30) comprising the security token (80);
receiving the new SIM profile (168b) for the first user device (160b) from the MNO (110); and
installing the new SIM profile (168b) for the first user device (160b) on an embedded SIM (166) residing on memory hardware (162) of the first user device (160b).
22. The first user device (160b) of claim 21, wherein the operations further comprise, prior to transmitting the profile preparation request (30), executing (404) a software application (164) configured to interface with the MNO (110) over a non-operator network (130).
23. The first user device (160b) of claim 22, wherein the software application (164) provides mapping information to a profile server (150) residing on the MNO (110), the profile server (150) configured to prepare the new SIM profile (168b) for the first user device (160b) in response to receiving the profile preparation request (30) over the nonoperator network (130).
24. The first user device (160b) of any one of claims 21-23, wherein the profile preparation request (30) comprises one or more device identifiers (20) associated with the first user device (160b) and/or the second user device (160a).
25. The first user device (160b) of claim 24, wherein the one or more device identifiers (20) comprise at least one of an International Mobile Station Equipment Identity (IMEI) number and/or an electronic identification (EID) associated with the first user device (160b) and/or second user device (160a).
PCT/US2019/064742 2019-04-02 2019-12-05 Seamless embedded sim transfer WO2020205011A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201962828279P 2019-04-02 2019-04-02
US62/828,279 2019-04-02

Publications (1)

Publication Number Publication Date
WO2020205011A1 true WO2020205011A1 (en) 2020-10-08

Family

ID=69061453

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2019/064742 WO2020205011A1 (en) 2019-04-02 2019-12-05 Seamless embedded sim transfer

Country Status (1)

Country Link
WO (1) WO2020205011A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200359184A1 (en) * 2019-02-19 2020-11-12 Microsoft Technology Licensing, Llc Privacy-enhanced method for linking an esim profile
US20210400479A1 (en) * 2020-06-19 2021-12-23 Apple Inc. Cellular service management for secondary mobile wireless devices
WO2022159355A1 (en) 2021-01-19 2022-07-28 RIPSIM Technologies, Inc. Esim creation, generation, distributon
WO2024030238A1 (en) * 2022-08-02 2024-02-08 Google Llc Method to manage wireless device profiles

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150349825A1 (en) * 2012-12-11 2015-12-03 Kt Corporation Method for selecting mobile communication network provider using provisioning profile, and apparatus using same
WO2018001449A1 (en) * 2016-06-27 2018-01-04 Telefonaktiebolaget Lm Ericsson (Publ) Remote provision of a subscriber device
WO2018076711A1 (en) * 2016-10-31 2018-05-03 华为技术有限公司 Profile download method and device
WO2019015793A1 (en) * 2017-07-20 2019-01-24 Telefonaktiebolaget Lm Ericsson (Publ) Technique for remote sim provisioning

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150349825A1 (en) * 2012-12-11 2015-12-03 Kt Corporation Method for selecting mobile communication network provider using provisioning profile, and apparatus using same
WO2018001449A1 (en) * 2016-06-27 2018-01-04 Telefonaktiebolaget Lm Ericsson (Publ) Remote provision of a subscriber device
WO2018076711A1 (en) * 2016-10-31 2018-05-03 华为技术有限公司 Profile download method and device
EP3528518A1 (en) * 2016-10-31 2019-08-21 Huawei Technologies Co., Ltd. Profile download method and device
WO2019015793A1 (en) * 2017-07-20 2019-01-24 Telefonaktiebolaget Lm Ericsson (Publ) Technique for remote sim provisioning

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200359184A1 (en) * 2019-02-19 2020-11-12 Microsoft Technology Licensing, Llc Privacy-enhanced method for linking an esim profile
US11678158B2 (en) * 2019-02-19 2023-06-13 Microsoft Technology Licensing, Llc Privacy-enhanced method for linking an eSIM profile
US20210400479A1 (en) * 2020-06-19 2021-12-23 Apple Inc. Cellular service management for secondary mobile wireless devices
US11689921B2 (en) * 2020-06-19 2023-06-27 Apple Inc. Cellular service management for secondary mobile wireless devices
WO2022159355A1 (en) 2021-01-19 2022-07-28 RIPSIM Technologies, Inc. Esim creation, generation, distributon
WO2024030238A1 (en) * 2022-08-02 2024-02-08 Google Llc Method to manage wireless device profiles

Similar Documents

Publication Publication Date Title
US20210297410A1 (en) Mec platform deployment method and apparatus
WO2020205011A1 (en) Seamless embedded sim transfer
US20190132280A1 (en) Network Based Distribution for Compute Resource and Application Accessibility
CN106464534B (en) Sheet for provisioning and managing customer premises equipment devices
US10757091B2 (en) Certificate-based single sign-on (SSO) from mobile applications over the internet
US11934860B2 (en) System and method for implementing network experience shifting
US10225871B2 (en) Method and system for hosting network access point
US9529995B2 (en) Auto discovery of virtual machines
US9246872B2 (en) Methods and arrangements for enabling data transmission between a mobile device and a static destination address
US10200354B2 (en) Switching between networks
EP2681942A2 (en) System and method to provide remote device management for mobile virtualized platforms
US20190199605A1 (en) Virtualized Intelligent and Integrated Network Monitoring as a Service
US9374664B2 (en) Venue-specific wi-fi connectivity notifications
EP2262169A1 (en) Automatic configuration of a terminal device through a router
US11019032B2 (en) Virtual private networks without software requirements
US9762444B1 (en) Detecting a configuration profile from a management agent
US20230073668A1 (en) Protection against Man-in-the-Middle Attacks in Virtualization Environments
US10645085B2 (en) Device management across multiple operator networks
US10284392B2 (en) Virtual private network resiliency over multiple transports
CN113890864A (en) Data packet processing method and device, electronic equipment and storage medium
US9609586B2 (en) Controlling access to a network
US20240195783A1 (en) Zero Trust Network Access and Virtual Private Network Client Offloading
US20220271946A1 (en) Over-the-Air CBRS Certificate Installation

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19829382

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19829382

Country of ref document: EP

Kind code of ref document: A1