Mobile networks are being used to connect all sorts of devices; automated reading of utility meters, intelligent connectivity of cars and commercial vehicles to enable drivers to access navigation, infotainment or breakdown services, traffic lights, home security and assisted living.
A subscriber identity module, or subscriber identification module, (SIM) is an integrated circuit chip that is intended to securely store the international mobile subscriber identity (IMSI) number and its related encryption key, as well as other information relevant for the subscription, which is used to identify and authenticate subscriptions on the devices. The functionality of the SIM circuit could be part of the functionality of a Universal Integrated Circuit Card (UICC) physical smart card. Traditional SIM cards are predicated on only associating with one network operator.
The GSM Association (GSMA), where GSM is short for Global System for Mobile communications, has released a technical specification denoted SGP.22—RSP defining remote SIM provisioning for consumer devices and a technical specification denoted SGP.02 disclosing a remote provisioning architecture for Embedded UICC (eUICC), which targets machine-to-machine (M2M) type communications devices. In short, the operator uses an entity called SM-DP+/SM-DP (short for Subscription Management—Data Preparation) for creation of SIM profiles that are later installed from the SM-DP/SM-DP+ to the eUICC. For the consumer devices, the profile is installed through a Local Profile Assistant (LPA) on the consumer device to the Issuer Security Domain Profile (ISD-P) on the eUICC in the device. For the M2M devices, the SM-DP installs the profile via a separate (external) entity, SM-SR, to the ISD-P on the device.
Both above mentioned variants have the device owner obtaining a subscription for the device from the operator by providing the operator with relevant information about the device to be provisioned, optionally including eUICC ID (EID) and International Mobile Station Equipment Identity (IMEI). The subscription can be obtained from a point of sales, via a web page of the operator, or other similar methods. Section 3.B in SGP.22 describes the profile download initiation process. It shows how the user orders a subscription from the operator, and how the operator asks the SM-DP+ to generate the matching profile. Then the operator provides the user with an activation code (AC) that the user can insert into/provide to the device to be provisioned. The device can extract the relevant information (SM-DP+ reachability information, etc.) from the activation code and then proceed to contact the SM-DP+ for downloading the profile based on the AC after mutual authentication and various security functions.
The above referred technical specification documents suggest that the device to be provisioned (denoted companion device) can be managed through a primary device (e.g., a User Equipment), which can e.g. provide global connectivity (through e.g. WiFi tethering) to the device to be provisioned and act as the input device for entering e.g. the activation code of the device to be provisioned. The technical specification SGP.22 also defines a GetEID function that can be used for retrieving the EID of the device to be provisioned.
In some countries, mobile network operators (MNOs) sell subscriptions with subsidy; MNOs sell subsidized subscriber devices to earn money from subscriptions. This requires the MNOs to lock the subscriber devices with a specific MNO. Existing mechanisms for locking subscriber devices with a specific MNO include firmware lock by the device manufacturer to lock the subscriber device to a particular network. Users of the subscriber device could then need to enter a specific sequence of digits (code) to unlock the subscriber device. However, it could be desirable to control switching of network operator profiles in order to enable the subscriber device to migrate from one MNO to another MNO during the life cycle of the subscriber device.
Hence, there is still a need for an improved handling of network subscriptions of a subscriber device.