1. Field
Various features disclosed herein relate generally to wireless communication systems, and at least some features pertain more particularly to methods and devices for facilitating authentication of access terminal identities in a roaming network.
2. Background
Access terminals, such as mobile phones, pagers, wireless modems, personal digital assistants, personal information managers (PIMs), personal media players, tablet computers, laptop computers, or any other device with a processor that communicates with other devices through wireless signals are becoming increasingly popular and are used more frequently. Subscribers using such access terminals in a wireless communication network are typically authenticated by the wireless communication network before being granted access to initiate and/or receive calls and transmit and/or receive data. Traditionally, wireless communication networks authenticate a subscriber by verifying a user identity comprising cryptographic information contained in and provided by, for example, an access terminal's Subscriber Identification Module (SIM) for GSM networks, Universal Subscriber Identification Module (USIM) for UMTS/LTE networks and Removable User Identification Module (RUIM) for CDMA networks. These SIMs, USIMs and RUIMs are typically chip and pin based cards that contain information about the subscriber/user of the access terminal and are removable from the access terminal. Users of access terminals equipped with such removable user identity modules are typically able to remove the SIM, USIM or RUIM card from one access terminal and place the card in another access terminal, thereby transferring their subscriber information easily from one access terminal to another. However, cellular networks traditionally do not authenticate the access terminal device itself.
While conventional wireless communication networks are adapted to authenticate the subscriber card (e.g., SIM, USIM, RUIM) being used in an access terminal, it may also be desirable for the wireless communication networks to authenticate the access terminal itself, and deny or allow network access to the access terminal based on the outcome of the access terminal authentication. There are a number of reasons why a network operator would want to authenticate the access terminal in addition to the subscriber card.
One reason includes, for example, authentication of access terminals in order to inhibit use of stolen or lost access terminals. For instance, there is little incentive for a potential thief to steal an access terminal, since a user can report the access terminal as lost or stolen and operation of that lost or stolen access terminal can be blocked from the network, even if a new subscriber card is placed in the terminal.
Another reason includes authentication of access terminals in order to deter unauthorized manufacturers from producing or refurbishing access terminals that are not approved for use within a wireless communication network (e.g., grey market access terminals). Such unauthorized access terminals may not meet the stringent regulations governing, for example, the transmission power, leakage into adjoining bands that are not licensed to the network operator, etc. By utilizing an authentication system that authenticates the access terminal itself, the network operator may deny service to those access terminals produced or refurbished by unauthorized manufacturers that fail to authenticate with valid access terminal identification.
Yet another reason involves the risks of terrorist attacks carried out in part with the use of unauthorized access terminals. Government entities have recently expressed a strong desire that network operators be able to trace, track, authenticate, and disable all access terminals operating within a network operator's wireless communication network. Having the ability to authenticate an access terminal and deny service accordingly would prove advantageous in stopping criminal activities.
There currently exist mechanisms which enable wireless communication networks to query an access terminal's identity (ID). For example, a wireless communication network (e.g., GSM network, WCDMA network, TD-SCDMA network) may query and check an international mobile equipment identity (IMEI) number for 3GPP-compliant access terminals, or a wireless communication network (e.g., CDMA) may query and check a mobile equipment identifier (MEID) for 3GPP2-compliant access terminals. However, these existing mechanisms for obtaining an access terminal's ID fail to provide any assurance that the ID received from an access terminal actually belongs to that access terminal. For example, an unauthorized access terminal could illegally copy or otherwise obtain the ID of an authorized access terminal, and then provide that pirated ID to the requesting wireless communication network. In such a situation, the conventional wireless communication network is unable to distinguish between an authorized access terminal and an unauthorized access terminal employing a faked ID.
Therefore, there is a need for methods, apparatus, and/or systems that are adapted to both discover and validate the identity of an access terminal.