Given the independence between the management of the access rights subscribed and allocated to each subscriber and the access control proper, since access right management is handled via management messages, known as EMM messages, capable of conveying the access rights, and access control is handled by the transmission of access control messages, called ECM messages, comprising an encrypted access control word, serving as a service key and access criteria, such renewal involves entering new data into the memory of the security processor linked to the decoder or the access control module.
Since the access control module commonly comprises a bank card type microprocessor card, the latter's memory resources are necessarily limited.
For this reason, the aforementioned procedure for entering rights is accompanied by a function for erasing expired rights. However, the sole purpose of the latter function is to free up memory space in the access control module or the card, to avoid, ultimately, filling it to saturation.
Such an entry/erasure process cannot provide, with all the necessary flexibility and security, fluid management of the access rights entered in the access control module or the card allocated to each subscriber.
Such is the case, for example, following a payment lapse on the part of the subscriber, or even in the context of flexible offerings when the subscriber changes the offering to which he or she has subscribed.
Considering the security criterion, given the somewhat crude nature of the current erasure procedure, any unscrupulous subscriber would be able to filter and intercept the erasure messages designed to reduce or control the latter's access rights.
Moreover, a procedure for storing right entry EMM messages with a view to submitting the latter illegally to a replay procedure cannot be excluded.
Finally, the current right entry and/or erasure procedures by EMM messages can cause these operations to malfunction if an appropriate sequencing is not respected.