The present invention lies in the field of personalizing secure elements, e.g. smartcards, and in particular cards of the embedded universal integrated circuit card (eUICC) type.
It is known that subscriber identity module (SIM) cards enable an operator, e.g. a cell phone operator, to define the services to be made available to a client by a mechanism known as “personalization”.
Personalization, which is generally performed either by the operator or else by a third party on behalf of the operator, typically a card manufacturer, generally consists in configuring the SIM card with a personalized profile including personalization data and possibly also programs, e.g. applets. Nowadays, SIM cards can store a plurality of profiles, as was not possible when they originated.
The dimensions of removable SIM cards make them difficult to use in appliances of small size. To mitigate this problem, the European Telecommunications Standards Institute (ETSI) has defined a soldered format for SIM cards (MFF2: M2M form factor 2) and the GSMA has defined the software architecture for eUICC secure elements i.e. “a small trusted hardware component, which may be soldered into mobile devices, to run SIM applications and enable the secure changing of subscription identity and other subscription data” together with the solution for administering such eUICC secure elements.
The solution adopted by the GSMA is to defer personalizing eUICCs until the terminal is in the hands of the final user.
FIG. 1 shows the architecture proposed by the GSMA for over the air (OTA) personalization. It relies in particular on subscription management-data preparation servers (SM-DP) suitable for preparing personalization scripts that are executable by the eUICC secure element itself. These personalization scripts comprise a sequence of commands, generally APDU commands in compliance with the ISO 7816-4 APDUs standard.
Also in the present state of the art, the personalization scripts prepared by SM-DP servers are delivered to the eUICC secure element via a subscription management-secure routing (SM-SR) transport server in an OTA session.
It should be noted that personalization scripts are proprietary scripts, such that, in practice, the mobile network operator (MNO) needs to communicate with a different SM-DP server for each card manufacturer.
The invention seeks to provide a personalization method that does not present such drawbacks.