Over-the-air service provisioning (OTASP) for activation of mobile phones, both cellular and PCS, which allows a network service provider to activate new service without intervention of a third party, such as an authorized dealer, is well known, with established standards provided in Telecommunications Industry Association/Electronics Industries Association Interim Standard 683 (TIA/EIA/IS-683). OTASP enables the service provider to activate a potential subscriber's (mobile user's) mobile phone by downloading the required parameters, e.g., a phone number, over the air to the mobile unit. Since a qualified dealer or service agent is not required to initiate the procedure, service providers have the capability of marketing mobile phones through general merchandise-type retail stores, such as drug stores and discount department stores, rather than specialty electronics stores. OTASP also provides the ability to securely load an authentication key ("A-Key") into the mobile unit to allow validation and confirmation of the identity of the mobile unit to enhance security and reduce the potential for fraudulent use of the network service. OTASP can be initiated only by the user and requires connection to the service provider's customer service center for interaction with a customer service representative.
At the time of activation, in addition to the phone number and security code, values known as Number Assignment Modules (NAMs) are downloaded into the memory of the mobile unit from the base station. The NAMs specify parameters which control wireless network usage, such as preferred mode of operation (analog or digital), shared secret data (SSD), and roaming information, or "Preferred Roaming List". A list of numeric indicators is provided in Appendix F of the TIA/EIA/IS-95-A standard and is incorporated herein by reference. Once this initial programming is completed, because the link is broken, the network service provider has little control of the NAM parameters, unlike equivalent parameters in wired telephone networks. Typically, changes made after initial activation, which can include change of the area code of the phone number, or changes in Preferred Roaming List parameters based upon new service areas and/or new roaming agreements with other network providers, need to be made with intervention of the subscriber--either by initiating communication with the network or by taking the mobile unit to an authorized dealer or service agent. This can result in many of the changes being left undone since the subscriber may be too busy or simply does not want to bother making the effort. Further, improvements in technology are constantly being made which may be appropriate for automatic incorporation into existing services without requiring user input, e.g., changeover from analog to digital service. Another problem resulting from the loss of control of the mobile phone parameters (NAMs) is that the service provider has no means for preventing the purchaser of a phone which the provider subsidized from going to a competitor to have the service transferred prior to the expiration of a contracted minimum subscription period. Thus, situations exist where it may be appropriate or desirable for the network service provider to access the mobile unit to maintain or change parameters within the mobile unit without requiring the involvement of the subscriber.
The capability of making over the air network-initiated changes of mobile station NAMs raises significant concerns regarding security, i.e., interception of the change code, and fraud, including unauthorized changing of parameters, including changing of networks, by competing service providers, a practice often referred to as "slamming". For these reasons, such capabilities have been heretofore unavailable, and the need remains for a secure procedure for making possible over-the-air parameter maintenance and changes.