Most existing mobile terminals make it possible not only to set up telephone calls but also to execute a plurality of applications downloaded into a secure module connected to the terminal. This secure module can be a memory module of the terminal or a removable storage medium inserted into the terminal (for example a subscriber smart card).
These applications are downloaded and updated using a standard connection between the mobile terminal and a management server, for example the server of a service provider.
Some of the applications present in the security module may be applications that are known as contactless applications. These applications are executed at the request of an external equipment known as a contactless reader. A dedicated module, called the “contactless module”, is installed in the mobile terminal and enables dialogue between the security module and the contactless reader.
Theft or loss of the security module can lead to unlimited fraudulent use of the applications installed in the security module. Similarly, a user who has lost their rights to an application, for example because they missed a payment, may continue to use said application as long as they do not log onto the management server.
The solution whereby the issuer of the security module or the service provider blocks the application that it manages imposes setting up a standard telephone connection between the issuer or the service provider and the mobile terminal into which the security module is inserted. A user intent on fraud is able to prevent such a connection being set up and consequently to prevent such blocking.
Moreover, even if it is possible to set up such a connection, the delay between the time of the theft or loss of the security module and sending the blocking command can be sufficiently long to enable a user intent on fraud to make use of the contactless applications installed on the security module.
Thus there exists a requirement to monitor the use of a security module in order to improve the security of applications installed in a security module that is associated with a mobile terminal.