A secure element (SE) is known from the “GlobalPlatform's Proposition for Near Filed Communication (NFC) Mobile: Secure Element Management and Messaging—White Paper, April 2009”, herein referred to as GPWP, and the GlobalPlatform Card Specification Version 2.1.1, March 2003, herein referred to as GPCS. The SE is the component in a mobile handset, e.g. a mobile phone, a PDA, a tablet PC and the like, or the SE is the component of a UICC or a microSD, corresponding to or to be plugged into a mobile device, that provides the security and confidentiality required to support various business models in a fast evolving business environment, in which several entities or players, in addition to Mobile Network Operators (MNO), will become involved in an NFC mobile ecosystem.
Throughout the application an MNO shall mean a party that provides mobile network services for mobile devices, e.g. mobile phones, to allow communication according to the GSM, or UMTS, or WLAN technology or the like and related standards successor standards or technologies. NFC shall mean a communication according to ISO 14443, 18092, 21481 ECMA 340, 352, 356, 362 or ETSI TS 102 190, as well as any successor standard or technology. From a customer centric point of view, the MNO provides full range mobile services to the customer as stated in the document “Mobile NFC Services”, Version 1, February 2007, of the GSM Association.
The SE satisfies the need for ongoing security and confidentiality of sensitive applications and data downloaded to and stored on an NFC enabled handset for performing contactless business transactions. The GlobalPlattform, acting as a cross-industry organization, intends to define and provide the specification, at present available in form of the GPCS, necessary to support three types of SE selected as options for NFC. These are Universal Integrated Circuit Cards (UICC) that can be plugged into said mobile handsets, Embedded Secure Elements that are embedded during manufacturing of said mobile handsets either independent form a subscriber identification module (SIM) or comprised in such a SIM used to identify a mobile network user or its handset, and Secure Memory Cards that are used to securely store, transport and/or transfer information. Typically in a Global System for Mobile Communications (GSM) network, the UICC contains a SIM application and in a Universal Mobile Telecommunications System (UMTS) network it is the USIM application.
In the GPWP three main configuration scenarios of the SE are proposed. The first configuration scenario is Simple Mode, which is an issuer centric model, where card content management is only performed by the MNO but is monitored by the Trusted Service Manager (TSM). The second configuration scenario is Delegated Mode, where card content management can be delegated to a TSM but each operation of card content management requires pre-authorization from the MNO. The third configuration scenario is Authorized Mode, where card content management is fully delegated to a TSM for a sub area of the SE. Accordingly the present version of the GPCS defines an appropriate card architecture to be supported by the SE.
Although these three modes allow for a wide deployment of business cases, they still lack in supporting particular business cases. But these particular business cases will become of utmost importance for making NFC based mobile phone operation interesting for all business partners involved.
Therefore it is an object of the present invention to overcome the aforementioned problem and to provide an improved secure element, an improved mobile device, an improved method of operating a secure element, an improved computer program, and an improved method of operating a mobile communication network, an improved method of doing business, and a method of enabling access to a secure element, as well as a signal conveying a command for a secure element.