Communicating by means of a mobile end device, for example by means of a mobile telephone, via a mobile radio network (also designated as a PLMN [Public Land Mobile Network]) which is operated by a network operator (also designated as an MNO [Mobile Network Operator]) as a rule requires that the mobile end device is equipped with a security element, for example in form of a SIM card, for securely storing subscription authorization data (“Subscription Credentials”) which uniquely identify and authenticate the user of the mobile end device vis-à-vis the mobile radio network. Such subscription authorization data individual to the security element, for example an IMSI (International Mobile Subscriber Identity) and an authentication key Ki, are deposited as a rule within the scope of a so-called “personalization” in the secure environment of the secure-element manufacturer on a security element.
While in the past the great majority of security elements could be simply exchanged in the form of SIM cards in a mobile end device, there exist for some time more and more security elements which are firmly installed in a mobile end device. Such a security element firmly installed in a mobile end device is known to the skilled person particularly under the term “Embedded SIM” or “Embedded UICC (eUICC)”.
As already mentioned hereinabove, the personalization was hitherto effected as a rule in a secure environment at the manufacturer of the security element. In the future, this will often no longer be possible because the personalization must be effected already at the manufacturer of the security element's processor or later in the production line of the manufacturer of the mobile end device with the security element embedded therein. In this case it must be ensured, however, that the processor manufacturer or the manufacturer of the mobile end device has no or at best only a restricted access to the personalization data individual to the security element to be applied to the security element, in particular the subscription authorization data contained therein.
Therefore a demand for improved methods and apparatuses exists for personalizing a security element which is installed, preferably firmly, in an end device.