Every WWAN (wireless wide area network) or LAN (local area network) device has a serial number that uniquely identifies the device to the network. For WWAN, this number is called the Electronic Serial Number (ESN number) or the International Mobile Equipment Identity (IMEI) number. For LAN, this is called the MAC address. We will refer to any industry-wide registry-based unique serial number (such as ESN, IMEI, MAC, or a new type of number) as an SN in this document.
Device manufacturers embed unique SNs in devices. Each manufacturer is assigned a pool of SNs for exactly this use. When all the SNs are used up by a manufacturer, more SNs can be acquired from the appropriate SN registry. Often this pool of SNs is a range of consecutive numbers.
Wireless operators have SN database systems that keep track of SNs. For example, Verizon Wireless has an SN database system that stores the ESN number of every Verizon Wireless device. The SN database system may also have SNs of devices belonging to roaming partners such as China Unicom. Operators use these SN database systems to, among other things, activate/deactivate devices, track device usage, billing, and block/allow a device's access to the network. However, useful characteristics of the device such as screen size, operating system, and form-factor are not associated with the SNs. Ideally more information such as device type and screen size would be recorded and associated with each SN. This information can be used by operators to tailor services for different device types. The information can also be used for in-depth market research services.
SN database systems are standard specific because the SN registries for different air-interface standards are not the same. For example, CDMA operators use ESN numbers and GSM operators use IMEI numbers. In short, there is no universal SN registry for all communication devices regardless of communication standard. This is acceptable for now since devices for one standard cannot communicate with a network that uses a different standard, but with the advent of multi-mode/multi-standard devices operators must put temporary patches on their back-end systems to handle these cross-standard devices. As dual-mode devices (e.g. —GSM/Wi-Fi and GSM/CDMA) and software-defined radios become more popular, a standard-independent SN registry will be needed.
IPv6 is not the answer because, among other shortcomings, IPv6 only applies to devices with a connection to the Internet, which does not include voice-only handsets or most consumer electronics. Also, the primary purpose of IPv6 is location and addressing (determining the device's location on the worldwide network), not uniquely identifying the device or its characteristics. Therefore, no device characteristics or usage information is associated with IPv6 addresses. This makes market research and operator control based on IPv6 addresses difficult.
Each operator and vendor maintains their own SN database system. However, there is no central database that contains information on all devices across networks and vendors. For example, Verizon Wireless' database system stores a subset of ESN numbers, but not IMEI numbers. Motorola's database system stores ESN and IMEI numbers of devices it has shipped, but not SNs from other manufacturers such as Nokia. Furthermore, these private SN database systems cannot be accessed by outside parties. Therefore, industry-wide market studies on devices are very difficult to perform because the information resides in disparate private databases inside operator and device vendor firewalls. Of high utility would be a universal SN database that has information on all SNs. This universal SN database would get much of its information from various sources such as the company-specific databases maintained by each service provider and vendor. This will enable more global data for market research, and allow operators the ability to track devices on a more universal scale.
When a device makes a connection to a network, the device sends an SN to the network and the network uses an SN database system along with the SN to identify the device. The network uses the SN to track billing and ensure security (blocking a device that is reported as lost or stolen), as well as other tasks. The ability to uniquely identify a device using the SN is critically important to service providers and operators. There is a trend in the communication device industry towards modularization. Traditionally, devices are built by integrating all relevant components on a single PCB. However, to reduce time-to-market and engineering design resources, device vendors have started to use a dual-board device architecture that puts the communication components on a separate PCB from the main device PCB. Such dual-board devices have two parts—the application half (the “shell”) that contains an application processor among other components, and the module half (the “cartridge”) which contains the communication components. In modular device scenarios the cartridge is a removable card and the two parts are connected via a removable interface. The two parts are able to work together effectively because the interface defines a set of mechanical, electrical, and software specifications the two parts must adhere to. In other scenarios the cartridge is a “Personal Mobile Gateway” (PMG) that the shell connects to via a low power wireless network or a personal access network (PAN), such as Bluetooth, to gain access to a longer-range wireless network, such as GSM. In all cases, a consumer may use many different shells with a cartridge.
A problem arises when communication devices are split into two parts (shell and cartridge). If a device is split into two parts, the SN is attached to the cartridge, leaving the shell ID-less. This means the carrier or manufacturer can monitor the cartridge, but not the different shells that connect to the cartridge. This means most of the control capabilities operators receive through SNs do not exist with modular devices. Therefore, operators will not have as much control over modular devices as they do with integrated devices.
Another problem associated with modular devices relates to interchangeability. Interchangeability between different shells and cartridges is possible because the two parts adhere to strict specifications that almost guarantee interoperability. If one or both of the parts vary from the specification, interoperability between different cartridges and shells is compromised.
Often these interface specifications are published publicly, or at least under a non-disclosure agreement, so that if different vendors design shells or cartridges that conform to the specifications, they will be interoperable. To ensure these parts conform to the specifications, one or more testing organizations may be given the task of testing all new shells and cartridges and certifying that they are indeed compatible with the specification. Cartridges and shells that pass the tests are allowed to put a label on the product or sales packaging that signifies to consumers that the product is certified compatible.
Unfortunately, this compliance method relies on the value of the compatibility label. If consumers are not conditioned to only buy products with the compatibility label, incompatible products may enter the market and lead to poor consumer satisfaction. If rogue vendors put illegal compatibility labels on products that did not pass certification, consumers will also not be satisfied. In markets where inappropriate use of intellectual property is commonplace, ensuring compatibility between shells and cartridges is critical to market acceptance of modular devices.
Instead of using compliance labels to ensure shell/cartridge compatibility, what is needed is a system that allows shells and cartridges to self-police for compatibility when the products are being used together. This would have value to not only communication oriented systems with two parts (cartridge and shell), but any modular interface that requires certification to ensure compatibility (such as those developed by the PCI SIG).
GSM and CDMA networks authenticate devices automatically. In GSM, the network authenticates the SIM card in the device using the A3/A8 algorithms. In CDMA, the network uses the A-Key and CAVE algorithm to authenticate a CDMA device. However, these systems all assume that the device is integrated, not modular with a shell and a cartridge. This means these systems, if used for a modular device, can only authenticate the cartridge—the shell remains unauthenticated.
SNs are used in other industries besides devices. In the consumer goods world, unique serial numbers are also used such as the Electronic Product Code (EPC) for RFID. Each time an EPC is scanned, such as when a product is sold, information about the product is recorded, such as the time and location of sale, etc. This information is aggregated into EPC databases that can be used for market research. For example, a manufacturer can launch an advertising campaign in a certain location and then use an EPC database to track sales increases in the location. Unfortunately, RFID does not track goods after they are sold. So, information such as device usage cannot be collected. Furthermore, RFID does not contain adequate provisions for device authentication. Lastly, RFID tags are usually separate from the product itself and can be removed from the product, circumventing many of the useful characteristics of embedded SNs in devices.
The invention described herein is a device ID and verification system that addresses the shortcomings mentioned above.