For communication with a mobile terminal, for example a mobile telephone, over a mobile communication network that is operated by a network operator, it is normally required that the mobile terminal be designed having a security element for securely storing data. Said data serves the clear identification of the user of the mobile terminal vis-à-vis the mobile communication network. For example, in a mobile terminal that is developed to communicate according to the GSM (global system for mobile communications) standard, which is currently one of the most widespread mobile communication standards, a security element having the name SIM (subscriber identity module) is commonly used in the form of a chip card or smart card. According to the GSM standard, whose technical features are defined in a plurality of interlinked and interdependent specifications, the SIM card receives subscriber identification data or subscription credentials for identifying and authenticating the user or the subscriber, including an IMSI (international mobile subscriber identity; a number for the clear (internal) identification of network subscribers) and an authentication key. Before a subscriber is issued his SIM card, said subscription credentials are commonly securely stored on the SIM card by the SIM card manufacturer or the network operator in the context of a personalization process as part of a subscription profile. A non-personalized SIM card is generally not suitable for proper use in a mobile terminal. This means that services provided by a mobile communication network cannot be accessed with a non-personalized SIM card without a subscription profile.
One particular area of application of security elements, such as SIM cards, UICCs, eUICCs and the like, that in all probability will grow considerably in the near future is M2M (machine to machine) communication. An M2M communication is understood to be the communication between machines over a mobile communication network without human interaction. Here, data can be automatically exchanged between numerous different machine types that are developed having a security element in the form of an M2M module, for example TV systems, set-top boxes, vending machines, vehicles, traffic lights, surveillance cameras, sensor and control devices, and the like. It is foreseeable that, at least with some such devices, it will be impossible or at least very difficult to provide the security element with a subscription profile already at manufacture. This is due especially to the fact that, in many M2M devices, the security element is implemented in the form of a surface-mounted chip or chip module. At this time, however, it is not clear, for example, in which country a certain M2M device will be used. Consequently, with such M2M devices having non-personalized security elements, it is essential that said devices be capable of being provided with a subscription profile over the air interface only once they are used in the field.
For the utilization of the services provided by a mobile network operator, especially communication over the appropriate mobile communication network, the user of a mobile terminal must normally pay a monthly fee. If the user would like to switch to another mobile network operator, for example because of lower monthly fees and/or other services and/or use of the mobile terminal in another location, the user himself must commonly replace the SIM card (security module) having the existing subscription profile, provided by the existing mobile network operator for use of the mobile communication network of the existing mobile network operator, with a SIM card having a new subscription profile, provided by the new mobile network operator for use of the mobile communication network of the new mobile network operator. Instead of said conventional approach, it would, without question, be easier and more convenient for the user to have a security element that can be reprogrammed with a new subscription profile over the air interface.
Methods are already known from the background art for downloading a subscription profile from a server instance over an air interface to a security element on which a subscription profile is already present. After downloading the new subscription profile, a switch from the already existing subscription profile to the new subscription profile is carried out by the security element. However, due to the mobile use of the security module in the mobile terminal, especially in an M2M device, the problem may occur that messages from the server instance over the air interface to the security element go missing. Further, to load a subscription over the air interface, an already established connection of the M2M device with a mobile communication network using an already loaded subscription is required. However, it is unlikely that the use of the already loaded subscription will be accepted by every other mobile communication network provider. Without prior registration in the new mobile communication network, no new subscription can be loaded.
A security element that is provided with multiple subscription profiles for a plurality of mobile communication networks provides one solution to this problem. Each of said subscription profiles is closed off from each other such that, when one subscription profile is in operation, another subscription profile is not accessible. In particular, for usage in M2M devices used internationally, this means holding a nearly infinite number of subscription profiles. To save memory space, the subscription profiles are limited to a number of particular mobile network operators.
The structure and the content of the plurality of subscription profiles are very different, such that a switch of subscription profiles affects only standardized content. Network-operator-specific functions and content, for example encryption algorithms or roaming data, are not supported by subscription management.
Against this background, the object that poses itself to the present invention is to provide an improved method and a device with which the problems of the background art will be solved. In particular, easier management of subscription profiles is to be facilitated.