The transfer of subscribers between network operators (subscription porting) in a telecommunication system is becoming more popular and is occurring more frequently. This is a result of an increase in the number of communication services operators available due to the auctioning of additional frequency bands for communication. In view of this, it is becoming increasingly important to provide effortless and seamless transfer for subscribers between network operators (i.e. effortless and seamless subscription porting). In fact, ease of subscription porting may soon become an important, legally enforced requirement.
The transfer of subscribers between network operators is achieved by transferring ownership of the Universal Integrated Circuit Card (UICC), which is also known as the Subscriber Identity Module or SIM card. The UICC is fitted in User Equipments (UEs) such as mobile terminals, Machine-to-Machine (M2M) devices, etc. The use of e.g. Machine-to-Machine (M2M) communication with UICC communications devices is ever increasing. The current generation of Universal Integrated Circuit Card (UICC) communication is based on existing principles used in cellular and wireless communication networks. These networks include the Global System for Mobile Communications (GSM), a Third Generation (3G) system or a Fourth Generation (4G) system, such as the Enhanced Packet System (EPS), composed of the Long Term Evolution (LTE) access network and the Enhanced Packet Core (EPC) core network.
The aforementioned existing principles include the use of the UICC and the identification of a mobile operator from which the communication service is obtained through the International Mobile Subscriber Identity (IMSI) in the Universal Subscriber Identity Module (USIM) in the UICC. The UE (i.e. the mobile terminal, the M2M device, etc), reads the IMSI from the USIM and uses the IMSI to determine the operator to which the user of this UE is a subscriber.
In addition to containing the IMSI, the UICC also holds at least one authentication key Ki that is used for authenticating the subscriber and allowing access by the UE to services provided by the network operator (such as voice calls, data sessions, etc).
The network operated by a network operator that “owns” a particular UICC typically comprises an Authentication Centre (AuC) in which authentication keys Ki corresponding to those contained in the UICCs of its subscribers are stored. The authentication key Ki is generally a 128 bit number. It is not possible to read or modify the Ki in the UICC and it is not possible to extract the Ki from the AuC.
There may be two authentication keys in the UICC. The first authentication key Ki is contained in the USIM and is used in authentication for Circuit Switched (CS) access, Packet Switched (PS) access and EPS access. The second authentication key Ki is contained in the IP Multimedia Services Identity Module (ISIM) and is used in authentication for IP Multimedia Services (IMS) registration. The ISIM is an optional application residing in the UICC. The UICC may have a USIM or may have both a USIM and an ISIM. Alternatively, the UICC may have a single authentication key Ki, which is shared between USIM and ISIM. This shared authentication key Ki is used in authentication for CS access, PS access EPS access and IMS registration.
In some existing systems, the network comprises an AuC that contains the authentication key Ki for the IMSI that is used in authentication for CS access and PS access, and a Home Subscriber Server (HSS) that contains one Ki value that is used for EPS authentication and another Ki value that is used for IMS authentication. In practical deployment, the HSS may have a single Ki that is used for EPS authentication as well as for IMS registration.
If a subscriber moves from an original network operator to a new network operator, a new IMSI is required for the subscriber. This new IMSI is required to enable the UE to obtain services from the new network operator to which the subscription is ported.
Practically, a new IMSI is provided by replacing the UICC. This can be an inconvenient, time consuming, and even expensive process.
There exist methods that allow the IMSI to be changed without requiring the replacement of the UICC. These methods typically employ remote IMSI reprogramming. In particular, in the existing methods, the IMSI in a UICC is remotely reprogrammed, for example, using an Over-The-Air (OTA) remote UICC update technique. This reprogramming of the IMSI needs to be carried out by the original network operator. Once the IMSI is reprogrammed, the original network operator transfers the control over and the ownership of the UICC to the new network operator.
The remote reprogramming of the IMSI in the USIM application requires that the UICC supports the Universal Subscriber Identity Module (USIM) Application Toolkit (USAT). USAT comprises a set of generic utilities that are offered by the UICC and that enable applications installed on the UICC as well as applications installed on the UE itself to use data from the UICC and to execute services on the UICC.
In addition to the requirement of a new or reprogrammed IMSI in the UICC when the UICC is ported between network operators, it is also necessary for the new network operator to have knowledge of the authentication keys in the UICC in order for the UICC to be used to authenticate the subscriber to the new network.
However, in contrast to the IMSI, it is not possible to reprogram the Ki in the UICC. Therefore, even though it is possible to reprogram the IMSI, it is currently still necessary to change the UICC for another UICC in order for the new network operator to have knowledge of a Ki for use in future authentication processes.
Some techniques have been proposed that enable subscribers to transfer between network operators without changing the UICC. This is particularly important for M2M devices that are installed in remote locations since changing the UICC for these devices would be extremely costly and time-consuming. The article entitled “M2M Remote-Subscription Management”, by L. Barriga, B. Smeets, and K. Sällberg, Ericsson Review, 2011, describes the desirability to be able to port a UICC from one operator to another and discusses the problems associated with the fact that it is not possible to reprogram the authentication key Ki in the UICC.
3GPP TR 33.812 discloses methods for UICC portability that aim to solve the problem that, whilst the IMSI in a UICC may be reprogrammed, it is not possible to modify the Ki on the UICC.
Some methods described in 3GPP TR 33.812 solve this problem by downloading an authentication key determined by a Home Network Operator to the UICC. In these methods, an initial authentication key Ki is programmed in by the UICC manufacturer or by the network operator to which the UICC is initially associated. It is not possible to modify this initial authentication key Ki and it has the same security aspects as the Ki found in contemporary, regular UICCs. The initial authentication key Ki is used for authentication to the network operator to which the UICC is initially associated. When the UICC is assigned to a new operator following the porting of a subscription, the new operator downloads its own authentication key to the UICC. The new operator's authentication key is then used for authentication. Since the new authentication key is downloaded to the UICC, it is arguable that it has a lower level of security than the Ki of the contemporary, regular UICC.
Other methods disclosed in 3GPP TR 33.812 involve a solution where the UICC contains multiple authentication keys Ki such that when a UICC is reprogrammed in order to associate that UICC with a new operator, the new operator that has gained ownership of the UICC is provided by the UICC manufacturer with the next unused authentication key Ki from a list of authentication keys Ki in the UICC.
Aside from these methods, the change in control over and ownership of the UICC could be effected by the original operator providing the authentication key to the new operator. However, the secure storage of the Ki in the AuC of the network operated by the original network operator and in the UICC is fundamental to GSM/3G/4G security. As such, network operators are reluctant to provide other network operators with the Ki associated with subscribers that have been ported out of their network.
One reason for this is that the Ki is highly secret. The Ki is stored and handled with great care and transferring the Ki to another operator implies that it will be transported through the public network in some way.
Another reason is that when the Ki is transferred from one network operator to another network operator, there will then be a copy of the Ki in the network of each operator, i.e. there will be two copies of the Ki. This is problematic because the new operator would require a guarantee that the original operator destroys its copy of the Ki. However, a guarantee such as this imposes additional security procedures and verification methods.
Another reason is that the original operator and the new operator may have identical values of the Ki for different subscribers because the allocation of the values of Ki for each operator is not coordinated. This may hinder the transfer of the Ki from one operator to another for some values of the Ki.
Moreover, in addition to transferring the Ki, it is also necessary to transfer a Sequence number (Seq) that is associated with the Ki. An authentication process comprises a step whereby the network provides a Seq value to the UE, which the UE passes to the UICC. The UICC can ascertain whether an authentication request has been received from a trusted source by comparing a newly received Seq value with the most recently received Seq value.