For mobile units used for mobile telephones such as car telephones, portable telephones, etc., Japan currently employs a leasing system under which the subscriber leases the mobile equipment from the communications carrier that provides the telephone network, but a purchase system of the mobile equipment is expected to be introduced soon. While it is hoped that the introduction of the purchase system will help to further increase the use of mobile telephones, such problems as illegal duplication of mobile units (clone mobile units) are expected to arise. In fact, other countries where purchase plans are employed are facing such problems.
There are two types of information stored in a memory of a mobile unit: information, such as built-in software, whose contents are identical with other mobile units of the same model, and information different for each individual mobile unit and used to authenticate the mobile unit to the communications network for connection. The former information need not be read out or written in from the outside, and also, the amount of information is large; therefore, it is so designed that external readout or write-in is difficult or impossible. On the other hand, the latter individualized information includes information concerning the telephone number (Mobile Subscriber Number: MSN) assigned to each subscriber of the telephone network, the mobile unit number (Mobile Station Identity: MSI) for identifying the mobile unit, the authentication key (MSN-key) for the communications network to authenticate the subscriber, and the authentication key (MSI-key) for the communications network to authenticate the mobile unit. The amount of such personal information is relatively small. After the mobile unit purchase system is put into effect, it is required when a contract is made between the communications carrier and the subscriber who purchased the mobile unit, that after sale of the product, personal information should be written into the mobile unit for registration with the communications carrier as soon as possible. Therefore, there must be a capability that such personal information is quickly written in and read out from the outside. Furthermore, the personal information must be alterable to allow for a possible future change in the contents of the contract.
In the case of an ID containing type mobile unit in which such personal information is stored in a nonvolatile memory such as an EEPROM contained in the mobile unit, a stand-alone ROM writer is connected to write the information into the internal EEPROM when the contract is made. It is desirable, from the standpoint of promoting the sales of mobile units, that the ROM writer be installed at every mobile unit dealer who is authorized under contract with the communications carrier so that the user who purchased the mobile unit can have the unit registered on the spot without having to take the unit to the communications carrier for registration.
Another method of sale which is desirable from the standpoint of sales promotion is to sell mobile units with no personal information written therein at mass-volume retail stores, so that the user who purchased one from such a store takes his mobile unit to an authorized dealer having the ROM writer and has the personal information written into the mobile unit for registration upon making a contract.
To make such a method of sale possible, the mobile unit must be designed so that personal information can be written in and read out from outside the unit. However, the fact that mobile units with no personal information written in are sold on the market and that the personal information stored in each mobile unit can be read out, means that duplicate units that cannot be distinguished by the communications network can be made easily by reading out the personal information and writing it into other mobile units with no personal information previously written therein.
Even if the personal information is stored in encrypted form so that the contents cannot be recognized, duplicates of mobile units that can be connected to the communications network can be made by simply copying the same contents into other mobile units of the same model. Even if perfect protection can be provided by some means against read out attempts, it is possible to make duplicate units by reading out personal information from a mobile unit of a previous model from which the personal information can be read out, and by writing it into other mobile units with no personal information written therein. Such illegal duplications of registered mobile units would not only make it impossible to collect basic charges that could otherwise be collected, but cause a problem that when a number of such indistinguishable mobile units are simultaneously connected to the communications network, the registration of mobile unit locations would become confused, thus disrupting the communications network system.
To facilitate the contract and registration procedures at the carrier's authorized dealers where the ROM writer is installed, it is desirable that the ROM writer be connected to a terminal installed at the communications carrier via a communication line so that the contract and registration procedures can be performed on-line. This, however, gives rise to the possibility that someone may intercept the communication line. It is therefore necessary to provide some measures so that if intercepted, duplication of mobile units cannot be made by using the intercepted information.
Furthermore, provisions must be made so that even if information known only to the communications carrier or the mobile unit manufacturer leaks out for some reason, duplication of mobile units cannot be made by using the information from one party alone unless the information from the other party is combined with it.
Moreover, for the mobile unit to be connected to the ROM writer via a cable, the mobile unit needs to be provided with a connector for cable connection with the ROM writer; this prevents a reduction in size of the mobile unit. Further, if the type of connector is different for each mobile unit model, the dealer needs to have as many ROM writers as the number of mobile unit models that the dealer carries.
On the other hand, it is planned that the personal information will be stored in an IC card instead of writing it directly into a mobile unit so that the IC card is inserted into a mobile unit for use in communication, allowing the shared use of one mobile unit by plurality of subscribers, or conversely, allowing one subscriber to use a plurality of mobile units. In this case also,the IC card must be made secure from illegal readout and write-in (dead copy), and furthermore, measures must be taken so that illegal duplication of the IC card cannot be made by using the information from one party alone, the communication carrier or the manufacturer, as in the case of the built-in ID type mobile unit.
Since each IC card is identical in physical shape, it can be inserted into any mobile unit. However,when the IC card is inserted into a mobile unit that cannot be connected to the communications network or that is not permitted to be connected to the communications network,such a mobile unit must not operate and transmit illegal radiowaves.
One way this can be accomplished is by storing information on the IC card that restricts the use only to the mobile units approved by the communications carrier for connection. In this case, when an additional mobile unit is approved for connection after the registration of the IC card, a request will have to be made to the communications carrier or its authorized dealer to have additional information written to the IC card in order that the additional mobile unit is able to be used. This imposes a cumbersome procedure on the subscriber.