A wireless device can be provisioned with an electronic subscriber identity module (eSIM). Various network entities participate in provisioning of an eSIM to an SE, where the SE is present in a wireless device. To establish trust between communicating entities, public key infrastructure (PKI) techniques can be used. Problems can arise if a SE does not trust one of these entities.
Aspects of eSIM provisioning include the downloading, installing, enabling, disabling, switching and deleting of a profile on an eUICC or universal integrated circuit card (UICC). UICCs and eUICCs are secure elements (SEs) for hosting profiles. A profile is a combination of operator data and applications provisioned on an SE in a device for the purposes of providing services by an operator. A profile can contain one or more secure data used to prove identity and thus verify contract rights to services. During assembly of a device, the SE can be inserted into the device. A UICC may identified by a card serial number (CSN), and an eUICC may be identified by an eUICC identifier (EID). This application will generally refer to a UICC; the same techniques and apparatuses are applicable for an eUICC.
A profile can be identified by a unique number called an ICCID (Integrated Circuit Card Identifier). A wireless operator is a company providing wireless cellular network services. A mobile network operator (MNO) is an entity providing access capability and communication services to its subscribers through a mobile network infrastructure. In some cases, the device is user equipment used in conjunction with a UICC to connect to a mobile network. An end user or customer is a person using a device. An enabled profile can include files and/or applications which are selectable over an UICC-device interface. An architecture framework related to remote provisioning and management of secure elements in devices is outlined in GSM Association document GSMA SGP.22: “RSP Technical Specification,” Version 1.0 Jan. 13, 2016 (hereinafter “SGP.22”).
A digital signature is authentication data that binds the identity of the signer to a data part of a signed message. A certificate issuer (CI) is a trusted third party whose signature on a certificate vouches for the authenticity of the public key of the associated user identity. A public-key certificate may also be referred to herein simply as a certificate. A user may store a copy of a certificate, where the certificate holds the name of a given party (user identity). The public key recorded in the certificate can be used to check the signature on a message signed using a PKI private key of the given party. Further details with regard to PKI techniques in eSIM provisioning can be found in SGP.22.