Electronic devices, such as smart phones and netbooks, may host applications that make network calls to request data and services from application servers that are accessible through a telecommunication network. For example, an electronic device may host a browser, an electronic mail client, and/or a media player. An application server may request that these applications provide authentication credentials to the application servers prior to distributing data and services to these applications.
Traditional telecommunication networks may use techniques such as subscriber profile insertion to insert authentication credentials in the form of subscriber identities into data or service request traffic originating from the applications on the electronic devices. In turn, the application servers may rely on such authentication credentials in order to authenticate and authorize the electronic devices to access data or services. For example, in a Multimedia Messaging Service (MMS) scenario, a Gateway GPRS Support Node (GGSN) of the telecommunication network may insert a Mobile Subscriber Integrated Services Digital Network Number (MSISDN) of a subscriber into a Hypertext Transfer Protocol (HTTP) Get Message or a HTTP Post Message that is destined for an application server.
However, there may be several drawbacks to the subscriber profile insertion techniques. First, the reliance on a data gateway of the telecommunication network to insert credential information into data or service request traffic may place additional resource burdens on the telecommunication network. Second, the application servers may be forced to rely on authentication credentials that are inserted by another entity in the data path in order to protect access to sensitive or valuable data or services. Moreover, subscriber profile insertion cannot be used in conjunction with encrypted data connections between electronic devices and application servers. The data gateway of the telecommunication network is incapable of inserting credentials into encrypted traffic between an electronic device and an application server. Further, current subscriber profile insertion techniques are not compatible with the use of Wi-Fi connections to connect electronic devices to application servers.