The security module of a mobile or portable telephone is known under the denomination “SIM card” (Subscriber Identity Module) that constitutes the central security element of these telephones. The telephone operator introduces, during manufacturing and/or during the personalization stage, a number called IMSI (International Mobile Subscriber Identification) that serves to identify in a secure and unique way each subscriber desiring to connect to a mobile network. Each mobile telephone, called mobile equipment hereinafter, is physically identified by a number stored in a non-volatile memory of the mobile equipment. This number, called IMEI, (International Mobile Equipment Identifier) contains an identification of the type of mobile equipment and a serial number serving to identify in a unique way a given mobile equipment on a network of the GSM type (Global System for Mobile Communications), GPRS (General Packet Radio System) or UMTS (Universal Mobile Telecommunications System). Furthermore, mobile equipment is characterized by a software version SVN (Software Version Number) indicating the updating state of the base software installed on the mobile equipment. The combination of the identification of the type and of the serial number of the mobile equipment with the software version (SVN) gives a new identification, called IMEISV (International Mobile Equipment Identifier and Software Version Number). The same identification concept also applies to the WLAN (Wireless LAN) or to bidirectional cable TV. The physical identifier can be a MAC address (Media Access Control) that corresponds to the unique address that identifies the configuration of the material of a user on a network IP (Internet Protocol) and the software version can be transmitted by upper layer protocols based on IP.
The ETSI regulations (“European Telecommunications Standards Institute”), define a mobile station (MS, mobile station) composed of an item of mobile equipment (ME, mobile equipment) and a subscription module (SIM, subscriber identity module). This subscriber module is usually removable, that is to say that it can be either withdrawn or transferred from one item of mobile equipment to another.
During the activation of a mobile equipment, more particularly during its connection to the network of an operator, data comprising the identification data is exchanged between the mobile equipment and the management center of the operator that authorizes or prohibits its use.
The document EP0757502 describes a method of locking a user identification module when the physical identifier of the mobile equipment IMEI is on a black list. When the mobile equipment connects to the mobile network, it transmits the identifier IMEI to a management center. The latter makes a comparison to verify the identifier received with the contents of a database where the operator registers the identifiers of stolen or defective mobile equipments. If an identifier received is present in this database, the management center transmits a message containing a locking command to the mobile equipment in question. This command, after verification of its authenticity, is transmitted to the identification module that carries out a locking procedure preventing any further connection of the mobile equipment to the network.
The document U.S. Pat. No. 5,864,757 describes an activation method of a mobile handset with a subscriber module based on the use of a key pertaining to the handset producing a code corresponding to an identifier of the subscriber module. The handset includes a single tamper-proof key. At the time of its activation, the operator's management center transmits a message to the handset serving to calculate a key specific to the operator by using the unique key of the handset. This new key is used in combination with an identifier of the network or of the subscriber module to generate a control word that is confronted with a code stored in the subscriber module. If the control word agrees with the subscriber module code, the handset is activated.
The methods described in these two documents exclusively concern aspects requiring the physical identification of the mobile equipment based, for example, on the identifier IMEI. When these methods are implemented, their effects concentrate only on the locking/unlocking of the subscriber module and/or of the mobile equipment in order to prevent any connection of the mobile equipment to the network.
Presently, mobile equipment offers to the user, in addition to its usual function of establishing telephone conversations by means of an access to a mobile network, the use of numerous other supplementary value added services such as the consultation of various information, remote banking transactions, electronic commerce, access to multimedia contents, etc. These improved services require an increasingly higher level of security in order to protect users against possible frauds caused by third parties seeking to exploit security failures that may appear on the mobile equipments.
Therefore, verification on at least two levels becomes necessary: on one hand at the level of the mobile equipment itself and on the other hand at the level of software applications that allow the functioning of the different services proposed by the operator or by third parties. The aim is to guarantee that the subscriber module operates only with mobile equipment of the type and software version duly authorized or homologated by the operator and/or by the application suppliers. Functioning of the subscriber module is understood to mean the capacity to allow the use of services requested by a user by carrying out a certain number of software applications previously installed in a memory of the mobile equipment and which use the subscriber module as protection mean.
These applications carried out in the mobile equipment use resources available in the subscriber module. Resources are understood to mean different functions and data necessary for the correct functioning of an application. Certain resources can be common to several applications, in particular the functions related to security. The subscriber module can thus block or alter the functioning of certain applications for which the security conditions established by the operator and/or application supplier are not respected in the mobile equipment in question or the rights of the user of the mobile equipment are insufficient.
The aforementioned documents do not cover the software aspects related to a group of mobile equipments such as, for example, information related to software applications installed, a software version number or even a reference to a type or to a model of mobile equipment, etc. Therefore, it concerns the use of a targeted management method of resources of the subscriber module in order to selectively activate/deactivate the applications or application functions using these resources. However, it is not desirable for these operations to prevent the mobile equipment from accessing the network by completely locking the subscriber module.