Many electronic devices require an initial device activation process when they are first purchased by or assigned to a user if they are to function fully. Smart phones and tablet devices, for example, are often activated for a buyer at the point of purchase, such as at a retail store. Although these and other electronic devices can still operate without being activated, they may not be able to access or perform some services or functions, such as cell phone service, subscription programming, cloud storage, and other online or networked services and content. In addition to being activated at a purchase point, these electronic devices can also be activated by a user at other times and locations. The integrity of activation and other device service registration can depend upon an accurate identification of the specific device being activated or registered.
Although many device activations and registrations remain legitimate, there can be instances of theft, piracy, impersonation, attacks, and other unauthorized uses that undermine the legitimate distribution, purchase, and use of electronic devices and the activation and other various services that are provided therefor. Current security protocols for device activations and registrations often include the use of a unique serial number or UDID (unique device identifier) and/or private keys for making encrypted signatures. Unfortunately, UDIDs are static codes, and private keys are often chosen from limited sets, such that hackers and other sophisticated parties may still be able to frustrate these safeguards from time to time.
While current device activation and registration techniques and processes have worked well in the past, improvements in providing these functions with greater security and confidence are usually welcome. Accordingly, there is a need for techniques and systems that more securely activate and register individual user devices.