Most of the mobile terminals at present adopt removable cards, i.e. a mobile terminal and a user card storing information for authenticating wireless network users are two independent components that are combined together in application. The majority of the user cards are subscriber identity module cards, such as the subscriber identity module (SIM) card in the global system for mobile communications (GSM), the universal subscriber identity module (USIM) card in the wideband code division multiple access (WCDMA) communication system and the user identity module (UIM) card in the code division multiple access (CDMA) communication system. Such method has many notable advantages, for example, when a user wants to change his mobile terminal, he just buys a new mobile terminal and inserts the original SIM card into the new mobile terminal. As the user information does not need to be changed, the user does not need to go through any procedures of changing mobile terminal with the operator. Another notable advantage of the method is that the mobile services such as issuing numbers by mobile operators are well separated from the sales of mobile terminals, which facilitates the development of mobile services and keeps the sales of mobile terminal comparatively independent, therefore both the mobile service operations and mobile terminal sales are kept flexible to a great extent.
The separation of mobile terminal from user card brings convenience to users as well as to robbery and theft of mobile terminal to the extent that people dare not carry a mobile terminal on the waist. As a mobile terminal is designed to be separated from a user card, a stolen mobile terminal can be used without any trouble with a new SIM card inserted, thus robbers and thieves may profit from selling the stolen mobile terminal. The legal user of the stolen mobile terminal not only suffers economic loss, but also has to go through a series of procedures such as subscription information modification with the operator, which brings great inconvenience to the user. Moreover, when a mobile terminal is lost, the frequently used information that is stored in the mobile terminal, e.g. directory, is also lost, which badly affects the work and daily life of the user.
A common method to enhance the security of the mobile terminal is setting password for a mobile terminal. For example, when a start-up password is set in a mobile terminal, only after the correct password is keyed in at the start-up of the mobile terminal shall the mobile terminal go on with follow-up operations such as network registration. The mobile terminal will not start working when a wrong password is inputted. In this way the one who steals a mobile terminal cannot use or sell the mobile terminal because he does not know the password. It thus enhances the security of the mobile terminal to some extent. However, when such method is adopted, the legal user of the mobile terminal also has to input the password every time he turns on the mobile terminal, which brings great inconvenience to the user. In fact, many users feel it too much a trouble to key in a password every time at the start-up of a mobile terminal, such that they just do not set the password. Therefore it is hard for users to accept and actually employ the above method; hence it does not enhance the security of the mobile terminal at root.
Another method to cope with the security problem of the mobile terminal is setting up a great number of equipment identification registers (EIR) and recording the international mobile equipment identifiers (IMEI) of stolen mobile terminals in the blacklist of the corresponding EIR. When a mobile terminal logs in a network at start-up, it reports its IMEI to the network and corresponding network equipment has to check an EIR and determine whether the IMEI of the mobile terminal is in the blacklist; if the IMEI of the mobile terminal is found in the blacklist, the network shall deem that the mobile terminal is a stolen one and the user of the mobile terminal is an illegal user, and shall thus refuse to provide network services. In such way the one who steals a mobile terminal cannot profit from the mobile terminal as the mobile terminal can not be used, thus it enhances the security of the mobile terminal at root. However, a great number of EIRs and additional network equipment construction are required for this method, which brings not only additional cost, but also inconvenience to network operators. Besides, the software in the stolen mobile terminal can be modified, which enables the mobile terminal to report a fake IMEI to cheat the network, and make it impossible for the network to verify whether the mobile terminal is a stolen one.
Through an authentication method used at present in some mobile communication networks such as the universal mobile telecommunication system (UMTS) of the 3rd Generation mobile communication network, a user card can authenticate a mobile communication network; if the authentication succeeds, the user card will function properly, otherwise the user card will not function normally in the mobile communication network. However, such method does not solve the security problem of the mobile terminal although it enhances the security of the user card in a mobile terminal. The security problem of the mobile terminal is still existed.