The evolution of e-commerce has seen the emergence of smart card technology as an attractive solution for a range of commercial and security applications. Smart cards provide security for data storage and transactions by serving as secure portable tokens providing digital identity, hardware-based authentication, and cryptographic key storage. Many smart cards bear a resemblance to regular magnetic stripe credit cards that allow consumers to make secure transactions in stores and over the Internet. However, smart cards differ in that they use an embedded computer chip rather than a magnetic stripe. This chip allows the card to function much in the same way as a personal computer. As smart cards have become less expensive and more powerful over recent years, a broad range of industries, including telecommunications, and especially mobile devices, have rapidly adopted smart card technology by including smaller smart cards into mobile device handsets.
Smart cards in wireless devices such as mobile phones can store subscriber profile information, such as, for example, information relating to available network services and the subscriber's encoded network identification data including, for example, the telephone number of the subscriber, the subscriber's PIN, and other user data such as contact information. Smart cards contain all the key information required to activate the phone and authenticate subscriber to the network. It is desirable that such cards be secure, so that an untrusted party in possession of the mobile device or the card cannot learn the information contained on the memory of the card. It is further desirable that communications to and from the mobile device that make use of the secure-sensitive information may be encrypted to prevent malicious parties from acquiring the secure information during its transmission. Smart cards with secure element chips that store data in the smart card memory and allow for the encrypted communication of this data can provide mobile device users with secure network access, and protection from fraud and identity theft, and greater business flexibility. However, before secure communications can take place, a smart card must be installed and initialized into a mobile device in such a manner as to prevent untrusted parties from obtaining any of the encryption keys, seed values, or secure internal data.
FIG. 1 is a diagram demonstrating a known method for installing and initializing secure element chips into mobile terminals. The large boxes of FIG. 1 represent the different entities which interact during the installation and initialization process. The smart card vendor 110 produces cards with embedded secure element chips for use in mobile devices. The device vendor 120 manufactures mobile devices, such as mobile phones. The issuer 130 is the wireless service provider who will be responsible for managing the device and supporting secure wireless transactions after the mobile device has been distributed to a user. The retail outlet 140 assembles the secure element chips into mobile devices and distributes the devices to users.
The process of installing and initializing secure element chips shown in FIG. 1 begins when the smart card vendor 110 manufactures the smart cards containing initial keys in step 101. In step 102, the issuer 130 generates the master keys, stores a copy of them in a database, and then securely transmits them to the smart card vendor 110. The smart card vendor 110 uses the master keys received from the issuer 130 and the chip serial numbers to initialize the smart card chips in step 103. The smart card vendor 110 then securely transmits the chip serial numbers back to the issuer 130 in step 104. The issuer 130 stores these serial numbers in the database with the master keys in step 105, so that the issuer 130 now has both the master keys and the chip serial numbers necessary to manage the chips and to support secure wireless communications for the mobile device.
After initializing the smart card chips, the smart card vendor 110 sends the cards to a retail outlet 140 in step 106. Concurrently, in step 107, the device vendor 120 sends its mobile devices to the retail outlet 140. The retail outlet 140 assembles the initialized smart cards into the mobile devices in step 108, and can now distribute the devices to consumers in step 109.
The above-described method divides the manufacturing of mobile devices into two distinct steps: the manufacturing of the device itself, and the assembly of the initialized smart card into the mobile device. These steps are suitable in situations where the smart cards are detachable from the mobile device. However, the above method reduces the business flexibility of all entities involved, by shipping and installing only ‘pre-personalized’ secure element chips into mobile devices. Recently, there has arisen a need for equipping mobile devices with terminal-integrated smart card chips, which makes the above process of using ‘pre-personalized’ secure element chips unsuitable as the secure element chips need to be ‘personalized’ to the issuer only after the chips have been integrated into the mobile devices. Accordingly, there remains a need for an improved method for installing and initializing terminal-integrated secure element chips into mobile devices.