CA2115435C - Method for personalisation of an active card - Google Patents
Method for personalisation of an active cardInfo
- Publication number
- CA2115435C CA2115435C CA002115435A CA2115435A CA2115435C CA 2115435 C CA2115435 C CA 2115435C CA 002115435 A CA002115435 A CA 002115435A CA 2115435 A CA2115435 A CA 2115435A CA 2115435 C CA2115435 C CA 2115435C
- Authority
- CA
- Canada
- Prior art keywords
- card
- data
- central computer
- key
- active
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/229—Hierarchy of users of accounts
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/30—Security of mobile devices; Security of mobile applications
- H04W12/35—Protecting application or service provisioning, e.g. securing SIM application provisioning
Abstract
Personalisation of an active so-called SIM card (11) for a mobile telephone system of GSM type is effected in a place (3) connected to the central computer (1) of the system via a communication network (2). The card identity IMSI and the card authentication key Ki are transferred in line-encrypted form (DES) to terminal equipment (9) in said place, where the card (11) is inserted in a reader (10). After line decryption (12, 13), the result thereof is transferred to the card in a manner to prevent unauthorised listening-in. This can be done in a safety box or by double encryption (A3/A8) of IMSI and Ki, the decryption thereof being performed within the card by means of a unique card key Ksim.
Description
' 1 21 15435 TITLE OF THE INVENTION
Method for personalisation of an active card TECHNICAL FIELD
The present invention relates to a method for personalisation of an active subscriber card, a so-called SIM card, for use in a mobile telephone system, comprising a central computer, the unique identity of the card, so-called ISMI, and the unique authentication key of the card, so-called Ki, being stored in the card from the central computer. The invention is especially applicable to a mobile telephone system of GSM type and will be described in more detail with reference thereto, although it is obvious that the invention is also applicable to other mobile telephone systems of similar type.
TECHNICAL BACKGROUND
In mobile telephone systems, in which the mobile units are controlled by active cards assigned to the subscribers, the personalisation of the respective card constitutes an essential procedure which is safeguarded by rigorous security measures and which includes activating the card and loading it with IMSI and Ki, and preferably also a so-called PUK code, (Personal Unblocking Key). It is essential that this loading be effected in a safe manner to prevent unauthorised people from having access thereto.
In view hereof, the personalisation procedure is carried out in a central personalisation place or a customer service place adjacent the central computer, where it is possible to meet the high demands of security.
OBJECT OF THE INVENTION
An object of an aspect of the present invention is to provide a method making it possible, still in a safe manner, to effect the personalisation procedure in other places than the above-mentioned central place, whereby a number of advantages can be gained.
~ W093/07697 2 ~ 1 5 4 3 5 PCT/SE92/~K~
, 2115~3~ 2 SUMMARY OF THE INVENTION
The above-mentioned ob~ect is achieved by a method which accordlng to the invention has the features stated in the appended claims.
According to the invention, the storage procedure should thus be carried out when the card is in a persona-lisation place remotely connected to the central computer via a data communication network, especially a retail place, the card being inserted in a reader associated with data terminal equipment connected to the data communica-tion network, IMSI and Xi and preferably also PUK being transferred in line-encrypted form from the central com-puter to the data terminal equipment where line decryption is performed, and the result of the line decryption being transferred to the SIM card in a manner to prevent unauthorised l istening-in .
A distributed personalisation of this type makes it possible to divide up IMSI number series geographically, which is a major advzntage in that the network signalling is simplified or reduced, and also in that the service level towards a new subscriber can be kept very high. In fact, the personalisation can be effected directly and without any waiting times conditioned by the disp~tch of cards, code envelopes etc., from a central place. The direct communication with the central computer also makes it possible to provide for different special services in a rapid and simple manner.
The transfer of the result of the line decryption to the SIM card in a sa'e manner can be carried out in diffe-rent ways.
According to a first conceivable alternative, theline decryption and the result transfer to the SIM card take place in a physically sealed space, into which any attempt of unauthorised intrusion means that relevant information is erased and that the process is interrupted and cannot be continued without spec~al security measures being taken. Mechanical and electronic protection of this r W093/07697 PCT/SE92/0~6 2115~3~
klnd can be achieved by means of a special safety box, in whlch the c~rcuitry concerned is enclosed during the personalisation procedure.
Accordin~ to a second conceivable alternative, the result of the line decryption is transferred to the SIM
card in encrypted form, at least in respect of Ki. This is preferably done by encrypting Ki and preferably also PUX
and optionally IMSI an extra time in the central computer --~ before the line-encrypted transfer to the personalisation place, the result of the line decryption transferred to the SIM card being decrypted within the SIM card by means of a card key Ksim, which has suitably been stored in the -- SIM card in connection with the manufacture thereof. This card key Xsim is preferably unique to the respective card.
15The decryption in the SIM card here takes place advantageously by means of the card key and a secret algo-rithm, especially being the alyor~thm which is intended for encryption/decryption in connection with the regular use of the card in the mobile telephone system, and on which there is information in the central computer. Advan-tageously, the algorithm is of type A3/A8 according to GSM
rPrs~m~ndation .
According to the invention, it is preferred that the central computer before the double encryption calculates the reguired Ksim, using SIM-card identification trans-ferred from the personalisation place, the "master key" by _means of which the SIM card is manufactured and the per-taining algorithm.
It is understood that the central computer may have been separately supplied with information on both said master key and the algorithm concerned for new SIM cards after the manufacture thereof with the card manufacturer.
It is however also possible that the above-mentioned SIM-card identification transferred to the central com-puter may contain such information that the central com-puter can conclude on the basis thereof which master key ~ . , $
~; . .
4 2 ~ ~5435 ~
(among a number of possible ones) and which algorithm (among a number of possible ones) are at issue.
This obviously means that the key Ksim, for enhanced security, can be modified during the continuous s manufacture of the SIM cards.
The above-mentioned SIM-card identification may consist of the serial number of the card, which then can include special fields with information on e.g. master key and/or the algorithm concerned.
It is understood that, for further enhanced security, it is possible to combine the two alternatives described above.
According to the invention, it is further advantageous to control the personalisation procedure by means of an active personalisation card which is inserted in a reader associated with the data terminal equipment and which contains at least parts of the line-encryption function, especially a pertaining key, preferably also the pertaining algorithm.
Anyone who handles the personalisation procedure (e.g. a retailer) can thus have his own unique active card, which can thus be used both for authorisation checks (active and passive authentication), and as an encrypting unit. Everybody can then have an individual encryption key for further enhanced security.
According to one aspect of the invention there is provided a method for programming of an active card for use in a mobile telephone system comprising a central computer, the unique identity of the card and the unique authentication key of the card being stored in the card from the central computer, characterised by carrying out the storage procedure when the card is in a location remotely connected to the central computer via a data communication network, the card being inserted in a reader associated with the data terminal equipment connected to the data communication network; transferring the unique identity of the card and data terminal equipment, where line decryption occurs; and transferring the result of the 4a 2 ~ 1 5 4 3 5 line decryption to the card in a manner to prevent unauthorised intrusion, at least in respect of the unique S authentication key of the card.
According to another aspect of the invention there is provided a method for programming an active card from a remote central computer for use in a mobile telephone system comprising the steps of:
inserting the active card in a card reader associated with a data terminal;
encrypting data respresentative of a unique identity code and a unique authentication key with the remote central computer;
transferring the encrypted data from said remote central computer through a data communication network to the data terminal;
decrypting the encrypted data into card and data at the data terminal; and transferring the card to the active card.
Further features of the invention will appear from the following description of exemplifying embodiments with reference to the accompanying drawings.
2s BRIEF DESCRIPTION OF THE DRAWINGS
Fig. 1 is a diagrammatical general view illustrating and embodiment of the method according to the invention.
Fig. 2 is a block diagram which illustrates in more detail the embodiment of Fig. 1.
Fig. 3 is a block diagram illustrating another embodiment of the method according to the invention.
' W093/07697 PCT/SE92/~K~6 2115~35 DESCRIPTIO~ OF EMBODIMENTS
In Fig. 1, reference number 1 designates, in a mobile telephone system, a central computer whlch via a data com-munication network 2 comm~nicates wlth a number of retai-lers 3, 4, 5, 6, and which also ~orm-~nicates with a cus-tomer service place 7.
Each retailer has data terminal e~uipment 9, to which are connected a reader 10 for SIM cards 11 and line-- encryption eguipment 12, 13 consisting of a reader 12 and an active retailer card 13. A keyboard 14 for entering a PIN code in a SIM card concerned is connected to the reader 10.
~ he central computer 1 contains means 15 for calcu-lating Xsim on the basis of card information ICC-ID trans-ferred from the retailer place, means 16 for generatingIMSI, Ki and PUK, means 17 for encrypting the latter ones, using the key Ksim and an A3/A8 algorithm, and means 18 for DES line encryption.
The central computer provides information about PUK
to the customer service place 7, which on a printer 19 prints out a letter 20 with information about this. This letter is sent by post to the customer concerned.
The function according to the invention will now be described in more detail with reference also to Fig. 2.
The systems operator 21 informs the card manufacturer 22 and the central computer 1 about master key, DES and A3/A8 algorithms, and the central computer also about the retailer card key Kl. The card manufacturer calculates Ksim for the respective card in a series to be sent to a certain retailer 3 based on the DES algorithm, the master key and the card serial number. Ksim and the A3/A8 algo-rithm are loaded in the card along with card serial num-bers before the card is sent to the retailer.
From the systems operator, the retailer receives his personal active card 13 with the pertaining entered card key Kl and DES algorithm for the line encryption, about which the central computer thus holds information.
W093/07697 PCT/SE92/~K~6 2115~35 When a retailer is to personalise a new SIM card for a new subscriber, he starts by inserting his active card 13 ln a reader 12 assoclated wlth the retaller termlnal and loss in in customary manner, the active card serving as authentication means (optionally together with a PIN
code which is unique to the retailer and which is inputted on the terminal keyboard), thus verifying the authori-sation of the reta~ler.
A new SIM card 11 is now inserted in the pertaining reader 10, card-$ndentifying information ICC-I~ being transferred from certain fields, preprogrammed during the manufacture of the card, in the SIM card via the retailer terminal 9 and the network 2 to the central computer 1.
Other relevant subscriber data are inputted via the key-board of the terminal and transmitted to the central com-puter for customary checking, etc. If the subscriber is accepted, the number MSISDN selected or accepted by the subscriber is also transmitted to the central computer.
In the central computer, Ksim is calculated on the basis of the information received on master key, serial number and DES algorithm. Ki and PUK are generated as random numbers. IMSI is allocated from the IMSI series prepared for the retailer or the area to which the retai-ler belongs.
IMSI, Xi and PUK are encrypted using Ksim and the selected A3/A8 algorithm. The thus-encrypted IMSI, Ki and PUK and other data to be transferred are thereafter line encrypted using the key Kl and the DES algorithm, and transferred via the data communication network to the retailer terminal, where line decryption occurs using the card key Kl and DES algorithm of the retailer's active card 13.
Via the reader 10, the other data now decrypted can be loaded directly in the SIM card, while IMSI, Ki and 35. PUK, still in encrypted form, are transferred to the SIM
card for decryption therein, using the card key Ksim and the pertaining A3/A8 algorithm. Advantageously, this algo-W093/07697 PCT/SE92/~K~6 rithm is identlcal with the algorithm which ~s intended for the regular use of the card and which is unique to the systems operator and can be varied for different card serles, if deslred.
After decryption, IMSI, K1 and PUK are loaded in the pertaining data field in the SIM card.
Via the PIN keyboard 13, the subscr$ber can hims~lf load an optional PIN code in the SIM card in a strictly - confidential manner. The card is thus ready for use. The PUX code assigned by the central computer is sent to the subscriber by post after a day or two.
The alternative P~ho~i~ent of the invention shown in Fig. 3 differs from that in Figs 1 and 2 by the absence of the double encryption procedure. ~he transfer of Ki, IMSI
and PUK to the SIM card 11 after line decryption, which occurs by means of the retailer card 13 inserted in its reader 12, instead occurs in a protected manner, by the card reader 12 with its card 13 and the SIM card 11 in its reader 10 (connected to the reader 12) being mechanically and electronically protectively enclosed in a safety box 31 during the personalisation procedure.
As readily appreciated by those skilled in the art, the safety box 31 may be designed in many different ways, which also applies to the means which should be provided for interrupting the procedure and erasing sensitive data in the case of an attempted intrusion into the safety box.
It is understood that the two atternatives described above can be combined, if additional security is desired in the retailer place and/or during the transfer via the data communication network.
s
Method for personalisation of an active card TECHNICAL FIELD
The present invention relates to a method for personalisation of an active subscriber card, a so-called SIM card, for use in a mobile telephone system, comprising a central computer, the unique identity of the card, so-called ISMI, and the unique authentication key of the card, so-called Ki, being stored in the card from the central computer. The invention is especially applicable to a mobile telephone system of GSM type and will be described in more detail with reference thereto, although it is obvious that the invention is also applicable to other mobile telephone systems of similar type.
TECHNICAL BACKGROUND
In mobile telephone systems, in which the mobile units are controlled by active cards assigned to the subscribers, the personalisation of the respective card constitutes an essential procedure which is safeguarded by rigorous security measures and which includes activating the card and loading it with IMSI and Ki, and preferably also a so-called PUK code, (Personal Unblocking Key). It is essential that this loading be effected in a safe manner to prevent unauthorised people from having access thereto.
In view hereof, the personalisation procedure is carried out in a central personalisation place or a customer service place adjacent the central computer, where it is possible to meet the high demands of security.
OBJECT OF THE INVENTION
An object of an aspect of the present invention is to provide a method making it possible, still in a safe manner, to effect the personalisation procedure in other places than the above-mentioned central place, whereby a number of advantages can be gained.
~ W093/07697 2 ~ 1 5 4 3 5 PCT/SE92/~K~
, 2115~3~ 2 SUMMARY OF THE INVENTION
The above-mentioned ob~ect is achieved by a method which accordlng to the invention has the features stated in the appended claims.
According to the invention, the storage procedure should thus be carried out when the card is in a persona-lisation place remotely connected to the central computer via a data communication network, especially a retail place, the card being inserted in a reader associated with data terminal equipment connected to the data communica-tion network, IMSI and Xi and preferably also PUK being transferred in line-encrypted form from the central com-puter to the data terminal equipment where line decryption is performed, and the result of the line decryption being transferred to the SIM card in a manner to prevent unauthorised l istening-in .
A distributed personalisation of this type makes it possible to divide up IMSI number series geographically, which is a major advzntage in that the network signalling is simplified or reduced, and also in that the service level towards a new subscriber can be kept very high. In fact, the personalisation can be effected directly and without any waiting times conditioned by the disp~tch of cards, code envelopes etc., from a central place. The direct communication with the central computer also makes it possible to provide for different special services in a rapid and simple manner.
The transfer of the result of the line decryption to the SIM card in a sa'e manner can be carried out in diffe-rent ways.
According to a first conceivable alternative, theline decryption and the result transfer to the SIM card take place in a physically sealed space, into which any attempt of unauthorised intrusion means that relevant information is erased and that the process is interrupted and cannot be continued without spec~al security measures being taken. Mechanical and electronic protection of this r W093/07697 PCT/SE92/0~6 2115~3~
klnd can be achieved by means of a special safety box, in whlch the c~rcuitry concerned is enclosed during the personalisation procedure.
Accordin~ to a second conceivable alternative, the result of the line decryption is transferred to the SIM
card in encrypted form, at least in respect of Ki. This is preferably done by encrypting Ki and preferably also PUX
and optionally IMSI an extra time in the central computer --~ before the line-encrypted transfer to the personalisation place, the result of the line decryption transferred to the SIM card being decrypted within the SIM card by means of a card key Ksim, which has suitably been stored in the -- SIM card in connection with the manufacture thereof. This card key Xsim is preferably unique to the respective card.
15The decryption in the SIM card here takes place advantageously by means of the card key and a secret algo-rithm, especially being the alyor~thm which is intended for encryption/decryption in connection with the regular use of the card in the mobile telephone system, and on which there is information in the central computer. Advan-tageously, the algorithm is of type A3/A8 according to GSM
rPrs~m~ndation .
According to the invention, it is preferred that the central computer before the double encryption calculates the reguired Ksim, using SIM-card identification trans-ferred from the personalisation place, the "master key" by _means of which the SIM card is manufactured and the per-taining algorithm.
It is understood that the central computer may have been separately supplied with information on both said master key and the algorithm concerned for new SIM cards after the manufacture thereof with the card manufacturer.
It is however also possible that the above-mentioned SIM-card identification transferred to the central com-puter may contain such information that the central com-puter can conclude on the basis thereof which master key ~ . , $
~; . .
4 2 ~ ~5435 ~
(among a number of possible ones) and which algorithm (among a number of possible ones) are at issue.
This obviously means that the key Ksim, for enhanced security, can be modified during the continuous s manufacture of the SIM cards.
The above-mentioned SIM-card identification may consist of the serial number of the card, which then can include special fields with information on e.g. master key and/or the algorithm concerned.
It is understood that, for further enhanced security, it is possible to combine the two alternatives described above.
According to the invention, it is further advantageous to control the personalisation procedure by means of an active personalisation card which is inserted in a reader associated with the data terminal equipment and which contains at least parts of the line-encryption function, especially a pertaining key, preferably also the pertaining algorithm.
Anyone who handles the personalisation procedure (e.g. a retailer) can thus have his own unique active card, which can thus be used both for authorisation checks (active and passive authentication), and as an encrypting unit. Everybody can then have an individual encryption key for further enhanced security.
According to one aspect of the invention there is provided a method for programming of an active card for use in a mobile telephone system comprising a central computer, the unique identity of the card and the unique authentication key of the card being stored in the card from the central computer, characterised by carrying out the storage procedure when the card is in a location remotely connected to the central computer via a data communication network, the card being inserted in a reader associated with the data terminal equipment connected to the data communication network; transferring the unique identity of the card and data terminal equipment, where line decryption occurs; and transferring the result of the 4a 2 ~ 1 5 4 3 5 line decryption to the card in a manner to prevent unauthorised intrusion, at least in respect of the unique S authentication key of the card.
According to another aspect of the invention there is provided a method for programming an active card from a remote central computer for use in a mobile telephone system comprising the steps of:
inserting the active card in a card reader associated with a data terminal;
encrypting data respresentative of a unique identity code and a unique authentication key with the remote central computer;
transferring the encrypted data from said remote central computer through a data communication network to the data terminal;
decrypting the encrypted data into card and data at the data terminal; and transferring the card to the active card.
Further features of the invention will appear from the following description of exemplifying embodiments with reference to the accompanying drawings.
2s BRIEF DESCRIPTION OF THE DRAWINGS
Fig. 1 is a diagrammatical general view illustrating and embodiment of the method according to the invention.
Fig. 2 is a block diagram which illustrates in more detail the embodiment of Fig. 1.
Fig. 3 is a block diagram illustrating another embodiment of the method according to the invention.
' W093/07697 PCT/SE92/~K~6 2115~35 DESCRIPTIO~ OF EMBODIMENTS
In Fig. 1, reference number 1 designates, in a mobile telephone system, a central computer whlch via a data com-munication network 2 comm~nicates wlth a number of retai-lers 3, 4, 5, 6, and which also ~orm-~nicates with a cus-tomer service place 7.
Each retailer has data terminal e~uipment 9, to which are connected a reader 10 for SIM cards 11 and line-- encryption eguipment 12, 13 consisting of a reader 12 and an active retailer card 13. A keyboard 14 for entering a PIN code in a SIM card concerned is connected to the reader 10.
~ he central computer 1 contains means 15 for calcu-lating Xsim on the basis of card information ICC-ID trans-ferred from the retailer place, means 16 for generatingIMSI, Ki and PUK, means 17 for encrypting the latter ones, using the key Ksim and an A3/A8 algorithm, and means 18 for DES line encryption.
The central computer provides information about PUK
to the customer service place 7, which on a printer 19 prints out a letter 20 with information about this. This letter is sent by post to the customer concerned.
The function according to the invention will now be described in more detail with reference also to Fig. 2.
The systems operator 21 informs the card manufacturer 22 and the central computer 1 about master key, DES and A3/A8 algorithms, and the central computer also about the retailer card key Kl. The card manufacturer calculates Ksim for the respective card in a series to be sent to a certain retailer 3 based on the DES algorithm, the master key and the card serial number. Ksim and the A3/A8 algo-rithm are loaded in the card along with card serial num-bers before the card is sent to the retailer.
From the systems operator, the retailer receives his personal active card 13 with the pertaining entered card key Kl and DES algorithm for the line encryption, about which the central computer thus holds information.
W093/07697 PCT/SE92/~K~6 2115~35 When a retailer is to personalise a new SIM card for a new subscriber, he starts by inserting his active card 13 ln a reader 12 assoclated wlth the retaller termlnal and loss in in customary manner, the active card serving as authentication means (optionally together with a PIN
code which is unique to the retailer and which is inputted on the terminal keyboard), thus verifying the authori-sation of the reta~ler.
A new SIM card 11 is now inserted in the pertaining reader 10, card-$ndentifying information ICC-I~ being transferred from certain fields, preprogrammed during the manufacture of the card, in the SIM card via the retailer terminal 9 and the network 2 to the central computer 1.
Other relevant subscriber data are inputted via the key-board of the terminal and transmitted to the central com-puter for customary checking, etc. If the subscriber is accepted, the number MSISDN selected or accepted by the subscriber is also transmitted to the central computer.
In the central computer, Ksim is calculated on the basis of the information received on master key, serial number and DES algorithm. Ki and PUK are generated as random numbers. IMSI is allocated from the IMSI series prepared for the retailer or the area to which the retai-ler belongs.
IMSI, Xi and PUK are encrypted using Ksim and the selected A3/A8 algorithm. The thus-encrypted IMSI, Ki and PUK and other data to be transferred are thereafter line encrypted using the key Kl and the DES algorithm, and transferred via the data communication network to the retailer terminal, where line decryption occurs using the card key Kl and DES algorithm of the retailer's active card 13.
Via the reader 10, the other data now decrypted can be loaded directly in the SIM card, while IMSI, Ki and 35. PUK, still in encrypted form, are transferred to the SIM
card for decryption therein, using the card key Ksim and the pertaining A3/A8 algorithm. Advantageously, this algo-W093/07697 PCT/SE92/~K~6 rithm is identlcal with the algorithm which ~s intended for the regular use of the card and which is unique to the systems operator and can be varied for different card serles, if deslred.
After decryption, IMSI, K1 and PUK are loaded in the pertaining data field in the SIM card.
Via the PIN keyboard 13, the subscr$ber can hims~lf load an optional PIN code in the SIM card in a strictly - confidential manner. The card is thus ready for use. The PUX code assigned by the central computer is sent to the subscriber by post after a day or two.
The alternative P~ho~i~ent of the invention shown in Fig. 3 differs from that in Figs 1 and 2 by the absence of the double encryption procedure. ~he transfer of Ki, IMSI
and PUK to the SIM card 11 after line decryption, which occurs by means of the retailer card 13 inserted in its reader 12, instead occurs in a protected manner, by the card reader 12 with its card 13 and the SIM card 11 in its reader 10 (connected to the reader 12) being mechanically and electronically protectively enclosed in a safety box 31 during the personalisation procedure.
As readily appreciated by those skilled in the art, the safety box 31 may be designed in many different ways, which also applies to the means which should be provided for interrupting the procedure and erasing sensitive data in the case of an attempted intrusion into the safety box.
It is understood that the two atternatives described above can be combined, if additional security is desired in the retailer place and/or during the transfer via the data communication network.
s
Claims (24)
PROPERTY OF PRIVILEGE IS CLAIMED ARE DEFINED AS FOLLOWS:
1. Method for programming of an active card for use in a mobile telephone system comprising a central computer, the unique identity of the card and the unique authentication key of the card being stored in the card from the central computer, characterised by carrying out the storage procedure when the card is in a location remotely connected to the central computer via a data communication network, the card being inserted in a reader associated with the data terminal equipment connected to the data communication network; transferring the unique identity of the card and data terminal equipment, where line decryption occurs; and transferring the result of the line decryption to the card in a manner to prevent unauthorised intrusion, at least in respect of the unique authentication key of the card.
2. Method as claimed in claim 1, characterised in that the line decryption and the result transfer to the card are performed in a physically sealed space, such as a safety box, into which any attempt of unauthorised intrusion results in the erasure of relevant information.
3. Method as claimed in claim 1 or 2, characterised in that the result of the line decryption is transferred in encrypted form to the card.
4. Method as claims in claim 3, characterised in that the unique authentication key of the card and preferably also the unique identity of the card are double-encrypted in the central computer before the transfer to said location, the result of the line decryption transferred to said card being decrypted in the card by means of a card key, which has preferably been stored in the card in connection with the manufacture thereof.
5. Method as claimed in claim 4, characterised in that the decryption in the card is performed by means of said card key which is unique to the card, and an algorithm intended for the regular use of the card.
6. Method as claimed in claim 5, characterised in that before the encryption, the central computer calculates said card key, using an identification transferred from said location, the master key with which the card is produced and on which information has been entered in the central computer, and the pertaining algorithm.
7. Method as claimed in any one of the preceding claims, characterised in that it is controlled by means of an active personalisation card which is inserted in a reader pertaining to the data terminal equipment and which contains at least parts of the line-encryption function.
8. Method as claimed in claim 7, characterised in that use is made of a personalisation card with a DES
algorithm,
algorithm,
9. Method as claimed in claim 2 and claim 7 or 8, characterised in that the two readers and the path of communication therebetween are placed in said physically sealed space.
10. Method as claimed in any one of the preceding claims, characterised in that a PIN code is stored in the active card by means of a keyboard pertaining to the data terminal equipment.
11. Method as claimed in any one of the preceding claims, characterised in that a PUK code is transferred from the central computer to the card in the same way as defined for the unique authentication key for the card.
12. A method for programming an active card from a remote central computer for use in a mobile telephone system comprising the steps of :
inserting the active card in a card reader associated with a data terminal;
encrypting data respresentative of a unique identity code and a unique authentication key with the remote central computer;
transferring the encrypted data from said remote central computer through a data communication network to the data terminal;
decrypting the encrypted data into card and data at the data terminal; and transferring the card to the active card.
inserting the active card in a card reader associated with a data terminal;
encrypting data respresentative of a unique identity code and a unique authentication key with the remote central computer;
transferring the encrypted data from said remote central computer through a data communication network to the data terminal;
decrypting the encrypted data into card and data at the data terminal; and transferring the card to the active card.
13. The method of claim 12 comprising the step of performing the steps of decrypting the encrypted data into the card data and transferring the card data to the active card in a physically sealed space wherein an unauthorized intrusion results in the erasure of the data.
14. The method according to claim 12 or 13 wherein the step of decrypting the encrypted data is performed so that the card data comprises second encryption data.
15. The method of claim 14 wherein the unique identity code and the unique authentication key are double encrypted in the remote central computer, and further comprising the step of decrypting the second encryption data in the active card by means of a card key.
16. The method of claim 15 wherein the card key for decrypting the second encryption data in the active card is unique to the card.
17. The method of claim 16 further comprising the step of calculating the unique card key by the remote central computer before encryption, said unique card key be calculated from an identification code from said active card, a master key with which the active card is produced and which information has been entered into the remote central computer, and an algorithm.
18. The method of claim 13 wherein the steps of decrypting the encrypted data into the card data and transferring the card data to the active card in a physically sealed space is performed with two readers and a communication path therebetween.
19. The method of claim 12 wherein said active card controls at least a portion of the encryption by the remote central computer.
20. A method of claim 19 wherein the remote central computer performs the step of encryption with a DES
algorithm.
algorithm.
21. The method of claim 12 wherein the step of encrypting data with the remote central computer further comprises the step of encrypting a personal unblocking key.
22. The method of claim 12 further comprising the step of storing a pin code in the active card by means of a keyboard associated with said data terminal.
23. The method of claim 12 wherein the mobile telephone system is a GSM type.
24. The method of claim 12 wherein the unique identity code is a ISMI.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
SE9102835A SE468068C (en) | 1991-09-30 | 1991-09-30 | Procedure for personalization of an active card, for use in a mobile telephone system |
SE9102835-7 | 1991-09-30 |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2115435A1 CA2115435A1 (en) | 1993-04-15 |
CA2115435C true CA2115435C (en) | 1998-09-15 |
Family
ID=20383871
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002115435A Expired - Fee Related CA2115435C (en) | 1991-09-30 | 1992-09-23 | Method for personalisation of an active card |
Country Status (13)
Country | Link |
---|---|
US (1) | US5557679A (en) |
EP (1) | EP0606408B1 (en) |
JP (1) | JPH06511125A (en) |
AT (1) | ATE189351T1 (en) |
AU (1) | AU661048B2 (en) |
CA (1) | CA2115435C (en) |
DE (2) | DE69230618D1 (en) |
EE (1) | EE9400224A (en) |
FI (1) | FI940804A (en) |
NZ (1) | NZ244523A (en) |
SE (1) | SE468068C (en) |
SG (1) | SG44338A1 (en) |
WO (1) | WO1993007697A1 (en) |
Families Citing this family (66)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1994011849A1 (en) | 1992-11-11 | 1994-05-26 | Telecom Finland Oy | Mobile telephone systems and a method for carrying out financial transactions by means of a mobile telephone system |
ES2282990T3 (en) * | 1993-06-15 | 2007-10-16 | British Technology Group Inter-Corporate Licensing Limited | TELECOMMUNICATIONS SYSTEM. |
DE4335161A1 (en) * | 1993-10-15 | 1995-04-20 | Joachim Linz | Method and installation for authenticating connections which can be set up via a telephone network |
JP3052244B2 (en) * | 1993-11-10 | 2000-06-12 | 富士通株式会社 | Method for registering mobile device and method for registering IC card in mobile communication system |
IT1269422B (en) * | 1994-01-11 | 1997-04-01 | Alfi Srl | Process for producing devices for identification of authenticity for the use of services in general, guaranteed without recourse to the manufacturer of the device to provide assurance of its validity, and device produced |
DE4406601A1 (en) * | 1994-03-01 | 1995-09-07 | Deutsche Bundespost Telekom | Mutual authentication procedures |
GB2304257A (en) * | 1995-08-08 | 1997-03-12 | Northern Telecom Ltd | Method of Effecting SIM Card Replacement |
FI102235B1 (en) | 1996-01-24 | 1998-10-30 | Nokia Telecommunications Oy | Management of authentication keys in a mobile communication system |
JP2991099B2 (en) * | 1996-01-26 | 1999-12-20 | 富士ゼロックス株式会社 | Signature device and method |
EP1762988A1 (en) * | 1996-04-15 | 2007-03-14 | NBS Technologies (US) Inc. | System and apparatus for smart card personalization |
US5889941A (en) | 1996-04-15 | 1999-03-30 | Ubiq Inc. | System and apparatus for smart card personalization |
JP3440763B2 (en) * | 1996-10-25 | 2003-08-25 | 富士ゼロックス株式会社 | Encryption device, decryption device, confidential data processing device, and information processing device |
NL1004365C2 (en) * | 1996-10-25 | 1998-04-28 | Theodorus Oscar Sikkema | Device for loading general programmes and personal data into memory of chip card and similar |
US6075860A (en) * | 1997-02-19 | 2000-06-13 | 3Com Corporation | Apparatus and method for authentication and encryption of a remote terminal over a wireless link |
CN1104792C (en) * | 1997-05-09 | 2003-04-02 | 友讯科技股份有限公司 | Detection method of network card |
BR9809272A (en) * | 1997-05-09 | 2000-06-27 | Connotech Experts Conseils Inc | Initial secret key establishment including facilities for identity verification |
DE19720431A1 (en) | 1997-05-15 | 1998-11-19 | Beta Research Ges Fuer Entwick | Device and method for personalizing chip cards |
DE19733662C2 (en) | 1997-08-04 | 2001-05-23 | Deutsche Telekom Mobil | Method and device for personalization of GSM chips by the customer |
US6367011B1 (en) | 1997-10-14 | 2002-04-02 | Visa International Service Association | Personalization of smart cards |
FI980085A0 (en) * | 1998-01-16 | 1998-01-16 | Finland Telecom Oy | Encryption in card form and annulling in encryption |
US6925568B1 (en) * | 1998-01-16 | 2005-08-02 | Sonera Oyj | Method and system for the processing of messages in a telecommunication system |
FR2774238B1 (en) * | 1998-01-26 | 2000-02-11 | Alsthom Cge Alcatel | METHOD FOR TRANSFERRING INFORMATION BETWEEN A SUBSCRIBER IDENTIFICATION MODULE AND A MOBILE RADIO COMMUNICATION TERMINAL, CORRESPONDING SUBSCRIBER IDENTIFICATION MODULE AND MOBILE TERMINAL |
US6196459B1 (en) * | 1998-05-11 | 2001-03-06 | Ubiq Incorporated | Smart card personalization in a multistation environment |
US7382882B1 (en) * | 1998-07-03 | 2008-06-03 | Nokia Corporation | Secure session set up based on the wireless application protocol |
US7020441B2 (en) * | 1998-09-03 | 2006-03-28 | Casabyte, Inc. | Test system for remotely testing switches within a telecommunications network |
FR2786292B1 (en) * | 1998-11-24 | 2000-12-29 | St Microelectronics Sa | INTEGRATED CIRCUIT TEST AND CUSTOMIZATION SYSTEM |
GB9914262D0 (en) * | 1999-06-18 | 1999-08-18 | Nokia Mobile Phones Ltd | WIM Manufacture certificate |
GB9925227D0 (en) | 1999-10-25 | 1999-12-22 | Internet Limited | Data storage retrieval and access system |
US6915272B1 (en) * | 2000-02-23 | 2005-07-05 | Nokia Corporation | System and method of secure payment and delivery of goods and services |
NO313480B1 (en) * | 2001-01-24 | 2002-10-07 | Telenor Asa | Procedure for opening all or part of a smart card |
JP2002232861A (en) * | 2001-01-30 | 2002-08-16 | Hitachi Ltd | Video information distributing device and operation device |
DE10123664A1 (en) * | 2001-05-15 | 2002-11-21 | Giesecke & Devrient Gmbh | Method for generating a signature code for a signature card uses a code-generating unit and a signature card to create a secrete code as well as a session code and encoded transmission of the generated code to the signature card. |
US6963740B1 (en) * | 2001-07-31 | 2005-11-08 | Mobile-Mind, Inc. | Secure enterprise communication system utilizing enterprise-specific security/trust token-enabled wireless communication devices |
JP2003087238A (en) * | 2001-09-11 | 2003-03-20 | Hitachi Ltd | Security realizing system in domestic network |
FR2837009A1 (en) * | 2002-03-11 | 2003-09-12 | Schlumberger Systems & Service | Updating of an authentication algorithm in an information system, uses storage of replacement algorithm before first authentication algorithm is inhibited and replacement algorithm activated |
EP1353303A1 (en) * | 2002-04-10 | 2003-10-15 | SCHLUMBERGER Systèmes | A method of assigning an account to a new identification device |
WO2003085612A1 (en) * | 2002-04-10 | 2003-10-16 | Axalto Sa | Method and devices for replacing an old identification device by a new identification device |
US6836670B2 (en) * | 2002-05-09 | 2004-12-28 | Casabyte, Inc. | Method, apparatus and article to remotely associate wireless communications devices with subscriber identities and /or proxy wireless communications devices |
US7147148B2 (en) * | 2002-09-20 | 2006-12-12 | Ruediger Guenter Kreuter | Remote personalization and issuance of identity documents |
US20040083296A1 (en) * | 2002-10-25 | 2004-04-29 | Metral Max E. | Apparatus and method for controlling user access |
FR2847756B1 (en) * | 2002-11-22 | 2005-09-23 | Cegetel Groupe | METHOD FOR ESTABLISHING AND MANAGING A MODEL OF CONFIDENCE BETWEEN A CHIP CARD AND A RADIO TERMINAL |
FI113756B (en) * | 2003-01-02 | 2004-06-15 | Kone Corp | Procedure for remote monitoring of elevators and / or escalators and / or escalators |
TW595195B (en) * | 2003-04-04 | 2004-06-21 | Benq Corp | Network lock method and related apparatus by ciphered network lock and inerasable deciphering key |
SG135038A1 (en) * | 2004-08-10 | 2007-09-28 | Nanyang Polytechnic | System and method of identifying the user/possessor of a mobile station |
FR2879867A1 (en) * | 2004-12-22 | 2006-06-23 | Gemplus Sa | CHIP CARD ALLOCATION SYSTEM TO A NETWORK OPERATOR |
FR2880503A1 (en) * | 2005-01-05 | 2006-07-07 | France Telecom | METHOD OF SECURING COMMUNICATION BETWEEN A SIM CARD AND A MOBILE TERMINAL |
EP1864236A1 (en) * | 2005-02-17 | 2007-12-12 | Acterna, LLC | Methods and apparatuses to remotely test communications networks using digital fingerprints of content |
US7628322B2 (en) * | 2005-03-07 | 2009-12-08 | Nokia Corporation | Methods, system and mobile device capable of enabling credit card personalization using a wireless network |
DE102005032311A1 (en) * | 2005-07-11 | 2007-01-25 | Giesecke & Devrient Gmbh | Method for the subsequent implementation of a SIM functionality in a security module |
US7689205B2 (en) | 2005-12-23 | 2010-03-30 | Morgan Stanley | Systems and methods for configuration of mobile computing devices |
DE102006024041B4 (en) | 2006-05-23 | 2016-04-07 | Giesecke & Devrient Gmbh | Method for personalizing a security module of a telecommunication terminal |
FR2908209B1 (en) | 2006-11-07 | 2009-02-13 | Oberthur Card Syst Sa | PORTABLE ELECTRONIC ENTITY AND METHOD FOR CUSTOMIZING SUCH AN ELECTRONIC ENTITY |
US8331989B2 (en) * | 2007-06-15 | 2012-12-11 | Intel Corporation | Field programming of a mobile station with subscriber identification and related information |
US8457621B2 (en) * | 2008-01-27 | 2013-06-04 | Sandisk Il Ltd. | Generic identity module for telecommunication services |
US8140064B2 (en) * | 2008-01-27 | 2012-03-20 | Sandisk Il Ltd. | Methods and apparatus to use an identity module in telecommunication services |
EP2200253A1 (en) * | 2008-12-19 | 2010-06-23 | Gemalto SA | Method of managing sensitive data in an electronic token |
DE102010019195A1 (en) | 2010-05-04 | 2011-11-10 | Giesecke & Devrient Gmbh | Method for personalizing a portable data carrier, in particular a chip card |
KR101663012B1 (en) * | 2010-11-15 | 2016-10-06 | 삼성전자 주식회사 | Data Communication Setting Control Method based on the Subscribe Identification And Portable Device supporting the same |
DE102011009486A1 (en) * | 2011-01-26 | 2012-07-26 | Vodafone Holding Gmbh | Method for configuring a communication device and communication device |
EP2632194A1 (en) * | 2012-02-21 | 2013-08-28 | Gemalto SA | Method for personalizing a secure element cooperating with an equipment |
FR2994047B1 (en) * | 2012-07-24 | 2015-09-04 | Oberthur Technologies | CUSTOMIZATION DEVICE FOR SECURE MODULE |
FR2994048A1 (en) * | 2012-07-24 | 2014-01-31 | Oberthur Technologies | Method for personalization of e.g. SIM card placed in mobile phone or sales package in shop, involves transmitting subscription profile from personalization device to module, and not providing communication unit in contact with near field |
EP2747368A1 (en) * | 2012-12-19 | 2014-06-25 | Gemalto SA | Method for customising a security element |
US9870487B2 (en) | 2014-12-30 | 2018-01-16 | Data I/O Corporation | Automated manufacturing system with adapter security mechanism and method of manufacture thereof |
FR3045252B1 (en) * | 2015-12-10 | 2019-05-03 | Idemia France | METHOD OF CUSTOMIZING A SECURITY DOCUMENT |
IT201800004046A1 (en) * | 2018-03-28 | 2019-09-28 | St Microelectronics Srl | PROCEDURE FOR CUSTOMIZING INTEGRATED CIRCUIT CARDS, CORRESPONDING SYSTEM AND IT PRODUCT |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE3013211A1 (en) * | 1980-04-03 | 1981-10-08 | GAO Gesellschaft für Automation und Organisation mbH, 8000 München | METHOD FOR HANDLING A PERSONAL IDENTIFICATION NUMBER (PIN) IN CONNECTION WITH AN ID CARD |
FR2526977B1 (en) * | 1982-05-14 | 1988-06-10 | Cii Honeywell Bull | METHOD AND DEVICE FOR AUTHENTICATING OR CERTIFYING AT LEAST INFORMATION CONTAINED IN A MEMORY OF AN ELECTRONIC MEDIUM IN PARTICULAR REMOVABLE AND PORTABLE SUCH AS A CARD |
US5020105A (en) * | 1986-06-16 | 1991-05-28 | Applied Information Technologies Corporation | Field initialized authentication system for protective security of electronic information networks |
US4731841A (en) * | 1986-06-16 | 1988-03-15 | Applied Information Technologies Research Center | Field initialized authentication system for protective security of electronic information networks |
JPS63236186A (en) * | 1987-03-24 | 1988-10-03 | Mitsubishi Electric Corp | Card issuing device |
US5227613A (en) * | 1989-01-24 | 1993-07-13 | Matsushita Electric Industrial Co., Ltd. | Secure encrypted data communication system having physically secure ic cards and session key generation based on card identifying information |
US5060264A (en) * | 1990-01-05 | 1991-10-22 | Motorola, Inc. | Radiotelephone controller configured for coresident secure and nonsecure modes |
FR2668002B1 (en) * | 1990-10-10 | 1994-05-06 | Gerald Mazziotto | RADIOTELEPHONE INSTALLATION WITH SECURE PREPAYMENT SERVICE. |
US5237612A (en) * | 1991-03-29 | 1993-08-17 | Ericsson Ge Mobile Communications Inc. | Cellular verification and validation system |
US5241598A (en) * | 1991-05-22 | 1993-08-31 | Ericsson Ge Mobile Communications, Inc. | Rolling key resynchronization in cellular verification and validation system |
CA2078195C (en) * | 1991-11-27 | 1999-03-09 | Jack Kozik | Arrangement for detecting fraudulently identified mobile stations in a cellular mobile telecommunications network |
FR2696067B1 (en) * | 1992-09-21 | 1994-11-25 | France Telecom | Telecommunication installation with secure download of prepayment means and corresponding download method. |
-
1991
- 1991-09-30 SE SE9102835A patent/SE468068C/en not_active IP Right Cessation
-
1992
- 1992-09-23 DE DE69230618T patent/DE69230618D1/en not_active Expired - Lifetime
- 1992-09-23 EP EP93906325A patent/EP0606408B1/en not_active Expired - Lifetime
- 1992-09-23 US US08/211,375 patent/US5557679A/en not_active Expired - Fee Related
- 1992-09-23 SG SG1995001987A patent/SG44338A1/en unknown
- 1992-09-23 CA CA002115435A patent/CA2115435C/en not_active Expired - Fee Related
- 1992-09-23 AT AT93906325T patent/ATE189351T1/en not_active IP Right Cessation
- 1992-09-23 AU AU26990/92A patent/AU661048B2/en not_active Ceased
- 1992-09-23 JP JP5506827A patent/JPH06511125A/en active Pending
- 1992-09-23 DE DE0606408T patent/DE606408T1/en active Pending
- 1992-09-23 WO PCT/SE1992/000656 patent/WO1993007697A1/en active IP Right Grant
- 1992-09-28 NZ NZ244523A patent/NZ244523A/en unknown
-
1994
- 1994-02-21 FI FI940804A patent/FI940804A/en unknown
- 1994-11-17 EE EE9400224A patent/EE9400224A/en unknown
Also Published As
Publication number | Publication date |
---|---|
CA2115435A1 (en) | 1993-04-15 |
SE468068C (en) | 1994-01-13 |
DE69230618D1 (en) | 2000-03-02 |
EP0606408A1 (en) | 1994-07-20 |
NZ244523A (en) | 1996-02-27 |
FI940804A0 (en) | 1994-02-21 |
ATE189351T1 (en) | 2000-02-15 |
SE468068B (en) | 1992-10-26 |
WO1993007697A1 (en) | 1993-04-15 |
EP0606408B1 (en) | 2000-01-26 |
SE9102835D0 (en) | 1991-09-30 |
FI940804A (en) | 1994-02-21 |
AU2699092A (en) | 1993-05-03 |
US5557679A (en) | 1996-09-17 |
SG44338A1 (en) | 1997-12-19 |
JPH06511125A (en) | 1994-12-08 |
AU661048B2 (en) | 1995-07-13 |
EE9400224A (en) | 1996-02-15 |
DE606408T1 (en) | 1995-03-16 |
SE9102835L (en) | 1992-10-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2115435C (en) | Method for personalisation of an active card | |
EP0976278B1 (en) | Preventing misuse of a copied subscriber identity in a mobile communication system | |
AU716887B2 (en) | Method of protecting cellular radio terminal against fraudulent use | |
FI102499B (en) | Search for copied SIM cards | |
US5301234A (en) | Radiotelephone installation for prepayment operation with security protection | |
US6199161B1 (en) | Management of authentication keys in a mobile communication system | |
US7841518B2 (en) | Code based access systems | |
CN100385983C (en) | Key setting method | |
EP0722596A4 (en) | Method and system for secure, decentralised personalisation of smart cards | |
CN100353787C (en) | Security guarantee for memory data information of mobile terminal | |
CN101262669B (en) | A secure guarantee method for information stored in a mobile terminal | |
RU2241317C2 (en) | Device for protecting sim used for the first time | |
EP0948851A1 (en) | Method for identification of a data transmission device | |
WO1998000956A2 (en) | System and method for preventing cellular fraud | |
JPH10107789A (en) | Method and system for recording key information | |
Oleyar | Address security concepts for mobile-telephone service | |
EP1239425A1 (en) | Password database for a portable electronic device | |
AU2918392A (en) | Method and system for secure, decentralised personalisation of smart cards |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKLA | Lapsed | ||
MKLA | Lapsed |
Effective date: 20010924 |