Enforcing service policies in embedded UICCs

US 10,425,818 B2
Filed: 04/15/2019
Issued: 09/24/2019
Est. Priority Date: 08/25/2014
Status: Active Grant

First Claim

Patent Images

1. A wireless device, comprising:

at least one radio component; and

an embedded Universal Integrated Circuit Card (eUICC) configured to conditionally require human-based authentication when performing electronic Subscriber Identity Module (eSIM) management operations, by carrying out steps that include;

receiving a request to perform an eSIM management operation;

determining that at least one condition of a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the eSIM management operation;

identifying, among a plurality of human-based authentications, a particular human-based authentication that is commensurate with the eSIM management operation;

receiving a response associated with the particular human-based authentication; and

in accordance with the response;

performing the eSIM management operation or ignoring the request.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The embodiments set forth techniques for an embedded Universal Integrated Circuit Card (eUICC) to conditionally require, when performing management operations in association with electronic Subscriber Identity Modules (eSIMs), human-based authentication. The eUICC receives a request to perform a management operation in association with an eSIM. In response, the eUICC determines whether a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the management operation. Next, the eUICC causes the mobile device to prompt a user of the mobile device to carry out the human-based authentication. The management operation is then performed or ignored in accordance with results of the human-based authentication.

Citations

20 Claims

1. A wireless device, comprising:
- at least one radio component; and
  
  an embedded Universal Integrated Circuit Card (eUICC) configured to conditionally require human-based authentication when performing electronic Subscriber Identity Module (eSIM) management operations, by carrying out steps that include;
  
  receiving a request to perform an eSIM management operation;
  
  determining that at least one condition of a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the eSIM management operation;
  
  identifying, among a plurality of human-based authentications, a particular human-based authentication that is commensurate with the eSIM management operation;
  
  receiving a response associated with the particular human-based authentication; and
  
  in accordance with the response;
  
  performing the eSIM management operation or ignoring the request.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The wireless device of claim 1, wherein the policy is specific to the eUICC, and the policy is stored in and managed by the eUICC.
  - 3. The wireless device of claim 1, wherein the policy is specific to a Mobile Network Operator (MNO).
  - 4. The wireless device of claim 3, wherein the policy is stored in and managed by the eUICC.
  - 5. The wireless device of claim 3, wherein the policy is defined by properties of the eSIM.
  - 6. The wireless device of claim 1, wherein the eSIM management operation includes one or more of:
    - importing the eSIM into the eUICC, exporting the eSIM from the eUICC, enabling the eSIM within the eUICC, disabling the eSIM within the eUICC, installing the eSIM to the eUICC, uninstalling the eSIM from the eUICC, loading the eSIM into the eUICC, unloading the eSIM from the eUICC, swapping the eSIM with another eSIM within the eUICC, or deleting the eSIM from the eUICC.
  - 7. The wireless device of claim 1, wherein the plurality of human-based authentications includes:
    - a fingerprint authentication, a voice authentication, a facial authentication, a hand/palm authentication, an eye scan authentication, a challenge authentication, and all combinations thereof.

8. An embedded Universal Integrated Circuit Card (eUICC) configured to conditionally require human-based authentication when performing electronic Subscriber Identity Module (eSIM) management operations, the eUICC comprising:
- at least one processor; and
  
  at least one memory storing instructions that, when executed by the at least one processor, cause the eUICC to;
  
  receive a request to perform an eSIM management operation;
  
  determine that at least one condition of a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the eSIM management operation;
  
  identify, among a plurality of human-based authentications, a particular human-based authentication that is commensurate with the eSIM management operation;
  
  receive a response associated with the particular human-based authentication; and
  
  in accordance with the response;
  
  perform the eSIM management operation or ignoring the request.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The eUICC of claim 8, wherein the policy is specific to the eUICC, and the policy is stored in and managed by the eUICC.
  - 10. The eUICC of claim 8, wherein the policy is specific to a Mobile Network Operator (MNO).
  - 11. The eUICC of claim 10, wherein the policy is stored in and managed by the eUICC.
  - 12. The eUICC of claim 10, wherein the policy is defined by properties of the eSIM.
  - 13. The eUICC of claim 8, wherein the eSIM management operation includes one or more of:
    - importing the eSIM into the eUICC, exporting the eSIM from the eUICC, enabling the eSIM within the eUICC, disabling the eSIM within the eUICC, installing the eSIM to the eUICC, uninstalling the eSIM from the eUICC, loading the eSIM into the eUICC, unloading the eSIM from the eUICC, swapping the eSIM with another eSIM within the eUICC, or deleting the eSIM from the eUICC.
  - 14. The eUICC of claim 8, wherein the plurality of human-based authentications includes:
    - a fingerprint authentication, a voice authentication, a facial authentication, a hand/palm authentication, an eye scan authentication, a challenge authentication, and all combinations thereof.

15. A method for configuring an embedded Universal Integrated Circuit Card (eUICC) of a mobile device to conditionally require human-based authentication when performing electronic Subscriber Identity Module (eSIM) management operations, the method comprising, at the eUICC:
- receiving a request to perform an eSIM management operation;
  
  determining that at least one condition of a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the eSIM management operation;
  
  identifying, among a plurality of human-based authentications, a particular human-based authentication that is commensurate with the eSIM management operation;
  
  receiving a response associated with the particular human-based authentication; and
  
  in accordance with the response;
  
  performing the eSIM management operation or ignoring the request.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the policy is specific to the eUICC, and the policy is stored in and managed by the eUICC.
  - 17. The method of claim 15, wherein the policy is specific to a Mobile Network Operator (MNO).
  - 18. The method of claim 17, wherein the policy is stored in and managed by the eUICC.
  - 19. The method of claim 15, wherein the eSIM management operation includes one or more of:
    - importing the eSIM into the eUICC, exporting the eSIM from the eUICC, enabling the eSIM within the eUICC, disabling the eSIM within the eUICC, installing the eSIM to the eUICC, uninstalling the eSIM from the eUICC, loading the eSIM into the eUICC, unloading the eSIM from the eUICC, swapping the eSIM with another eSIM within the eUICC, or deleting the eSIM from the eUICC.
  - 20. The method of claim 15, wherein the plurality of human-based authentications includes:
    - a fingerprint authentication, a voice authentication, a facial authentication, a hand/palm authentication, an eye scan authentication, a challenge authentication, and all combinations thereof.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Yang, Xiangying, Li, Li, Hauck, Jerrold Von
Primary Examiner(s)
Hong, Dung

Application Number

US16/384,844
Publication Number

US 20190239075A1
Time in Patent Office

162 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

H04L 2209/80   Wireless

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3271   using challenge-response

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/35   Protecting application or s...

H04W 4/50   Service provisioning or rec...

H04W 4/60   Subscription-based services...

Enforcing service policies in embedded UICCs

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Enforcing service policies in embedded UICCs

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links