Certification method using an embedded UICC certificate, provisioning and MNO changing methods using the certification method, embedded UICC therefor, MNO system, and recording medium

US 9,451,459 B2
Filed: 09/04/2012
Issued: 09/20/2016
Est. Priority Date: 09/05/2011
Status: Active Grant

First Claim

Patent Images

1. A method of certifying an embedded universal integrated circuit card (eUICC) cooperating with a mobile network operator (MNO) system and a subscription manager (SM), the method comprising:

storing, by the eUICC, an eUICC certificate used for the MNO system or the SM to verify an identity of the eUICC; and

transmitting, by the eUICC, the eUICC certificate to the MNO system or the SM,wherein the SM comprises a subscription manager-secure routing (SM-SR) and a subscription manager-data preparation (SM-DP), both of which perform an encryption function such that the eUICC certificate is double encrypted upon a condition that both the SM-SR and SM-DP are instructed to perform said encryption.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a system constituted by a mobile network operator (MNO), a subscription manager (SM), and an embedded UICC (eUICC), wherein the MNO system or the SM stores an eUICC certificate that can verify the identity of the eUICC, transfers the eUICC certificate to the MNO system or the SM in a provisioning or MNO changing process, verifies the identity of a corresponding eUICC using the received eUICC certificate, and encrypts and transfers a profile to the eUICC only if the verification is successful so that the eUICC may be verified during the provisioning or MNO changing processes.

Citations

16 Claims

1. A method of certifying an embedded universal integrated circuit card (eUICC) cooperating with a mobile network operator (MNO) system and a subscription manager (SM), the method comprising:
- storing, by the eUICC, an eUICC certificate used for the MNO system or the SM to verify an identity of the eUICC; and
  
  transmitting, by the eUICC, the eUICC certificate to the MNO system or the SM,wherein the SM comprises a subscription manager-secure routing (SM-SR) and a subscription manager-data preparation (SM-DP), both of which perform an encryption function such that the eUICC certificate is double encrypted upon a condition that both the SM-SR and SM-DP are instructed to perform said encryption.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the eUICC certificate includes at least one of information indicating that at least one of hardware, card operating system (OS), and platform of the eUICC is verified, information indicating that the eUICC is verified as an eUICC trustable by the MNO system and the SM, and information indicating that it is verified that MNO services can be installed in the MNO system.
  - 3. The method of claim 1, wherein the eUICC certificate in included and stored in common information comprising card OS information and card platform information.
  - 4. The method of claim 3, wherein the common information including the eUICC certificate is included in an eUICC certificate profile.
  - 5. The method of claim 3, wherein the common information further includes a personal identification number (PIN) of the eUICC.

6. An embedded universal integrated circuit card (eUICC) cooperating with an external entity including a mobile network operator (MNO) system and a subscription manager (SM),wherein the eUICC stores an eUICC certificate profile including at least one of an eUICC certificate, which is used for the MNO system or the SM to verify an identity of the eUICC, card operating system (OS) information, card platform information, personal identification number (PIN) information,wherein the eUICC certificate profile transmits the eUICC certificate to the MNO system or the SM, andwherein the SM comprises a subscription manager-secure routing (SM-SR) and a subscription manager-data preparation (SM-DP), both of which perform an encryption function such that the eUICC certificate profile is double encrypted upon a condition that both the SM-SR and SM-DP are instructed to perform said encryption.
- View Dependent Claims (7)
- - 7. The eUICC of claim 6, wherein the eUICC certificate includes at least one of information indicating that at least one of hardware, card operating system (OS), and platform of the eUICC is verified, information indicating that the eUICC is verified as an eUICC trustable by the MNO system and the SM, and information indicating that it is verified that MNO services can be installed in the MNO system.

8. A method of provisioning an eUICC certificate which is used for a mobile network operator (MNO) system and a subscription manager (SM) to verify an identity of the eUICC by using the eUICC cooperating with an external entity including the MNO system and the SM, the method comprising:
- receiving and storing, by the eUICC, the eUICC certificate generated in a manufacturing step of the eUICC;
  
  transmitting, by the eUICC, the eUICC certificate to the MNO system;
  
  verifying, by the MNO system, the identity of the eUICC by using the eUICC certificate; and
  
  encrypting, by the MNO system, its operational profile and transmitting the operational profile to the eUICC,wherein the SM comprises a subscription manager-secure routing (SM-SR) and a subscription manager-data preparation (SM-DP), both of which perform an encryption function such that the eUICC certificate is double encrypted upon a condition that both the SM-SR and SM-DP are instructed to perform said encryption.
- View Dependent Claims (9)
- - 9. The method of claim 8, wherein the eUICC certificate includes at least one of information indicating that at least one of hardware, card operating system (OS), and platform of the eUICC is verified, information indicating that the eUICC is verified as an eUICC trustable by the MNO system and the SM, and information indicating that it is verified that MNO services can be installed in the MNO system.

10. A method of changing MNO using an eUICC cooperating with an external entity including a mobile network operator (MNO) system and a subscription manager (SM) and including an eUICC certificate which is used for the MNO system and the SM to verify an identity of the eUICC, the method comprising:
- receiving and storing, by the eUICC, the eUICC certificate generated in a manufacturing step of the eUICC;
  
  transmitting, by the eUICC, the eUICC certificate to a receiving MNO system;
  
  verifying, by the receiving MNO system, the identity of the eUICC by using the eUICC certificate;
  
  encrypting, by the receiving MNO system, its operational profile and transmitting the operational profile to the eUICC; and
  
  notifying, by the eUICC, a fact that an MNO is changed, to the receiving MNO system and a donor MNO system,wherein the SM comprises a subscription manager-secure routing (SM-SR) and a subscription manager-data preparation (SM-DP), both of which perform an encryption function such that the eUICC certificate is double encrypted upon a condition that both the SM-SR and SM-DP are instructed to perform said encryption.
- View Dependent Claims (11, 16)
- - 11. The method of claim 10, wherein the eUICC certificate includes at least one of information indicating that at least one of hardware, card operating system (OS), and platform of the eUICC is verified, information indicating that the eUICC is verified as an eUICC trustable by the MNO system and the SM, and information indicating that it is verified that MNO services can be installed in the MNO system.
  - 16. The method of claim 10, wherein the donor MNO system is a previous system of the eUICC prior to the receiving MNO.

12. A method of provisioning by using an embedded universal integrated circuit card (eUICC) cooperating with a mobile network operator (MNO) system, a subscription manager-data preparation (SM-DP) and a subscription manager-secure routing (SM-SR) constituting a subscription manager (SM), the method comprising:
- receiving and storing, by the eUICC, an eUICC certificate which can verify an identity of the eUICC, from an eUICC manufacturer system or a terminal manufacturer system, in the eUICC;
  
  transmitting an activation request message or an opening request message to the MNO system according to an opening request of a subscriber;
  
  receiving, by the MNO system, the eUICC certificate when the MNO system performs status requests and technical capability control for the eUICC;
  
  transmitting, by the MNO system, the eUICC certificate to the SM-SR when the MNO system collects information related to a terminal from the SM-SR; and
  
  encrypting, by the MNO system, its operational profile and transmitting the operational profile to the eUICC only when the MNO system or the SM-SR verifies the eUICC using the eUICC certificate,wherein both the SM-SR and the SM-DP perform an encryption function such that the eUICC certificate is double encrypted upon a condition that both the SM-SR and SM-DP are instructed to perform said encryption.
- View Dependent Claims (13)
- - 13. The method of claim 12, wherein the eUICC certificate includes at least one of information indicating that at least one of hardware, card operating system (OS), and platform of the eUICC is verified, information indicating that the eUICC is verified as an eUICC trustable by the MNO system and the SM, and information indicating that it is verified that MNO services can be installed in the MNO system.

14. A method of changing MNO by using an embedded universal integrated circuit card (eUICC) cooperating with a mobile network operator (MNO) system, a subscription manager-data preparation (SM-DP) and a subscription manager-secure routing (SM-SR) constituting a subscription manager (SM), the method comprising:
- receiving and storing, by the eUICC, an eUICC certificate which can verify an identity of the eUICC, from an eUICC manufacturer system or a terminal manufacturer system, in the eUICC;
  
  transmitting, by the eUICC, an activation request message or an opening request message to a receiving MNO system according to an MNO change request;
  
  receiving, by the receiving MNO system, the eUICC certificate from the eUICC when the receiving MNO system performs status requests and technical capability control for the eUICC;
  
  transmitting, by the receiving MNO system, the eUICC certificate to the SM-SR when the receiving MNO system collects information related to a terminal from the SM-SR;
  
  performing, by the receiving MNO system, negotiation and transferring right for MNO change with a donor MNO system; and
  
  encrypting, by the receiving MNO system, its operational profile and transmitting the operational profile to the eUICC, only when the receiving MNO system or the SM-SR verifies the eUICC using the eUICC certificate,wherein both the SM-SR and the SM-DP perform an encryption function such that the eUICC certificate is double encrypted upon a condition that both the SM-SR and SM-DP are instructed to perform said encryption of the eUICC certificate.
- View Dependent Claims (15)
- - 15. The method of claim 14, wherein the eUICC certificate includes at least one of information indicating that at least one of hardware, card operating system (OS), and platform of the eUICC is verified, information indicating that the eUICC is verified as an eUICC trustable by the MNO system and the SM, and information indicating that it is verified that MNO services can be installed in the MNO system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
KT Corporation
Inventors
Lee, Jinhyoung, Yoon, Yeumin, Kim, Sungchul
Primary Examiner(s)
Patel, Mahendra

Application Number

US14/342,961
Publication Number

US 20140329502A1
Time in Patent Office

1,477 Days
Field of Search

455/411
US Class Current

1/1
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/35   Protecting application or s...

H04W 4/50   Service provisioning or rec...

H04W 4/70   Services for machine-to-mac...

Certification method using an embedded UICC certificate, provisioning and MNO changing methods using the certification method, embedded UICC therefor, MNO system, and recording medium

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Certification method using an embedded UICC certificate, provisioning and MNO changing methods using the certification method, embedded UICC therefor, MNO system, and recording medium

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links