NZ622734B2 - Managing mobile device identities - Google Patents
Managing mobile device identities Download PDFInfo
- Publication number
- NZ622734B2 NZ622734B2 NZ622734A NZ62273412A NZ622734B2 NZ 622734 B2 NZ622734 B2 NZ 622734B2 NZ 622734 A NZ622734 A NZ 622734A NZ 62273412 A NZ62273412 A NZ 62273412A NZ 622734 B2 NZ622734 B2 NZ 622734B2
- Authority
- NZ
- New Zealand
- Prior art keywords
- identity
- mobile telecommunications
- telecommunications device
- imsi
- active
- Prior art date
Links
- 238000000034 method Methods 0.000 claims abstract description 93
- 230000008569 process Effects 0.000 claims abstract description 59
- 230000007246 mechanism Effects 0.000 claims description 22
- 238000011176 pooling Methods 0.000 claims description 22
- 238000004891 communication Methods 0.000 claims description 13
- 230000008859 change Effects 0.000 description 18
- 238000013459 approach Methods 0.000 description 10
- 238000010187 selection method Methods 0.000 description 7
- 230000001413 cellular effect Effects 0.000 description 5
- 230000004048 modification Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 238000010295 mobile communication Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000011664 signaling Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 241001513358 Billardiera scandens Species 0.000 description 1
- NLZUEZXRPGMBCV-UHFFFAOYSA-N Butylhydroxytoluene Chemical compound CC1=CC(C(C)(C)C)=C(O)C(C(C)(C)C)=C1 NLZUEZXRPGMBCV-UHFFFAOYSA-N 0.000 description 1
- 208000034188 Stiff person spectrum disease Diseases 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000005754 cellular signaling Effects 0.000 description 1
- 238000010367 cloning Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- VJYFKVYYMZPMAB-UHFFFAOYSA-N ethoprophos Chemical compound CCCSP(=O)(OCC)SCCC VJYFKVYYMZPMAB-UHFFFAOYSA-N 0.000 description 1
- 239000003607 modifier Substances 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/72—Subscriber identity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/60—Subscription-based services using application servers or record carriers, e.g. SIM application toolkits
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/183—Processing at user equipment or user record carrier
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/26—Network addressing or numbering for mobility support
Abstract
Disclosed is a method of managing identities for use in a mobile telecommunications device in a telecommunications network. A processor triggers an identity management process in a subscriber identity module of the mobile telecommunications device connected to a mobile telecommunications network. The processor detects at the mobile telecommunications device one or more parameters associated with the mobile telecommunications device. The processor selects an identity management rule to prioritise identities for use as an active identity for the mobile telecommunications device wherein the identity management rule selected is determined by the one or more parameters detected. The processor searches an identity database in the mobile telecommunications device wherein each record comprises an identity stored in the subscriber identity module and additional identity information for each identity stored in the subs. The searching prioritises records according to the identity management rule. The processor selects a selected identity when a record conforming to the identity management rule is found in said searching. The processor then modifies an active identity of the mobile telecommunications device to be the selected identity when the active identity is not already the selected identity. e processor detects at the mobile telecommunications device one or more parameters associated with the mobile telecommunications device. The processor selects an identity management rule to prioritise identities for use as an active identity for the mobile telecommunications device wherein the identity management rule selected is determined by the one or more parameters detected. The processor searches an identity database in the mobile telecommunications device wherein each record comprises an identity stored in the subscriber identity module and additional identity information for each identity stored in the subs. The searching prioritises records according to the identity management rule. The processor selects a selected identity when a record conforming to the identity management rule is found in said searching. The processor then modifies an active identity of the mobile telecommunications device to be the selected identity when the active identity is not already the selected identity.
Description
MANAGING MOBILE DEVICE IDENTITIES
Field of the Invention
The invention relates to telecommunications, and specifically to the management of identity
in mobile devices ing to telecommunications networks.
Background to the Invention
A primary customer identity is usually a unique human being but can be a machine, or
sometimes a company entity such as a department. On a telecommunications network itself,
identity is represented by one or more identifiers recognised by elements of, or attached to,
the network. In the context of mobile telecommunications, such identifiers are ly the
customers IMSI national Mobile Subscriber Identity) that resides on a
SIM (Subscriber Identity Module), a telephone number MSISDN (Mobile Subscriber
Integrated Services Digital Network Number), or other important identities such as MAC
(Media Access Control) address, IP address, email address and IMEI (International Mobile
Equipment Identity).
In the GSM (Global System for Mobile communication) authentication is performed using a
SIM inserted into the mobile communications device. This manages the connection to the
network as well as the user identity and the network subscriber keys. There are two types of
network e – home service and roaming service.
‘Roaming’ refers to extending the connectivity of a service to a location that is different from
a home location. When a mobile ications device, such as a mobile telephone,
travels with a user outside of their home operator ge area – ‘territory’ - the device can
still access services using roaming mechanisms/services. However, there are a growing
number of people who live in more than one home and, of , machines such as
airplanes and cars don’t have a ‘home’ in the human sense of the word. Such users are
poorly served by current systems.
r problem travellers ence as they travel near country or region borders is that
mobile phones may inadvertently attach to a foreign network, even though they may be
ally in a home territory. Under normal operation, once a t (i.e. a mobile phone)
is attached to a network, it remains attached to it until signal is lost or if the iber
manually disconnects. As a result, the user is charged high roaming charges for an extended
period even if though they were physically in their home territory. In some regions such as
Canada, USA and India where there is national roaming this effect can lead to accidentally
high bills even when the customer is not ling at all.
There are few options available to users when travelling which help reduce these
surcharges:-
One option for a user is to purchase a plurality of additional pre-pay subscriber identification
modules (SIMs), one for each territory which the user visits. A SIM is a plastic card with
embedded electronic circuitry, which has a unique serial number and an international
number for the mobile user (IMSI). The SIM enables communication between the mobile
device and available ar networks. Therefore, by purchasing a plurality of different SIMs,
- one for each ory - the user is able to replace the al SIM with an appropriate SIM
for the territory being visited. In this way, the mobile device appears to be a subscriber of the
foreign network, which means the user can make and e calls or use data services
t incurring roaming surcharges.
This option has many disadvantages:
· The user must purchase and carry around a plurality of different SIM cards;
· The user must ensure that there is ient credit in the accounts linked with each
SIM card. Furthermore, it is not desirable to have unused credit on a number of
different networks, as this credit may be wasted without being redeemed;
· The act of maintaining a plurality of different SIM accounts is cumbersome and time
consuming, ing considerable user interaction;
· When the Subscriber swaps SIM their mobile number changes this means they are
no longer reachable on their normally used number. Further if they make an
outbound call their Caller Line Identifier (CLI) will be a new one and therefore
unknown to the receiver. This may result in the called party refusing to answer that
call as they do not recognise the caller.
· Law enforcement agencies are frustrated in their endeavours to keep track of
undesirable people as they effectively have to keep track of le copies of the
same person.
There are attempts in the prior art to address at least some of these problems.
WO2006/002951 (Brunnekreef) relates to an approach in which the user (or an application)
on the mobile phone can nd a (sometimes hidden) telephone number of an
intermediate service that will accept the user’s call, remove the nded information and
call the desired destination number. The caller then drops the call automatically and awaits
a call-back. The intermediate service calls the user back to complete the connection, and
this may give the user better calling rates than normal roaming surcharges. This has the
disadvantage of introducing a delay in the communication channel while the user is trying to
contact another party. Furthermore, the user gets a very poor user experience due to
handset software compatibility issues: depending on the model of the mobile phone, the
phone may appear to ‘do nothing’ until it gets the call back, strange messages such as ‘call
failed’ or ‘call blocked’ may appear or the service may not work at all.
r prior art approach is to have a mechanical device that includes a flexible strip (often
called a slim SIM). This device physically connects multiple SIMs to a t, and can be
used with a means of switching between the SIMs. This device requires there to be some
spare space within the handset to store the additional SIMs, and this solution is problematic
to implement if the SIMs are not compatible with each other (e.g. use different data speeds
or voltages). Alternately the Images of all but one SIM can be cloned onto the SlimSIM chip
and a remaining SIM used – a one plus many clones solution. Again the physical form factor
is incompatible with many handsets and the cloning of SIMs is unlawful in many countries
and breaks contracts in almost all cases.
Multi-IMSI SIMs are available that offer the capability of being pre-programmed with a
ity of mobile subscriber data sets. The data sets are sometimes incorrectly referred to
as IMSIs, hence the name ‘multi-IMSI SIM’, but are actually data sets which each comprise
an international mobile subscriber identity (IMSI) and other network-related data. These
SIMS have processing capability and an algorithm to t the correct set of data to the
phone based on the on of that phone. This allows the phone to present as a ‘local’
subscriber to the network in question.
Many fixed format Dual and Multiple IMSI SIM systems have been sold by ies such a
as gn and Gemalto and these are described in various patent applications such as
eri (WO2007102003), Stadelmann (WO9955107), Salomon (WO0221872), Bongers
(WO0049820). In such systems, a piece of software runs in the SIM or on the handset or a
te electronic module and makes ons as to which IMSI to use given the location
and available ks. Such systems are sometimes called SmartSIMs, but in fact this is a
misnomer as all SIMs are smart and contain a microprocessor and memory to run network
selection and authentication programs.
Such s are however typically relatively inflexible to changes in network availability
over time and e ed decision making from users. This can result in es of
operation and poor network choices.
An improved system is disclosed in the applicant’s earlier . This discloses
a system in which a central e – an “IMSI Broker” – is adapted to provision the SIM of a
mobile handset with new identities as ed. While this approach addresses n
problems of the prior art, it does not in itself solve the problem of making reliable and
effective choices of identity at the mobile handset.
The reference to any prior art in this specification is not, and should not be taken as, an
acknowledgement or any form of suggestion that the prior art forms part of the common
general knowledge in any country.
Summary of Invention
It is an object of the invention to provide a iber identity module for use in a mobile
telecommunications device and/or a method of managing identities for use in a mobile
telecommunications device in a telecommunications network, which will overcome or
ameliorate problems with such subscriber identity modules and/or methods at present, or
which will at least provide a useful choice.
In a first aspect, the invention provides a method of managing identities for use in a
mobile telecommunications device in a telecommunications network, the method
comprising:
triggering an ty management process in a subscriber identity module of the
mobile telecommunications device connected to a mobile telecommunications network;
detecting at the mobile telecommunications device one or more parameters
associated with the mobile telecommunications device ;
in the identity management process performed within the subscriber identity module ,
selecting an identity management rule to prioritise identities for use as an active identity for
the mobile telecommunications device, n the identity management rule selected is
determined by the one or more parameters detected;
in the identity management process performed within the subscriber identity ,
searching an identity database in the mobile telecommunications device wherein each
record comprises an identity stored in the subscriber identity module and additional identity
information including an MCC and MNC for each identity, wherein the searching tises
records ing to the identity management rule;
in the identity management process performed within the subscriber identity module,
selecting a ed ty when a record conforming to the identity management rule is
found in said searching, wherein selecting an identity comprises matching of some or all of
an MCC or an MNC value and then selecting a pooling mechanism, the pooling mechanism
being used to provide an appropriate IMSI; and
in the identity management process performed within the subscriber identity module,
modifying an active identity of the mobile telecommunications device to be the selected
identity when the active identity is not already the selected identity.
This method is particularly effective as the present inventors have determined that
parameters associated with the mobile telecommunications device itself, rather than just
those relating to location, may be particularly important to identity . This is because it
is found that some identities (because, for example, of the properties or method of operation
of associated telecommunications networks) are particularly effective or less prone to
problems than others for particular mobile telecommunications devices.
Preferably each said identity comprises an IMSI.
The one or more parameters comprise a handset type. This may be as determined from the
TAC code in the IMEI of the handset. The one or more parameters may also comprise a
subscription type ated with the device, wherein the subscription type relates to one or
more of a device operating system and a communication type. These ters allow for
an effective choice of identity to avoid difficulties which may occur with particular
combinations of mobile communications device and k.
If there is no match established by the identity management rule to a specific identity, a new
identity may be selected from a pool of matching identities.
ageously, a process of modifying the active identity is determined according to the
one or more parameters of the device. This allows modification of the active identity to be
carried out effectively in accordance with the capabilities of the device itself.
Advantageously, if on ing the active identity no service is provided to the new active
identity, the active identity is ed to a backup identity ent from the ty for which
no e was provided. This ensures that the device is not fixed with an identity which is
theoretically the best, but which has in practice a service problem – with this ch,
service will still result even if the initial identity choice is ineffective.
In a further aspect, the invention provides a subscriber identity module for use in a
mobile telecommunications device and having a plurality of identities for use in a mobile
telecommunications network, the subscriber identity module sing a memory and a
processor, wherein the memory comprises an identity management process for execution by
the processor and an identity database, wherein when installed within the mobile
telecommunications device the processor is adapted to:
on triggering within the mobile telecommunications device itiate the ty
management s;
detect one or more parameters associated with the mobile telecommunications
device;
in the identity management process, selecting an identity management rule to
prioritise identities for use as an active identify for the mobile telecommunications device,
wherein the identity management rule selected is determined by the one or more parameters
in the identity management process, search an identity database in the mobile
telecommunications device wherein each record comprises an ty and additional ty
information including an MCC and MNC for each identity, wherein the searching tises
records according to the identity management rule;
in the identity management process, select an identity from the identity database
when a record conforming to the identity management rule is found in said searching
wherein selecting an ty comprises matching of some or all of an MCC or an MNC value
and then selecting a pooling mechanism, the pooling mechanism being used to provide an
appropriate IMSI;
and in the identity management s, modify an active identity of the mobile
telecommunications device to be the selected identity when the active ty is not already
the selected identity.
Preferably each of the ity of identities are IMSIs.
Preferably the one or more parameters comprise a handset type.
Preferably the handset type is determined from the TAC code in the IMEI of the mobile
telecommunications device.
Preferably the one or more parameters comprise a subscription type associated with the
mobile mmunications device, wherein the subscription type relates to one or more of a
device operating system and a communication type.
Preferably if there is no match established by the identity management rule to a specific
identity, a new identity is selected from a pool of matching identities that match some or all of
an MCC or an MNC.
Preferably if on modifying the active identity no service is provided to the new active identity,
the active identity is modified to a backup identity different from the identity for which no
service was provided.
In yet another aspect the present invention consists in a method of managing identities
for use in a mobile telecommunications device in a mmunications network as
herein described with reference to any one or more of the accompanying drawings 2 through
In still yet another aspect the present invention ts in a subscriber identity module
for use in a mobile telecommunications device as herein described with reference to any
one or more of the anying drawings 2 through 7.
Brief Description of Drawings
Specific embodiments of the ion will be bed below, by way of e, with
reference to the accompanying drawings, of which:
Figure 1 is an overview of a conventional communications system in which aspects of the
present invention can operate;
Figure 2 is a functional block diagram of a system in which ties may be provided by a
central service, and also show the elements of a SIM in accordance with embodiments of the
invention;
Figure 3 shows elements of an identity management process in accordance with one aspect
of the invention;
Figure 4 illustrates different possible trigger steps in the s of Figure 3, and their
consequences;
Figure 5 rates an IMSI selection procedure for use in the process of Figure 3;
Figure 6 illustrates a process for managing an IMSI pool for use in the IMSI selection
procedure of Figure 5; and
Figure 7 illustrates a data record structure for use in the s of Figure 3.
Detailed Description of Preferred Embodiments
Figure 1 provides a schematic entation of two cellular telecommunications networks,
one in the UK and one in Italy, to indicate the general roaming problem addressed by
embodiments of the invention. In reality there are many more Mobile Network Operators
(MNO), Mobile Virtual Network ors (MVNO) or Mobile Virtual Network Enablers
(MVNE), and as such many more cellular telecommunications networks. However, Figure 1
represents only two networks for simplicity.
When a first user makes a call from a first mobile phone 10 in the first user’s local k,
for example, in the UK, to a second user 20 in a foreign network (i.e. Italy), the call is routed
through the local network’s base station subsystem (BSS) 30 to a local network switching
subsystem (local-NSS) 32, the call is then routed through the Signaling System Number 7
(SS7) 34 network to the foreign network, and through a foreign k switching subsystem
(foreign-NSS) 36 to the foreign network’s base station subsystem 38. The call is finally
routed to the second user’s mobile phone 20. Calls in the opposite direction are routed in the
same way, h the foreign k’s base station subsystem , to the foreign network
switching subsystem 36, through SS7 34 to the local network ing subsystem (local-
NSS) 32, on to the local network’s base station subsystem (BSS) 30, and finally to the first
mobile phone 10.
The way that the call is routed to the correct recipient is through a plurality of location
registers which form part of the network subsystems. For every user ered in a
particular cellular telecommunications network, there is a record held in that network’s Home
Location Register (HLR) 40, 42. The HLR 40,42 is a l database that contains details of
each mobile phone subscriber that is authorized to use that particular k.
The HLR stores details of every Subscriber Identity Module (SIM) card issued by the mobile
phone or (i.e. MNO, MVNO or MVNE). A SIM is a plastic card with embedded
electronic circuitry, which is inserted into the mobile phone. Each SIM has a unique identifier
called an International Mobile Subscriber Identity (IMSI) which is a primary key to each HLR
record. IMSIs are used in any mobile network that interconnects with other networks,
including CDMA and EVDO networks as well as GSM networks.
An IMSI is usually 15 digits long, but there are some exceptions. Typically the first 3 digits
are the Mobile Country Code (MCC), followed by the Mobile Network Code (MNC), (either 2
digits (European rd) or 3 digits (North American standard)). The remaining digits
contain a mobile station identification number (MSIN) within the network's customer base.
SIMs also comprise one or more MSISDNs, which are the telephone numbers used by
mobile phones to make and receive calls. Each MSISDN is also a y key to the HLR
record.
In summary, there is a relationship between the HLR, MSISDN, IMSI, and the SIM. The SIM
is the physical device which contains a record of the IMSI. The MSISDN is the unique
number identifying the mobile phone. The IMSI is the unique identifier of the user
subscribing to the network, and the HLR is the system that maps MSISDNs to IMSIs and
vice versa.
The above holds true when a user ‘roams’ away from their home/local network to a n
network also called a roamed-to network. However, when a mobile phone attempts to
t to a network which is not the home/local network, the roamed-to k
communicates with the home network in order to verify whether the mobile phone is
authorised to use the roamed-to network. This communication is possible because there are
reciprocal agreements n many of the available network operators.
When a user roams away from their home e and into an area served by another
operator, messages are exchanged over the SS7 network and the roamed-to network
operator obtains information from the home network’s HLR and creates a temporary record
for the subscriber in its Visitor Location Register (VLR) 44, 46. The VLR is a database which
is maintained by a network operator (in the same way as the HLR is maintained). However,
the VLR of the Mobile Switching Center (MSC) contains temporary information about mobile
users that are currently located within the service area of that MSC. When calls are made
from the mobile phone, the VLR is checked for authorisation, and ng isation is
permitted, the Mobile Switching Center (MSC) permits tracking of the use of the mobile
phone for billing es. The HLR subscriber profile (i.e. which services are allowed) is
downloaded to the VLR when subscribed user registers on (connects to) the network (same
for g and home network). All call handling and billing related call data record (CDR)
tion is done by the MSC - the HLR is not involved.
So using the example in Figure 1, a user subscribed to a mobile network operator in the UK
visits Italy. When the user arrives in Italy and turns on the mobile phone, the mobile phone
will try to connect to an available Italian network operator 36. The Italian k operator
can identify from the IMSI number stored in the SIM card that the user is not subscribed to
the Italian network, and as such, will contact the user’s home network 32 in the UK to verify
whether the user is authorised to use the Italian network.
The VLR 46 updates the HLR 40 in the UK, with location information over SS7 with a
Location Update message (LU). The LU message is routed to the HLR(UK) based on the
global title ation of the IMSI that is contained in a Signalling Connection Control Part
(SCCP) field of the LU. The HLR(UK) informs the VLR(IT) as to the status of the subscriber
and whether e is to be provided in the roamed-to network, i.e. the n network. If the
user is authorised, the Italian network generates a temporary record for the user in the Italian
VLR 46.
As described above, there are problems associated with roaming services in that users
connected to a roamed-to network incur heavy surcharges when making or receiving calls or
using data services on their mobile phones. This is true regardless of where the user is
calling, or who is calling the user. In the above example, the user visiting Italy will incur
roaming charges when g local Italian phone numbers as well as calling phones in the
home network in the UK and elsewhere. Similarly, roaming charges will be d to
incoming calls from either UK, Italian or other phone numbers.
The prior art methods for reducing these roaming s are cumbersome as they require
the user to purchase, carry around, and maintain the accounts of, many different SIM cards,
or they e a high degree of user interaction in order to utilise one of the services to
circumvent these roaming charges. However, as described above there are many known
problems with these services.
As bed above, , the disclosure of which is incorporated by reference
herein to the extent permitted by law, provides an additional central server within a typical
cellular mmunications network. The additional l server is able to provide, as
required, a ity of additional IMSIs to a mobile phone, when the mobile phone is
connected to a roamed-to network in another country/region. The onal central server is
referred to as an IMSI Broker. In such a system, the IMSI Broker is arranged to determine
whether the SIM card in the mobile phone has an appropriate IMSI for the roamed-to
network. The SIM cards required for this embodiment of the invention are e of storing
a plurality of alternative IMSIs for different networks, together with associated rules
governing when the alternative IMSIs should be used. In this embodiment, the IMSI broker
has access to a database store of alternative (new) IMSIs for multiple foreign networks
(FNOs) and is arranged to distribute these new IMSIs as necessary to users who are
subscribed to a network comprising an IMSI broker and, who are g across networks.
In this arrangement, each SIM has the capability of storing a plurality of IMSIs that can be
used in a ic territory (country or region) to achieve the best possible calling rates. The
SIM also has a set of rules to drive the selection of the best possible IMSI. Every time a user
enters a different ory (mostly a new country, but it could also be a new region within a
country), the IMSI Broker will issue the best le IMSI and IMSI selection rules for that
territory. The IMSI Broker will send this new IMSI to the SIM via Over The Air (OTA). This
solution eliminates the need to swap out SIMs when new wholesale network deals become
available. Subscribers are issued an additional IMSI when and where available.
Updates and management of the data in the SIM can be achieved over the air interface
using any available OTA radio connection. Some examples, include but are not limited to,
cellular signalling channels, cellular data connections, text messaging, WiFi, Bluetooth &
WiMAX. A person skilled in the art will appreciate that ‘OTA’ shall include all possible
connections to the mobile handset and any other method of transferring data to the t
device such as wired connection to a PC, Infra-Red and so on.
Using this approach, the SIM may, at the time of manufacture, be programmed to include a
plurality of IMSIs corresponding to popular destinations. In another embodiment, the SIM
may be programmed with a plurality of IMSIs at registration with the network, in accordance
with user selection of countries or territories to which the user s to visit in the future. In
another embodiment, the SIM may only se one IMSI after cture and
registration, such that all of the new/alternative IMSIs are delivered from the IMSI Broker as
and when the user visits new countries/territories.
SIMs are evolving continuously, and currently known SIMs may be capable of storing up to
256 different IMSIs in the SIM’s memory. This number is likely to se further. r,
regardless of the number of IMSIs that the SIM is able to hold, other memory constraints
may mean that an upper limit is placed on the number of IMSIs to be stored within the SIM.
In cases where an upper limit is reached, according to one ment of the present
invention, the SIM is able to dynamically ite a stored IMSI with a newly obtained IMSI.
The decision as to which IMSI is overwritten can be based on a number of factors, for
example, any unused IMSI may be the first to be overwritten. Likewise IMSIs that have been
used the least, or which have been used less frequently may be overwritten before more
r/recently used IMSIs.
While embodiments of the present invention may be used effectively with the IMSI Broker
described here, and in more detail in , the IMSI Broker is not itself an
aspect or feature of the present invention, which is ed to management of identity at a
mobile device.
Figure 2 shows a schematic ew of an integrated IMSI Broker 108 and a handset SIM
530 in communication with it over a network. In this sense, k need not be limited to
the physical network which is operated by a single network operator. In other words, the
term network may be taken to mean a collection of co-existing networks.
The MSC of a k communicates with the HLR 111, which in turn communicates with
the IMSI Broker 108 and an Intelligent Network (IN) / Back-office Services system (BSS)
module 113. The IN/BSS module has access to a user dB which comprises a record for
each user subscribed to the network. The IN/BSS module 113 is sible for monitoring
the user’s usage, i.e. voice calls, SMSs, data usage etc, such that a record is kept for billing
purposes. In one embodiment, the IN module 113 is also responsible for ensuring that caller
ID information, also known as Caller Line Identification (CLI), is stored and provided during
calls while roaming, to ensure that there is transparency for the called parties.
The IMSI Broker 108 has access to an IMSI Pool 109, which is a database comprising a
plurality of available IMSIs for different territories/locations. IMSIs by their nature are territory
specific. They are both country specific, and may also be region specific in countries (i.e.
USA, India) where there may be surcharges for regional roaming as well as international
roaming. An IMSI which is registered on an HLR in one territory will be deemed to be
roaming if connected to a network/HLR in a different territory. Therefore, for each territory in
the IMSI Pool 109 there is a sub-pool or range of suitable IMSIs which may be used. This is
described in more detail later.
The IMSI Broker 108 comprises an IMSI r 500, and IMSI checker 510, and a rules
manager 520.
The network also comprises an OTA module which is arranged to send update messages to
mobile phones as necessary. The update messages may e alternative IMSIs and/or
rule update es. This updating mechanism is not d to provision of alternative
IMSIs or associated rules – it may also be used to provide other updates to the SIM card
(such as new versions of installed software) and also for verification of settings.
The HLR is further arranged to communicate with a plurality of foreign networks (operated by
n k operators FNOs). The communication channel between the HLR and foreign
networks is through the SS7 network.
Figure 2 also comprises a schematic block diagram of the functional components within the
SIM 530. As shown the SIM comprises a current IMSI 540, a current MSISDN 542, a SIM
application (SIMAPP) 544 for executing functional steps on the SIM, and a database 546 of
available IMSIs, associated rules, and MSISDNs.
The d person will review for further details of the IMSI Broker system,
as required. Embodiments of the present invention will now be described with reference to a
SIM of the type illustrated in Figure 2 – as indicated above, such a SIM may or may not be
used in connection with an IMSI Broker system as indicated here, or may be used
independently of such a system (or with a different type of system for providing user
identities where required).
In one aspect, aspects of the invention involve a method of managing ties for use in a
mobile telecommunications device in a mmunications network, the method comprising:
triggering an ty management process;
detecting one or more parameters associated with the mobile telecommunications
device;
in the identity management process, selecting an identity ment rule
determined by the one or more parameters detected;
in the identity management process, searching an identity database wherein each
record comprises an identity and additional identity information for each identity, wherein the
ing prioritises records according to the identity management rule;
in the identity ment process, selecting an identity when a record conforming
to the identity management rule is found in said ing; and
in the identity management process, modifying an active identity of the mobile
telecommunications device to be the selected identity when the active identity is not already
the selected identity.
This approach can be used on different types of telecommunications network, but is effective
on a GSM network, or on a 3G or LTE network as specified by 3GPP. The SIM may be a
conventional SIM, or may be a USIM running on a smart card running on a 3G phone – the
term “SIM” will be used hereafter for all types of SIM, whether embodied as a SIM card, an
application on a smart card, or a e instantiated virtually. ageously, such a SIM is
designed and implemented according to currently applicable standards (at the present time,
such standards include ETSI TS 1, ETSI TS 131 101, ETSI TS 102 221, ETSI TS 131
102, ETSI TS 131 111 and ETSI TS 151 014). An effective ch for implementing the
method to be described is a USIM and SIM combination in which the SIM and USIM
(hereafter called ) are designed and implemented as per ETSI TS 151.011, ETSI TS
131 101, ETSI TS 102 221, ETSI TS 131 102, ETSI TS 131 111 and ETSI TS 151 014.
Additionally, an application and additional files are added to the (U)SIM that implement the
method.
As shown in Figure 3, there are a series of main stages are present in a process operated
according to an embodiment of the invention. These are a trigger step 1, an identity selection
step 2, a pooling identity selection step 3, and an ty swap step 4, 5. The identity
selected and swapped is in this case an IMSI – the approach shown here may however be
applied to the selection and ng of other ty types. Also described below, though
not shown in Figure 3, is a ism for making status queries.
Figure 4 illustrates different possible trigger steps and their consequences. In embodiments,
any of the following events can trigger further operation of the application:
· The (U)SIM coming out of RESET
· A SIM or card application toolkit profile download received by the (U)SIM.
· A SIM or card application toolkit EVENT(Location Status)
· A change to the contents of any ic UICC file.
· A STATUS command is received by the (U)SIM.
· A specific plugin is called in the WIB environment.
· By a specific message over a Java shareable interface.
· A change to the IMSI storage file used by the application by a message from a
remote service (IMSI Broker).
· An instruction to change IMSI to a specific IMSI from a remote service (IMSI Broker).
· An instruction to change the IMSI selection mode to ‘AUTOMATIC’ from a remote
service.
If the trigger is the (U)SIM coming out of RESET then the application shall initialise itself. As
part of this initialisation the SIM may either remove all networks from the forbidden list
(defined in ETSI TS 151 011 and ETSI TS 102 221) or remove just the preferred network for
the current known location before the handset reads this file. Optionally if the IMSI selection
mode is set to ‘MANUAL’ then the IMSI selection mode may be changed to ‘AUTOMATIC’.
If the trigger is the (U) SIM receiving a SIM or card application toolkit profile download then
the application shall analyse the contents of the profile download to determine the level of
support the handset has for different s of the application function. If the handset
supports the SIM or Card application toolkit EVENT(Location Status) then it shall use
incoming events to automatically trigger IMSI s, and otherwise it shall monitor
changes in the (U)SIM files and STATUS commands to trigger IMSI changes. OTA triggers
and triggers from other applications on the card (such as the WIB or Java applications) shall
always be available regardless of the TERMINAL PROFILE.
If the trigger is a SIM or card application toolkit Location ) then the application
shall the application shall use the PROVIDE LOCAL INFORMATION (cell id) to determine
the network connection status and the MCC and MNC of the current network (if ble)
and then follow the IMSI selection procedure.
If the trigger is a change to any ic file being monitored for this purpose then ing
the file change the application shall use the PROVIDE LOCAL INFORMATION (cell id) to
determine the network connection status and the MCC and MNC of the current network (if
available) and then shall follow the IMSI selection procedure.
If the trigger is a STATUS command is received by the (U)SIM then the application shall
decide whether this STATUS command shall be used as a trigger. This may be decided
based on the number of STATUS commands received or by some other means. If triggered
by the STATUS command, the application shall use the PROVIDE LOCAL INFORMATION
(cell id) to determine the network tion status and the MCC and MNC of the current
network (if available). It will then follow the IMSI selection ure.
If the r is a change to the IMSI storage file used by the application or due to a WIB
plugin call with the trigger type set to automatic, or due to a communication with a Java
ation over a shareable ace where the selection mode is set to automatic, or a
message from a remote service (IMSI Broker) to go into ‘AUTOMATIC’ mode, then the
application shall use the PROVIDE LOCAL INFORMATION (cell id) to determine the
network connection status and the MCC and MNC of the current k (if available). It will
set the IMSI selection mode to ‘AUTOMATIC’ and then follow the IMSI selection procedure.
If the trigger is the selection of a specific IMSI either due to a WIB plugin call with the trigger
type set to manual or due to a communication with a Java application over a shareable
interface where the selection mode is set to manual or due a message from a remote service
(IMSI Broker) then the IMSI ion mode shall be set to ‘MANUAL’ and the IMSI swap
process shall be followed using the specified IMSI.
The IMSI selection procedure will now be bed. The procedure described below in
detail is the automatic process, but there is also an option to bypass the automatic process
by allowing manual selection.
The automatic IMSI selection s is a 2 step procedure:
• Step 1 (shown in Figure 5) – Selection of an IMSI based on a specific action based
on the type of handset and network detected
• Step 2 (shown in Figure 6) – Selection of an IMSI based a set criteria from a pool of
IMSIs available for this purpose (pooling). This selection is not based on the current
network.
On entry to the IMSI selection procedure, if the IMSI selection mode is set to manual then
the method ends with no change.
If the IMSI selection mode is set to automatic then the handset IMEI is detected, the
subscription type is read from the SIM and the MCC and MNC is retrieved from the result of
a PROVIDE LOCAL ATION – Cell ID SIM toolkit d. This process is
bed below in more detail with reference to Figure 5. It comprises two main stages:
determination of the subscription type, and determination of the IMSI to use based on
subscription type and network code.
The process is started by a specific action (step 1001), for example as discussed above with
regard to triggering steps. The IMEI (International Mobile ent ty, providing a
unique identity for each mobile device) for the device is then retrieved (step 1002), and the
TAC code retrieved (the TAC or Type Allocation Code identifies the model and origin of the
device and is provided as an 8-digit number g part of the IMEI).
The TAC code is then matched to a record stored in the SIM (steps 1003 and 1004). This
need not be an exact match – a wild card mechanism may be used to match only part of the
TAC code. If a record is found (step 1006) then the actual subscription type to be used and
the swap mechanism to be used is determined from that record by using the initial
subscription type from the SIM. As discussed below, the swap mechanism is also made
dependent on parameters of the device itself. If no specific IMEI TAC is d (step
1005) then a record marked as a default entry may be used - the actual subscription type to
be used and the swap mechanism to be used is then determined from that record by using
the l subscription type from the SIM. If no t entry exists for the IMEI matching
then the subscription type is unmodified and the swap mechanism to be used shall be the
t swap mechanism set by the method.
Like t type, subscription type is also a property of the mobile device itself. In some
cases, this will be determined by the operating system and processes of the device itself (for
example, Apple and BlackBerry devices are differentiated in this way). It may also be
determined by r the device is operating according to a prepaid or a y protocol,
or by whether the device is configured for voice, data, or a combination of the two.
Once the handset type and subscription type have been established, this is used for IMSI
selection. Firstly, a currently active network is determined (step 1007) and an attempt is
made to match the MCC/MNC combination of the current network to a record stored in the
SIM (step 1008). As described previously for the IMEI/TAC, a wild card mechanism may be
used to match only part of the MCC/MNC code.
If a record is found (step 1009) then the IMSI to be used (or a reference to that IMSI) is
determined by using the IMSI assigned for the current subscription (step 1010). This will
typically be a unique choice already determined for that description. After the selection, the
IMSI swap process is initiated (step 1011) as is described further below. However, if no
entry exists for the MCC/MNC code matching (step 1012) then a pooling mechanism is used
to provide an appropriate IMSI. This is discussed with reference to Figure 6.
The pooling process indicated in Figure 6 relies on the handset type and iption being
known as discussed above – the handset type and subscription constrain the choices
available in the pooling process to those which are suitable for that t and
subscription. The process is called if there is no match to a specific MCC/MNC.
There are many mechanisms specified for IMSI pooling and further s can be added
remotely over the air. The ion of the pooling mechanism to use may be stored on the
SIM, or may be ed as an input to the process through the trigger.
In the embodiment described here, the following mechanisms may be supported:
· Use first entry – always use the IMSI based on the subscription type for the first entry
in the pooling list.
· Match first occurrence of MCC – use the IMSI indicated based on the subscription
type for the first pooling record that contains the current MCC else use first record.
· In rotation - use the IMSI indicated based on the subscription type for the next
pooling record from the pooling record used prior to the last switch on.
· Random - use the IMSI indicated based on the subscription type for the randomly
selected pooling record chosen at switch on.
· External application – one or more external application is called to make the IMSI
selection.
The implementation of these choices and the resulting process is shown in Figure 6.
If the new IMSI is different from the t IMSI then the IMSI swap s is followed.
If the new IMSI is the same as the current IMSI and if the current IMSI is not allowed to
connect to the “allowed k” for that IMSI (this may be indicated as a “limited service”
response to a E LOCAL INFORMATION(Cell ID) command, a “limited service”
indication in the EVENT(Location Status) or a “PLMN not allowed or “Routing area not
allowed” in any Loci file.) then the r service process indicate below is followed.
If the SIM is in “network backup mode” the MCC indicated is the same as the previous MCC
indicated then the r e process is followed. r, if the SIM is in “network
backup mode” the MCC indicated is different to the previous MCC indicated then the
“network backup mode” is cleared.
The network recover service is used when the expected service is not available. This
feature, which is an option which may be disabled without affecting the operation of other
features of this embodiment, is used to try and deliver service to a user when the
automatically chosen IMSI is den on a network that the SIM expects service. The
recover service process checks if a backup IMSI value indicated for the current record is the
same as the current IMSI. If it is not the same, the IMSI will be changed using the IMSI
change procedure. The SIM shall then set rk backup mode” as being in effect.
The manual selection process may be chosen as an alternative to the automatic process,
and may be triggered, for example, by a WIB plugin, a java applet via the shareable interface
or by an OTA update of the EF manual IMSI file.
Using this approach, If the IMSI value indicated manually is different to the current IMSI then
the ation checks the IMEI of the device and matchesit to a record in EF
IMEI_Specific_Info. The indicated IMSI swap ism for that IMEI (or the default record
if there is no match) stored on the SIM is then used to change the IMSI.
Returning to Figure 3, the Change IMSI process to allow IMSIs to be swapped is carried out
as follows.
On entry into the IMSI swap procedure the application first checks whether the new IMSI to
be ed is the same as the existing IMSI being used.
If it is the same, then the application exits without making any change to the IMSI and its
associated parameters.
If it is different, then the Change IMSI procedure is actioned. This process is started if the
SIM determines it needs to change IMSI. The IMSI swap process is based on the handset
type and its associated entry in the record for that handset type.
The following processes may be supported, for example:
· Refresh (type 6) with all change files notified
· Refresh (type x) where x is passed to the routine
· Display to user asking them to switch the phone off then on again
· through a separate application 1
· through a separate application 2
The particular process to be ed may be ined for a specific handset type chosen
to be in accordance with the handset lities in order to ensure effective function.
The application uses the card application toolkit REFRESH command to reset the
GSM/3G/LTE session and to inform the handset that the following files have changed. If the
t does not support this command an alternative approach will be taken, such as the
application ting that the user switches the handset off and on using the card
application toolkit DISPLAY TEXT d. Alternatively, for particular handsets a
different application entirely may be initiated.
When the UICC restarts, either due to the REFRESH or to whatever change process is
used, in embodiments the application may change the following before the handset reads
them:
· EF IMSI in DF GSM and ADF USIM are set to the new IMSI.
· EF SMSP is changed to the SMSC value relevant to the new IMSI (optional).
· EF OPLMNwACT is changed to the correct t relevant to the new IMSI
(optional).
· The authentication parameters are set to the relevant values for the new
IMSI(optional).
The EF LOCI and EF PS_LOCI in DF_GSM and ADF USIM are set to their initial provisioned
value.
The modification of identity may include the modification of one or more of the following files
in the SIM: EF LOCI, EF PS_LOCI, EF GPRS_LOCI, EF OPLMNwACT, EF PLMNwACT, EF
HPLMNwACT, EF PLMNsel, EF FPLMN and EF HPPLMN.
Figure 7 tes the types of record held by the SIM in the course of this process and the
respective record structures. A single initial information record will indicate, for example, a
subscription type and a pooling mechanism to use. Device type records may indicate, for
example, modifiers to a iption type (an initial voice and data subscription may for
example need modification to indicate that the device is a BlackBerry, with its own data
handling protocols). A specific MCC record may effectively divide IMSI and PLMN lists by
appropriate subscription, as may pooling records. A specific IMSI record may indicate not
only the IMSI, but tication, address and network identity information too.
The information used for these processes may be used for more than IMSI selection. The
method may in ments include a query process that allows other applications to ask
whether the current IMSI is the correct IMSI. This method may also generate an event for
other applications when the correct IMSI is selected and the handset is in a stable state.
This event will have a means for the receiving application to register and de-register for this
alert. All aspects of the process may be logged in this way.
This approach allows for reliable management of ty at a mobile handset, ility
being ed by enabling the procedure to be sed for different handset and
subscription types – while described here with reference to IMSI data, it is also applicable to
other types of identity for use with a ication network. This approach is also
effectively used in ation with an IMSI Broker as discussed in , which
can dynamically provide new identities and supporting information and parameters to a
mobile handset, and which can also be a source of trigger events to prompt a change of
IMSI where this is determined to be desirable.
The ional data contained in a database record of IMSI data may ally contain
primary data or links or pointers, optionally nested, to additional operational data contained
other SIM se files.
The SIM database may optionally be pre-loaded at manufacture, or modified by OTA
information sent from the host system.
The term territory used herein is ed to mean any specific locality, this may be in terms
of countries, regions and possible even for given networks.
The terms mobile phone, handset, mobile terminal, communications device may be
considered as being interchangeable within this document.
Throughout the tion and the claims, the terms “comprises”, “comprising” and the like
are used in an inclusive rather than an exclusive or exhaustive sense, that is, in the sense of
“including but not limited to”.
Claims (18)
1. A method of managing identities for use in a mobile telecommunications device in a telecommunications network, the method comprising: 5 triggering an identity management process in a subscriber identity module of the mobile telecommunications device connected to a mobile telecommunications network; detecting at the mobile telecommunications device one or more parameters associated with the mobile telecommunications device; in the identity management s performed within the subscriber identity module, 10 selecting an identity management rule to tise identities for use as an active identity for the mobile telecommunications device wherein the identity management rule selected is determined by the one or more ters detected; in the identity management process performed within the subscriber identity module, searching an identity database in the mobile telecommunications device wherein each 15 record comprises an identity stored in the iber identity module and additional identity information including an MCC and MNC for each identity, wherein the searching prioritises records according to the identity management rule; in the identity management process, performed within the subscriber identity module, selecting a selected identity when a record conforming to the ty management rule is 20 found in said searching, wherein selecting an identity comprises matching of some or all of an MCC or an MNC value and then selecting a pooling mechanism, the pooling mechanism being used to provide an appropriate IMSI; and in the identity management process, performed within the iber identity module, modifying an active ty of the mobile telecommunications device to be the selected 25 identity when the active identity is not already the selected identity.
2. A method as claimed in claim 1, wherein each said identity comprises an IMSI.
3. A method as claimed in claim 1 or claim 2, n the one or more parameters 30 comprise a handset type.
4. A method as claimed in claim 3, n the t type is determined from the TAC code in the IMEI of the mobile telecommunications device. 35
5. A method as d in any preceding claim, n the one or more parameters comprise a iption type associated with the mobile telecommunications device, wherein the subscription type relates to one or more of a device operating system and a communication type.
6. A method as d in any one of claims 1 to 5, wherein if there is no match 5 established by the identity management rule to a specific identity, a new identity is selected from a pool of ng identities that match some or all of an MCC or an MNC value.
7. A method as claimed in any one of claims 1 to 6, wherein a process of modifying the active identity is determined according to the one or more parameters of the device.
8. A method as claimed in any preceding claim, wherein if on modifying the active identity no service is provided to the new active identity, the active identity is modified to a backup identity different from the identity for which no e was provided. 15
9. A subscriber identity module for use in a mobile telecommunications device and having a plurality of identities for use in a mobile telecommunications network, the subscriber identity module comprising a memory and a processor, wherein the memory comprises an ty management process for execution by the processor and an identity database, wherein when installed within the mobile telecommunications device the 20 processor is adapted to: on ring within the mobile telecommunications initiate the ty management process; detect one or more parameters associated with the mobile telecommunications device; 25 in the identity management process, selecting an identity management rule to tise identities for use as an active ty for the mobile telecommunications device, wherein the ty management rules selected is determined by the one or more parameters detected; in the identity management process, search an identity database in the mobile 30 telecommunications device wherein each record comprises an identity and additional identity information including an MCC and MNC stored in the memory of the subscriber identification module for each identity, wherein the searching prioritises records according to the identity ment rule; in the identity ment process, to select an identity from the ty database 35 when a record conforming to the ty management rule is found in said searching wherein selecting an identity comprises matching of some or all of an MCC or an MNC value and then selecting a pooling mechanism, the pooling mechanism being used to provide an appropriate IMSI; and in the identity management process, to modify an active identity of the mobile telecommunications device to be the selected identity when the active identity is not already 5 the selected ty.
10. A subscriber identity module as d in claim 9, n each of the plurality of identities are IMSIs. 10
11. A subscriber identity module as d in claim 9 or claim 10, wherein the one or more parameters comprise a handset type.
12. A subscriber ty module as d in any one of claims 9 to 11, wherein the handset type is determined from the TAC code in the IMEI of the mobile telecommunications 15 device.
13. A subscriber ty module as claimed in any one of claims 9 to 12, wherein the one or more ters comprise a subscription type associated with the mobile telecommunications device, n the subscription type relates to one or more of a device 20 operating system and a communication type.
14. A subscriber identity module as claimed in any one of claims 9 to 13, wherein if there is no match established by the identity management rule to a specific ty, a new identity is selected from a pool of matching identities that match some or all of an MCC or an MNC. 25
15. A subscriber identity module as claimed in any one of claims 9 to 14, wherein a process of modifying the active identity is determined according to the one or more parameters of the device.
16. A subscriber identity module as claimed in any one of claims 9 to 15, wherein if on modifying the active identity no service is provided to the new active identity, the active identity 30 is modified to a backup identity different from the identity for which no service was provided.
17. A method of managing identities for use in a mobile telecommunications device in a telecommunications network as herein described with nce to any one or more of the accompanying drawings 2 through 7.
18. A subscriber identity module for use in a mobile telecommunications device as herein described with reference to any one or more of the accompanying drawings 2 through 7.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB1116159.3 | 2011-09-19 | ||
| GB1116159.3A GB2494710B (en) | 2011-09-19 | 2011-09-19 | Managing mobile device identities |
| PCT/GB2012/052301 WO2013041849A1 (en) | 2011-09-19 | 2012-09-18 | Managing mobile device identities |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| NZ622734A NZ622734A (en) | 2016-11-25 |
| NZ622734B2 true NZ622734B2 (en) | 2017-02-28 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9603006B2 (en) | Managing mobile device identities | |
| US10278060B2 (en) | Identity management for mobile devices | |
| AU2012311291B2 (en) | Managing mobile device identities | |
| EP2481227B2 (en) | Subscriber identification management broker for fixed/mobile networks | |
| EP2716086B1 (en) | Identity management for mobile devices | |
| AU2014227509B2 (en) | Subscriber Identification Management Broker for Fixed/Mobile Networks | |
| GB2473753A (en) | Automatic provision of a subscriber network identifier (e.g. IMSI) from a central network server to a roaming mobile device. | |
| NZ622734B2 (en) | Managing mobile device identities |