This article may rely excessively on sources too closely associated with the subject , potentially preventing the article from being verifiable and neutral.(October 2022) |
eUICC (embedded UICC [1] ) refers to the architectural standards published by the GSM Association (GSMA) [2] [3] or implementations of those standard for eSIM, a device used to securely store one or more SIM card profiles, which are the unique identifiers and cryptographic keys used by cellular network service providers to uniquely identify and securely connect to mobile network devices. Applications of eUICC are found in mobile network devices (cell phones, tablets, portable computers, security controllers, medical devices, etc.) that use GSM cellular network eSIM technology.
The core standards that define eUICC are published by the GSM Association in two topical areas.
Core standards for implementing eSIM on mobile devices include the following articles: [2]
GSMA publishes standards for machine-to-machine (M2M) third-party provisioning of eSIM which includes the following articles: [3]
eUICC can refer to any implementation or application of the eUICC standards in an eSIM device. Each implementation of eUICC includes software code, a processor to emulate the software, non-volatile memory used to store the unique identifiers and cryptographic keys that are part of a SIM profile, and a bus interface to communicate the SIM profile to the mobile device. eUICC standards specify that only one eUICC security controller (ECASD) may be implemented in an eSIM, but the eSIM may store multiple SIM profiles. [5]
GSMA standards define EID as "eUICC Identifier". [4] [6] Some developers / implementers have referred to this using the descriptive term "eSIM identifier", which summarizes the function of an eUICC Identifier. [7] [8] Some third parties have joined this acronym with the term "electronic identity document", which is a general concept of any identifier stored or presented in electronic format. [9] [10]
The Global System for Mobile Communications (GSM) is a standard developed by the European Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G) digital cellular networks used by mobile devices such as mobile phones and tablets. GSM is also a trade mark owned by the GSM Association. GSM may also refer to the Full Rate voice codec.
Short Message Service, commonly abbreviated as SMS, is a text messaging service component of most telephone, Internet and mobile device systems. It uses standardized communication protocols that let mobile phones exchange short text messages.
The international mobile subscriber identity is a number that uniquely identifies every user of a cellular network. It is stored as a 64-bit field and is sent by the mobile device to the network. It is also used for acquiring other details of the mobile in the home location register (HLR) or as locally copied in the visitor location register. To prevent eavesdroppers from identifying and tracking the subscriber on the radio interface, the IMSI is sent as rarely as possible and a randomly-generated TMSI is sent instead.
A SIMcard is an integrated circuit (IC) intended to securely store an international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephone devices. SIMs are also able to store address book contacts information, and may be protected using a PIN code to prevent unauthorized use.
Near-field communication (NFC) is a set of communication protocols that enables communication between two electronic devices over a distance of 4 centimetres (1.6 in) or less. NFC offers a low-speed connection through a simple setup that can be used for the bootstrapping of capable wireless connections. Like other proximity card technologies, NFC is based on inductive coupling between two electromagnetic coils present on a NFC-enabled device such as a smartphone. NFC communicating in one or both directions uses a frequency of 13.56 MHz in the globally available unlicensed radio frequency ISM band, compliant with the ISO/IEC 18000-3 air interface standard at data rates ranging from 106 to 848 kbit/s.
The International Mobile Equipment Identity (IMEI) is a numeric identifier, usually unique, for 3GPP and iDEN mobile phones, as well as some satellite phones. It is usually found printed inside the battery compartment of the phone but can also be displayed on-screen on most phones by entering the MMI Supplementary Service code *#06#
on the dialpad, or alongside other system information in the settings menu on smartphone operating systems.
MSISDN is a number uniquely identifying a subscription in a Global System for Mobile communications or a Universal Mobile Telecommunications System mobile network. It is the mapping of the telephone number to the subscriber identity module in a mobile or cellular phone. This abbreviation has several interpretations, the most common one being "Mobile Station International Subscriber Directory Number".
OMA SpecWorks, previously the Open Mobile Alliance (OMA), is a standards organization which develops open, international technical standards for the mobile phone industry. It is a nonprofit Non-governmental organization (NGO), not a formal government-sponsored standards organization as is the International Telecommunication Union (ITU): a forum for industry stakeholders to agree on common specifications for products and services.
The universal integrated circuit card (UICC) is the smart card used in mobile terminals in 2G (GSM), 3G (UMTS), 4G (LTE), and 5G networks. The UICC ensures the integrity and security of all kinds of personal data, and it typically holds a few hundred kilobytes.
The Open Mobile Terminal Platform (OMTP) was a forum created by mobile network operators to discuss standards with manufacturers of mobile phones and other mobile devices. During its lifetime, the OMTP included manufacturers such as Huawei, LG Electronics, Motorola, Nokia, Samsung and Sony Ericsson.
Machine to machine (M2M) is direct communication between devices using any communications channel, including wired and wireless. Machine to machine communication can include industrial instrumentation, enabling a sensor or meter to communicate the information it records to application software that can use it. Such communication was originally accomplished by having a remote network of machines relay information back to a central hub for analysis, which would then be rerouted into a system like a personal computer.
A mobile signature is a digital signature generated either on a mobile phone or on a SIM card on a mobile phone.
Truphone is a GSMA-accredited global mobile network that operates its service internationally. The company is headquartered in London and has offices in ten other countries, being spread across four continents.
SIM Application Toolkit (STK) is a standard of the GSM system which enables the subscriber identity module to initiate actions which can be used for various value-added services. Similar standards exist for other network and card systems, with the USIM Application Toolkit (USAT) for USIMs used by newer-generation networks being an example. A more general name for this class of Java Card-based applications running on UICC cards is the Card Application Toolkit (CAT).
A Central Equipment Identity Register (CEIR) is a database of mobile equipment identifiers. Such an identifier is assigned to each SIM slot of the mobile device.
Video Share is an IP Multimedia System (IMS) enabled service for mobile networks that allows users engaged in a circuit switch voice call to add a unidirectional video streaming session over the packet network during the voice call. Any of the parties on the voice call can initiate a video streaming session. There can be multiple video streaming sessions during a voice call, and each of these streaming sessions can be initiated by any of the parties on the voice call. The video source can either be the camera on the phone or a pre-recorded video clip.
The (U)SIM interface is the connecting point of the mobile phone and the UICC with its SIM or USIM application.
An eSIM is a form of SIM card that is embedded directly into a device. Instead of an integrated circuit located on a removable SIM card, typically made of PVC, an eSIM consists of software installed onto an eUICC chip permanently attached to a device. If the eSIM is eUICC-compatible, it can be re-programmed with new SIM information. Otherwise, the eSIM is programmed with its ICCID/IMSI and other information at the time it is manufactured, and cannot be changed. Different mobile telephones may not support an eSIM, may have a permanently programmed, unchangeable one, or one that can be reprogrammed for any carrier that supports the technology. Phones may support physical SIMs only, eSIM only, or both.
Remote SIM provisioning is a specification realized by GSMA that allows consumers to remotely activate the subscriber identity module (SIM) embedded in a portable device such as a smart phone, smart watch, fitness band or tablet computer. The specification was originally part of the GSMA's work on eSIM and it is important to note that remote SIM provisioning is just one of the aspects that this eSIM specification includes. The other aspects being that the SIM is now structured into "domains" that separate the operator profile from the security and application "domains". In practise "eSIM upgrade" in the form of a normal SIM card is possible or eSIM can be included into an SOC. The requirement of GSMA certification is that personalisation packet is decoded inside the chip and so there is no way to dump Ki, OPc and 5G keys. Another important aspect is that the eSIM is owned by the enterprise, and this means that the enterprise now has full control of the security and applications in the eSIM, and which operators profiles are to be used.
Karsten Nohl is a German cryptography expert and hacker. His areas of research include Global System for Mobile Communications (GSM) security, radio-frequency identification (RFID) security, and privacy protection.