You can also read more about this and Multi-factor Authentication (MFA) on Wikipedia here.
Thursday, 8 August 2013
You can also read more about this and Multi-factor Authentication (MFA) on Wikipedia here.
Wednesday, 24 July 2013
Sunday, 17 February 2013
Related presentation on slideshare here.
Sunday, 20 May 2012
At issue is the shape and size of the standard next-generation SIM: Apple and a band of network operators want a tray-requiring shape and contacts that would permit a convertor for backwards compatibility with chunkier old SIMs. Nokia, Motorola and RIM have pushed for a new contact pattern and a notched SIM for clunk-click, and tray-less, insertion.
The new proposal, apparently put forward by RIM and Motorola, is a compromise but it hasn't secured backing from either of the most-belligerent parties - yet. Copies of the design, as well as Moto's presentation in March that compared the competing interfaces, have been seen by the chaps at The Verge.
What all parties agree on is that a smaller SIM is needed: the first SIMs were the same size as credit cards (conforming to ISO7816), while the second form factor (2FF) is the SIM with which most of us are familiar (conforming to GSM 11.11). Next was the microSIM (3FF), popularised by Apple's adoption in the iPhone; the 3FF just trims off the excess plastic while maintaining the contact pattern.
The undecided 4FF standard (dubbed the nanoSIM) will be thinner as well as smaller, and almost certainly feature a different contact pattern to make that practical, although how different is part of the ongoing debate.
The Apple-backed 4FF proposal was for a contact-compatible SIM with smooth sides necessitating an insertion tray, while Nokia wanted the contacts shifted to the far end and a notch along the side for easy push-to-lock fitting. The new RIM-Moto proposal, if genuine, places the contacts in compatible locations while maintaining the Nokia notch, appeasing both parties or perhaps annoying them both equally.
There have been claims that Nokia is just trying to protect its patent income, fanned by Apple's offer to waive its own IP fees if its proposal were adopted. That's something of a red herring as Apple's hasn't much IP in this area and Nokia's patents cover much more than the physical shape of the SIM so its revenue is pretty much assured.
Not that Nokia has helped itself by threatening to deny patent licences if its own proposal isn't adopted, claiming that Apple's divergence from rules laid down by telecoms standards body ETSI relives Nokia of its FRAND commitment to licence its technology on a fair and reasonable basis.
Wednesday, 9 May 2012
Monday, 2 April 2012
While looking for how the nano-SIM is different from other SIM cards I came across an interesting presentation from G&D. The above picture summarises the different types of SIM cards in use. The following is an extract from their whitepaper:
When the GSM network first appeared, mobile devices resembled bricks or even briefcases, and SIM cards were the size of credit cards. The subsequent miniaturization of the phones led to the standardization of smaller SIMs, the Plug-in SIM, and later the Mini-UICC also known as 3rd form factor (3FF). With the introduction of Apple’s iPad, the 3FF, or the Micro-SIM as it was then called, established itself widely in the market.
Nevertheless, the trend towards miniaturization of the SIM card is still not over. The latest form factor which is currently in discussion at ETSI (European Telecommunications Standards Institute) is the 4th form factor (4FF) or Nano-SIM. Measuring 12.3 x 8.8 mm, the Nano-SIM is about 30 percent smaller than the Micro-SIM. Even the thickness (0.7 mm) of the card has been reduced by about 15 percent – a tremendous technical challenge.
The Nano-SIM offers device manufacturers the crucial advantage of freeing up extra space for other mobile phone Nano-SIM The smallest SIM form factor on the market components such as additional memory or larger batteries. Popular smart phones in particular have to strike a balance between the need for components that are more powerful but bulkier and a slim design. The reduced volume of the 4FF gives manufacturers the opportunity to produce devices that are thinner and more appealing.
In case you were wandering the differences that are causing the disagreements, here are the differences between the formats:
Thursday, 22 March 2012
I have mentioned before that UICC is the physical card and 2G SIM/USIM/ISIM are applications on the UICC card. The IMS SIM holds data provided by the IMS Operator, generally the same operator that would provide USIM services that would allow to camp on the 3G or LTE network.
Private User Identity: This identifies the user uniquely with the IMS operator and is used when the user registers with the IMS network. This is used by the operator to check the subscription and which services the user can avail of.
Public User Identity: A user can have multiple public identities that can be used for different services. To avail a particular service, user has to register with the particular public identity that has been allowed for that service.
Security Keys: Security keys are used for authentication to the IMS Network.
Home Network Domain Name: This is the name of the entry point that the user uses to register. This makes sure that a users request is sent to the Home Network.
Access Rule Reference: This is used to store information about which personal identification number needs verification for accessing a particular application
Address of P-CSCF: If it is not possible do dynamically find the Proxy-Call Session Control Function then this address is helpful
Administrative Data: Some of this could be operator specific proprietary information
Monday, 12 December 2011
Wednesday, 16 February 2011
Wednesday, 29 September 2010
I read Comprion's recent press release with regards to Micro-SIM.
As mobile devices get more and more complex, the components used become smaller and smaller. With the launch of the new LTE Test (U)SIM supporting the 3FF format, also known as Micro-SIM or Mini-UICC, COMPRION is responding to this trend. The LTE Test (U)SIM in the Mini-UICC format is only half the size of a regular Plug-In card and can be used in very small mobile devices.
Just like COMPRION's first released LTE Test (U)SIM, this new 128K/J LTE Test (U)SIM includes all new LTE data fields up to Release 9. The card has three applications implemented: a Test SIM; a Test USIM; and a Test ISIM. The Test (U)SIM also supports the three voltage classes 1.8V, 3V and 5V. Standardised commands such as "Resize" (for extending the size of a data field) and "Create" (for creating new data fields) are supported. The Test Card's flexibility and feature range enable the user to comprehensively examine the functionality of an LTE mobile device without having access to a live LTE network.
To ensure backwards compatibility to the Plug-In format, COMPRION also offers a Mini-UICC Adapter to turn the Mini-UICC into the Plug-In format. Hence, the Mini-UICC can also be used in today's mobile phones.
Its interesting to see that the new SIM is around half the size of the original and provides the same functionality. Sign of devices and components evolving.
The embedded presentation though old may be of intereste as it shows the difference between SIM, UICC and the 3FF
Tuesday, 28 September 2010
With SIMFi, you can convert a phone into a WiFi hotspot. The phone would use HSPA/LTE for data connectivity and at the same time it would broadcast WiFi signals for any equipment to connect to these signals and browse the web. Power consumption information have not been mentioned which I am sure would be a problem for the phone.
SIMFi Removes the need for additional accessories to facilitate transmission services (e.g. MiFi, USB modem, PCMCIA…) and can make connectivity a lot simpler, straigtforward and cheaper.
- SIM card compatible with the latest telecom specifications.
- SIM card: ISO 2FF plug-in
- The mobile phone does not need any special features.
- Modem WiFi integrated in the SIM card, works with 802.11b.
- The modem is guided by the SIM card's tools.
- Energy-saving features (works with 2G and 3G).
- The aerial is adaptable, allowing short- and long-range operations (from 2 cm to 30 m) managed by the SIM card's tools.
Thursday, 3 June 2010
Advanced IP Interconnection of Services
Release 11 Studies
Study on IMS based Peer-to-Peer Content Distribution Services
Objectives of this study item are:
Without technical alternative to using public numbering resources as addresses, and considering the current forecasts and pending applications for numbers made to numbering plan administration agencies, there is a significant risk that some national numbering/dialling plans will run out of numbers in the near future, which would impact not only these M2M services but also the GSM/UMTS service providers in general.
The Objective is to determine an alternative to identify individual devices and route messages between those devices. Requirements for this alternative include:
Thursday, 11 February 2010
In good old days of GSM, SIM was physical card with GSM "application" (GSM 11.11)
In the brave new world of 3G+, UICC is the physical card with basic logical functionality (based on 3GPP TS 31.101) and USIM is 3G application on a UICC (3GPP TS 31.102). The UICC can contain multiple applications like the SIM (for GSM), USIM and ISIM (for IMS). There is an interesting Telenor presentation on current and future of UICC which may be worth the read. See references below.
UICC was originally known as "UMTS IC card". The incorporation of the ETSI UMTS activities into the more global perspective of 3GPP required a change of this name. As a result this was changed to "Universal Integrated Circuit Card". Similarly USIM (UMTS Subscriber Identity Module) changed to Universal Subscriber Identity Module.
The following is from the 3G Americas Whitepaper on Mobile Broadband:
UICC (3GPP TS 31.101) remains the trusted operator anchor in the user domain for LTE/SAE, leading to evolved applications and security on the UICC. With the completion of Rel-8 features, the UICC now plays significant roles within the network.
Some of the Rel-8 achievements from standards (ETSI, 3GPP) are in the following areas:
USIM (TS 31.102)
With Rel-8, all USIM features have been updated to support LTE and new features to better support non-3GPP access systems, mobility management, and emergency situations have been adopted.
The USIM is mandatory for the authentication and secure access to EPC even for non-3GPP access systems. 3GPP has approved some important features in the USIM to enable efficient network selection mechanisms. With the addition of CDMA2000 and HRPD access technologies into the PLMN, the USIM PLMN lists now enable roaming selection among CDMA, UMTS, and LTE access systems.
Taking advantage of its high security, USIM now stores mobility management parameters for SAE/LTE. Critical information like location information or EPS security context is to be stored in USIM rather than the device.
USIM in LTE networks is not just a matter of digital security but also physical safety. The USIM now stores the ICE (In Case of Emergency) user information, which is now standardized. This feature allows first responders (police, firefighters, and emergency medical staff) to retrieve medical information such as blood type, allergies, and emergency contacts, even if the subscriber lies unconscious.
3GPP has also approved the storage of the eCall parameters in USIM. When activated, the eCall system establishes a voice connection with the emergency services and sends critical data including time, location, and vehicle identification, to speed up response times by emergency services. ECalls can be generated manually by vehicle occupants or automatically by in-vehicle sensors.
TOOLKIT FEATURES IMPROVEMENT (TS 31.111)
New toolkit features have been added in Rel-8 for the support of NFC, M2M, OMA-DS, DM and to enhance coverage information.
The contactless interface has now been completely integrated with the UICC to enable NFC use cases where UICC applications proactively trigger contactless interfaces.
Toolkit features have been updated for terminals with limited capabilities (e.g. datacard or M2M wireless modules). These features will be notably beneficial in the M2M market where terminals often lack a screen or a keyboard.
UICC applications will now be able to trigger OMA-DM and DS sessions to enable easier device support and data synchronization operations, as well as interact in DVB networks.
Toolkit features have been enriched to help operators in their network deployments, particularly with LTE. A toolkit event has been added to inform a UICC application of a network rejection, such as a registration attempt failure. This feature will provide important information to operators about network coverage. Additionally, a UICC proactive command now allows the reporting of the signal strength measurement from an LTE base station.
Rel-8 defined a multimedia phone book (3GPP TS 31.220) for the USIM based on OMA-DS and its corresponding JavaCard API (3GPP TS 31.221).
REMOTE MANAGEMENT EVOLUTION (TS 31.115 AND TS 31.116)
With IP sessions becoming prominent, an additional capability to multiplex the remote application and file management over a single CAT_TP link in a BIP session has been completed. Remote sessions to update the UICC now benefit from additional flexibility and security with the latest addition of the AES algorithm rather than a simple DES algorithm.
CONFIDENTIAL APPLICATION MANAGEMENT IN UICC FOR THIRD PARTIES
The security model in the UICC has been improved to allow the hosting of confidential (e.g. third party) applications. This enhancement was necessary to support new business models arising in the marketplace, with third party MVNOs, M-Payment and Mobile TV applications. These new features notably enable UICC memory rental, remote secure management of this memory and its content by the third party vendor, and support new business models supported by the Trusted Service Manager concept.
SECURE CHANNEL BETWEEN THE UICC AND TERMINAL
A secure channel solution has been specified that enables a trusted and secure communication between the UICC and the terminal. The secure channel is also available between two applications residing respectively on the UICC and on the terminal. The secure channel is applicable to both ISO and USB interfaces.
RELEASE 9 ENHANCEMENTS: UICC: ENABLING M2M AND FEMTOCELLS
The role of femtocell USIM is increasing in provisioning information for Home eNodeB, the 3GPP name for femtocell. USIMs inside handsets provide a simple and automatic access to femtocells based on operator and user-controlled Closed Subscriber Group list.
Work is ongoing in 3GPP for the discovery of surrounding femtocells using toolkit commands. Contrarily to macro base stations deployed by network operators, a femtocell location is out of the control of the operator since a subscriber can purchase a Home eNodeB and plug it anywhere at any time. A solution based on USIM toolkit feature will allow the operator to identify the femtocells serving a given subscriber. Operators will be able to adapt their services based on the femtocells available.
The upcoming releases will develop and capitalize on the IP layer for UICC remote application management (RAM) over HTTP or HTTPS. The network can also send a push message to UICC to initiate a communication using TCP protocol.
Additional guidance is also expected from the future releases with regards to the M2M dedicated form factor for the UICC that is currently under discussion to accommodate environments with temperature or mechanical constraints surpassing those currently specified by the 3GPP standard.
Some work is also expected to complete the picture of a full IP UICC integrated in IP-enabled terminal with the migration of services over EEM/USB and the capability for the UICC to register on multicast based services (such as mobile TV).
- Business perspective and Mobile service offer through Future SIM - Telenor (http://www.ux.uis.no/atc08/workshop/Larsen.pdf)
- The role of the UICC in Long Term Evolution all IP networks - Gemalto (http://www.gemalto.com/telecom/download/lte_gemalto_whitepaper.pdf)
- Technical White Paper: Smart Card in IMS - 3G Americas (http://www.3gamericas.org/documents/GEM_WP_IMS.pdf)
- 3GPP TS 31.101: UICC-terminal interface; Physical and logical characteristics (http://www.3gpp.org/ftp/Specs/archive/31_series/31.101/)
- 3GPP TS 31.102: Universal Subscriber Identity Module (USIM) application (http://www.3gpp.org/ftp/Specs/archive/31_series/31.102/)
- 3GPP TS 31.111: Universal Subscriber Identity Module (USIM) Application Toolkit (USAT) (http://www.3gpp.org/ftp/Specs/archive/31_series/31.111/)
- 3GPP TS 31.115: Secured packet structure for (Universal) Subscriber Identity Module (U)SIM Toolkit applications (http://www.3gpp.org/ftp/Specs/archive/31_series/31.115/)
- 3GPP TS 31.116: Remote APDU Structure for (U)SIM Toolkit applications (http://www.3gpp.org/ftp/Specs/archive/31_series/31.116/)
- 3GPP TS 31.220: Characteristics of the Contact Manager for 3GPP UICC applications (http://www.3gpp.org/ftp/Specs/archive/31_series/31.220/)
- 3GPP TS 31.221: Contact Manager Application Programming Interface (API); Contact Manager API for Java Card™ (http://www.3gpp.org/ftp/Specs/archive/31_series/31.221/)
Wednesday, 8 July 2009
There are lots of interesting Questions and Answers. One interesting one is:
Does number portability mean that data within an AuC is compromised?
Not really. Number portability does not mean sensitive data from old AuC are transferred to the new AuC. The new operator will issue a new USIM which will have a new IMSI. Number portability only means that MSISDN is kept the same for others to call the mobile. The translation between MSISDN and IMSI is done at a national level register. Such a translation will identify the Home PLMN and the HLR that’s needs to be contacted for an incoming call.
That’s the theory and that’s how it should be done. It will be interesting to know how operators in India do this.
You can read all Q&A's here.
I wrote a tutorial on UMTS security many years back. Its available here.
Sunday, 23 November 2008
GeoSIM, an international SIM card supplier, now says that it has introduced the “SIM PIG”, a SIM-like chip that bypasses the network lock on mobile phones, thus enabling any SIM card from any network to be used in a locked handset.
I honestly do not know whether this is good or bad, but simply for my own personal reason it’s good. Recently I moved from one operator to another and decided to go pay as you go. Hence I wanted to use my old phone on the new service provider but couldn’t do so until I got my phone unlocked.
SIM PIG claims to be able to unlock iPhone, Windows Mobile, HTC, Nokia, Sony Ericsson, Blackberry and many more 3G handsets. It is inserted with the SIM card into the handsets SIM card slot. The PIG then dynamically bypasses the network lock on the mobile phone. The company says it does not affect any of the handset functionality and all features are maintained, nor it does not invalidate any warranty on the handset. Once SIM PIG is removed, the handset reverts back to its locked condition.
Using the SIM PIG does not require any technical knowledge and is quick and simple to insert. As the name suggests, SIM PIG SIMply PIGgy backs on to the SIM card when it is inserted to the handset.
So how does GeoSim is able to do this business of unlocking the phone or by passing the lock?
GeoSIM routes your dialling instruction away from the local operator and sends your call to the GeoSIM “Hub”. A few seconds after you make your call, your mobile phone will ring. You answer the “callback” and you will be connected to the person you wish to talk to.
- Dial the number you want to call.
- A few seconds after you dial, your handset will ring. Answer the “callback” from the GeoSIM Hub.
- You will then get connected to the number you are calling.
Hmmm very strange… I am really dying to know whether some body uses this method.
Do GeoSIM and SIM PIG work in the United States?
Are they fully “legal” here in UK or Europe? I don’t know…
Monday, 29 September 2008
Let me be clear that I fully support the SIM based option which gives you convinience to change handsets while keeping the same number and also easily move between different operators by getting Porting codes (PAC codes in UK) but sometimes when you are travelling or in between places the SIM free option allows you to use Pay as you Go services from the device of your choice. So rather than being tied down to the SIM you will be tied down to the device (Laptop or Handset).
If this option is not available it would still be possible by a service provider to provide you a service based on the device IMEI but the extra 'Access technology based' security would not be there. This means that you would be relying completely on the IP security which should generally not be an issue since this is not very different than what you would use in case of accessing web through your workplace or from a cafe. Also since this option requires extra customisation of LTE based technology which is not standardised by standards, service providers may be a bit reluctant to use this approach.
Alternatively, service providers may go for alternative technologies like WiMAX and WiFi. All laptops have WiFi inbuilt and it wont be long before WiMAX option is available. WiMAX dongles may come in handly for times like these. These technologies dont require any SIM cards so it may be simpler for people to use this.
By not providing the SIM-free option for LTE, there may not be much impact from Laptop users who dont care which technology they use as their hardware is generally capable of supporting quite a few options but it may impact the smartphone user market. These smartphone users who have time to kill on the airports or hotels may make use of their time by registering their phone to a local service provider and then making cheap international calls and browsing via their handset. They may not have to worry about hunting for cyber cafes and even if they find one worrying about the spyware, etc trying to grab passwords/pins on the PCs being used.
Over the next year we will have to wait and see if operators or device manufacturers or service providers are going to propose this option and once it is proposed it would be interesting to see how many people oppose it :)