In some implementations, (i) audio data representing a voice command spoken by a speaker and (ii) a speaker identification result indicating that the voice command was spoken by the speaker are obtained. A voice action is selected based at least on a transcription of the audio data. A service provider corresponding to the selected voice action is selected from among a plurality of different service providers. One or more input data types that the selected service provider uses to perform authentication for the selected voice action are identified. A request to perform the selected voice action and (i) one or more values that correspond to the identified one or more input data types are provided to the service provider.

In some implementations, (i) audio data representing a voice command spoken by a speaker and (ii) a speaker identification result indicating that the voice command was spoken by the speaker are obtained. A voice action is selected based at least on a transcription of the audio data. A service provider corresponding to the selected voice action is selected from among a plurality of different service providers. One or more input data types that the selected service provider uses to perform authentication for the selected voice action are identified. A request to perform the selected voice action and (i) one or more values that correspond to the identified one or more input data types are provided to the service provider.

The invention concerns a method for transmitting a subscription profile from a MNO to a secure element cooperating with a terminal, the secure element being pre-provisioned with a temporary profile comprising a unique identifier, a first MCC and a first MNC, the method comprising: Transmitting from a POS of the MNO the unique identifier of the secure element to a SM-DP; Creating or reserving the subscription profile at the SM-DP; Provisioning in a D-HSS server having the first MCC/MNC the unique identifier and a temporary IMSI comprising a second MCC, a second MNC; Provisioning in the HSS of the MNO the temporary IMSI and an ephemeral Ki; At the first attempt of the secure element to connect to the D-HSS server with its temporary profile, exchanging data in signaling messages between the secure element and the D-HSS for provisioning the secure element with the temporary IMSI; At the next attempt of the secure element to connect to the MNO network with the temporary IMSI, open an APN and send from the SM-DP to the secure element the subscription profile.

A device may receive, from a user device associated with a user and located at a location, a request to access a service, and may provide, based on the request, an authorization request to an authentication system. The device may receive an authorization code from the authentication system, and may request an access token from an authorization system. The device may receive the access token, and may request user information from the authorization system. The device may receive the user information, a first confidence score, and a second confidence score, and may perform a geofence analysis of the location to generate a third confidence score. The device may determine whether the request is genuine or fraudulent based on the user information, the first confidence score, the second confidence score, and the third confidence score, and may approve or deny the request based on whether the request is genuine or fraudulent.

For example, a Federated Authentication Service (FAS) server may be configured to register the FAS server with a wireless communication roaming federation service; to authenticate a user of a mobile device according to a network authentication protocol of the wireless communication roaming federation service, e.g., over a Remote Authentication Dial-In User Service (RADIUS) over Transport Layer Security (RADSec) tunnel between the FAS server and an Access Network Provider (ANP); to identify an Identity Provider (IDP) for the user based on user information for the user received from the ANP via the RADSec tunnel; to trigger user authentication of the user with the IDP for the user via an authentication interface between the FAS server and the IDP for the user; and based on a determination that the user is successfully authenticated with the IDP for the user, to send an authentication success message to the ANP via the RADSec tunnel.

For example, a Federated Authentication Service (FAS) server may be configured to register the FAS server with a wireless communication roaming federation service; to authenticate a user of a mobile device according to a network authentication protocol of the wireless communication roaming federation service, e.g., over a Remote Authentication Dial-In User Service (RADIUS) over Transport Layer Security (RADSec) tunnel between the FAS server and an Access Network Provider (ANP); to identify an Identity Provider (IDP) for the user based on user information for the user received from the ANP via the RADSec tunnel; to trigger user authentication of the user with the IDP for the user via an authentication interface between the FAS server and the IDP for the user; and based on a determination that the user is successfully authenticated with the IDP for the user, to send an authentication success message to the ANP via the RADSec tunnel.

The present disclosure relates to data transmission methods and devices. One example data transmission method relates to a primary network device, a secondary network device, and a terminal device. When a carrier change occurs (for example, the secondary network device is to be added, the secondary network device is to be deleted, or the secondary network device is to be changed), the primary network device sends a first message to the terminal device. Before the carrier change, the terminal device performs data encryption and decryption by using a key of the primary network device. The first message indicates the terminal device to still perform, after the carrier change, data encryption and decryption by using the key that is of the primary network device and that is stored in the terminal device.

A server may communicate with a mobile device and/or a reader device via an Internet connection. The server may be configured to generate a credential and transmit the credential to the mobile device. The mobile device may use the credential in an access control system, a payment system, a transit system, a vending system, or the like.

Systems, methods, and related technologies for device software monitoring and device software updating are described. In certain aspects, a device is selected based on being a smart device and a software version of associated with the software of the device is determined. The device software may then be automatically updated if newer software is available.

A method, performed by a terminal, of negotiating an embedded universal integrated circuit card (eUICC) version in a wireless communication system includes: establishing a hypertext transfer protocol over secure socket layer (HTTPS) connection with a server transmitting eUICC information including information about the eUICC version to the server through the HTTPS connection; and receiving server information corresponding to the eUICC information from the server, wherein the information about the eUICC version includes a minimum eUICC version and a maximum eUICC version that are available when the terminal accesses the server.