A telecommunication includes a computing device and a mobile device. The computing device is in communication with a blockchain network, a subscription manager data preparation (SM-DP) platform, and the mobile device. The computing device is configured to perform a first set of operations. The first set of operations includes retrieving an identity token from the blockchain network. The identity token is a first non-fungible token uniquely identifying a user of the mobile device. The first set of operations further includes retrieving, from the SM-DP platform, an embedded subscriber identity module (eSIM) profile for the identity token from the blockchain network. The first set of operations further includes generating, via the blockchain network, a second non-fungible token. The second non-fungible token includes the eSIM profile. The mobile device is in communication with the blockchain network.

This application describes cellular service transfer mechanisms that can be used to convert cellular service credentials on a physical SIM (pSIM) card included in a wireless device to a newly downloaded electronic SIM (eSIM) on an embedded universal integrated circuit card (eUICC) of the wireless device. Transfer of the credentials for cellular service access can occur locally within the wireless device with authorization to transfer obtained from a mobile network operator (MNO) entitlement server associated with the pSIM. The new eSIM corresponding to the previously used pSIM can be downloaded to the eUICC from a provisioning server of the MNO.

A device can establish operational credentials for enabling the device to provide an attestation of the device's identity to another party, by performing a method comprising: obtaining bootstrap credentials from a hardware secure element or a trusted execution environment (TEE) of the device; using the bootstrap credentials to establish a secure session with an enrolment server; and via the secure session, establishing the operational credentials with the enrolment server.

This Application describes mechanisms to transfer cellular service plans and associated credentials efficiently between wireless devices. Information regarding transferability of cellular services for SIMs/eSIMs to a wireless device are obtained from locally stored or remotely accessible cellular service information and/or associated mobile network operator (MNO) information. Access to network-based servers to determine transferability and/or to effect transfer can use non-cellular connections when available. Transferability information can be presented to a user to narrow selection of cellular service plans to transfer.

A method of provisioning an eUICC of a mobile communication device. The method comprises sending a GSMA confirm order request from an eUICC provisioning application executing on a computer system to a SM-DP+ server, wherein the confirm order comprises an ICCID and a FQDN of a discovery server; in response to receiving a GSMA confirm order response indicating a failure of the discovery server, determining by the eUICC provisioning application that a mobile communication device associated with the ICCID is configured with an LPA application that is able to complete an alternative eSIM profile provisioning process using a scanning device to capture an activation code; generating an activation code by the eUICC provisioning application that encodes an address of the SM-DP+ server and the ICCID; and sending the activation code by the eUICC provisioning application to an email account associated with a user of the mobile communication device.

A method of operating a moving object having at least one identity device includes: setting authority for the at least one identity device which includes a master identity device and at least one slave identity device; transmitting a link request message to one among the at least one slave identity device; receiving a link response message from the slave identity device; and transmitting a link permission message indicating link permission to the slave identity device. The moving object is configured to be controlled by at least one of the master identity device or the first slave identity device.

A method, a device, and a non-transitory storage medium are described in which a dynamic C-DRX provisioning service is provided. The service may disable or enable discontinuous reception on a per end device application or network slice basis. The service may invoke an end device capability procedure to modify a discontinuous reception configuration of a network. The service may store information that correlates an application or network slice to a discontinuous reception setting.

Embodiments of this application provide an authentication method, device, and system, to resolve problems of wastage of performance and memory resources that may be caused by remaining n−1 unused authentication vectors (AVs). The method includes: receiving, by an authentication entity, n first authentication vectors from a unified data management entity, where n is a positive integer; generating, by the authentication entity, n second authentication vectors based on the n first authentication vectors; sending, by the authentication entity, one of the n second authentication vectors to a security anchor function entity; receiving, by the authentication entity, an authentication confirmation request from the security anchor function entity, and performing authentication confirmation on the terminal according to the authentication confirmation request; and sending, by the authentication entity, the other n−1 unused second authentication vectors in the n second authentication vectors to the security anchor function entity when the authentication confirmation succeeds.

Mobile devices are provisioned that do not have a direct communications path to a data network. A proximate device is discovered that is available for connecting to the mobile device via a peer-to-peer connection. The proximate device is determined to be trusted by the mobile device and usable to communicate to the data network A peer-to-peer connection is established with the proximate device. Identification data is provided to the proximate device, and an activation code is received. The mobile device communicates to the mobile network operator indicated by the activation code. Subscription credentials are received for accessing a mobile network operated by the mobile network operator.

A pause command is sent to a Subscriber Identity Module (SIM) card of a cellular device in response to detecting a cyberattack against the cellular device on the cellular network. To mitigate the cyberattack, the SIM card temporarily disconnects the cellular device from the cellular network for a pause time. The SIM card prohibits the cellular device from connecting to the cellular network during the pause time and automatically allows the cellular device to reconnect to the cellular network after the pause time.