Apparatuses, methods, and systems are provided for securely configuring a Java Card virtual machine operating on a cellular device's application processor. In one embodiment, a connected device with an integrated cellular modem, a virtual universal integrated circuit chip and an integrated fingerprint scanner are used. In another embodiment, the cellular device's built-in camera is used, instead of an integrated fingerprint scanner, to capture the user's facial image.

A user device (10) provides a subscriber with access to a network service. The user device (10) determines service-specific key material and charging-specific key material. The user device (10) determines a charging record indicating usage of the network service by the subscriber and associates the charging record with first authentication information based on the charging-specific key material. The user device (10) generates at least one message including the charging record and the associated first authentication information. The user device (10) associates the at least one message with second authentication information based on the service-specific key material. The user device (10) sends the at least one message to a first network node (150) which is incapable of relating the charging-specific key material or the service-specific key material to a subscriber identity of the subscriber. The first network node (150) receives the at least one message and the associated second authentication information from the user device (10) and authenticates the at least one message based on the service-specific key material and the second authentication information. In response to authenticating the at least one message, the first network node forwards the charging record and the associated first authentication information to a second network node (120). The second network node (120) is capable of relating the charging-specific key material to the subscriber identity of the subscriber. The second network node (120) receives the charging record and the associated first authentication information from the first network node (150) and authenticates the charging record based on the charging-specific key material and the first authentication information. In response to authenticating the charging record, the second network node (120) controls charging of the network service.

A notification is received from a user device indicating that an embedded subscriber identity module (eSIM) profile is deleted from an embedded universal integrated circuit card (eUICC) of the user device, in which the eUICC has a particular eUICC identifier (ID). The profile state of the eSIM profile is transitioned from a state of in use to a state of suspended. A billing function is then notified that the eSIM profile is deleted from the eUICC of the user device and the suspended state of the eSIM profile. If the billing function determines that the eSIM profile is active for billing a subscriber for telecommunication services, the profile state of the eSIM profile is transitioned from suspended to released for reuse solely by the eUICC with the particular eUICC ID. However, if the billing function determines that the eSIM profile is inactive, the profile state of the eSIM profile is transitioned from suspended to available for use by any eUICC.

A multiple subscriber identity module cards (multi-SIM) resource management method, device and multi-SIM terminal. The method comprises: acquiring a subscriber identity module card list in a terminal, the subscriber identity module card list comprising all subscriber identity module cards in the terminal; and if a remaining quantity of a service resource on a subscriber identity module card currently used in the terminal is less than or equal to a preset remaining quantity threshold, then automatically switching to a subscriber identity module card having a sufficient service resource and in the subscriber identity module card list.

A method for validating UE location includes receiving, at a network gateway, a signaling message for updating a location of a UE with a mobile communications network. A first indication of user equipment location is extracted from the signaling message. One of: a cloud-based UE location database containing UE location information obtained from a UE location reporting application resident on the UE, a cloud-based loyalty card transaction database containing loyalty card transaction records indexed by UE identifiers, and a mobile location center (MLC) that obtains UE location information by requesting or receiving the UE location information from a mobility management entity (MME) is queried to obtain a second indication of location of the UE. It is determined from a relationship between the first and second indications of location of the UE that the signaling message is suspicious. In response to determining that the signaling message is suspicious, a policy rule is applied to processing of the signaling message.

A method and system of restoring a functionality of a mobile user device. A lock screen is displayed on the display of the user device. An international mobile subscriber identity (IMSI) of a subscriber identity module (SIM) card presently installed in the user device is determined. The IMSI is sent to a Remote Recovery Server (RRS). A message is received from the RRS indicating whether the IMSI is authorized for the user device and whether an account of the user device is replenished at least in part. Upon determining that the IMSI is authorized for the user device and the account of the user device is replenished at least in part, at least one function that was previously restricted is restored.

An apparatus is removably attachable to an electronic device associated with wireless communication. The apparatus includes an operational circuitry which includes contact means, memory means and data processing means. The contact means is for electrical coupling between the electronic device and the operational circuitry. The memory means is capable of storing subscriber-identity-module-specific data of at least two subscriber identity module associated with at least one operator of wireless communication for causing the apparatus to act as a plurality of the subscriber identity modules of the at least one operator when in use.

Methods, devices, and servers for as-needed update of a trusted list are provided herein. An electronic subscriber identity module (eSIM) server receives a request for an eSIM of a particular type from a wireless device. The eSIM server evaluates the particular type and requests an eSIM of the particular type from a second eSIM server, which is not initially trusted by a secure element (SE) of the wireless device. The eSIM server sends a policy update to the wireless device. The wireless device passes the policy update to the SE, for example, a universal integrated circuit card (UICC). The UICC updates the trusted list with an identity of the second eSIM server. When the wireless device downloads a bound profile package (BPP) containing an eSIM from the second eSIM server, the UICC validates the BPP based on the updated trusted list. The eSIM is then installed on the UICC.

Apparatuses, methods, and systems are provided for securely configuring a Java Card virtual machine operating on a cellular device's application processor. In one embodiment, a connected device with an integrated cellular modem, a virtual universal integrated circuit chip and an integrated fingerprint scanner are used. In another embodiment, the cellular device's built-in camera is used, instead of an integrated fingerprint scanner, to capture the user's facial image.

A user device (10) provides a subscriber with access to a network service. The user device (10) determines service-specific key material and charging-specific key material. The user device (10) determines a charging record indicating usage of the network service by the subscriber and associates the charging record with first authentication information based on the charging-specific key material. The user device (10) generates at least one message including the charging record and the associated first authentication information. The user device (10) associates the at least one message with second authentication information based on the service-specific key material. The user device (10) sends the at least one message to a first network node (150) which is incapable of relating the charging-specific key material or the service-specific key material to a subscriber identity of the subscriber. The first network node (150) receives the at least one message and the associated second authentication information from the user device (10) and authenticates the at least one message based on the service-specific key material and the second authentication information. In response to authenticating the at least one message, the first network node forwards the charging record and the associated first authentication information to a second network node (120). The second network node (120) is capable of relating the charging-specific key material to the subscriber identity of the subscriber. The second network node (120) receives the charging record and the associated first authentication information from the first network node (150) and authenticates the charging record based on the charging-specific key material and the first authentication information. In response to authenticating the charging record, the second network node (120) controls charging of the network service.