Systems, methods, and apparatuses for location-based automated authentication are disclosed. A system comprises a mobile device, a sensor and a backend platform. The sensor and the backend platform are in network communication. The mobile device is operable to continuously transmit Bluetooth Low Energy (BLE) signals comprising encrypted transitory identifiers. The sensor is operable to receive a BLE signal from the mobile device when the mobile device is within a predetermined range, and communicate over a network connection the encrypted transitory identifier comprised in the BLE signal to the backend platform. The backend platform is operable to extract a unique identifier and a changing encrypted identifier from the received encrypted transitory identifier, generate a changing encrypted identifier, and validate a user identification by comparing the generated changing encrypted identifier and the extracted changing encrypted identifier.

Systems, methods, and apparatuses for location-based automated authentication are disclosed. A system comprises a mobile device, a sensor and a backend platform. The sensor and the backend platform are in network communication. The mobile device is operable to continuously transmit Bluetooth Low Energy (BLE) signals comprising encrypted transitory identifiers. The sensor is operable to receive a BLE signal from the mobile device when the mobile device is within a predetermined range, and communicate over a network connection the encrypted transitory identifier comprised in the BLE signal to the backend platform. The backend platform is operable to extract a unique identifier and a changing encrypted identifier from the received encrypted transitory identifier, generate a changing encrypted identifier, and validate a user identification by comparing the generated changing encrypted identifier and the extracted changing encrypted identifier.

A non-SI device (120) is arranged for wireless communication (130) and cooperates with an SI device (110) having access to a subscriber identity. The non-SI device has a transceiver (121) to communicate in a local network and a processor (122) to establish an association with the SI. A non-SI public key is provided to the SI device via a first communication channel. A verification code is shared with the SI device via a second communication channel. The channels are different and include an out-of-band channel (140). Proof of possession of a non-SI private key is provided to the SI device via the first or the second communication channel. From the SI device, security data is received that is related to the SI and is computed using the non-SI public key. The security data reliably enables the non-SI device to access the core network via the local network and a gateway between the local network and the core network.

A non-SI device (120) is arranged for wireless communication (130) and cooperates with an SI device (110) having access to a subscriber identity. The non-SI device has a transceiver (121) to communicate in a local network and a processor (122) to establish an association with the SI. A non-SI public key is provided to the SI device via a first communication channel. A verification code is shared with the SI device via a second communication channel. The channels are different and include an out-of-band channel (140). Proof of possession of a non-SI private key is provided to the SI device via the first or the second communication channel. From the SI device, security data is received that is related to the SI and is computed using the non-SI public key. The security data reliably enables the non-SI device to access the core network via the local network and a gateway between the local network and the core network.

Disclosed examples include accessing a search term from a client device; accessing a first identifier, the first identifier corresponding to a first database proprietor, the first identifier to access first user information corresponding to a user of the client device; accessing a second identifier, the second identifier corresponding to a second database proprietor, the second identifier to access second user information corresponding to the user of the client device; providing the search term, the first identifier, and the second identifier in a message; and transmitting the message to a server.

Electronic subscriber identity modules (eSIM) can be more susceptible to hackers and more vulnerable than physical subscriber identity modules. The current disclosure discusses systems and methods to facilitate eSIM security by utilizing a management software application (MSA) hosted on a mobile device. This MSA can cross-reference eSIM registration data with mobile device signature data to determine if the correct user identity is associated with mobile device prior to an eSIM being issued to the mobile device. Additionally, various degrees of data flagging can be utilized to allow an end user to properly address an indication of mobile device vulnerability.

Electronic subscriber identity modules (eSIM) can be more susceptible to hackers and more vulnerable than physical subscriber identity modules. The current disclosure discusses systems and methods to facilitate eSIM security by utilizing a management software application (MSA) hosted on a mobile device. This MSA can cross-reference eSIM registration data with mobile device signature data to determine if the correct user identity is associated with mobile device prior to an eSIM being issued to the mobile device. Additionally, various degrees of data flagging can be utilized to allow an end user to properly address an indication of mobile device vulnerability.

In order to ensure that a Subscription Concealed Identifier, SUCI, is calculated in the Universal Subscriber Identity Module, USIM, part of a User Equipment, UE, when intended, when a SUCI-Calculation-Indicator is set to a value indicating that the SUCI should be calculated in the USIM, a network node sets proprietary information, which is not known to a Mobile Equipment, ME, part of the UE, as required for calculation of the SUCI. The USIM facilitates calculation of the SUCI in the ME part of the UE only when the SUCI-Calculation-Indicator is set to a value indicating that the SUCI should be calculated in the ME. When the SUCI-Calculation-Indicator is set to a value indicating that the SUCI should be calculated in the USIM, the ME part deletes any locally stored information required for calculation of the SUCI.

In order to ensure that a Subscription Concealed Identifier, SUCI, is calculated in the Universal Subscriber Identity Module, USIM, part of a User Equipment, UE, when intended, when a SUCI-Calculation-Indicator is set to a value indicating that the SUCI should be calculated in the USIM, a network node sets proprietary information, which is not known to a Mobile Equipment, ME, part of the UE, as required for calculation of the SUCI. The USIM facilitates calculation of the SUCI in the ME part of the UE only when the SUCI-Calculation-Indicator is set to a value indicating that the SUCI should be calculated in the ME. When the SUCI-Calculation-Indicator is set to a value indicating that the SUCI should be calculated in the USIM, the ME part deletes any locally stored information required for calculation of the SUCI.

Systems and methods are provided for a media provider to allow a user to access media objects with a third-party partner that authenticates the user and authorizes the user to access certain media objects. The media provider offers access to media objects, such as video content or audio content. The partner, through a relationship with the media provider, similarly offers access to the media provider's media objects, for example, as a service or benefit to the partner's customers or users. In particular, a partner integration server mediates user authentication and authorization by the partner. The partner integration server also allows the media provider to easily and flexibly to add and integrate additional partners.