Techniques, devices, and systems for receiving, from a mobile device, a request associated with a subscriber information module (SIM) are described herein. At least one of the mobile device, the SIM, or a communication identifier can be determined. A query can be transmitted, based on a difference between a first time associated with the query and a second time associated with a previous query meeting or exceeding a threshold amount of time. An action can be performed based on the query information being associated with the malicious activity information.

Techniques, devices, and systems for receiving, from a mobile device, a request associated with a subscriber information module (SIM) are described herein. At least one of the mobile device, the SIM, or a communication identifier can be determined. A query can be transmitted, based on a difference between a first time associated with the query and a second time associated with a previous query meeting or exceeding a threshold amount of time. An action can be performed based on the query information being associated with the malicious activity information.

A computer-implemented system and method for secure authentication of IoT devices are disclosed. The method for secure authentication of IoT devices comprises establishing a network connection with a network operator server via a control channel, establishing identity of the network operator server using a pre-shared server key from one or more of pre-shared server keys, establishing identity of the IoT device using a pre-shared client key from one or more of pre-shared client keys and cryptographically generating a session key for a network session to allow secure data exchange between the network operator server and the IoT device. The cryptographically generated session key is used for securely authenticating application running on the authenticated IoT device.

The invention is concerned with improvements in mobile communications, and especially with improvements in bonding communications simultaneously utilising multiple mobile networks. It may be embodied in a mobile device (12a, 12b, 12c). The mobile device (12) has a plurality of mobile network interface units (22a, 22b, 22c) each of which is configurable to connect to each of a group of mobile networks (16a, 16b, 16c). The mobile device (12) comprises at least one digital processing device implementing allocation logic which allocates each mobile network unit to one of the mobile networks (16a, 16b, 16c) and causes each mobile network interface unit (22a, 22b, 22c) to be configured to connect to the network (16a, 16b, 16c) to which it is allocated. The allocation logic serves to allocate the mobile network units (22a, 22b, 22c) to the mobile networks (16a, 16b, 16c) based on operating parameters, and to re-allocate the mobile network interface units (22a, 22b, 22c) in response to changes in the operating parameters, causing the mobile network units (22a, 22b, 22c) to be re-configured such as to disconnect from one mobile network and connect to another mobile network.

A method for obtaining a command relating to a network access profile of an eUICC security module incorporated into a communication device and associated with a physical identifier. The communication terminal: obtains the physical identifier and an anonymous identifier of the security module is calculated from the physical identifier and a random parameter; transmits a request to obtain the command, via an “operator server”, to a “preparation server”, the request to obtain including the anonymous identifier of the security module; obtains the random parameter and calculates the anonymous identifier from the physical identifier of the security module and the random parameter; and sends, to a “discovery server”, a request to obtain information intended to obtain the command, this request to obtain information including the anonymous identifier, in order to obtain, in response, from the discovery server, an address of the preparation server.

There is presented mechanisms for profile handling of a communications device (300). A method is performed by a local profile assistant (200a) of a proxy device (200). The method comprises obtaining an indication of handling a profile of the communications device (300). The method comprises establishing a first secure communications link with a local profile assistant of the communications device. The method comprises establishing a second secure communications link with a subscription management entity (430) of the communications device. The method comprises receiving information pertaining to handling of the profile by the local profile assistant of the communications device, the information being received from the subscription management entity over the second secure communications link. The method comprises providing the information to the local profile assistant of the communications device over the first secure communications link.

A communication method includes receiving a first message of a Short Message Service containing a first command that requests execution of a proactive command. The first message is decrypted according to protocol SCP80 to extract the first command. The execution of the proactive command is requested in order to obtain a response to the proactive command. A second message of the Short Message Service is transmitted to the remote server and indicates that the response to the proactive command has been obtained. A third message of the Short Message Service is received and contains a second command from the remote server. The third message is decrypted according to the protocol SCP80. A response message is generated as a function of the response and encrypted according to the protocol SCP80 to generate a fourth message of the Short Message Service transmitted to the remote server.

Systems and methods for detecting and interfering with compromised devices and unauthorized device relocation in a communication network are disclosed. The described embodiments may be deployed in a content delivery network where receivers have been compromised in a manner that renders the conditional access system (CAS) inoperative at controlling the receivers' ability to receive content. In some embodiments, alternate commands not protected by the CAS system may be used to detect hacked devices and interdict same. In some embodiments, service devices in the content delivery network may allow for detection of unauthorized device relocation.

Implementations of a system and method of generating and using bilaterally generated variable instant passwords are disclosed. The system is used to secure electronic transactions (e.g., an auction in which one or more bidders are unknown to the auctioneer). In this system an Internet Service Provider (ISP), on request from a USER (e.g., a bidder), facilitates an authentication process with a SERVICE PROVIDER (e.g., an auctioneer). The SERVICE PROVIDER may send a sub-folder, containing a USER name, a temporary sub variable character set, and a CALL, to the USER through the ISP. The password used to access the sub-folder is transmitted directly to the USER by the SERVICE PROVIDER. The USER gets authenticated to the SERVICE PROVIDER by using the USER name, the temporary sub variable character set, and the CALL retrieved from the sub-folder. After USER's authentication, further transactions (e.g., bids) are performed using a password for each transaction.

The present disclosure relates to a communication technique that combines a 5G communication system for supporting a data rate that is higher than that of a beyond 4G system with IoT technology, and a system thereof. The present disclosure may be applied to intelligent services on the basis of 5G communication technology and IoT related technology, such as smart home, smart building, smart city, smart car or connected car, health care, digital education, retail, security and safety related services. Disclosed is a method for causing a cellular network itself to receive provisioning of a SIM profile to make it possible to use a normal cellular network service.