A METHOD FOR CONNECTING A SECURE ELEMENT TO A NETWORK OF A MOBILE NETWORK OPERATOR AND CORRESPONDING SECURE ELEMENT
20220070813 · 2022-03-03
Assignee
Inventors
Cpc classification
H04W12/35
ELECTRICITY
H04L2101/654
ELECTRICITY
International classification
Abstract
A method for connecting a secure element to a network of a first mobile network operator using an ephemeral first IMSI, in order to get a second IMSI, from the first mobile network operator, includes: Selecting a first radio serving network, the first selected network being not listed in the Forbidden VPLMN list of the secure element; Sending a REGISTER REQUEST message comprising the first IMSI to the first selected network; If the first selected network does not route the message to the network of the first mobile network operator, stop trying to register with the first selected network and put the MCC/MNC codes of the first selected network in the Forbidden VPLMN list of the secure element; Searching for a another network to register with; and Repeat the foregoing steps until a network routes the first IMSI to the network of the first mobile network operator.
Claims
1. A method for connecting a secure element cooperating with a device to a network of a first mobile network operator with an ephemeral first IMSI, said first IMSI being stored in said secure element, in order to get a second IMSI, from said first mobile network operator, said method comprising: A—Selecting by said device a first radio serving network after executing the 3GPP network selection procedure, said first selected network being not listed in a Forbidden VPLMN list of said secure element; B—Sending by said device a REGISTER REQUEST message comprising said first IMSI to said first selected network; C—If said first selected network does not route said message to the network of said first mobile network operator, stop trying to register said first selected network and put MCC/MNC codes of said first selected network in said Forbidden VPLMN list of said secure element; D—Searching by said device for a another network with the 3GPP network selection procedure to register with; and E—Repeat steps A to D until a network routes said first IMSI to the network of said first mobile network operator.
2. A method according to claim 1 wherein said secure element is an e-UICC or an i-UICC.
3. A method according to claim 1, wherein, when steps A to E do not permit said secure element to get said second IMSI, sending, to a roaming hub mobile network operator partner having different MNC or different MCC codes from said first IMSI, said REGISTER REQUEST message comprising said different MNC or different MCC codes.
4. A secure element containing software comprising instructions for performing the following steps for connecting said secure element cooperating with a device to a network of a first mobile network operator with an ephemeral first IMSI, said first IMSI being stored in said secure element, in order to get a second IMSI, from said first mobile network operator, said steps comprising: A—Selecting by said device a first radio serving network after executing a 3GPP network selection procedure, said first selected network being not listed in Forbidden VPLMN list of said secure element; B—Sending by said device a REGISTER REQUEST message comprising said first IMSI to said first selected network; C—If said first selected network does not route said message to said network of said first mobile network operator, stop trying to register with said first selected network (VPLMN) and put the MCC/MNC codes of said first selected network in said Forbidden VPLMN list of said secure element; D—Searching by said device for a another network with the 3GPP network selection procedure to register with; and E—Repeat steps A to D until a network routes said first IMSI to the network of said first mobile network operator.
5. A secure element according to claim 4 wherein said secure element is an e-UICC or an i-UICC.
6. A secure element according to claim 4 wherein, when steps A to E do not permit said secure element to get said second IMSI, sending, to a roaming hub MNO partner having different MNC or different MCC codes from said first IMSI, said REGISTER REQUEST message comprising said different MNC or different MCC codes.
Description
[0017] The invention proposes a solution to this problem.
[0018] More precisely, the invention proposes to detect a MNO rejection mechanism (from a first selected network) and move the terminal on another network that can route the secure element to a network of a first MNO able to provide it with a permanent IMSI.
[0019] In this respect, the invention proposes a method for connecting a secure element cooperating with a device to a network of a first mobile network operator thanks to an ephemeral IMSI (e-IMSI), called first IMSI, the first IMSI being stored in the secure element, in order to get another IMSI (t-IMSI), called second IMSI, from the first mobile network operator, the method comprising:
[0020] A—Selecting by the device the radio serving network (VPLMN) after executing the 3GPP network selection procedure, called first selected network, the first selected network being not listed in the Forbidden VPLMN list (FPLMN) of the secure element;
[0021] B—Sending by the device a REGISTER REQUEST message comprising the first IMSI (e-IMSI) to the first selected network;
[0022] C—If the first selected network (VPLMN) does not route the message to the network of the first mobile network operator, stop trying to register to the first selected network (VPLMN) and put the MCC/MNC codes of the first selected network (VPLMN) in the Forbidden VPLMN list (FPLMN) of the secure element;
[0023] D—Searching by the device for a another network with the 3GPP network selection procedure to register on;
[0024] E—Repeat steps A to D until a network routes the first IMSI (e-IMSI) to the network of the first mobile network operator.
[0025] The secure element is preferably an e-UICC or an i-UICC.
[0026] Advantageously, in case steps A to E do not permit the secure element to get the second IMSI (t-IMSI), the invention proposes to send to a roaming hub mobile network operator partner having different MNC or different MCC codes from the first IMSI (e-IMSI) the REGISTER REQUEST message comprising the different MNC or different MCC codes.
[0027] The invention also concerns a secure element comprising a software comprising instructions for performing the following steps for connecting the secure element cooperating with a device to a network of a first mobile network operator thanks to an ephemeral IMSI (e-IMSI), called first IMSI, the first IMSI being stored in the secure element, in order to get another IMSI (t-IMSI), called second IMSI, from the first mobile network operator, the steps comprising:
[0028] A—Selecting by the device the radio serving network (VPLMN) after executing the 3GPP network selection procedure, called first selected network, the first selected network being not listed in the Forbidden VPLMN list (FPLMN) of the secure element;
[0029] B—Sending by the device a REGISTER REQUEST message comprising the first IMSI (e-IMSI) to the first selected network;
[0030] C—If the first selected network (VPLMN) does not route the message to the network of the first mobile network operator, stop trying to register to the first selected network (VPLMN) and put the MCC/MNC codes of the first selected network (VPLMN) in the Forbidden VPLMN list (FPLMN) of the secure element;
[0031] D—Searching by the device for a another network with the 3GPP network selection procedure to register on;
[0032] E—Repeat steps A to D until a network routes the first IMSI (e-IMSI) to the network of the first mobile network operator.
[0033] The present invention will be better understood by reading the following description of a preferred implementation of the invention.
[0034] According to the invention, a secure element like a UICC, an e-UICC or an i-UICC contains an ephemeral IMSI (e-IMSI), called first IMSI. This secure element cooperates with a device, like for example a M2M device or a smartphone.
[0035] The purpose of the e-IMSI is to be used for connecting the secure element to a network of a first mobile network operator in order to get from this first mobile network operator another IMSI (t-IMSI), called second IMSI.
[0036] In WO 2018/141896, this corresponds to step 61 of FIG. 8: A D-HSS receives an e-IMSI and looks up a corresponding t-IMSI to be sent back to the secure element. The secure element can then use this t-IMSI to attach to the network of a MNO having the corresponding MCC/MNC codes.
[0037] 3GPP's specification TS 23.122 explains the many steps of the network selection procedure to be carried out by the secure element when it's device is first powered on (international roaming, national roaming, use or not of the OPLMN (Operator Controlled PLMN), . . . ).
[0038] The invention proposes to select by the device cooperating with the secure element a radio serving network (VPLMN—Visited PLMN), called first selected network, after executing the 3GPP network selection procedure. The first selected network is of course not listed in the Forbidden VPLMN list (FPLMN) of the secure element.
[0039] After this selection, the device sends a REGISTER REQUEST message comprising the first IMSI (e-IMSI) to the first selected network.
[0040] If the first selected network does not route the message to the network of the first mobile network operator, the device will stop trying to register to the first selected network and put the MCC/MNC codes of this first selected network in the FPLMN list of the secure element and the device will search for another network with the 3GPP network selection procedure to register on.
[0041] These different steps are repeated until a network routes the first IMSI to the network of the first mobile network operator.
[0042] This method thus permits to scan all available networks until one of these networks accepts to route the REGISTER REQUEST message containing the first IMSI (e-IMSI) to the network of the first MNO.
[0043] Different methods can be implemented by the VPLMNs when they have detected that an e-IMSI is used for getting for free a t-IMSI through their networks, in order not to route the REGISTER REQUEST message to its destination (first MNO). For example: [0044] Reject the registration request with a network error cause (e.g. network busy); [0045] Do not answer to the REGISTER REQUEST message; [0046] Provide fake tokens; [0047] Or in general any strategy to cancel the procedure, at lower cost.
[0048] In order to be sure that at least a network will route this REGISTER REQUEST message to the network of the first MNO, it is proposed to send to a roaming hub mobile network operator partner having different MNC or different MCC codes from the first IMSI (e-IMSI) the REGISTER REQUEST message comprising these different MNC or different MCC codes, through an available network (a clean up of the FPLMN occurs before this step in order that the device is allowed to connect to an available network).
[0049] A roaming hub mobile network operator partner is a MNO having roaming agreements with all worldwide operators, like for example Monaco Telecom™. This ensures that the secure element will be able to connect to this roaming hub mobile network operator partner even if all available MNOs reject the REGISTER REQUEST message containing the e-IMSI.
[0050] For example, Monaco Telecom will then receive the REGISTER REQUEST message, look up the MSIN field, detect consequently that a second IMSI is requested by the secure element (reserved MSIN for the purpose of getting a second IMSI (t-IMSI)) and send this second IMSI to the device.
[0051] The MCC/MNC codes of the first MNO are then replaced by MCC/MNC codes of Monaco Telecom (these latter codes being stored in a memory of the secure element).
[0052] The roaming hub MNO partner IMSI, say rh_IMSI, does not need to be diversified. It corresponds to a back-up IMSI that can be used if no one of the server networks accepts to forward the e-IMSI.
[0053] In the invention, the OPLMN can be left empty.
[0054] The invention also concerns a secure element comprising a software comprising instructions for performing the following steps for connecting the secure element cooperating with a device to a network of a first mobile network operator thanks to an ephemeral IMSI (e-IMSI), called first IMSI, the first IMSI being stored in the secure element, in order to get another IMSI (t-IMSI), called second IMSI, from the first mobile network operator, these steps comprising:
[0055] A—Selecting by the device the radio serving network after executing the 3GPP network selection procedure, called first selected network, the first selected network being not listed in the Forbidden VPLMN list (FPLMN) of the secure element;
[0056] B—Sending by the device a REGISTER REQUEST message comprising the first IMSI (e-IMSI) to the first selected network;
[0057] C—If the first selected network does not route the message to the network of the first mobile network operator, stop trying to register to the first selected network and put the MCC/MNC codes of the first selected network in the Forbidden VPLMN list of the secure element;
[0058] D—Searching by the device for a another network with the 3GPP network selection procedure to register on;
[0059] E—Repeat steps A to D until a network routes the first IMSI to the network of the first mobile network operator.
[0060] Preferably, the secure element stores MCC/MNC codes of a roaming hub MNO partner and, in case steps A to E do not permit the secure element to get the second IMSI (t-IMSI), the REGISTER REQUEST message comprising these MCC/MNC codes is sent to an available MNO network. A clean up of the FPLMN occurs before this step in order that the device is allowed to connect to an available network.