Abstract: An OTA Edge system, constructed to: (1) receive polling requests, dedicated to an OTA Core system, from one or several mobile end de-vices; wherein an offload filter implemented in the OTA Edge system and constructed to: (2) accept polling requests from mobile end devices for which contents are present on the OTA Core system, and (2?) reject polling re-quests from mobile end devices for which no contents are present on the OTA Core system.

Abstract: An OTA Edge system, constructed to: (1) receive polling requests, dedicated to an OTA Core system, from one or several mobile end devices; wherein an offload filter implemented in the OTA Edge system and constructed to: (2) accept polling requests from mobile end devices for which contents are present on the OTA Core system, and (2?) reject polling requests from mobile end devices for which no contents are present on the OTA Core system.

Abstract: A system for registering an MSISDN with a device hosting the UICC and in which the UICC is or can be operated includes a UICC provisioning server operated by an UICC different from the MNO. A Local Profile Assistant LPA is installed within the device or the UICC, and enables establishment of secured data sessions between the UICC and the UICC provisioning server. A modem is installed within the device or UICC. The modem enables communication of the device within a mobile network operator MNO mobile network. An MSISDN retrieval logic is associated with the LPA. A logic is constructed to perform a retrieval sequence with the foregoing components and data.

Abstract: A system for registering an MSISDN with a device hosting the UICC and in which the UICC is or can be operated includes a UICC provisioning server operated by an UICC different from the MNO. A Local Profile Assistant LPA is installed within the device or the UICC, and enables establishment of secured data sessions between the UICC and the UICC provisioning server. A modem is installed within the device or UICC. The modem enables communication of the device within a mobile network operator MNO mobile network. An MSISDN retrieval logic is associated with the LPA. A logic is constructed to perform a retrieval sequence with the foregoing components and data.

Abstract: A method of providing a secure element of a mobile terminal with a subscription profile in which the mobile terminal is configured to communicate with a cellular communications network and the subscription profile comprises a network specific portion related to the cellular communications network or a different cellular communications network as well as a hardware specific portion related to the hardware of the mobile terminal and/or the secure element. The method comprises the steps of: assembling the subscription profile, wherein the network specific portion of the subscription profile is provided by a first server and the hardware specific portion of the subscription profile is provided by a second server; and providing the subscription profile over-the-air to the secure element. A corresponding secure element, mobile terminal and subscription management backend system involves features of the method.

Abstract: A method of providing a secure element of a mobile terminal with a subscription profile in which the mobile terminal is configured to communicate with a cellular communications network and the subscription profile comprises a network specific portion related to the cellular communications network or a different cellular communications network as well as a hardware specific portion related to the hardware of the mobile terminal and/or the secure element. The method comprises the steps of: assembling the subscription profile, wherein the network specific portion of the subscription profile is provided by a first server and the hardware specific portion of the subscription profile is provided by a second server; and providing the subscription profile over-the-air to the secure element. A corresponding secure element, mobile terminal and subscription management backend system involves features of the method.

Abstract: A method includes preventing fraudulent use of a security module in a device, and the security module is designed to perform the following steps of: retrieving a device identifier of the device from the device; checking whether negative allowance information is stored in the security module for the retrieved device identifier and transmit a security module identifier of the security module and the retrieved device identifier to a server; and receiving a response from the server regarding whether the security module is allowed to operate with the identified device and store negative allowance information in the security module for the retrieved device identifier, if the security module is not allowed to operate with the identified device according to the server response. A security module may execute the method, and a system may include the device and the server.

Abstract: A method for updating a firmware of a security module in equipment comprises a device and the security module arranged such that data can be exchanged between the security module and the device. A first message is received by the security module and indicates the availability of a firmware update provided by a provider and wherein the first message contains a transaction number individual for the security module. A second message is transferred from the equipment to the provider and the firmware update is requested from the provider. The second message contains the individual transaction number to enable the provider to conduct an identification of the security module. The firmware update is transferred from the provider to the equipment based on the individual transaction number, and is stored in a memory of the device. The firmware is unpacked by a boot loader of the equipment or the security module.

Abstract: A method includes preventing fraudulent use of a security module in a device, and the security module is designed to perform the following steps of: retrieving a device identifier of the device from the device; checking whether negative allowance information is stored in the security module for the retrieved device identifier and transmit a security module identifier of the security module and the retrieved device identifier to a server; and receiving a response from the server regarding whether the security module is allowed to operate with the identified device and store negative allowance information in the security module for the retrieved device identifier, if the security module is not allowed to operate with the identified device according to the server response. A security module may execute the method, and a system may include the device and the server.