Abstract: A method for managing subscription profiles of a security element, which is provided for use in a mobile end device and on which a profile manager and at least one first subscription profile is loaded, includes: loading a second subscription profile from a subscription management server; checking whether the at least one first loaded subscription profile satisfies a predetermined condition; and putting the at least one first subscription profile out of operation when the at least one first subscription profile satisfies the predetermined condition.

Abstract: A method of adaptive generation of a profile package is constructed to install a profile in the eUICC. The method includes adaptive generation of a code package constructed to install an executable code in the device. A batch of multiple profile (or code) descriptions is provided. The target eUICC/target device or some other competent instance is arranged to provide the transfer server with configuration information of the target eUICC/target device. The transfer server retrieves, instead of a ready-made profile (code) package (eSIM), only a profile (code) description and profile (code) data. The transfer server then generates the profile package adaptively, there-in flexibly considering the configuration information on the target eUICC/target device. By this adaptive way of profile generation, profile packages matching with the real target eUICC/target device are generated. Such a matching profile package can be successfully installed in the eUICC.

Abstract: A method for managing subscription profiles of a security element, which is provided for use in a mobile end device and on which a profile manager and at least one first subscription profile is loaded, includes: loading a second subscription profile from a subscription management server; checking whether the at least one first loaded subscription profile satisfies a predetermined condition; and putting the at least one first subscription profile out of operation when the at least one first subscription profile satisfies the predetermined condition.

Abstract: A method of adaptive generation of a profile package is constructed to install a profile in the eUICC. The method includes adaptive generation of a code package constructed to install an executable code in the device. A batch of multiple profile (or code) descriptions is provided. The target eUICC/target device or some other competent instance is arranged to provide the transfer server with configuration information of the target eUICC/target device. The transfer server retrieves, instead of a ready-made profile (code) package (eSIM), only a profile (code) description and profile (code) data. The transfer server then generates the profile package adaptively, there-in flexibly considering the configuration information on the target eUICC/target device. By this adaptive way of profile generation, profile packages matching with the real target eUICC/target device are generated. Such a matching profile package can be successfully installed in the eUICC.

Abstract: A method for introducing an identity into a secure element includes an operating system loaded into the secure element, which comprises a master key which is identical for a plurality of secure elements. A secure-element key datum is generated employing the master key. The secure-element key datum is configured as a temporary secure-element key datum, which, upon an initial authentication of the secure element vis-à-vis the background system, is replaced by a final secure-element key datum which is independent of the master key by employing the temporary secure-element key datum and is itself rendered invalid for further authentications.

Abstract: A method for operating a security element of a mobile terminal with a memory unit includes using a first subscription profile with a first operating system for the security element, and a second subscription profile with a second operating system for the security element. The method involves operating the security element with the first operating system to communicate with the first subscription profile via a first mobile communication network; switching from the first operating system to the second operating system of the security element through a boot loader in the memory unit loading and executing the second operating system following a reboot of the security element; and operating the security element with the second operating system, to be able to communicate with the second subscription profile via a second mobile communication network. A corresponding security element and a corresponding mobile terminal are provided.

Abstract: Provided are a method for personalizing a security element for a mobile end device for communicating via a mobile radio network as well as a corresponding system. The method comprises the following steps: supplying initialization data of an initialization entity to the security element, wherein the initialization data comprise a personalization token; supplying the personalization token from the security element to a personalization entity; checking the validity of the personalization token through the personalization entity; and after successfully checking the validity of the personalization token, supplying personalization data from the personalization entity to the security element, wherein authorization data for authenticating the security element in encrypted form are already part of the initialization data and the personalization data comprise a key for decrypting the authorization data.

Abstract: In order to support the access of a terminal to a mobile communication network, a network subscriber identifier and a plurality of authentication data sets relating to this network user identifier are transferred to the terminal by an access support server. The plurality of authentication data sets are generated previously by a server of the mobile communication network, after the access support server has transmitted the network subscriber identifier to the server. In order to check an authentication information item of the terminal upon logging into the mobile communication network, an authentication server of the mobile communication network transmits an authentication data set from the plurality of authentication data sets, for example via the server.

Abstract: A method for operating a security element of a mobile terminal with a memory unit includes using a first subscription profile with a first operating system for the security element, and a second subscription profile with a second operating system for the security element. The method involves operating the security element with the first operating system to communicate with the first subscription profile via a first mobile communication network; switching from the first operating system to the second operating system of the security element through a boot loader in the memory unit loading and executing the second operating system following a reboot of the security element; and operating the security element with the second operating system, to be able to communicate with the second subscription profile via a second mobile communication network. A corresponding security element and a corresponding mobile terminal are provided.

Abstract: A method for operating a security element which is part of a mobile end device, and a security element, have functionality depending on a set of operating parameters that is deposited on the security element. The method comprises the following steps: operating the security element with the set of operating parameters that is deposited on the security element; collecting data about the use of the security element and/or of the mobile end device; selecting a use profile on the basis of the collected data, with the use profile being assigned a set of operating parameters that is matched thereto; and operating the security element with the set of operating parameters that is matched to the selected use profile.

Abstract: In order to support the access of a terminal to a mobile communication network, a network subscriber identifier and a plurality of authentication data sets relating to this network user identifier are transferred to the terminal by an access support server. The plurality of authentication data sets are generated previously by a server of the mobile communication network, after the access support server has transmitted the network subscriber identifier to the server. In order to check an authentication information item of the terminal upon logging into the mobile communication network, an authentication server of the mobile communication network transmits an authentication data set from the plurality of authentication data sets, for example via the server.

Abstract: A method for introducing an identity into a secure element includes an operating system loaded into the secure element, which comprises a master key which is identical for a plurality of secure elements. A secure-element key datum is generated employing the master key. The secure-element key datum is configured as a temporary secure-element key datum, which, upon an initial authentication of the secure element vis-à-vis the background system, is replaced by a final secure-element key datum which is independent of the master key by employing the temporary secure-element key datum and is itself rendered invalid for further authentications.

Abstract: Provided are a method for personalizing a security element for a mobile end device for communicating via a mobile radio network as well as a corresponding system. The method comprises the following steps: supplying initialization data of an initialization entity to the security element, wherein the initialization data comprise a personalization token; supplying the personalization token from the security element to a personalization entity; checking the validity of the personalization token through the personalization entity; and after successfully checking the validity of the personalization token, supplying personalization data from the personalization entity to the security element, wherein authorization data for authenticating the security element in encrypted form are already part of the initialization data and the personalization data comprise a key for decrypting the authorization data.

Abstract: A method for operating a security element which is part of a mobile end device, and a security element, have functionality depending on a set of operating parameters that is deposited on the security element. The method comprises the following steps: operating the security element with the set of operating parameters that is deposited on the security element; collecting data about the use of the security element and/or of the mobile end device; selecting a use profile on the basis of the collected data, with the use profile being assigned a set of operating parameters that is matched thereto; and operating the security element with the set of operating parameters that is matched to the selected use profile.