Abstract: A secure element of a mobile device receives a first authentication token, which may have an encrypted portion and a non-encrypted portion, from a network gateway device to which the mobile device is connected. The secure element determines whether the first authentication token is valid based on a sequence number included in the first authentication token. If the secure element determines that the first authentication token is valid, the secure element generates a second authentication token that indicates a result of an authentication operation performed by the secure element. The second authentication token is sent to the network gateway device. The secure element derives a pre-shared key using a key derivation function, where the pre-shared key is usable to establish a secure communication channel with the network gateway device.

Abstract: A centralized gateway server receives a first user request, configured to operate with a first development platform, indicating a first operation to be performed on behalf of a first user. The centralized gateway server generates a first service request for performing the first operation, and transmits the first service request to a server associated with a service, to cause the server to perform the first operation on behalf of the first user. The centralized gateway server also receives a second user request indicating a second operation. The second user request is configured to operate with a second development platform different from the first development platform. The centralized gateway server generates a second service request for performing the second operation, and transmits the second service request to the server to cause the server to perform the second operation.

Abstract: A secure element device for use in a connected device includes a first interface configured to enable communication with a communication module and a second interface configured to enable communication with an action module of the connected device. A processor coupled to the first interface and the second interface, executes a first set of computer-readable instructions, stored in a memory of the secure element device, to authenticate, via the first interface, the connected device on the communication network. The processor also executes a second set of computer-readable instructions, stored in the memory, to perform one or both of (i) obtaining, via the second interface, data from the action module, the data to be transmitted over the communication network and (ii) controlling, via the second interface, the action module to cause the action module to perform one or more operations based on an instruction received over the communication network.

Abstract: A centralized gateway server receives a first user request, configured to operate with a first development platform, indicating a first operation to be performed on behalf of a first user. The centralized gateway server generates a first service request for performing the first operation, and transmits the first service request to a server associated with a service, to cause the server to perform the first operation on behalf of the first user. The centralized gateway server also receives a second user request indicating a second operation. The second user request is configured to operate with a second development platform different from the first development platform. The centralized gateway server generates a second service request for performing the second operation, and transmits the second service request to the server to cause the server to perform the second operation.

Abstract: Techniques are disclosed which can allow a mobile device, which is no longer being updated by the device manufacturer, to receive updates from the manufacturer. In an implementation, an international mobile equipment identity (IMEI) is received from the mobile device that identifies a model of the mobile device. The mobile device can have at least one application that is unable to communicate with a server of the mobile device's manufacturer. A provisioning server may determine that the mobile device is depreciated based upon the IMEI, and obtain a key unique to the mobile device. The key and at least one Access Point Name may be transmitted to the mobile device, which can allow the mobile device to direct its data traffic to the server of the manufacturer.

Abstract: A data carrier with detachable parts, a method of forming a data carrier comprising a primary card body, a data carrier puncher for removing detachable parts of data carriers, and a method of removing a form changing part from a data carrier using a puncher are disclosed. The data carrier with detachable parts comprising: a primary card body having a first size; a form changing part disposed within the primary card body and having a second size, the form changing part connected to the primary card body by at least one fixing portion, and the form changing part configured to be removed from the primary card body by breaking the at least one fixing portion; an integrated circuit component embedded in the form changing part; and at least one notch disposed at a first position on a first end of the primary card body.

Abstract: A system for self-activation of a portable device on a wireless network includes a first server that receives a first message from a particular portable device with a unique identifier that indicates the device type of the device that is at least one of a first type or a second type of portable device. A second message comprising data including the device type corresponding to the portable device is sent to a second server. The second server sends an activation message in response to receiving the second message when the device type determined is the first type; and the second server sends the activation message after a delay interval that is longer than a boot-up sequence time when the device type determined is the second type. The activation message prompts the user to activate the device for use on the wireless network.

Abstract: A secure element of a mobile device receives a first authentication token, which may have an encrypted portion and a non-encrypted portion, from a network gateway device to which the mobile device is connected. The secure element determines whether the first authentication token is valid based on a sequence number included in the first authentication token. If the secure element determines that the first authentication token is valid, the secure element generates a second authentication token that indicates a result of an authentication operation performed by the secure element. The second authentication token is sent to the network gateway device. The secure element derives a pre-shared key using a key derivation function, where the pre-shared key is usable to establish a secure communication channel with the network gateway device.

Abstract: A secure element device for use in a connected device includes a first interface configured to enable communication with a communication module and a second interface configured to enable communication with an action module of the connected device. A processor coupled to the first interface and the second interface, executes a first set of computer-readable instructions, stored in a memory of the secure element device, to authenticate, via the first interface, the connected device on the communication network. The processor also executes a second set of computer-readable instructions, stored in the memory, to perform one or both of (i) obtaining, via the second interface, data from the action module, the data to be transmitted over the communication network and (ii) controlling, via the second interface, the action module to cause the action module to perform one or more operations based on an instruction received over the communication network.

Abstract: A method for downloading a profile from a subscription management server (SM-DP+) to a security enclave comprised in an enterprise mobile radio device.

Abstract: A secure element device for use in a connected device includes a first interface configured to enable communication with a communication module and a second interface configured to enable communication with an action module of the connected device. A processor coupled to the first interface and the second interface, executes a first set of computer-readable instructions, stored in a memory of the secure element device, to authenticate, via the first interface, the connected device on the communication network. The processor also executes a second set of computer-readable instructions, stored in the memory, to perform one or both of (i) obtaining, via the second interface, data from the action module, the data to be transmitted over the communication network and (ii) controlling, via the second interface, the action module to cause the action module to perform one or more operations based on an instruction received over the communication network.

Abstract: A centralized gateway server receives a first user request, configured to operate with a first development platform, indicating a first operation to be performed on behalf of a first user. The centralized gateway server generates a first service request for performing the first operation, and transmits the first service request to a server associated with a service, to cause the server to perform the first operation on behalf of the first user. The centralized gateway server also receives a second user request indicating a second operation. The second user request is configured to operate with a second development platform different from the first development platform. The centralized gateway server generates a second service request for performing the second operation, and transmits the second service request to the server to cause the server to perform the second operation.

Abstract: A secure element device for use in a connected device includes a first interface configured to enable communication with a communication module and a second interface configured to enable communication with an action module of the connected device. A processor coupled to the first interface and the second interface, executes a first set of computer-readable instructions, stored in a memory of the secure element device, to authenticate, via the first interface, the connected device on the communication network. The processor also executes a second set of computer-readable instructions, stored in the memory, to perform one or both of (i) obtaining, via the second interface, data from the action module, the data to be transmitted over the communication network and (ii) controlling, via the second interface, the action module to cause the action module to perform one or more operations based on an instruction received over the communication network.

Abstract: A profile management engine receives, from a mobile device management (MDM) server configured to manage one or more mobile devices, an activation request to activate a subscription for a mobile device of the plurality of mobile devices. The profile management engine generates a download request for preparing a download of an electronic subscriber profile to the mobile device, transmits the download request to a subscription management system of a network operator, and subsequently receives a download response from the subscription management system. The download response includes an identifier that identifies an electronic subscriber profile generated for the mobile device.

Abstract: A profile management engine receives, from a mobile device management (MDM) server configured to manage one or more mobile devices, an activation request to activate a subscription for a mobile device of the plurality of mobile devices. The profile management engine generates a download request for preparing a download of an electronic subscriber profile to the mobile device, transmits the download request to a subscription management system of a network operator, and subsequently receives a download response from the subscription management system. The download response includes an identifier that identifies an electronic subscriber profile generated for the mobile device.

Abstract: Techniques are disclosed which can allow a mobile device, which is no longer being updated by the device manufacturer, to receive updates from the manufacturer. In an implementation, an international mobile equipment identity (IMEI) is received from the mobile device that identifies a model of the mobile device. The mobile device can have at least one application that is unable to communicate with a server of the mobile device's manufacturer. A provisioning server may determine that the mobile device is depreciated based upon the IMEI, and obtain a key unique to the mobile device. The key and at least one Access Point Name may be transmitted to the mobile device, which can allow the mobile device to direct its data traffic to the server of the manufacturer.

Abstract: A lamination cassette includes a substrate to accommodate a plurality of first sheets of a first size. A loading template is removably coupled to the cassette via an adapter on the cassette to secure the loading template when inclined for loading. The template includes a first loading section for accommodating a plurality of second sheets of a second size smaller than the first size when loaded onto the substrate. The lamination cassette is configured to support sheets of the first size when the adapter is not coupled to the substrate and the vertical support surface is configured to support sheets of the second size when the loading template is coupled to the substrate. The loading template may also include a second loading section for accommodating a plurality of third sheets having the same size as the second sheets for laminating two pluralities of same size sheets on a single cassette.

Abstract: A system for self-activation of a portable device on a wireless network includes a first server that receives a first message from a particular portable device with a unique identifier that indicates the device type of the device that is at least one of a first type or a second type of portable device. A second message comprising data including the device type corresponding to the portable device is sent to a second server. The second server sends an activation message in response to receiving the second message when the device type determined is the first type; and the second server sends the activation message after a delay interval that is longer than a boot-up sequence time when the device type determined is the second type. The activation message prompts the user to activate the device for use on the wireless network.

Abstract: A data carrier with detachable parts, a method of forming a data carrier comprising a primary card body, a data carrier puncher for removing detachable parts of data carriers, and a method of removing a form changing part from a data carrier using a puncher are disclosed. The data carrier with detachable parts comprising: a primary card body having a first size; a form changing part disposed within the primary card body and having a second size, the form changing part connected to the primary card body by at least one fixing portion, and the form changing part configured to be removed from the primary card body by breaking the at least one fixing portion; an integrated circuit component embedded in the form changing part; and at least one notch disposed at a first position on a first end of the primary card body.

Abstract: A credit card provider server device collects data indicative of at least one of i) environment of a user, ii) activities of the user, and iii) other characteristics of the user. When the credit card provider server device receives, from a payment issuer server device, a context request requesting a user context at a time a payment request is made, the credit card provider server device generates a user context for the user. The user context includes one or more indications related to the one or both of the environment of the user and the activities of the user at the time of the payment request. The credit card provider server device transmits the user context to the payment issuer server device for use in authenticating the payment request.