Abstract: A data transfer process can include multiple verification features usable by a “source” device to ensure that a “destination” device is authorized to receive a requested data object. The source device and destination device can communicate via a first communication channel (which can be on a wide-area network) to exchange public keys, then use the public keys to verify their identities and establish a secure session on a second communication channel (which can be a local channel). The data object can be transferred via the secure session. Prior to sending the data object, the source device can perform secondary verification operations (in addition to the key exchange) to confirm the identity of the second device and/or the locality of the connection on the second communication channel.

Abstract: Methods and apparatus for managing processing of electronic Subscriber Identity Modules (eSIM) data at a mobile device are disclosed. An eSIM management entity of an embedded Universal Integrated Circuit Card (eUICC) in the mobile device obtains an encrypted eSIM package, decrypts the eSIM package to obtain eSIM contents formatted generically and not specifically tailored to requirements of the eUICC. In some embodiments, the eSIM contents are formatted based on an abstract syntax notation (ASN) distinguished encoding rules (DER) format. The eSIM management entity parses the formatted eSIM contents to retrieve individual eSIM components and installs each eSIM component for the eSIM in an eSIM security domain on the eUICC.

Abstract: An integrated accessory control system can integrate functionality (services) of multiple disparate accessories and provide a unified user interface for interacting with the system via a controller device. An integrated accessory control system can include one accessory that can detect an event or action and send a notification to the controller device and at least one other accessory, such as an Internet Protocol (IP) camera, that can be operated in response to the notification. In response to the notification, a controller device can generate an integrated user interface for interacting with the accessories in the integrated accessory control system. The interface can include a live feed from the IP camera, which can provide a media stream responsive to instructions from the controller.

Abstract: An automated environment can include an accessory device that operates according to an automation rule, to take a prescribed action when a triggering condition occurs. A controller device for the automated environment can determine a user's regular routine and can detect when the user is deviating from the regular routine. The controller device can communicate with accessory devices in the automated environment to modify their behavior relative to the automation rules.

Abstract: Automated behaviors in an environment can be implemented based on aggregation of individual user routines. For example, mobile devices used by users in the environment can provide information about the users' behavior patterns to a coordinator device that can be located in the environment. The coordinator device can analyze the information to detect an aggregate pattern that involves multiple mobile devices and/or multiple users. Based on a detected aggregate patterns, the coordinator can identify behaviors to automate.

Abstract: An automated environment can monitor its resource consumption at the environment level and detect anomalies. Resource consumption can be monitored using a sparse set of sensors that provide information about the total resource consumption of the automated environment. The sensor data can be analyzed together with information about a behavioral routine of users in the automated environment to define a baseline resource consumption pattern. Once a baseline resource consumption pattern is established, anomalies in resource consumption can be detected and reported to users.

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

Abstract: Representative embodiments described herein set forth techniques for provisioning bootstrap electronic Subscriber Identity Modules (eSIMs) to mobile devices. According to some embodiments, a mobile device can be configured to issue, to an eSIM selection server, a bootstrap eSIM request that includes (i) metadata associated with the mobile device, and (ii) metadata associated with an electronic Universal Integrated Circuit Card (eUICC) included in the mobile device. In turn, the eSIM selection server selects and binds a particular bootstrap eSIM to the mobile device, and provides information to the mobile device that enables the mobile device to obtain the particular bootstrap eSIM from one or more eSIM servers. When the mobile device obtains the particular bootstrap eSIM, the mobile device can interface with a mobile network operator (MNO) and obtain a complete eSIM that enables the mobile device to access services provided by the MNO.

Abstract: Disclosed herein is a technique for mitigating paging collisions in mobile devices. When a new electronic Subscriber Identity Module (eSIM) is to be provisioned on a mobile device, International Mobile Subscriber Identity (IMSI) information associated with each of the SIMs/eSIMs currently installed on the mobile device is obtained and provided to a provisioning server. In turn, the provisioning server utilizes the IMSI information to select a new eSIM associated with an IMSI that is unlikely to result in a paging collision when operated alongside the SIMs/eSIMs installed on the mobile device. The provisioning server provides the new eSIM to the mobile device, whereupon the mobile device installs the eSIM into the embedded Universal Integrated Circuit Card (eUICC) for operation.

Abstract: A device hosting a universal integrated circuit card (UICC or eUICC) initiates an electronic subscriber identity module (eSIM) installation flow with an SIM server. The purpose of the eSIM installation flow is to perform a profile provisioning action. The device and, for example, the eUICC preserve state information related to the eSIM installation flow. The eSIM installation flow includes generation of a one-time public key at the eUICC. In some instances, the eSIM installation flow may be interrupted by an error event before successful installation of the eSIM in the eUICC. A subsequent renewed installation attempt is locally initiated and completed without assistance of the eSIM server. In some embodiments, the recovery and subsequent successful eSIM installation make use of the state information preserved during the earlier eSIM installation flow.

Abstract: A malicious party may attempt to avoid a mobile network operator (MNO) contract involved with subsidy-lock by inserting an interfering piece of hardware called a proxy SIM in a device. The device provided herein uses an authentication technique to guard against a proxy-SIM attack. The device includes a secure element (SE) with subscriber identity module (SIM) functionality present on the SE. The device sends the SE a nonce to be signed over. The SE signs using a public key infrastructure (PKI) private key of the SE and provides a response. The device evaluates whether the response contains a valid signature. If the validation is successful, the device relies on SIM data provided in the response to continue with activation of the device, so that the device can provide services under the MNO contract. If the validation fails, the device will not attempt to access network services with the SIM functionality.

Abstract: A uniform protocol can facilitate secure, authenticated communication between a controller device and an accessory device that is controlled by the controller. An accessory and a controller can establish a pairing, the existence of which can be verified at a later time and used to create a secure communication session. The accessory can provide an accessory definition record that defines the accessory as a collection of services, each service having one or more characteristics. Within a secure communication session, the controller can interrogate the characteristics to determine accessory state and/or modify the characteristics to instruct the accessory to change its state.

Abstract: An integrated accessory control system can integrate functionality (services) of multiple disparate accessories and provide a unified user interface for interacting with the system via a controller device. An integrated accessory control system can include one accessory that can detect an event or action and send a notification to the controller device and at least one other accessory, such as an IP camera, that can be operated in response to the notification. In response to the notification, a controller device can generate an integrated user interface for interacting with the accessories in the integrated accessory control system. The interface can include a live feed from the IP camera, which can provide a media stream responsive to instructions from the controller.

Abstract: The subject technology extracts features from each log line of a log file. The subject technology determines, based on the features, a sequence of log lines. The subject technology determines probabilities of log lines occurring within a window of time from a respective log line from the sequence of log lines, and determines probabilities of periods of time within the window of time that a next log line will occur after the respective log line. The subject technology segments log lines from the log file into sequences of log lines based on the probabilities of the set of log lines occurring within the window of time and the probabilities of periods of time that the next log line occurs after the respective log line. The subject technology determines a predicted subsequent log line, and detects an anomaly when an actual subsequent log line differs from the predicted subsequent log line.

Abstract: Provisioning of an electronic subscriber identity module (eSIM) to an embedded universal integrated circuit card (eUICC) is observed to acquire a captured payload. The captured payload is then used in replay test sessions. In a live test session, test equipment can be used to monitor the communication between an eSIM server and the eUICC in order to capture the payload transmitted from the eSIM server. In the live test session, the eUICC can be in a debug mode that persists an ability to generate the same keys. In the replay test sessions, the payload captured can be reused and the eUICC can regenerate the same keys to decrypt an encrypted eSIM in the payload. After an installation attempt, the eUICC can provide notifications to the test equipment. The eUICC can be stress-tested using methods described herein without consuming a large number of eSIMs from an eSIM server inventory.

Abstract: An automated environment can include multiple controller devices capable of communicating with multiple accessory devices. The controller devices can automatically elect one of their number as a coordinator device for the environment and can automatically perform a new election if an incumbent coordinator becomes unavailable or resigns. The election processes can be transparent to any users. An elected coordinator can perform various operations to facilitate management of the automated environment, including routing of communications between controllers and accessories.

Abstract: A secure element uses a backup context to restore a deleted electronic Subscriber Identity Module (eSIM) without compromising a trust relationship with a mobile network operator (MNO). A backup copy of a data binary large object (data blob) originally used to instantiate the eSIM is retrieved. The secure element determines if the eSIM within the data blob is uniquely associated with the secure element from a previous installation. The secure element examines the data blob to determine an identifier unique to the eSIM. The identifier can be an integrated circuit card identifier (ICC-ID) or a profile identifier. The secure element searches a table of instantiated eSIMs in the secure memory. If the secure element is able to match the recovered eSIM identifier with an entry in the table, then the secure element installs this eSIM in the secure element.

Abstract: Representative embodiments described herein set forth techniques for provisioning bootstrap electronic Subscriber Identity Modules (eSIMs) to mobile devices. According to some embodiments, a mobile device can be configured to issue, to an eSIM selection server, a bootstrap eSIM request that includes (i) metadata associated with the mobile device, and (ii) metadata associated with an electronic Universal Integrated Circuit Card (eUICC) included in the mobile device. In turn, the eSIM selection server selects and binds a particular bootstrap eSIM to the mobile device, and provides information to the mobile device that enables the mobile device to obtain the particular bootstrap eSIM from one or more eSIM servers. When the mobile device obtains the particular bootstrap eSIM, the mobile device can interface with a mobile network operator (MNO) and obtain a complete eSIM that enables the mobile device to access services provided by the MNO.

Abstract: Methods are provided for instantiating multiple electronic subscriber identity modules (eSIMs) to an electronic universal integrated circuit card (eUICC) using a manufacturer-installed data binary large object (data blob). An eSIM package including the data blob in encrypted form is securely installed in the eUICC in a manufacturing environment. A key encryption key (KEK) associated with the eSIM package is separately provided to an original equipment manufacturer (OEM) wireless device factory. The OEM wireless device factory provides the KEK to the eUICC within a given wireless device. The eUICC uses the KEK to decrypt the eSIM package and provide the data blob. The eUICC can receive a request to instantiate a first eSIM. The eUICC can instantiate the first eSIM using data from the data blob. A user can then access network services using the wireless device. Subsequently, a second eSIM can be instantiated by the eUICC using the data blob.

Abstract: Methods and apparatus to manage registration for cellular services of a secondary wireless device associated with a primary wireless device are disclosed. The secondary wireless device can detect entering proximity to the primary wireless device and in response to the detecting deactivate a cellular wireless interface of the secondary wireless device to conserve battery power, and provide an indication to the primary wireless device, via a non-cellular wireless interface, to cause the primary wireless device to perform a deregistration of the secondary wireless device for cellular services. The secondary wireless device can establish connections and communicate via non-cellular wireless interfaces while within proximity of the primary wireless device.