Abstract: This invention relates to a method for controlling remotely the rights of a target secure element to an execute an operation, said target secure element being configured to load a profile image and to store a first set of at least one parameter indicating if the secure element is locked or unlocked and, in case it is locked, who is the locker of said secure element. The method is operated by an image delivery server, said method and comprises the following steps: receiving a second set of at least one parameter and an operation code OP defining a requested operation to be performed by the target secure element, receiving a profile image to be transmitted to the secure element; generating a security scheme descriptor (SSD) file adapted to bind the profile image with the target secure element and further comprising the second set of at least one parameter and the operation code OP; sending the received image profile and the associated security scheme descriptor (SSD) file to the target secure element.

Abstract: A device is intended for controlling access of a communication equipment of a user to virtual stores of network operators accessible into servers. This device comprises a control means arranged, when this user provides the communication equipment of the user equipment with an access code associated to a virtual store of a network operator, for determining a communication identifier of a virtual store page corresponding to this access code and to data defining a context of the communication equipment into a table establishing correspondences between access codes and communication identifiers of pages of virtual stores providing offers corresponding to communication equipment contexts, then for triggering access by the communication equipment to the virtual store page associated to the determined communication identifier to allow the user to select an offer contained into this virtual store page.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: System and method for allowing a mobile telecom device to use multiple profiles. The system and method includes operating a security function to perform a cryptographic operation on a profile using a cryptography key of the security function thereby producing a cryptographically protected profile, storing the cryptographically protected profile, and activating the cryptographically protected profile by operating the security function to verify that the cryptographically protected profile has been cryptographically protected using the cryptography key of the security function, and upon verifying that the cryptographically protected profile has been protected using the cryptography key of the security function, activating the cryptographically protected profile.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: The invention relates to a method for initiating an OTA session in a mobile radio communication network at the request of a user of a mobile terminal. The OTA session is established between the mobile terminal and a remote OTA server, the mobile terminal including a security element such as a UICC card. According to the invention, the method comprises: i) entering a special code using the man/machine interface of said mobile terminal; ii) said security element intercepting said special code; and iii) opening said OTA session between said mobile terminal and said remote server in a secure mode.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: A method for exporting on a UICC in a terminal. An export request signed by the UICC, is transmitted by the terminal to a secure server. The server verifies the signed export request by comparing the signature and the identity of the UICC. The server sends a signed export certificate to the UICC via the terminal. An export package containing the data is prepared, signed and encrypted by the UICC, and sent to the terminal. The terminal transmits the export package to the server. The server signs an acknowledgment message and transmits it to the UICC via the terminal. In the UICC, the data that have been exported is destroyed, and a signed acknowledge message is sent to the server via the terminal. The server makes the data available for a further transfer to a new terminal or UICC.

Abstract: The invention relates to a method for initiating an OTA session in a mobile radio communication network at the request of a user of a mobile terminal. The OTA session is established between the mobile terminal and a remote OTA server, the mobile terminal including a security element such as a UICC card. According to the invention, the method comprises: i) entering a special code using the man/machine interface of said mobile terminal; ii) said security element intercepting said special code; and iii) opening said OTA session between said mobile terminal and said remote server in a secure mode.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: The invention relates to a method for loading a list of preferred networks into a secure element contained in a mobile terminal. The loading is accomplished when the secure element detects that it is in a roaming condition within a telecommunication network. The method consists of: i) asking (12) for an IP channel to be opened between the telecommunication network and the secure element, the request for opening originating with the secure element; ii) requesting (13) the loading of the list of preferred networks; iii) uploading (14) via the IP channel the list of preferred networks into the secure element; and iv) transmitting (16) a request by the secure element to the mobile terminal to use one of said preferred networks in said list.

Abstract: A method for transmitting a SIM application of a first terminal to a second terminal, the SIM application being stored in a secure element included in the first terminal, with access to the SIM application being locked by a PIN code. The method includes exporting the SIM application from the first terminal to a distant site, by including the PIN code as well as a remote loading code. A user of the second terminal is asked to enter the remote loading code in the second terminal. In the event the remote loading code entered by the user matches the remote loading code that has been exported, the installation of the SIM application in a secure element of the second terminal is authorized. Otherwise, the SIM application is not installed in the secure element of the second terminal.

Abstract: A method for exporting on a UICC in a terminal. An export request signed by the UICC, is transmitted by the terminal to a secure server. The server verifies the signed export request by comparing the signature and the identity of the UICC. The server sends a signed export certificate to the UICC via the terminal. An export package containing the data is prepared, signed and encrypted by the UICC, and sent to the terminal. The terminal transmits the export package to the server. The server signs an acknowledgment message and transmits it to the UICC via the terminal. In the UICC, the data that have been exported is destroyed, and a signed acknowledge message is sent to the server via the terminal. The server makes the data available for a further transfer to a new terminal or UICC.

Abstract: System and method for allowing a mobile telecom device to use multiple profiles. The system and method includes operating a security function to perform a cryptographic operation on a profile using a cryptography key of the security function thereby producing a cryptographically protected profile, storing the cryptographically protected profile, and activating the cryptographically protected profile by operating the security function to verify that the cryptographically protected profile has been cryptographically protected using the cryptography key of the security function, and upon verifying that the cryptographically protected profile has been protected using the cryptography key of the security function, activating the cryptographically protected profile.

Abstract: The invention relates to a method for loading a list of preferred networks into a secure element contained in a mobile terminal. The loading is accomplished when the secure element detects that it is in a roaming condition within a telecommunication network. The method consists of: i) asking (12) for an IP channel to be opened between the telecommunication network and the secure element, the request for opening originating with the secure element; ii) requesting (13) the loading of the list of preferred networks; iii) uploading (14) via the IP channel the list of preferred networks into the secure element; and iv) transmitting (16) a request by the secure element to the mobile terminal to use one of said preferred networks in said list.

Abstract: The present invention provides a method for unlocking a secure device (1), said secure device (10) being adapted to be associated with a first device (11) and being adapted to be locked when it is associated to a second device (12) different from the first device (11), said first device (11) being the paired device, the method comprising a step of unlocking the secure device (1) over-the-air when the secure device (1) is connected to the second device (12).

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: The invention provides a method for activating the subscription of an UICC, said UICC comprising an activation application, said method comprising the step of activating the subscription of the holder of the UICC by sending a message to an activation server, said message being sent by the activation application to the activation server by using an IP based communication.

Abstract: A chip card needs to be allocated in a secured manner to a network operator via a personalization center in order to determine a final authentication key which is attributed to a subscriber of the operator without its being transmitted via a network. The following is loaded into a card by a module: an algorithm and an allocation key; an algorithm for determination of the authentication key and at least one intermediate authentication key. A module transmits an allocation message which includes a final identity number, a random number and an allocation signature from the center to the card. The card authenticates the message by means of the allocation algorithm as a function of the allocation key and the allocation signature, and determines the final authentication key as a function of the intermediate key and the random number.