Abstract: The system receives an indication of a sensitive operation. The system obtains a unique ID of a user's UE. Based on the unique ID of the UE, the system retrieves a visual authentication method including a visual ID. The system records the visual ID, and retrieves a corresponding stored visual ID. The system performs a liveness check associated with the visual ID, to determine whether the visual ID is a recording or a live version of the visual ID. Upon determining that the visual ID is the recording, the system refuses to authenticate the user. Upon determining that the visual ID is the live version of the visual ID, the system compares the visual ID and the corresponding stored visual ID to determine whether the visual ID and the corresponding stored visual ID match. Upon determining that the visual ID and the corresponding stored visual ID match, the system authenticates the user.

Abstract: The disclosed system provides for machine-to-machine routing of messages (e.g., text messages, binary information, etc.) between devices (e.g., external applications, IoT devices, etc.) using non-routable identifiers. The systems and methods publish an application programming interface (API) configured to receive (non-routable) identification information of a target device from an external application (e.g., an IoT Service Provider) that calls the API, determines whether a target device associated with the identification information is a subscriber of a telecommunications service provider that provides telecommunications plans to subscribers of the telecommunications service provider, verifies that the external application is authorized to transmit messages to the target device, and translates the non-routable identification information to a mapped device address that can be used to determine a location of the target device so that the message can be delivered to the target device.

Abstract: Systems and methods discussed herein are directed to subscriber identity (SIM) cards that include multiple profiles. The SIM cards include logic, e.g., an application or an applet, configured to change profiles so that the correct profile is selected for use with the electronic device that includes such a SIM card within the appropriate wireless communication network. The ability to change profiles may be based on activity of the electronic device, e.g., events, within the wireless communication network.

Abstract: Systems and methods discussed herein are directed to subscriber identity (SIM) cards that include multiple profiles. The SIM cards include logic, e.g., an application or an applet, configured to change profiles so that the correct profile is selected for use with the electronic device that includes such a SIM card within the appropriate wireless communication network. The ability to change profiles may be based on activity of the electronic device, e.g., events, within the wireless communication network.

Abstract: The disclosed system provides for machine-to-machine routing of messages (e.g., text messages, binary information, etc.) between devices (e.g., external applications, IoT devices, etc.) using non-routable identifiers. The systems and methods publish an application programming interface (API) configured to receive (non-routable) identification information of a target device from an external application (e.g., an IoT Service Provider) that calls the API, determines whether a target device associated with the identification information is a subscriber of a telecommunications service provider that provides telecommunications plans to subscribers of the telecommunications service provider, verifies that the external application is authorized to transmit messages to the target device, and translates the non-routable identification information to a mapped device address that can be used to determine a location of the target device so that the message can be delivered to the target device.

Abstract: A user device may be authorized to access a telecommunications network, such as a cellular network, after completing a boot process that includes a device activation phase and a network activation phase. An application resident on the user device initiates, in the device activation phase, a device eligibility check over a secondary communication network such as a WLAN. Device eligibility may be determined by whether the user device was legitimately sold. If the user device fails the eligibility check, the boot process is stopped, rendering the user device inactive. If the user device passes the eligibility check, the application initiates the network activation phase in which the user device is checked against a blacklist. If the user device is blacklisted, the boot process is shut down. If the user device is not blacklisted, the boot process completes normally.

Abstract: The disclosed system provides for machine-to-machine routing of messages (e.g., text messages, binary information, etc.) between devices (e.g., external applications, IoT devices, etc.) using non-routable identifiers. The systems and methods publish an application programming interface (API) configured to receive (non-routable) identification information of a target device from an external application (e.g., an IoT Service Provider) that calls the API, determines whether a target device associated with the identification information is a subscriber of a telecommunications service provider that provides telecommunications plans to subscribers of the telecommunications service provider, verifies that the external application is authorized to transmit messages to the target device, and translates the non-routable identification information to a mapped device address that can be used to determine a location of the target device so that the message can be delivered to the target device.

Abstract: Techniques are described herein for authenticating a subscriber when activating user equipment and monitoring user equipment state. During the activation process, one or more using unique authentication questions can be presented to the subscriber in a customer validation screen. Individual subscribers can compose the authentication questions and corresponding answers during purchase such that the purchase order includes at least one device identifier corresponding to the user equipment associated with a purchase order. Upon authentication, one or more functionalities or features of the user equipment can be enabled. Additionally, billing and provisioning systems can be implemented as well as real-time or near real-time subscriber identity module (SIM) provisioning. The status of the user equipment can be transmitted to a telecommunications network provided by a telecommunications service provider on a scheduled basis in order to monitor the user equipment state and compliance.

Abstract: A user device may be authorized to access a telecommunications network, such as a cellular network, after completing a boot process that includes a device activation phase and a network activation phase. An application resident on the user device initiates, in the device activation phase, a device eligibility check over a secondary communication network such as a WLAN. Device eligibility may be determined by whether the user device was legitimately sold. If the user device fails the eligibility check, the boot process is stopped, rendering the user device inactive. If the user device passes the eligibility check, the application initiates the network activation phase in which the user device is checked against a blacklist. If the user device is blacklisted, the boot process is shut down. If the user device is not blacklisted, the boot process completes normally.

Abstract: An eSIM management framework can serve as an abstraction layer between various partners, mobile network operators, mobile-virtual network operators, and/or enterprises and SIM or eSIM vendors. The eSIM management framework can facilitate real-time SIM and/or eSIM profile provisioning to reduce consumption of network resources. In some examples, an eSIM management framework can facilitate just-in-time client-side provisioning, which can include on-demand generation of an appropriate SIM or eSIM profile.

Abstract: A user device may be authorized to access a telecommunications network, such as a cellular network, after completing a boot process that includes a device activation phase and a network activation phase. An application resident on the user device initiates, in the device activation phase, a device eligibility check over a secondary communication network such as a WLAN. Device eligibility may be determined by whether the user device was legitimately sold. If the user device fails the eligibility check, the boot process is stopped, rendering the user device inactive. If the user device passes the eligibility check, the application initiates the network activation phase in which the user device is checked against a blacklist. If the user device is blacklisted, the boot process is shut down. If the user device is not blacklisted, the boot process completes normally.

Abstract: Techniques are described herein for authenticating a subscriber when activating user equipment and monitoring user equipment state. During the activation process, one or more using unique authentication questions can be presented to the subscriber in a customer validation screen. Individual subscribers can compose the authentication questions and corresponding answers during purchase such that the purchase order includes at least one device identifier corresponding to the user equipment associated with a purchase order. Upon authentication, one or more functionalities or features of the user equipment can be enabled. Additionally, billing and provisioning systems can be implemented as well as real-time or near real-time subscriber identity module (SIM) provisioning. The status of the user equipment can be transmitted to a telecommunications network provided by a telecommunications service provider on a scheduled basis in order to monitor the user equipment state and compliance.

Abstract: A user device may be authorized to access a telecommunications network, such as a cellular network, after completing a boot process that includes a device activation phase and a network activation phase. An application resident on the user device initiates, in the device activation phase, a device eligibility check over a secondary communication network such as a WLAN. Device eligibility may be determined by whether the user device was legitimately sold. If the user device fails the eligibility check, the boot process is stopped, rendering the user device inactive. If the user device passes the eligibility check, the application initiates the network activation phase in which the user device is checked against a blacklist. If the user device is blacklisted, the boot process is shut down. If the user device is not blacklisted, the boot process completes normally.

Abstract: The disclosed system provides for machine-to-machine routing of messages (e.g., text messages, binary information, etc.) between devices (e.g., external applications, IoT devices, etc.) using non-routable identifiers. The systems and methods publish an application programming interface (API) configured to receive (non-routable) identification information of a target device from an external application (e.g., an IoT Service Provider) that calls the API, determines whether a target device associated with the identification information is a subscriber of a telecommunications service provider that provides telecommunications plans to subscribers of the telecommunications service provider, verifies that the external application is authorized to transmit messages to the target device, and translates the non-routable identification information to a mapped device address that can be used to determine a location of the target device so that the message can be delivered to the target device.

Abstract: The disclosed system provides for machine-to-machine routing of messages (e.g., text messages, binary information, etc.) between devices (e.g., external applications, IoT devices, etc.) using non-routable identifiers. The systems and methods publish an application programming interface (API) configured to receive (non-routable) identification information of a target device from an external application (e.g., an IoT Service Provider) that calls the API, determines whether a target device associated with the identification information is a subscriber of a telecommunications service provider that provides telecommunications plans to subscribers of the telecommunications service provider, verifies that the external application is authorized to transmit messages to the target device, and translates the non-routable identification information to a mapped device address that can be used to determine a location of the target device so that the message can be delivered to the target device.

Abstract: An enhanced Session Initiation Protocol (“SIP”) registration message having extended header information that is used by an Internet Protocol Multimedia Subsystem (“IMS”) core to determine the registration status of a mobile device and the physical location of the mobile device. The extended header information includes hardware and subscriber identifiers, such as an International Mobile Equipment Identity (“IMEI”) and International Mobile Subscriber Identity (“IMSI”). The IMS core queries an equipment identity register to validate IMEI/IMSI identifiers in the header to determine whether to deny registration to a mobile device. The IMS core also queries a capability database using an IMEI to determine which location determination techniques are supported by or suitable for the associated mobile device.

Abstract: The disclosed system provides for machine-to-machine routing of messages (e.g., text messages, binary information, etc.) between devices (e.g., external applications, IoT devices, etc.) using non-routable identifiers. The systems and methods publish an application programming interface (API) configured to receive (non-routable) identification information of a target device from an external application (e.g., an IoT Service Provider) that calls the API, determines whether a target device associated with the identification information is a subscriber of a telecommunications service provider that provides telecommunications plans to subscribers of the telecommunications service provider, verifies that the external application is authorized to transmit messages to the target device, and translates the non-routable identification information to a mapped device address that can be used to determine a location of the target device so that the message can be delivered to the target device.

Abstract: An eSIM management framework can serve as an abstraction layer between various partners, mobile network operators, mobile-virtual network operators, and/or enterprises and SIM or eSIM vendors. The eSIM management framework can facilitate real-time SIM and/or eSIM profile provisioning to reduce consumption of network resources. In some examples, an eSIM management framework can facilitate just-in-time client-side provisioning, which can include on-demand generation of an appropriate SIM or eSIM profile.

Abstract: An enhanced Session Initiation Protocol (“SIP”) registration message having extended header information that is used by an Internet Protocol Multimedia Subsystem (“IMS”) core to determine the registration status of a mobile device and the physical location of the mobile device. The extended header information includes hardware and subscriber identifiers, such as an International Mobile Equipment Identity (“IMEI”) and International Mobile Subscriber Identity (“IMSI”). The IMS core queries an equipment identity register to validate IMEI/IMSI identifiers in the header to determine whether to deny registration to a mobile device. The IMS core also queries a capability database using an IMEI to determine which location determination techniques are supported by or suitable for the associated mobile device.

Abstract: An enhanced Session Initiation Protocol (“SIP”) registration message having extended header information that is used by an Internet Protocol Multimedia Subsystem (“IMS”) core to determine the registration status of a mobile device and the physical location of the mobile device. The extended header information includes hardware and subscriber identifiers, such as an International Mobile Equipment Identity (“IMEI”) and International Mobile Subscriber Identity (“IMSI”). The IMS core queries an equipment identity register to validate IMEI/IMSI identifiers in the header to determine whether to deny registration to a mobile device. The IMS core also queries a capability database using an IMEI to determine which location determination techniques are supported by or suitable for the associated mobile device.