公开(公告)号：US20250048086A1

公开(公告)日：2025-02-06

申请号：US18924311

申请日：2024-10-23

Applicant: Apple Inc.

Inventor： Li LI ,  Jean-Marc PADOVA ,  Najeeb M. ABDULRAHIMAN

IPC: H04W8/26 ,  H04W8/18 ,  H04W12/03 ,  H04W12/0431 ,  H04W12/06

Abstract: This application describes a phased approach to provision eSIM profiles to a wireless device. Credentials are preloaded to an eUICC during manufacture of the eUICC and used subsequently to load eSIM profiles to the eUICC without requiring an active, real-time connection to an MNO provisioning server. Multiple bound profile packages (BPPs) can be pre-generated and encrypted by MNO provisioning servers for an eUICC and transferred to a BPP aggregator server before assembly of the eUICC in a respective wireless device. A local provisioning server in a manufacturing facility mutually authenticates and connects to the BPP aggregator server to download and store one or more of the encrypted BPPs for later installation on the eUICC. The local provisioning server subsequently mutually authenticates and connects to the eUICC to load at least one of the one or more pre-generated, encrypted BPPs to the eUICC during assembly and/or testing of the wireless device.

公开(公告)号：US20240276203A1

公开(公告)日：2024-08-15

申请号：US18166977

申请日：2023-02-09

Applicant: Apple Inc.

Inventor： Viswanath NAGARAJAN ,  Jean-Marc PADOVA ,  Li LI

IPC: H04W8/20 ,  H04W48/16 ,  H04W60/00

CPC classification number: H04W8/20 ,  H04W48/16 ,  H04W60/00 ,  H04W84/042

Abstract: This application sets forth techniques for dynamically managing a shared provisioning electronic subscriber identity module (eSIM) for a wireless device. A shared (non-unique) provisioning eSIM is installed in the wireless device to provide limited functionality connectivity to services, such as for device activation and user eSIM provisioning. The shared provisioning eSIM includes records of IMSI values organized into groups of IMSI pools and priorities for selecting IMSI values for configuring the shared provisioning eSIM. An on-device shared provisioning SIM/eSIM controller resident on a cellular baseband processor of the wireless device selects and configures the shared provisioning eSIM with IMSI values based on the priorities and on results from scanning for available public land mobile networks (PLMNs). The shared provisioning eSIM can be re-configured with different IMSI values selected from different IMSI pools until successful registration using the configured provisioning eSIM occurs or a maximum number or retries occurs.

公开(公告)号：US20240187865A1

公开(公告)日：2024-06-06

申请号：US18439622

申请日：2024-02-12

Applicant: Apple Inc.

Inventor： Jean-Marc PADOVA ,  Xiangying YANG

IPC: H04W12/72 ,  H04W8/20 ,  H04W12/069 ,  H04W88/02

CPC classification number: H04W12/72 ,  H04W8/20 ,  H04W12/069 ,  H04W88/02

Abstract: Embodiments described herein relate to eligibility checking for transfer of one or more electronic subscriber identity modules (eSIMs) between two mobile wireless devices. Eligibility to transfer an eSIM to an eUICC of a target device can depend on whether the eUICC of the target device satisfies certain security requirements for the eSIMs to be transferred. The mobile wireless devices can obtain a transfer eligibility result based on communication with one or more network-based servers that can determine compatibility for eSIM transfer.

公开(公告)号：US20230013030A1

公开(公告)日：2023-01-19

申请号：US17934885

申请日：2022-09-23

Applicant: Apple Inc.

Inventor： Jean-Marc PADOVA ,  Xiangying YANG

IPC: H04W12/72 ,  H04W12/069 ,  H04W8/20

Abstract: Embodiments described herein relate to eligibility checking for transfer of one or more electronic subscriber identity modules (eSIMs) between two mobile wireless devices. Eligibility to transfer an eSIM to an eUICC of a target device can depend on whether the eUICC of the target device satisfies certain security requirements for the eSIMs to be transferred. The mobile wireless devices can obtain a transfer eligibility result based on communication with one or more network-based servers that can determine compatibility for eSIM transfer.

公开(公告)号：US20200304327A1

公开(公告)日：2020-09-24

申请号：US16841273

申请日：2020-04-06

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Li LI ,  Avinash NARASIMHAN ,  Jean-Marc PADOVA

IPC: H04L9/32 ,  H04W4/70 ,  H04W12/00

Abstract: Duplicate processing of events registered at a root server is avoided. An electronic subscriber identity module (eSIM) server pushes, to a root server, data in the form of notification data portions indicating that commands or events need to be processed by a device. The device includes an embedded universal integrated circuit card (eUICC). The device pulls a notification list from the root server. The notification list includes one or more notification data portions. The device checks a given notification data portion to see if it represents a duplicate before communicating with the eSIM server to perform further processing related to the event. The device bases the check for duplication on an event history and/or on a hash value where the hash value is based on one or more eSIMs installed in the eUICC. The device is able to prioritize notification data portions before processing them.

公开(公告)号：US20190074983A1

公开(公告)日：2019-03-07

申请号：US16117642

申请日：2018-08-30

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Avinash NARASIMHAN ,  Li LI ,  David I. AHN ,  Jean-Marc PADOVA ,  Clark P. MUELLER ,  David T. HAGGERTY

IPC: H04L9/32 ,  H04L9/30

Abstract: Embodiments provided herein identify a certificate issuer (CI) to be relied on as a trusted third party by an electronic subscriber identity module (eSIM) server in remote SIM provisioning (RSP) transactions with an embedded universal integrated circuit card (eUICC). In an RSP ecosystem, multiple CIs may exist. Parties rely on public key infrastructure (PKI) techniques for establishment of trust. Trust may be established based on a trusted third party such as a CI. Parties need to agree on the CI in order for some PKI techniques to be useful. Embodiments provided herein describe approaches for an eUICC and an eSIM server to arrive at an agreed-on CI. Candidate or negotiated CIs may be indicated on a public key identifier (PKID) list. A PKID list is distributed, in some embodiments, by means of a discovery server, via an activation code (AC) and/or during the establishment of a profile provisioning session.

公开(公告)号：US20150256345A1

公开(公告)日：2015-09-10

申请号：US14279109

申请日：2014-05-15

Applicant: Apple Inc.

Inventor： Yousuf H. VAID ,  Christopher B. SHARP ,  Medhi ZIAT ,  Li LI ,  Jerrold Von HAUCK ,  Ramiro SARMIENTO ,  Jean-Marc PADOVA

IPC: H04L9/32

CPC classification number: H04L9/3268

Abstract: Disclosed herein is a technique for revoking a root certificate from at least one client device. In particular, the technique involves causing a secure element—which is included in the at least one client device and is configured to store the root certificate as well as at least one backup root certificate—to permanently disregard the root certificate and prevent the at least one client device from utilizing the specific root certificate. According to one embodiment, this revocation occurs in response to a receiving a revocation message that directly targets the root certificate, where the message includes at least two levels of authentication that are verified by the secure element prior to carrying out the revocation. Once the root certificate is revoked, the secure element can continue to utilize the at least one backup root certificate, while permanently disregarding the revoked root certificate.

Abstract translation: 本文公开了一种用于从至少一个客户端设备撤销根证书的技术。 特别地，该技术涉及引起安全元件，其包括在至少一个客户端设备中并且被配置为存储根证书以及至少一个备份根证书，以永久地忽略根证书，并且至少防止 一个客户端设备利用特定的根证书。 根据一个实施例，该撤销响应于接收直接针对根证书的撤销消息而发生，其中该消息包括在执行撤销之前由安全元件验证的至少两个认证级别。 根证书被撤销后，安全元素可以继续使用至少一个备份根证书，同时永久忽略已撤销的根证书。