公开(公告)号：US20250080969A1

公开(公告)日：2025-03-06

申请号：US18824394

申请日：2024-09-04

Applicant: Apple Inc.

Inventor： Raj S CHAUGULE ,  Hyewon LEE ,  Jean-Marc PADOVA ,  Li LI ,  Rohan C MALTHANKAR ,  Sherman X JIN ,  Suraj GUPTA ,  Xiangying YANG ,  Zexing SHI

IPC: H04W8/20 ,  H04W12/06

Abstract: An apparatus configured to engage in an embedded subscriber identity module (eSIM) profile transfer process to receive at a target device, executing a first operating system (OS) that implements a first protocol stack related to eSIM profile transfers, an eSIM profile from a source device executing a second OS that implements a second protocol stack related to eSIM profile transfers to the target device, wherein the first protocol stack and the second protocol stack are different, process, based on signals received from the source device, a token for transferring the eSIM profile, generate, for transmission to an enablement server, a request for the eSIM profile, wherein the request comprises the token and process, based on signals received from the enablement server, the eSIM profile.

公开(公告)号：US20240414536A1

公开(公告)日：2024-12-12

申请号：US18808879

申请日：2024-08-19

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Jean-Marc PADOVA ,  Li LI ,  Shu GUO

IPC: H04W12/069 ,  H04L9/32 ,  H04L9/40 ,  H04W8/20 ,  H04W12/041 ,  H04W12/0431

Abstract: This application sets forth techniques for authenticating a mobile device with a cellular wireless network without electronic Subscriber Identity Module (eSIM) credentials by using an Extensible Authentication Protocol Transport Layer Security (EAP-TLS) procedure. The mobile device authenticates with an Authentication Server Function (AUSF) of the cellular wireless network using an embedded Universal Integrated Circuit Card (eUICC) certificate. Processing circuitry of the mobile wireless device external to the eUICC implements the EAP-TLS procedure and authenticates validity of the AUSF. In some embodiments, the eUICC provides key generation and storage for a session key for communication between the mobile device and the cellular wireless network. In some embodiments, a third-party managed Unified Data Management (UDM) broker authenticates the mobile device based on knowledge of the eUICC certificate and provides a session key to the cellular wireless network for subsequent communication with the mobile device, upon successful authentication of the mobile device.

公开(公告)号：US20220360978A1

公开(公告)日：2022-11-10

申请号：US17662632

申请日：2022-05-09

Applicant: Apple Inc.

Inventor： Li LI ,  Jean-Marc PADOVA ,  Najeeb M. ABDULRAHIMAN

IPC: H04W8/26 ,  H04W8/18 ,  H04W12/03 ,  H04W12/0431 ,  H04W12/06

Abstract: This application describes a phased approach to provision eSIM profiles to a wireless device. Credentials are preloaded to an eUICC during manufacture of the eUICC and used subsequently to load eSIM profiles to the eUICC without requiring an active, real-time connection to an MNO provisioning server. Multiple bound profile packages (BPPs) can be pre-generated and encrypted by MNO provisioning servers for an eUICC and transferred to a BPP aggregator server before assembly of the eUICC in a respective wireless device. A local provisioning server in a manufacturing facility mutually authenticates and connects to the BPP aggregator server to download and store one or more of the encrypted BPPs for later installation on the eUICC. The local provisioning server subsequently mutually authenticates and connects to the eUICC to load at least one of the one or more pre-generated, encrypted BPPs to the eUICC during assembly and/or testing of the wireless device.

公开(公告)号：US20210314148A1

公开(公告)日：2021-10-07

申请号：US17211749

申请日：2021-03-24

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Jean-Marc PADOVA

IPC: H04L9/08 ,  H04L9/30 ,  H04W12/037 ,  H04W12/72

Abstract: Embodiments described herein relate to credential wrapping for secure transfer of electronic SIMs (eSIMs) between wireless devices. Transfer of an eSIM from a source device to a target device includes re-encryption of sensitive eSIM data, e.g., eSIM encryption keys, financial transaction credentials, transit authority credentials, and the like, using new encryption keys that include ephemeral elements applicable to a single, particular transfer session between the source device and the target device. The sensitive eSIM data encrypted with a symmetric key (Ks) is re-wrapped with a new header that includes a version of Ks encrypted with a new key encryption key (KEK) and information to derive KEK by the target device. The re-encrypted sensitive SIM data is formatted with additional eSIM data into a new bound profile package (BPP) to transfer the eSIM from the source device to the target device.

公开(公告)号：US20250150809A1

公开(公告)日：2025-05-08

申请号：US18810195

申请日：2024-08-20

Applicant: Apple Inc.

Inventor： Jean-Marc PADOVA ,  Aurelien P. RABOISSON ,  Li LI ,  Ngabin S. NG

IPC: H04W8/20 ,  H04W8/18 ,  H04W12/03

Abstract: The described embodiments set forth techniques for managing subscription service files, e.g., Customized Applications for Mobile network Enhanced Logic (CAMEL) Application Part (CAP) files, for export and/or transfer of an electronic SIM (eSIM) from a source wireless device. As part of an eSIM procedure to transfer an eSIM, e.g., a processor of the source wireless device obtains, from one or more applet asset servers, one or more subscription service files usable to generate a version of applets associated with the eSIM. The wireless device generates an eSIM export package that includes the eSIM and at least one of the one or more of the subscription service files. The processor of the source wireless device provides the eSIM export package to the target wireless device to use to install the transferred eSIM and one or more applets based on the subscription service files on the eUICC of the target wireless device.

公开(公告)号：US20220399993A1

公开(公告)日：2022-12-15

申请号：US17820236

申请日：2022-08-16

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Jean-Marc PADOVA

IPC: H04L9/08 ,  H04L9/30 ,  H04W12/72 ,  H04W12/037

Abstract: Embodiments described herein relate to credential wrapping for secure transfer of electronic SIMs (eSIMs) between wireless devices. Transfer of an eSIM from a source device to a target device includes re-encryption of sensitive eSIM data, e.g., eSIM encryption keys, financial transaction credentials, transit authority credentials, and the like, using new encryption keys that include ephemeral elements applicable to a single, particular transfer session between the source device and the target device. The sensitive eSIM data encrypted with a symmetric key (Ks) is re-wrapped with a new header that includes a version of Ks encrypted with a new key encryption key (KEK) and information to derive KEK by the target device. The re-encrypted sensitive SIM data is formatted with additional eSIM data into a new bound profile package (BPP) to transfer the eSIM from the source device to the target device.

公开(公告)号：US20210219142A1

公开(公告)日：2021-07-15

申请号：US17147410

申请日：2021-01-12

Applicant: Apple Inc.

Inventor： Jean-Marc PADOVA ,  Xiangying YANG

IPC: H04W12/72 ,  H04W8/20 ,  H04W12/069

Abstract: Embodiments described herein relate to eligibility checking for transfer of one or more electronic subscriber identity modules (eSIMs) between two mobile wireless devices. Eligibility to transfer an eSIM to an eUICC of a target device can depend on whether the eUICC of the target device satisfies certain security requirements for the eSIMs to be transferred. The mobile wireless devices can obtain a transfer eligibility result based on communication with one or more network-based servers that can determine compatibility for eSIM transfer.

公开(公告)号：US20170338962A1

公开(公告)日：2017-11-23

申请号：US15598232

申请日：2017-05-17

Applicant: Apple Inc.

Inventor： Li LI ,  Clark P. MUELLER ,  Avinash NARASIMHAN ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Najeeb M. ABDULRAHIMAN ,  Jean-Marc PADOVA

IPC: H04L9/32 ,  H04W36/00 ,  H04W12/04 ,  H04L9/14 ,  H04L29/08 ,  H04L9/00 ,  H04L29/06 ,  H04L9/30 ,  H04W76/02 ,  H04W8/18

Abstract: Embodiments provided herein determine if an electronic subscriber identity module (eSIM) associated with a requested service can be installed in a secure element (SE) housed in a wireless device. Before requesting deployment of an eSIM suitable for the requested service from an eSIM delivery server, a carrier server asks that an original equipment manufacturer (OEM) server validate that an eSIM corresponding to a customer request should be deployed. The OEM server obtains information about the wireless device and information about the SE. When the carrier server requests validation, the OEM server evaluates the wireless device information and/or the SE information. If the OEM server indicates that deployment of the eSIM should proceed, the OEM server also indicates the eSIM type that is compatible with the wireless device and with the SE housed in the device.

公开(公告)号：US20250088841A1

公开(公告)日：2025-03-13

申请号：US18830026

申请日：2024-09-10

Applicant: Apple Inc.

Inventor： Hyewon LEE ,  Jean-Marc PADOVA ,  Xiangying YANG

IPC: H04W8/20 ,  H04W8/24

Abstract: An apparatus configured to process, based on signaling received from a source device with which a target device is engaging in an embedded subscriber identity module (eSIM) transfer process to transfer an eSIM profile to the target device, a first message comprising a source embedded identity document (EID) of the source device, generate, for transmission to the source device, a second message comprising a target EID of the target device and process, based on signaling received from the source device, a third message comprising the eSIM profile and an identification of a first state that the eSIM profile is in on the source device, wherein the eSIM profile includes an Integrated Circuit Card Identification Number (ICCID).

公开(公告)号：US20230020828A1

公开(公告)日：2023-01-19

申请号：US17935081

申请日：2022-09-23

Applicant: Apple Inc.

Inventor： Li LI ,  Jean-Marc PADOVA ,  Najeeb M. ABDULRAHIMAN

IPC: H04W8/26 ,  H04W12/03 ,  H04W8/18 ,  H04W12/0431 ,  H04W12/06

Abstract: This application describes a phased approach to provision eSIM profiles to a wireless device. Credentials are preloaded to an eUICC during manufacture of the eUICC and used subsequently to load eSIM profiles to the eUICC without requiring an active, real-time connection to an MNO provisioning server. Multiple bound profile packages (BPPs) can be pre-generated and encrypted by MNO provisioning servers for an eUICC and transferred to a BPP aggregator server before assembly of the eUICC in a respective wireless device. A local provisioning server in a manufacturing facility mutually authenticates and connects to the BPP aggregator server to download and store one or more of the encrypted BPPs for later installation on the eUICC. The local provisioning server subsequently mutually authenticates and connects to the eUICC to load at least one of the one or more pre-generated, encrypted BPPs to the eUICC during assembly and/or testing of the wireless device.