This webinar, jointly delivered by ESMIG, GSMA and SIMalliance, provides insight into their newly published report highlighting the importance of the GSMA Embedded SIM Specification and eUICC to the future of the utilities sector.
The GSMA, with partners SIMalliance and ESMIG, have published a report written by analyst house Beecham Research highlighting the importance of the GSMA Embedded SIM Specification and eUICC to the future of the utilities sector.
SIMalliance has published a new technical white paper, titled ‘5G Security – Making the Right Choice to Match your Needs’. The paper analyses functional and security requirements, together with proposed solutions, across five market segments for 5G – massive IoT, critical communications, enhanced mobile broadband, vehicle to X (V2X) and network operations.
In this interview with TeleSemana.com, SIMalliance Board Member Yves Portalier explores the opportunities and challenges presented by 5G, its potential security requirements, and the value that dedicated, tamper resistant hardware may offer in protecting 5G networks and the many new services which will be deployed across various market segments.
SIMalliance has published a new white paper, which analyses security needs across four market segments for 5G – Massive IoT, Critical Communications, Enhanced Mobile Broadband and Network Operations – and calls for security to be built into 5G from the outset, to address the varying requirements of these market segments.
SIMalliance has published an illustration intended to help NFC service providers to understand the cost considerations of different NFC deployment models. The illustration compares the known and hidden conceptual costs of deploying NFC services via three deployment technologies: UICC (secure element), Embedded Secure Element (eSE) and Host Card Emulation (HCE). Within the visual, SIMalliance also evaluates the ‘risk of attack’ associated with each model and suggests that this is also a cost that service providers need to consider.
This Easy Reference Guide introduces the Open Mobile API, which standardises the means of connecting mobile applications to the Secure Element within mobile devices, and clearly lays out the benefits of using OMAPI to OEMs.
This Easy Reference Guide introduces the Open Mobile API, which standardises the means of connecting mobile applications to the Secure Element within mobile devices, and clearly lays out the benefits of using OMAPI to developers.
With the explosion of the mobile applications market, there is an unprecedented need to secure many different types of mobile service. This infographic offers an overview of the OMAPI specification and how it is being used, in conjunction with the secure element, to secure these services.
In an interview with Jane Cooper, Technology Editor at The Banker, SIMalliance Chairman Hervé Pierre discusses how near-field communication (NFC) is evolving and what banks need to consider when implementing an NFC programme.
Workshop: Evaluating NFC Security Strategies – The Role of the SE in the Evolving HCE Landscape
In this workshop, held at the HCE Summit in London on 14th October, 2014, SIMalliance brought together industry experts to discuss security considerations within the NFC ecosystem and the approaches offered by HCE and SE deployment models. The workshop explored how an appropriate NFC security strategies can be identified, based on the unique security requirements of individual NFC service use cases.
Secure Element Deployment & Host Card Emulation v1.0
This paper provides an introduction to Android’s Host Card Emulation (HCE) and explores its value to the NFC ecosystem relative to the Secure Element (SE). SIMalliance contends that while HCE is good for the NFC ecosystem as a whole (increasing end-user familiarity with NFC through additional services, driving adoption and encouraging new developers into the ecosystem), the technology remains immature, un-standardised and, relative to SE-based deployments, vulnerable to malicious attack.
An Easy Reference Guide to LTE UICC Feature Choices for MNOs
LTE has created a mobile environment rich in both opportunities and challenges for mobile network operators (MNOs). At the heart of this environment sits the LTE UICC; an all new, IP-connected multi-application platform. This brief guide describes how an MNO’s utilisation of the LTE UICC will play a huge part in defining how much control it is able to retain over the delivery of, and authentication to, today’s LTE mobile services, together with those yet to come.
Released on 19.9.2013
Webinar: Mission Critical for MNOs: Making the right LTE UICC feature choices
If MNOs want to take full commercial advantage of the opportunities presented by LTE and safeguard their competitive standing in the industry, they will need to be smart about their choice of UICC features. In this webinar, Yves Portalier, Board Director, SIMalliance, provides key insights on how to optimize the UICC for LTE service delivery.
Released on 18.9.2013
SIMalliance LTE UICC Profile for MNOs
Technical requirements document identifies the integrated UICC features that will maximise service delivery and commercial utilisation of LTE/EPS networks.
SIMalliance UICC Device Implementation Guidelines
This document is a collection of guidelines and recommendations for optimal support of the UICC by device manufacturers designing handsets, tablets, modems and other devices making use of a telecom UICC.
Released on 30.1.2013
Webinar: Back to the Future for Application Development and Delivery
In the world before the app store, delivering an application to millions of subscribers was a long, complex process. That all changed with the appearance of the application store marketplaces. In this webinar, Michele Scarlatella, Board Director, SIMalliance, discusses the security implications of this rapidly evolving environment for application development and delivery.
Scratch the service of potential mobile transaction portfolios and it is easy to see why. Whether enabling instant international payments, credit and loan applications, stock trading, NFC retail goods payments or a host of marketing-led loyalty point collection and usage services, the opportunities appear endless.
But while market projections and developing service suites point to an industry worth in excess of $670 billion by 2015 (Juniper Research), translating this from a slideware to the balance sheet is no small task.
The likelihood of success, of course, cannot be questioned; not least because of the commitment (and investment) of the mobile industry to making it happen, or indeed the growing consumer acceptance of the mobile as a payment mechanism – which is as high as 70 percent in some markets. The associated rampant adoption of iOS and Android smartphones in developed markets, the functional possibilities they offer and the increasing market penetration of NFC-enabled handsets are also driving the market.
Consumers love their mobile devices; and there is ample evidence that should transaction services be mobilized in such a way as to offer some kind of differentiation, then consumers will adopt – whether that value is in increasing convenience for the consumer, giving them back more time, offering free ‘stuff’ or reducing the costs of goods and services. Ideally, it will be a combination of all. But the beauty of the mobile device is that it enables impulse online purchasing – from an advert seen in a train carriage or passing billboard. This will, of course, drive data traffic but also increase revenue-share returns between all the members of the mobile value chain – from the retailer right through to the mobile operator.
There are, of course, concerns. These range from the rapid ROI for mobile transaction services, how to assure the consumer adoption above, and how to build the right business models to get the money flowing through the value chain. But perhaps before all of these, we need to look to two key elements without which it will be impossible to build a platform for success; security and interoperability.
Released on 18.4.2012
Webinar: Securing NFC and Mobile Transaction Success
In this webinar, Frédéric Vasnier, Chairman of the Board, SIMalliance, explores how the industry can most effectively encourage mass consumer adoption and weighs the relative merits of the differing TSM strategies.
Released on 2.4.2012
Webinar: eUICC and Personalisation
As enthusiasm for embedded UICC in the M2M environment gathers momentum, the industry must increasingly focus attention on the importance of Over The Air personalisation and complete lifecycle management. But where form factor and environment were previously the biggest challenges, these have now been superseded by a new threat – mobility. Modules now crossing borders require a new level of sophistication; having to comply with multiple and changing regulatory environments, connectivity and service providers. In this webinar, Michael Meyer, Board Director, SIMalliance, explores these issues and stresses the importance of effective provisioning and management of the UICC as it travels around the world.
Released on 2.4.2012
Secure Authentication for Mobile Internet Services – Critical Considerations V1.1
While the sources vary, the message is clear; attacks on mobile internet devices and connected smartphones are increasing rapidly. In this paper we look in detail at the issue of mobile internet security, analyze existing authentication methods, and ask whether it is time for the widespread adoption of the Secure Element by the mobile community.
Released on 1.1.2012
Interoperability for contactless services with mobile NFC – An Introduction
Projected to account for almost a third of mobile payments transactions by 2014 (source: Research and Markets, 2010), mobile Near Field Communication (NFC) promises to revolutionise both device to device communication, and the way consumers engage, interact and transact with brands. These contactless services present a host of opportunities in payment, transportation, access control and data exchange. But addressing the challenges of the NFC world is critical to enable its success from a device, network and service perspective. Once again, the role of the ‘Secure Element’ within the device is paramount in managing authentication and certification; not only to ensure the integrity of financial transactions and data exchange throughout the NFC chain, but to deliver the required levels of interoperability as well. The white paper look at the evolving NFC services market and adresses interoperability issues. It goes a liitle further on from interoperability and touches upon secure application and service lifecycle management and details the specifications and tools SIMalliance has produced over the last ten years to advance interoperability and security in application and service development and deployment.
Released on 21.6.2011
Open Mobile API: An Introduction
This paper highlights the need for a change in how security is approached on the connected mobile device. It focuses on the need to create security (and security policy) at the development stage, and highlights the telecoms industry’s unique position of already having a solution to the problem. It discusses why ‘buy in’ is needed from the application development and operating systems communities, and introduces the SIMalliance’s new Open Mobile API workgroup whose task it is to connect the application, operating system and the operator with the Secure Element found in billions of connected devices right across the world.
Released on 6.4.2011
UICC in LTE: A Guidance from SIMalliance
The SIMalliance believes, without a doubt, that LTE heralds the next major step in the development and delivery of a host of rich new multimedia services and applications. But more than this, by delivering a true broadband experience on the mobile, and through the integration of NFC, LTE will fundamentally change the way consumers communicate and transact, offering a seamless connection between the virtual and contextual worlds for the very first time. SIMalliance believes LTE offers opportunities for mobile operators to retain control of their subscribers (and revenues) against stiff opposition from over-the-top players, and to extend their influence outside of conventional mobile boundaries and into the wider online world. But LTE is also a disruptive force; it will enable greater competition from non-mobile players and increase the commoditization of voice services. Also, by opening the core network to a potentially unsecure IP layer, security will become an increasing issue. The UICC is a mandatory element in LTE as specified by 3GPP. However SIMalliance is recommending operators to adopt a UICC integrating specific features (See SIMalliance UICC Profile for LTE) to reduce the disruptive impact of LTE and to support the creation of a secure, open and interoperable environment where mobile services, and mobile operator revenues, thrive.
Released on 14.2.2011
Smart Card Web Server: How to bring operators’ applications and services to the mass market
The SCWS constitutes the new trend in the evolution of Smart Card technology. First, the SCWS provides a next generation user interface for the end-user, moving from black and white menus to rich a web “look and feel” for its applications. Then, as it is based on Internet languages, the SCWS makes the development of SIM-based applications easier, while facilitating their distribution. Also, the SCWS enhances connectivity with remote web servers to enable client/server applications to take full advantage of the evolution in network speeds. After many years of development and standardization efforts, and with the first handsets now hitting the market, the SCWS is ready to open up a new era for SIM-based Internet applications.
This License Agreement (Agreement) is a legal agreement between you and SIMalliance. (Licensor), which is the owner of the specification (Specification) you will be downloading when you complete this Agreement. As used in this Agreement, "you" means the company, entity or individual that is acquiring a license under this Agreement.
By clicking on the "ACCEPT" button below, you are agreeing that you will be bound by and are becoming a party to this Agreement. If you are an entity, and an individual is entering into this Agreement on your behalf, then you will be bound by this Agreement when that individual clicks on the "ACCEPT" button. When they do so, it will also constitute a representation by the individual that s/he is authorized to bind you as a party to this Agreement. If you do not agree to all of the terms of this Agreement, click the "DO NOT ACCEPT" button at the end of this Agreement.
1. License Grant.
Licensor hereby grants you the right, without charge, on a perpetual, non- exclusive and worldwide basis, the right to utilize the Specification for the purpose of developing, making, having made, using, marketing, importing, offering to sell or license, and selling or licensing, and to otherwise distribute, products complying with the Specification, in all cases subject to the conditions set forth in this Agreement and any relevant patent and other intellectual property rights of third parties (which may include members of Licensor). This license grant does not include the right to sublicense, modify or create derivative works based upon the Specification. For the avoidance of doubt, products implementing this Specification are not deemed to be derivative works of the Specification.
2. NO WARRANTIES.
THE SPECIFICATION IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, COMPLETENESS AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL LICENSOR, ITS MEMBERS OR ITS CONTRIBUTORS BE LIABLE FOR ANY CLAIM, OR ANY DIRECT, SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THE SPECIFICATION.
3. THIRD PARTY RIGHTS.
Without limiting the generality of Section 2 above, LICENSOR ASSUMES NO RESPONSIBILITY TO COMPILE, CONFIRM, UPDATE OR MAKE PUBLIC ANY THIRD PARTY ASSERTIONS OF PATENT OR OTHER INTELLECTUAL PROPERTY RIGHTS THAT MIGHT NOW OR IN THE FUTURE BE INFRINGED BY AN IMPLEMENTATION OF THE SPECIFICATION IN ITS CURRENT, OR IN ANY FUTURE FORM. IF ANY SUCH RIGHTS ARE DESCRIBED ON THE SPECIFICATION, LICENSOR TAKES NO POSITION AS TO THE VALIDITY OR INVALIDITY OF SUCH ASSERTIONS, OR THAT ALL SUCH ASSERTIONS THAT HAVE OR MAY BE MADE ARE SO LISTED.
4. TERMINATION OF LICENSE.
In the event of a breach of this Agreement by you or any of your employees or members, Licensor shall give you written notice and an opportunity to cure. If the breach is not cured within thirty (30) days after written notice, or if the breach is of a nature that cannot be cured, then Licensor may immediately or thereafter terminate the licenses granted in this Agreement.
All notices required under this Agreement shall be in writing, and shall be deemed effective five days from deposit in the mails. Notices and correspondence to either party shall be sent to its address as it appears below. This Agreement shall be construed and interpreted under the internal laws of the United Kingdom, without giving effect to its principles of conflict of law.