Smart Card/Smart Mobile Internet The SIM - a Secure Device Really Gets Smart by Klaus Vedder, Executive Vice-President and Head of the Telecommunications Division, Giesecke & Devrient

Abstract Mobile Internet applications, such as on-line banking, are growing in importance in the Latin American market. GSM, although not yet an important factor in Latin America, promises to grow rapidly due to Brazils decision to allocate the frequency band used by GSM for new mobile services. In this context, the smart card chip, the SIM module, is sure to be widely used as a base for new GSM, security sensitve, applications in the region. In this article the history and development of the SIM module and its applications "toolkit," is traced.

Since its conception 12 years ago the Subscriber Identity Module (SIM) has undergone continuous development extending its technical and functional capabilities. The SIM, a computer with memory on a chip, is normally found embedded in a plastic card, a Smart Card, similar to a standard credit card. The SIM microprocessor is what makes a Smart Card smart.

Initially, the SIM was developed for use as a security module for the authentication of the subscriber/ user on the network used, for example, for credit card transaction and other security related functions. The SIMs limited memory contained private data about the user and about the network (a list of preferred networks and abbreviated dialing numbers). In the early days of GSM (Global System for Mobile Communication) mobile phones, smart cards were still in their infancy. The technological and market requirements of GSM and its need for a global solution have, from the very beginning, contributed enormously to the advancement of the smart card as such.

Undoubtedly, GSM has been the driving force in the world of smart cards, influencing such developments as the plug-in SIM, the 3 Volt SIM, the increased technical performance of the chip and the very large increase in memory over the years. GSM was the first, and still is the only global application employing smart chip cards. It is also the application with the largest number of users.

Though the primary use of the SIM is still as a security device, todays SIMs, by exploiting the microcomputer to its full extent, can be used as a platform for value added services. The original SIM chips had less than 10 Kbytes of memory, but SIM chips will soon have more than 100kBytes of memory making them suitable for a wide variety of applications.

Co-operation between operators and manufacturers in standardisation bodies such as SMG9 has resulted in greater functionality for the SIM chip. The enhanced chips, together with SMG9s toolbox (referred to as SAT or STK) for developing specific applications, gives operators greater flexibility to tailor applications for their own markets and needs. Used in this way, each operator implementing his own applications and services, the SIM becomes an important tool for GSM operator differentiation.

Although the idea of using the SIM as a Personal Computer for "wireless" information was first discussed as early as 1991, the time was not ripe for standardising such an approach. A number of GSM network operators developed the idea on their own and downloading data, over the air, to update the SIM became a reality.

One such SIM application is a Directory service, whereby a requested telephone number is sent via Short Message Service to the SIM, announced to the subscriber in speech mode, and stored in the device future use. Transmitted data can now be used to remotely create new data-fields in SIMs to allowing them to support services that were not available when the SIM was originally programmed.

There are too many issuer specific applications based on the SIM Application Toolkit to list. Among the applications developed for the SIM, Internet access, and location dependant services are among the most popular.

A SIM Internet browser provides the basis for mobile phone Internet communication. When using a SIM Internet browser, specific applications need not reside on the SIM chip but can be controlled by the contents of a web page and rely upon databases residing on the Internet. Thus, a wide variety of applications can be made available to the subscriber without modifying the basic application of the SIM itself. Up and running applications even include on-line brokerage - an application that requires a high level of security. WAP, the wireless access protocol, provides great computing power, especially in conjunction with facilities such as GPRS (General Packet Radio Service) that allow information to be efficiently sent and received across a mobile telephone network. The clear advantage of the SIM, however, is its inherent security. The SIM can store and handle subscriber specific security data and run the relevant security processes. The SIM is particularly important for financial transactions, or applications involving data privacy, since it is a secure device that positively identifies the individual subscriber. The question is not "Should it be a WAP or SIM application?" But How can WAP and the SIM Toolkit best work together?

Location Dependent Services have a wide variety of uses. They can be used, for instance, to provide information about the films shown in the users vicinity. The SIM application requests area information from the local operator and then sends a short message asking the network to list the films shown in that area or to give the location of a film requested by the user. The communication between the user and the SIM, via the display and keyboard of the mobile equipment, is part of the interactive SIM Toolkit application. This service can be used not only to request information, but to simultaneously order and pay for the tickets as well using the same short message service. This way, there is no need to show up at the cinema hours in advance. Payment could be made via credit card or through an account administered by the network operator. Mobile Banking services have to be completely secure to be successful. SIMs provide a comprehensive security solution. Mobile Banking services typically allow the user to check the balance of his account and to transfer money from his account to any other. This is done by means of a short message set up by the SIM Toolkit application in an interactive, mobile equipment independent, session with the user.

The SIM drives the display and captures the necessary information from the user. Money transfer requires a high level of security, so the access to the SIM application must be protected. This can be achieved using a separate banking PIN (personal identification number) which the user must key in order to access to the application. This, alone, is not enough to protect the transaction; the short messages containing the transaction information must also be protected. Typically, contents of all Mobile Banking transaction messages - in both directions - must also be encrypted using "triple DES," a method commonly used in the banking world to ensure message security.

In order to guarantee end-to-end security between the SIM and the banks server, to protect against eavesdropping and criminal interference, a series of other security measures are also employed. The industry standardisation group, SMG9, has developed a common security standard as a guide to using the short message service with SIM applications in a secure manner. This standard also includes a method for downloading applications to the SIM. To make service enhancements easily available SIM, and mobile equipment supplier, independent tools and mechanisms needed to be standardised. The SMG9 group has been working since 1994 on such items as the specification for downloading data over the airwaves into the SIM and, as well, on making the SIM "pro-active" so that it can trigger events to be executed by the mobile equipment (ME).

These functions formed the basis for a new standard for the SIM Application Toolkit (GSM 11.14). Less than a year and a half after the initial discussions within SMG9, the first version of the new SIM toolkit standard was approved. It defined the set of commands and procedures - additions to the basic SIM-ME interface for "normal" operational use - required for mobile-equipment-independent applications running on a SIM.

In the course of developing this standard, the scope of the work had broadened significantly. A powerful toolbox full of aids were added to data-download and the pro-active SIM features originally considered. Examples of these tools include the provision of local information such as cell number and timing advance, the setting of timers in mobile equipment, interactions with a second card reader to, for example, load money over the air into an electronic purse card, the support of colour icons, call control and the sending of short messages to communicate with network applications.

Conclusion This treatment of the mobile equipment and the SIM as separate entities has contributed greatly to the success of GSM. This split has given the issuer of the subscription complete control over all subscription and security related data by allowing issuer-specific security algorithms and provisions. The SIM has proven itself, in practice, to be a truly secure device and has thus greatly enhanced the security of the overall system. Furthermore, it allows the user to maintain his identity information when changing terminals or, to some extent, technology. The split between mobile equipment and SIM has had large impact on the terminal market. Since the terminal does not contain any subscriber data, the terminal market has moved from a local to a global one, providing a hitherto unknown economy of scale to the terminal manufacturers. As a result, competition has given consumers much greater choice - making GSM more and more attractive to an ever-increasing number of people. Indeed, it is to be hoped that the next generation will be as great a success story as this one is.