Hans Theler is ceo of Sicap, the Swiss company which is dedicated to developing mobile applications and network products for GSM operators. He talks to Keith Dyer about the solutions available to operators as they seek to introduce revenue-raising services in a manageable manner.

Mobile Europe: Hans, before we get into the specifics of how operators can launch and manage new services, can you give us some background on the challenges facing operators at the moment, and the needs of the market?

Hans Theler:
Well, mobile operators face a variety of challenges as they seek to boost subscriber revenues without similarly increasing their spend either on capital projects or on the cost of keeping, managing and attracting new customers.

Cutting costs, raising average revenues per user, communicating with customers and offering high value easy to use, and access, services are the typical challenges facing many operators. But operators do not have to invest in the latest bells and whistles, they can reduce costs and add value by maximising existing assets and exploiting current technologies.

Mobile Europe: Also, operators are faced with a low take up for many data services. Why do you think that is?

Hans Theler: I agree that in general operators face a relatively low take up of value added services. MMS is one example of this. A recent survey conducted by Sicap and NOP in the UK showed that 79% of 771 respondents had never sent or received a MMS. 45% said this was because they did not have a modern handset, 17% did not know how to do it and 15% were insecure about the cost. Very often this is also true for other value added services.

Supply of handsets, ease of use and information about cost are often areas that the industry misjudge when launching new services.

Mobile Europe: Given that handset supply and ease of use, certainly at the handset level, are often out of an operator’s control, what kind of things can an operator take control of to ease the process?

Hans Theler:
Customers want high service levels and easy access to attractive applications. They feel that contacting operators should be secure, reliable and above all as simple as point and click. But to take one example, given the nature of pre-paid services, it is historically difficult for mobile operators to communicate with pre-paid customers. All that has now changed thanks to UMB.

Mobile Europe: UMB is a Sicap solution, I am guessing!

Hans Theler:
Yes — of course! Developed by Sicap, UMB (USSD Menu Browsing) exploits the existing GSM standard network USSD (Unstructured Supplementary Services Data) technology to create a single, customer contact number into the operator.  UMB opens up a two-way marketing channel between operators and their pre-paid customers, making self provisioning fast, easy and cost effective. On request subscribers get not only their account balance but also a menu of services through which they can browse — so accessing new applications does become as simple as point and click. Operators can now push product and marketing information to their entire base of subscribers.

Mobile Europe: And it makes use of existing technology?

Hans Theler:
That’s the beauty of it. Operators can inform and give customers access to services and new applications throughout their networks from one free call. By exploiting a technology already incorporated into all GSM phones, Sicap’s UMB gives access to all existing GSM customers wherever they may be.

Mobile Europe: Another existing technology that many feel is under-exploited is the SIM card. There seem to be a host of unexploited applications available to the operator through existing SIMs.

Hans Theler:
The (U)SIM card’s properties as a tamper-proof device and as a unified storage facility for secure information, as well as its ability to access functions in the mobile handset and the network in a standardised and future-proof way, makes it a key component. The (U)SIM is part of
the operator’s network and as such it holds vital information that must be managed and provisioned.

The (U)SIM is the only linkage point between the network operator and the subscriber, thus making it imperative for the operator to have control over which networks their subscribers roam onto and to manage the subscriber’s access to VAS via SIM based menus such as SIM Tool Kit.

We have seen the mobile devices themselves evolve from “dumb” terminals with basic telephony functionality into sophisticated smart phones with data, internet, and multimedia capabilities. In order to ensure usage of these advanced data-centric services, operators need to have the device settings automatically configured in order for subscribers to be able to use these advanced services. As (U)SIM cards continue to evolve with more memory capacity and functionality such as java applets for security, it will continue to be an important part of an operator’s network. Over-The-Air then becomes essential in managing content on the SIM such as Java applets, PLMN roaming lists, STK menus and the subscribers’ personal information.

For the subscriber, (U)SIM is a personal, portable gateway to new services; for the operator, it’s the key to security and differentiating ergonomics in the world of 3G mobile services.

Mobile Europe: Over the air configuration is not new, but there is a sense that the services it can enable are still under-appreciated.
Hans Theler:
Sure, the SIM holds the user identity number and authentication key and algorithm and has proved itself to be a potent weapon in network security. But this is only the tip of the iceberg in regards to SIM card potential. Since it’s the card rather than the terminal that enables network access, feature access and billing, the user is immediately on-line.

For mobile operators, the main challenge these days is to be able to manage and control the (U)SIMs that are out in the field, being used by subscribers.

Operators often need to update content on the SIM cards such as PLMN roaming lists whenever a new roaming agreement is made. Fixed Dialling Numbers (FDN) and Abbreviated Dialling Numbers (ADN) need to be updated whenever service numbers change. Java applets on SIM cards also have to be managed for secure m-commerce and m-banking applications. Updating and configuring Java based SIM Tool Kit menus is also essential whenever new value added services are introduced to subscribers.

Mobile Europe: And OTA is best for this?

Hans Theler:
As devices become more technologically advanced with various features such as internet browsing and multimedia capabilities, these settings become increasingly complex for users to configure, and in turn will discourage them from adopting these new services.

Operators will then lose revenues, customer care costs and churn rates will increase, causing serious delays in mobile services adoption.

With OTA device management, operators can help users to start using new services, as well as modify the configuration of existing ones with a minimum of effort. Settings such as GPRS, WAP, MMS, push-to-talk, email and internet browsing all need device-specific configuration settings, making it difficult to configure them manually. By simplifying configuration, device management offers substantial benefits for all members of the mobile value chain, from the handset manufacturer, to the service provider, all the way to the network operator. Most mobile users have limited technical interest or skill to configure an advance mobile device. Take MMS as an example; One of the reasons MMS has had difficulty in reaching mass market adoption is that the average mobile user is not aware that they need to configure their handsets in order to use the service. Mobile users expect services like MMS to be as readily available as making a call or sending an SMS.

But recalling SIM cards for content provisioning is not a viable option as it is a very time-consuming and expensive exercise to do.

So the OTA platform is a very effective logistical solution for the remote management of post-issued SIM cards. The secure management of GSM files and applets on the SIM is OTA’s greatest advantage, and due to the secure download aspect the network operator is the sole master of the SIM cards. OTA allows the operator to extend the SIM card life cycle and speed up the time to market: of new services. Operators no longer need to wait for the card’s renewal to update GSM files or to offer new services. As a result, new roaming agreements and new seasonal or events services can be always offered. In addition to new service delivery and content update, the OTA platform eases replacing stolen SIMs with subscriber’s details such as phonebook contacts, stored SMS, and applets.

Mobile Europe: You mentioned roaming management. Remote SIM configuration is very important in this area, I believe.

Hans Theler:
The PLMN list on the SIM card contains the parameters that control which network the subscriber will roam onto when they are outside of their home network. By being able to control which network your subscribers roam onto, roaming management allows operators to keep lucrative roaming revenues within the group or within a partner network alliance. Roaming Management also gives an operator more negotiating power when making roaming deals with foreign network operators.

Another benefit is that it can support special rates for particular customer segments such as corporate customers roaming in an international VPN environment. PLMN lists are usually embedded at the first stages before an operator receives their batch of SIM cards. New roaming agreements and international operator alliances are constantly changing; therefore operators need a tool to
update and manage their whole SIM card base efficiently and remotely without causing inconveniences to subscribers.

Mobile Europe: And what role do you see for SIM Tool Kit (STK) in managing applications, in alliance with OTA ?

Hans Theler:
Utilising STK helps operators save on high marketing costs; traditionally it takes a lot of effort educating subscribers about the various short numbers and keywords they need to know to use the different VAS. With STK, since all services become part of the handset menu, operators need less marketing effort to educate their subscribers on how to order services such as information, logos, ring tones, games and using mobile banking applications.

Furthermore since the VAS menu is part of the overall handset menu, the operator can reach the majority of its subscribers and not just the ones with a WAP-enabled handset and configured WAP settings. Again, an OTA system allows operators to update STK menus with new service offerings and also offers the possibility for subscribers to customise their menus to suit their particular needs via a Web interface.

Operators can remotely provision STK menus by sending binary SMS or using the GPRS bearer to download new content on the SIM card. Sicap’s OTA is future proof because it supports Bearer Independent Protocol (BIP) for data packet-based download, in 2.5 and 3G networks. With STK, operators could offer various revenue generating services such as: information, logos, ring tones, java games, customer self-care, and banking services. As a result of these offerings the operator benefits from; increased ARPU, reduced customer churn, increase customer loyalty and a differentiated service offering for their subscribers.

Mobile Europe: Thank you.

LTE has two versions; one for paired spectrum (FDD) and the other for unpaired spectrum (TDD). Designed for use in unpaired spectrum, TD-LTE is set to be deployed widely around the world, says the pair.

At an event hosted by China Mobile in Shanghai, Ericsson and ST-Ericsson demonstrated their complete TD-LTE solution for the first time. Using an USB dongle embedded with ST-Ericsson’s TD-LTE chipset, the companies showcased ‘super-fast’ mobile broadband applications, such as video-on-demand (VOD) and video streaming with a live camera.

Mats H Olsson, President of Ericsson China and North East Asia said: “The successful demonstration today reflects not only Ericsson’s undisputed technology leadership in the LTE domain, but also our unwavering commitment to the development of TD-LTE in China and elsewhere in the world. We will make every effort to support China Mobile in bringing revolutionary mobile broadband experiences to tens of millions of Chinese consumers in the near future.”

“Drawing on six years of LTE research and development, today’s demonstration underlines ST-Ericsson’s position as a frontrunner in the rollout of the next-generation of mobile broadband platforms,” said Magnus Hansson, Senior Vice President and head of LTE and 3G Modem Solutions at ST-Ericsson. “Through our cooperation with China Mobile and Ericsson, devices based on our chipsets will soon enable people to enjoy the many benefits of super-fast mobile broadband.”

ST-Ericsson is said to have been the first in the world to demonstrate a handheld LTE device and to achieve LTE and HSPA mobility with a multimode device. Available next year, ST-Ericsson’s next generation modem will support both versions of LTE, in addition to TD-SCDMA and HSPA+/EDGE.

ST-Ericsson and Ericsson’s combined offering is claimed to be the only complete end-to-end TD-LTE solution in the industry.

Operators are building WLAN access into their data strategies, but IT managers are put off by security issues, and users by multiple log-ons to secure authentication Philippe Martineau, Vice President, WLAN, Gemplus, says the answer is the operators’ secret weapon, the SIM.

Mobile working is all the rage at the moment. Business road warriors have a whole technology arsenal that provides them with access to corporate information on the move, such as WLAN access, WiFI hotspots or the latest 3G mobile office cards. Much of the hype around working ‘anytime, anywhere’ is behind us, and this is enabling service providers to step back and take a frank look at the industry. If we are trying to make access to data a permanent right for the working environment, then is it just access to WLAN, and the odd hotspot that we need?

Securing the assets of corporations and governments has taken on a new priority worldwide. With the ever-increasing sophistication, availability, and ease of use of computer and network hacking tools, remote access pathways into enterprise networks, previously considered secure, are now often virtually unprotected from malicious intruders.

The market opportunity

ost enterprises are keen on increasing productivity by offering employees in the field constant access to their data. As such, mobile network operators have identified an important new revenue stream in securing this access over the wireless network. This has become a key part in many operators’ global strategies.

Several attempts have been made to secure data on computer platforms such as PCs, MACs, smartphones or PDAs. All implementations using such devices are open to potential risks, such as the loading of Trojan horses, worms or viruses. Software applications lack the protective mechanisms often found in dedicated hardware devices (e.g., tamper resistance and physical encapsulation of critical circuitry).

SIMple security

Software tokens provide convenience because they operate on a platform that the user already has access to. They do
not require an application-specific hardware and do not add another piece of equipment. However, they do allow the execution of an application that previously ran on a secure device to be embodied on an insecure platform, thus causing a weak link in the security chain. This is because in a software environment, the application is only as secure as the operating system it runs on.

This is where the smart card comes in. Smart cards are tamper-resistant devices that store and process information needed for user identification and authentication. Hardware and software countermeasures are built into smart cards to protect them against all kinds of  attacks. Thus, smart cards are the most secure token available on the market, bringing at the same time portability of the user’s identity.

In addition, smart cards, already familiar to subscribers as SIM cards issued by operators, can securely authenticate subscribers using the operator’s existing infrastructure, but are also useful from a billing, quality of service and coverage point of view. As part of a secure corporate access offer, the SIM adds value to a pure network access offer, increasing loyalty from the customer.

Smart card-based solutions, are designed to secure access to networks, applications and web servers, secure e-mail communication and strengthen the security of the digital communications and Internet transactions.

They combine the privacy, integrity, and authentication functionalities provided by cryptographic algorithms with the simplicity, portability, and convenience of smart cards. Private key, digital certificates, and other personal information are securely stored on the smart card to prevent fraudulent use of the user’s electronic identity.

Securing authentication on public networks
Content service providers currently provide users with passwords for accessing public WLANs. This is a solution that is judged insufficient by most information systems managers. The risk that malevolent agents corrupt or
 steal these credentials is increased when stored on the hard drive or the permanent memory system.

They are potentially open to unauthorized access and fraudulent use. A more secure alternative is to store the corporate credentials on a removable secure hardware token, which will resist any attacks while ensuring the corporate user identity portability when changing its PC.

When logging on to the network, a user can be prompted to insert a personal smart card into a PC connected to a smart card reader and enter a PIN (Personal Identification Code). This is referred to as a “2-factor authentication” solution, i.e. something you have — the card — and something you know — the PIN. Both must be matched accurately before access to the corporate network is granted.

Bundling mobility and VPN authentication

Two wireless ways to access enterprise resources are either through GPRS or 3G, or through a WiFi network. Both methods of access require the user to go through a two-step process, first authenticating oneself to the Wireless Service provider and then launching the VPN client software, thus requiring a second authentication process. This lengthy and confusing process generally does not encourage positive end user experience.

Access to GPRS/3G networks requires a secure token in the form of a SIM card and most WLAN solutions are progressively migrating to the EAP-SIM authentication standard which will also use SIM hardware for secure authentication.

A better option would be to store all credentials into a unique secure token allowing both Wireless access (GPRS & WiFi) and Enterprise access, creating differentiation for the GPRS service provider Such a solution improves the end-user experience, maintains the highest security levels and offers considerable cost reduction as a single piece of hardware is shared for multiple uses.

Addressing the multiple smart card location options

A global solution has to address different modes of implementations for the secure token, with the SIM either stored in the GPRS modem, a USB reader or in a GSM phone. For the latter, a dynamic password generator is stored in the SIM that, on demand, creates a One Time Password (OTP) requiring manual entry into the PC. This offers a “non-connected” alternative for people to access enterprise resources through, for example, cyber coffee locations.

In the past, employees could authenticate by means of remote access, using only a set of valid credentials consisting of a network user name and its associated logon password, the same standard used to logon employees while at work.
However, the ease of cracking standard passwords has raised IT department concerns to the point that most companies today enforce a “strong” password policy for all network users. The consequence of such a policy makes it very difficult for the employee to remember their passwords, hence generating hot line calls for reactivation.

Benefits of a smart card-based solution

Smart cards can work to protect corporate assets on a number of different levels. The smart card itself is already familiar to end-users. Coupled with the two-factor authentication system, a user must possess both the device itself (the smart card) and the second authentication step, the PIN number.

The ever-increasing memory capacity of smart cards is also offering great flexibility — multiple security protocols are supported, from Simple Password management (Single Sign On applications) to One Time Passwords and Public Keys.

Additionally, the smart card itself can be integrated into a secure solution in a variety of ways, from USB dongles and GSM mobile phones to GPRS and WLAN PCMIA modems. Using the smart card to authenticate a user to PWLAN can again be supported by password-based, OTP or EAP-SIM applications.

The robustness and dexterity of smart card-based solutions is leading industry organisations such as the Liberty Alliance to work with academics, technologists and companies globally to create an environment of ubiquitous access for end users. The Liberty Alliance has defined a concept called Trusted Module, which shares the smart card characteristics of secure memory and secure processing. This is at the heart of their authentication and identity management efforts.

Everybody wins

By leveraging the SIM’s trusted capabilities, Service providers can build a WLAN/GPRS data offering as part of a package for Enterprise security and mobility. This is achieved by storing VPN credentials next to the GSM credentials within the same smart card.

This means seamless authentication to the VPN once connected to the network, single sign-on authentication, WLAN authentication integrated into billing for GSM and GPRS. End-users benefit from convenience and improved mobility, IT managers from greater security, reduced cost, and therefore increased productivity, and finally, service providers from increased service uptake, and a seriously good string to their bow.

Of all value-add services, messaging still adds the most value to operators. But service quality needs to improve if messaging is not to become a victim of its own success. Marieke Effting reports on a solution that combines store-and-forward with direct delivery.

The phenomenal and unexpected success of Short Message Services (SMS) reshaped the fortunes of the global mobile communications industry and this market boom is not set to stop any time soon.

SMS traffic is set to grow year on year, with a 50% increase forecast over the next 12 months alone. Revenue predictions — driven upwards by the rise of new premium SMS and interactive SMS services — are equally optimistic. Linking text messaging to entertainment and TV through activities such as interactive voting, quizzes, competitions, shopping and auctions is quickly gaining popularity with consumers. Operators are reaping the rewards to the extent that as much as 40% of revenues can be attributed to SMS.

Today SMS has become a commodity offering, albeit one where demand is still growing, which makes operators reluctant to continue investing in it. Instead they are looking for ways to drive down the cost of SMS delivery so that investment can be routed towards developing new and innovative services that will put them ahead of the game. Acknowledging the need to buy infrastructure to handle the rising SMS traffic, however, operators are looking for solutions at prices that are in line with the maturing status of the technology.

In their enthusiasm to Capex and Opex across the network, operators are looking for easy hardware implementation and short-run cost savings for immediate gains.  As a result, whilst factors such as performance, scalability and quality of service remain important to mobile operators, cost savings and ease of integration of new and existing solutions are the watch-words for many.

This shift in focus has created a new business opportunity for providers of alternative solutions for handling SMS traffic. However, operators should be wary of solution vendors that have selected a single feature of the end-to-end messaging infrastructure and lowered the overall price by radically slashing the cost — and therefore capability — of this individual feature.

The store-and-forward mechanism of the Short Message Service Centre (SMSC) is particularly at risk of elimination. With four out of five messages successfully delivered on the first attempt, the value of a store-and-forward capability is called into question by some vendors. Many seemingly low-cost solutions focus on the First Delivery Attempt (FDA), handing the 20% of failed messages to a separate store-and-forward system. Whilst this approach cuts costs on the FDA, it can have a serious impact on overall service quality and involve greater investment elsewhere over a longer period. If you consider that in the UK alone, more than two billion text messages are sent every month, jeopardising the successful and timely delivery of 400,000 of these will result in a huge number of dissatisfied customers.
Store-and-forward is a key mechanism in the SMS infrastructure. In practice, relying on the FDA for handling the bulk of SMS traffic only works if there is a high degree of spare capacity in the infrastructure and the operator is able to guarantee a continuously high success rate on delivery. However, there are many different reasons why a message may not be delivered at first attempt, whether the recipient has no network coverage, has switched off their mobile phone or has no remaining SMS capacity in its memory.

With a separate store-and-forward mechanism, there is no ‘gearbox’ co-ordination between the FDA and the retry system so that both act independently.  On message failure, the infrastructure will repeat efforts to locate the recipient, continue attempts to resend the message and forward a delivery error report each time to the separate store-and-forward platform. The resulting burden on the signalling load rises in proportion to the number of failed attempts, which calls for additional storage capacity and eventually impacts quality of service to the customer. Alternatively, without any provision for store-and-forward, if the FDA fails then the message is lost.

Operators need to explore strategies that will make service delivery as cost effective, reliable and efficient as possible…without cutting vital corners.
he real challenge is not to save costs on a single function but to reduce Capex and Opex across the entire messaging system, without losing quality of service. With 305% of mobile phone users looking for better quality of service from their networks, and a third of these sufficiently dissatisfied to walk away from their current service provider without further thought, operators must clearly ensure that they keep service quality at the top of their business agenda .

To get the best of both worlds, operators need to look at solutions that integrate the FDA with a robust and scalable store-and-forward retry mechanism, minimise total cost of ownership and protect current investments.

Facing double-digit messaging traffic increases during peak events year after year and a booming market for some time to come, operators understandably want to avoid taking any risks with their SMS infrastructure. However, they are balancing this with a reluctance to invest heavily in this commodity service. Operators need a messaging solution that brings together best-of-breed technologies for both the FDA and the store-and-forward mechanism in a single integrated solution.  With direct delivery and store-and-forward on a single platform, operators can deploy new systems offering full functionality straight away or build into existing infrastructures to increase capacity. After all, few would demolish their house just to add more space to a room! This kind of platform would provide operators with immediate OPEX savings across the system and a return on investment straight away, without compromising service. 

Through integration, operators are able to synchronise the FDA with any required subsequent retries on message delivery. This not only achieves lower cross-over of effort between the two systems, but also reduces the likelihood of a message being delivered twice — or not at all — and also cuts the probability of a customer being billed more than once. In the competitive mobile sector, where customer service is key and subscribers do not tend be loyal in their choice of operator, these quality of service issues can have a huge impact on user perception, and hence operator revenues. Gaining capability and capacity with minimum investment through a single FDA and store-and-forward platform, operators can reduce costs without cutting corners.