card as a means to essentially print their own money. That means that the value represented by the card could be spent for the purpose intended and there was a very good accounting match between the value sold in the form of cards and the value regained by use of cards in pay-telephones. Moreover, an ingenious match was found between a French social institution, the ubiquitous Tabac stores, and the need to market the phone cards. The cards were simply sold in the stores, which are everywhere in France, and the system ran rather swimmingly. France Telecom could treat the phone card much like any other product sold in the stores; sold at a slight discount that allowed for the store to garner a profit. Payment by the store followed the same path as payment for any other product; a mechanism far simpler than would have been the special arrangements necessary to collect and convey large numbers of coins from all the pay-telephones in the land. It formed a nice success story driven by the need to minimize fraud in a system offering many opportunities for it to occur. Minimizing the logistics of collection, certainly a significant opportunity for minimizing fraud, was icing on the cake.

A second great success story was found in the world of mobile (cellular) telephony. There are some similarities with our first success story; that is, the scenario deals with payment for telephony services. This time, however, the issue at hand which led to the use of secure cores was not so much about fraud as it was about portability of identity and the subsequent ubiquity of service.

The early deployment of cellular mobile telephone systems in the United States and the United Kingdom were analogue based systems. Such systems tend to be inefficient users of radio frequency bandwidth and the voice channel quality is generally low compared to all-digital systems. Further, the international rules for implementation and deployment of such analogue systems tended to lead to disjoint systems in the various countries in which they were deployed. With the emergence of the European Economic Union, there was a recognized need for a pan-European mobile telephone system; a system that would allow many providers and yet span all of Europe with one large or many small but interoperable systems. Enter the Groupe Spécial Mobile (GSM), whose story has been chronicled in GSM and UMTS: The Creation of Global Mobile Communication, edited by Friedhelm Hukkebrand.

In the early 1980’s, the GSM set out to develop the technical specifications for a digital mobile telephone architecture that could be deployed across Europe and throughout the world. The system they arrived at was given the designation of Global System for Mobile communications, allowing for the efficient reuse of the GSM acronym. God forbid that we should run short of acronym space. One of the more profound aspects of the GSM architecture was the use of a specific trusted component within the telephone handset; a Subscriber Identity Module (SIM).

The SIM, not the handset per se, establishes the account to which access charges are billed for the use of the cellular telephone. Because of the trust placed in the identification of the account owner through the Subscriber Identity Module, GSM system operators worldwide have been willing to enter into cross-system usage agreements. Through the trust infrastructure put in place by the SIM, the various operators that might be involved in providing system support on any specific call made through a GSM handset, located perhaps anywhere in the world, are duly compensated through the policy infrastructure that is encompassed by the trust infrastructure.

Because of the GSM architecture and its use of the Subscriber Identity Module, changing handsets is a trivial operation requiring essentially no administrative support to accomplish. Simply take the SIM out of one handset and insert it into another handset and you’re off and running with a new, personal telephone (there are some exceptions to that rule in the United States, where operators

Book available at Midori Press (regular)
Book available at Midori Press (signed)
Book available at Amazon (regular)