Feeds

Air of desperation encircles SIM Summit

Cool technology seeks killer application

SANS - Survey on application security programs

The SIM industry has been gathering around Prague for Informa's annual SIM Summit, with various luminaries from the industry presenting their plans for how the SIM is going to develop over the next few years - and the answer seems to be away from mobile phones, if anywhere at all.

The Subscriber Identity Module (SIM), used in every GSM phone and allowing customers to change handset without talking to their operator, has been a key driver for the success of GSM, as well as enabling the bewildering speed of handset development. The SIM creates a secure (enough) connection between subscriber and network, and stores a few SMS messages and phone numbers too.

But the technology has moved on. It's now possible to store several hundred kilobytes on a SIM, and talk to it at high speeds. So customers could, in theory, store music, videos, and applications on the SIM. The problem is that customers haven't shown much enthusiasm for doing so, so this year's SIM Summit was largely filled with presentations expounding what might be possible if only those fickle users would agree to pay for it.

Secure banking

The SIM is a security module, but not secure enough for banking. The GSM security is based on a single secret, with copies stored on the SIM and the Authentication Server at the network operator: if the SIM is going to support secure banking then the bank will have to have access to that secret, or the SIM will have to evolve a more complex security model.

Given that operators are more likely to cut off then own feet than hand over their cryptographic secrets, this is going to mean a more expensive SIM, and handsets to support it.

However, today's handsets can already run a Java application using SSL to speak to a bank's servers: which may well prove secure enough for mobile banking without needing any new SIM technology.

Near field communications

NFC is a very short range radio technology aimed at proximity shopping (waving your phone at a reader to pay for bus tickets and the like). The adoption of USB as the high-speed SIM interface leaves a connection free, which could be used to connect the SIM to an NFC antenna and allow it a new channel to the outside world.

The alternative is to use a secure module on the handset to manage NFC: storing pre-paid balances and such inside the phone. This is the approach appearing on the first NFC handsets, and is certainly in the interests of the handset manufacturers - tying the customer to the handset, not the SIM, so unless network operators rapidly push for ownership on the SIM they're likely to let this one slip through their fingers.

Trial content

The most obvious application for a high-capacity SIM is to stick some content on it, either limited-function trials or some free content to encourage customers to get the hang of personalising.

The problem here is that in order help the customer discover the content they need to have an easy-to-use interface, which must be pre-installed on their phone. But if the application is being pre-installed into the phone memory, then there's no reason not to install the content there too: removing the need to support new SIM standards.

The SIM abroad

More surprising is the suggestion that it's time for the SIM to move out of the mobile phone - acting as a secure module in everything from UMPCs to wrist watches. These applications may well have nothing to do with mobile telephones, just levering the security and utility of the SIM for payment and authentication services.

Desktop computers could really do with a secure module: though the Secure Computing Environment should fulfil many of the roles proposed for the in-computer SIM. Here at the SIM Summit, Laks (maker of posh watches) showed a couple of proximity-payment watches with SIMs fitted inside, and Orange talked of a SIM held in a wrist watch using skin conductance to talk to the phone handset.

But none of these is the SIM as we now recognise it, or offers the billions of sales manufacturers would like to generate.

A solution looking for a problem

SIMs are great. They have been fantastic for the mobile phone business, and continue to provide secure communications in most of the world. In developing markets current SIM technology has been used for banking and payment applications where the operator is willing to work closely with the bank in a trusted relationship.

This year saw a break-away event, the SIMposium, organised in Berlin by the SIM Alliance, an industry group of SIM manufacturers, on exactly the same dates as Informa's get together. Some have interpreted this to mean that the SIM industry is thriving, on the verge of creating new and profitable markets and businesses.

The alternative is to see an industry unwilling to see its product reduced to a commodity status and desperately thrashing around trying to find a killer application that will convince network operators that every SIM needs replacing, not to mention finding a home for all those cool technologies that look so good on PowerPoint slides. ®

3 Big data security analytics techniques

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
Facebook splats in-app chat, whacks brats into crack yakety-yak app
Jibber-jabbering addicts turfed out just as Zuck warned
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.