1 Abstract— Easy and secure access is of key importance in acceptance of new mobile services. This paper extends the possible use of the SIM as authenticator in the online world. The paper proposes Near Field Communication (NFC) technology as a transfer technology between the mobile handset and other devices. A possible architecture is shown, future SIM requirements and secure key transfer are addressed. Final focus is on handset-internal communication, with emphasis on requirements and constraints raised towards the internal architecture. Index Terms—identity, seamless, authentication, NFC I. INTRODUCTION Easy and secure user authentication is the key to introduce value-added services. Today’s methods are usually providing either security or easiness. In the traditional username and password pairs, the users tend to use weak passwords, while if the system has a strong password policy, the passwords will be written down, and so can be easily compromised. Telecom customers are used to services, where they are seamlessly authenticated by the network. These customers represent a significant group (in some European countries, the mobile penetration is near or over 100%) of the online services market, who are used to this kind of authentication. The existing infrastructure in the GSM/UMTS network’s SIM cards provide a possibility to extend the GSM-like seamless authentication to enable access of wireless networks, online services etc. Recent surveys reveal, that the home high-speed internet connection penetration is reaching 60%. With extending the authentication capabilites, the SIM can be a future identity provider also for the home terminals. This paper will first show, why the mobile phone has the potential to serve as an identity provider in the digital world. Then it will evaluate the current security infrastructure. It will justify the possible use of the SIM card, and propose a secure interface between the SIM card and the NFC reader of the mobile handset. An example NFC based phone admittance service will be presented. II. STATE OF THE ART Current research in trusted mobile platforms mainly focus on extending the mobile phone with an additional hardware to provide encryption services. In the Trusted Computing Group (TCG)[1], a complete set of security features are under development. The planned architecture now covers also the mobile devices. The proposal is provider centric and needs special hardware to implement a secure platfrom. The implementation of an extendable root trust structure is optional, potentially, the platform on the phone will be locked to content providers based on the network operator’s preference. Also, based on the specification, altough it covers PC’s and other computing devices, defines no interaction between these. So, no key transfer or authentication is possible through a relay device. Altough, this solution enables defines a more extensive platform, which also covers other devices, it needs considerable investment and hardware changes in the whole mobile system, including handsets. Currently, no cost estimation exists for implementing such a system. An open DRM architecture is defined in the Open Mobile Alliance (OMA)[2], which supports a function called super-distribution which enables users to share content with others, but mainly focuses on industrial content management. Providing personal management of own conent is not addressed. Transfer of access keys in case of super-distribution is done by the mobile network, generating potential expense on the subscriber side. III. PERSONALISATION AND SECURITY Personalisation is the key for enabling feature rich services and preserving the ease of use. With personalisation services, the subscribers will be able to adjust the complexity of the features to their needs. To identify the subscriber, the system needs a secure and unique ID. The use of mobile phone as an authenticator is natural choice, since the SIM card provides a trusted and secure platform for transmission and storage of IDs. Current SIM cards used in GSM/UMTS networks are smartcards, which can provide secure key storage with strong encryption support, like PKI. SIM as a key of user identification: enabling seamless user identity management in communication networks György Kálmán 1 , Josef Noll 1,2 1 UniK, N-2027 Kjeller, Norway, 2 Telenor R&D, N-1331 Fornebu, Norway gyorgy@unik.no,josef@unik.no