3GPP TS 22.022

3GPP TS 22.022 V12.0.
0 (2014-10)
Technical Specification
3rd Generation Partnership Project;

Technical Specification Group Services and System Aspects;
Personalisation of Mobile Equipment (ME);
Mobile functionality specification
(Release 12)
The present document has been developed within the 3rd Generation Partnership Project (3GPP TM) and may be further elaborated for the purposes of 3GPP.
The present document has not been subject to any approval process by the 3GPP Organisational Partners and shall not be implemented.
This Specification is provided for future development work within 3GPP only. The Organisational Partners accept no liability for any use of this Specification.
Specifications and reports for implementation of the 3GPP TM system should be obtained via the 3GPP Organisational Partners' Publications Offices.
Release 12 2 3GPP TS 22.022 V12.0.0 (2014-10)
Keywords
GSM, UMTS, terminal
3GPP
Postal address
3GPP support office address

650 Route des Lucioles - Sophia Antipolis
Valbonne - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Internet
http://www.3gpp.org
Copyright Notification
No part may be reproduced except as authorized by written permission.

The copyright and the foregoing restriction extend to reproduction in all media.
© 2014, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TTA, TTC).
All rights reserved.
UMTS™ is a Trade Mark of ETSI registered for the benefit of its members
3GPP™ is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners
LTE™ is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners
GSM® and the GSM logo are registered and owned by the GSM Association
3GPP
Release 12 3 3GPP TS 22.022 V12.0.0 (2014-10)
Contents
Foreword............................................................................................................................................................. 5
1 Scope ........................................................................................................................................................ 6
2 References ................................................................................................................................................ 6
3 Definitions and abbreviations................................................................................................................... 7
3.1 Abbreviations ..................................................................................................................................................... 7
3.2 Definitions ......................................................................................................................................................... 7
4 General description .................................................................................................................................. 8
5 Network personalisation........................................................................................................................... 9
5.1 Network personalisation .................................................................................................................................... 9
5.1.1 Operation of network personalised ME........................................................................................................ 9
5.1.2 Network personalisation cycle ..................................................................................................................... 9
5.1.2.1 Personalisation cycle .............................................................................................................................. 9
5.1.2.2 De-personalisation cycle....................................................................................................................... 10
5.2 Network subset personalisation ....................................................................................................................... 10
5.2.1 Operation of Network subset personalised ME .......................................................................................... 10
5.2.2 Network subset personalisation cycle ........................................................................................................ 11
5.2.2.1 Personalisation Cycle ........................................................................................................................... 11
5.2.2.2 De-personalisation cycle....................................................................................................................... 11
6 SP personalisation .................................................................................................................................. 12
6.1 Operation of SP personalised MEs .................................................................................................................. 12
6.2 SP personalisation cycle .................................................................................................................................. 12
6.2.1 Personalisation cycle .................................................................................................................................. 12
6.2.2 De-personalisation cycle ............................................................................................................................ 13
7 Corporate personalisation ....................................................................................................................... 13
7.1 Operation of corporate personalised MEs ........................................................................................................ 13
7.2 Corporate personalisation cycle ....................................................................................................................... 14
8 SIM/USIM personalisation .................................................................................................................... 15
8.1 Operation of SIM/USIM personalised ME ...................................................................................................... 15
8.2 SIM/USIM personalisation cycle ..................................................................................................................... 15
3GPP
Release 12 4 3GPP TS 22.022 V12.0.0 (2014-10)
9 Over the air de-personalisation cycle ..................................................................................................... 16

10 Disable Personalisation .......................................................................................................................... 17
11 Manufacturer personalisation and de-personalisation ............................................................................ 17
12 Automatic personalisation ...................................................................................................................... 18
13 Personalisation Cycle Restrictions ......................................................................................................... 18
14 Security .................................................................................................................................................. 18
Annex A (normative): Technical information ................................................................................... 20
A.1 GID1 and GID2 files .............................................................................................................................. 20
A.2 Emergency calls only mode ................................................................................................................... 20
A.3 Co-operative Network List ..................................................................................................................... 21
A.4 Over-the-air de-personalisation .............................................................................................................. 21
Annex B (informative): Change history ............................................................................................... 23
3GPP
Release 12 5 3GPP TS 22.022 V12.0.0 (2014-10)
Foreword
This Technical Specification has been produced by the 3rd Generation Partnership Project (3GPP).
The contents of the present document are subject to continuing work within the TSG and may change following formal
TSG approval. Should the TSG modify the contents of the present document, it will be re-released by the TSG with an
identifying change of release date and an increase in version number as follows:
Version x.y.z
where:
x the first digit:
1 presented to TSG for information;
2 presented to TSG for approval;
3 or greater indicates TSG approved document under change control.
y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections,
updates, etc.
z the third digit is incremented when editorial only changes have been incorporated in the document.
3GPP
Release 12 6 3GPP TS 22.022 V12.0.0 (2014-10)
1 Scope
The present document provides functional specifications of five features to personalise Mobile Equipment (ME) for
GSM and 3G systems. These features are called:
- Network personalisation;
- Network subset personalisation;
- Service Provider (SP) personalisation;
- Corporate personalisation;
- SIM/USIM personalisation (SIM for GSM systems or USIM for 3G systems).
The present document specifies requirements for MEs which provide these personalisation features.
2 References
The following documents contain provisions which, through reference in this text, constitute provisions of the present
document.
• References are either specific (identified by date of publication, edition number, version number, etc.) or
non-specific.
• For a specific reference, subsequent revisions do not apply.
• For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including
a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same
Release as the present document.
[1] 3GPP TR 21.905: "Vocabulary for 3GPP Specifications".
[2] 3GPP TS 22.011: "Service accessibility".
[3] 3GPP TS 23.003: " Numbering, addressing and identification".
[4] 3GPP TS 23.122: "Non-Access-Stratum (NAS) functions related to Mobile Station (MS) in idle
mode".
[5] 3GPP TS 23.038: "Alphabets and language-specific information".
[6] 3GPP TS 23.040: "Technical realization of the Short Message Service (SMS); Point-to-Point
(PP)".
[7] GSM 11.11: "Digital cellular telecommunications system (Phase 2+); Specification of the
Subscriber Identity Module - Mobile Equipment (SIM - ME) interface".
[8] GSM 11.14: "Digital cellular telecommunications system (Phase 2+); Specification of the SIM
Application Toolkit for the Subscriber Identity Module - Mobile Equipment (SIM - ME)
interface".
[9] 3GPP TS 31.102: "Characteristics of the USIM application".
[10] 3GPP TS 31.111: "USIM Application Tool Kit".
3GPP
Release 12 7 3GPP TS 22.022 V12.0.0 (2014-10)
3 Definitions and abbreviations
3.1 Abbreviations
For the purposes of the present document, the following abbreviations apply:
CCK Corporate Control Key

CNL Co-operative Network List
GID1 Group Identifier (level 1)
GID2 Group Identifier (level 2)
EF Elementary File
IMEI International Mobile Equipment Identity
IMSI International Mobile Subscriber Identity
MCC Mobile Country Code
ME Mobile Equipment
MS GSM Mobile Station (ME + SIM)
MNC Mobile Network Code
NCK Network Control Key
NSCK Network Subset Control Key
PCK Personalisation Control Key
SIM Subscriber Identity Module
SMS Short Message Service
SP Service Provider
SPCK Service Provider Control Key
TMSI Temporary Mobile Subscriber Identity
UE 3G User Equipment (ME + USIM)
USIM User Services Identity Module
Further GSM abbreviations are given in TS 21.905 [1].
3.2 Definitions
For the purposes of the present document, the following definitions apply:
corporate personalisation: Allows a corporate customer to personalise MEs that he provides for his employees or
customers use so that they can only be used with the company's own SIM/USIMs.
de-personalisation: Is the process of deactivating the personalisation so that the ME ceases to carry out the verification
checks.
network personalisation: Allows the network operator to personalise a ME so that it can only be used with that
particular network operator's SIM/USIMs
network subset personalisation: A refinement of network personalisation, which allows network operators to limit the
usage of a ME to a subset of SIM/USIMs
normal mode of operation: Is the mode of operation into which the ME would have gone if it had no personalisation
checks to process.
personalisation: Is the process of storing information in the ME and activating the procedures which verify this
information against the corresponding information stored in the SIM/USIM whenever the ME is powered up or a
SIM/USIM is inserted, in order to limit the SIM/USIMs with which the ME will operate.
SIM/USIM personalisation: Enables a user to personalise a ME so that it may only be used with particular
SIM/USIM(s).
SP personalisation: Allows the service provider to personalise a ME so that it can only be used with that particular
service provider's SIM/USIMs.
user: Normally refers to the person performing the personalisation or de-personalisation operations and may represent a
network operator, service provider, manufacturer of the user/owner of the handset, depending on the context.
3GPP
Release 12 8 3GPP TS 22.022 V12.0.0 (2014-10)
network code: MCC and MNC.
network subset code: digits 6 and 7 of the IMSI.
SP code: code which when combined with the network code refers to a unique SP. The code is provided in the GID1
file on the SIM/USIM (see Annex A.1.) and is correspondingly stored on the ME.
Corporate code: code which when combined with the network and SP codes refers to a unique Corporate. The code is
provided in the GID2 file on the SIM/USIM (see Annex A.1.) and is correspondingly stored on the ME.
SIM/USIM code: code which when combined with the network and NS codes refers to a unique SIM/USIM. The code
is provided by the digits 8 to 15 of the IMSI
network code group: same as network code
network subset code group: combination of a network subset code and the associated network code.
SP code group: combination of the SP code and the associated network code.
Corporate code group: combination of the Corporate code and the associated SP and network codes.
SIM/USIM code group: combination of the SIM/USIM code and the associated network subset and network codes (it
is equivalent to the IMSI).
Personalisation entity: Network, network subset, SP, Corporate or SIM/USIM to which the ME is personalised
4 General description
The personalisation features work by storing information in the ME which limits the IMs with which it will operate, and
by checking this information against the SIM/USIM whenever the ME is powered up or a SIM/USIM is inserted. If a
check fails, the ME enters the "limited service state" in which only emergency calls can be attempted (see annex A.2).
There are five personalisation categories of varying granularity; network, network subset, SP, corporate and
SIM/USIM. The personalisation categories are independent in so far as each category can be activated or de-activated
regardless of the status of the others. Each category has a separate personalisation indicator to show whether it is active
or not. The ME can be personalised to one network, one network subset, one SP, one Corporate, one SIM/USIM or any
combination thereof. The ME may optionally be personalised to multiple networks, network subsets, SPs, Corporates,
IMs or any combinations thereof.
The codes used for each personalisation category are shown in Table 1. Some categories require several codes (e.g. SP
and network for SP personalisation) and each combination of codes relating to a particular entity (network, SP etc.) is
referred to as a code group. To personalise to multiple entities, multiple code groups are stored in the ME. For each
activated personalisation category, the ME retrieves the relevant codes from the SIM/USIM and checks the retrieved
code group against the (list of) code group(s) stored in the ME. If a match is found with any of the code groups stored
in the ME, the check is passed for that category. If checks for all active categories are passed, then the MS goes into
normal operation.
Table 1: Codes used by each personalisation category
Code Network (MCC, Network Subset SP Corporate SIM/USIM

MNC) (IMSI digits (IMSI digits
6 and 7) 8 to 15)
Personalisation
category
Network
Network subset
SP
Corporate
SIM/USIM
3GPP
Release 12 9 3GPP TS 22.022 V12.0.0 (2014-10)
Precautions must be taken to ensure that when more than one personalisation category is to be activated or when the
ME is to be personalised to more than one entity of a personalisation category, the new codes are not in conflict with
any existing valid codes. To avoid such conflicts, checks are carried out by the ME during the personalisation cycle, as
described in clause 13.
As an optional ME feature, the status (activated or not) of each personalisation category and the values of the relevant
codes may be read by the user.
5 Network personalisation
5.1 Network personalisation

Network personalisation allows a ME to be personalised to a particular network, for example to prevent the use of
stolen MEs on other networks. The ME may optionally be personalised to more than one network.
The ME is network personalised by storing the code (MCC+MNC) (see TS 23.003 [3]) of the relevant network(s) in the
ME and setting a network personalisation indicator in the ME to "on". Whenever a SIM/USIM is inserted, or the ME is
powered up with a SIM/USIM already in place, the International Mobile Subscriber Identity (IMSI) is read from the
SIM/USIM and the embedded network code (MCC+MNC) checked against that stored in the ME. If the values differ,
the MS shall go into emergency calls only mode as defined in annex A.2.
The network personalisation feature is controlled by a Network Control Key, (NCK) which has to be entered into the
ME in order to network de-personalise it.
In order to support the network personalisation feature the ME shall have storage for the network personalisation
indicator, the network code(s) and the NCK.
5.1.1 Operation of network personalised ME

The network personalisation check described below is performed whenever a SIM/USIMis inserted or the ME is
powered up with a SIM/USIM already in place.
The personalisation check is as follows. When more than one personalisation is active in the ME, normal mode of
operation includes performing any outstanding personalisation checks:
a) check whether the ME is network personalised: The ME checks its network personalisation indicator, if it is
set to "off" the personalisation check shall be stopped and the MS goes into the normal mode of operation,
omitting the remaining steps of the check;
b) check the network code(s): The ME reads the IMSI from the SIM/USIM, extracts the network code from it and
checks it against the (list of) value(s) stored on the ME.
If no match is found in b), the ME may display an appropriate message, (e.g., "Incorrect SIM" or "Incorrect USIM")
and shall go into the emergency calls only mode as defined in annex A.2. If a match is found, the MS goes into the
normal mode of operation.
5.1.2 Network personalisation cycle
5.1.2.1 Personalisation cycle

The process of personalisation can only be carried out on a currently unpersonalised ME, i.e., if the network
personalisation indicator is set to "off". Access to the personalisation process shall be restricted in order to prevent
unauthorised, accidental or unwanted personalisation. Other restrictions are described in clause 13. The personalisation
process results in the NCK being set, the network personalisation indicator being set to "on" and the storage in the ME
of the network code(s) to which the ME is being personalised.
The network personalisation process is as follows:
a) The network code(s) are entered into the ME. This may be accomplished by one of the following means:
3GPP
Release 12 10 3GPP TS 22.022 V12.0.0 (2014-10)
- for the case of a single network code, the ME reads the IMSI from the SIM/USIM and extracts the network
code;
- the ME reads the Co-operative Network List (CNL) from the SIM/USIM and extracts the list of network
code(s) associated with network personalisation;
- keypad entry;
- a manufacturer defined process.
b) The ME carries out the pre-personalisation checks contained in clause 13. If they all pass, the network code(s)
are stored in the ME. If any fail, the personalisation process shall be terminated.
c) The NCK is stored in the ME. This may be entered via the keypad by the user or by a manufacturer defined
process.
d) The network personalisation indicator is set to "on".
5.1.2.2 De-personalisation cycle

To de-personalise the ME, the correct NCK shall be entered. It is optional whether or not a SIM/USIM is inserted in the
ME. If a SIM/USIM is inserted, then de-personalisation shall be offered whether or not the network personalisation
check passes or fails.
Network subset de-personalisation shall be possible by keypad entry. If there is no keypad, then an alternative
ME-based solution shall be provided. Other de-personalisation methods may also be provided such as a network
initiated process whereby the control key is sent to the MS over-the-air (see clause 9).
The network de-personalisation process is as follows:
a) the NCK is entered into the ME;
b) if the entered NCK is the same as the one stored in the ME the network personalisation indicator is set to "off".
If the entered and stored NCK values differ, the de-personalisation process shall be stopped. The ME remains
personalised and the stored network code(s) and NCK shall be left unchanged.
5.2 Network subset personalisation

Network subset personalisation is a refinement of network personalisation, which allows network operators to limit the
usage of a ME to a well defined subset of IMs; e.g. where the ME is the property of a third party.
The ME is network subset personalised by storing the network code and the Network Subset Code (digits 6 and 7 of the
IMSI) as an identification of the network subset and setting an network subset personalisation indicator in the ME to
"on". Whenever a SIM/USIM is inserted, or the MS is powered up with a SIM/USIM already in place, the network
subset code group is read from the SIM/USIM and checked against the stored values in the ME. If no match is found,
the ME shall go into emergency calls only mode, as defined in annex A.2.
The network subset personalisation feature is controlled by a Network Subset Control Key (NSCK) which has to be
entered into the ME in order to network subset de-personalise it.
In order to support the network subset personalisation feature, the ME shall have storage for the network subset
personalisation indicator, the network subset code group(s) and the NSCK.
5.2.1 Operation of Network subset personalised ME

The Network subset personalisation check described below is performed whenever a SIM/USIM is inserted or the ME
is powered up with a SIM/USIM already in place.
operation includes performing any outstanding personalisation checks.
3GPP
Release 12 11 3GPP TS 22.022 V12.0.0 (2014-10)
a) check whether the ME is network subset personalised: The ME checks its network subset personalisation
indicator, if it is set to "off" the personalisation check shall be stopped and the ME goes into the normal mode of
operation, omitting the remaining steps of the check;
b) check network subset code group: The ME reads the network subset code group from the SIM/USIM and
checks it against the (list of) stored value(s) on the ME;
If no match is found in b) the ME may display an appropriate message, (e.g. "Insert correct SIM") and shall go into
emergency calls only mode, as defined in annex A.2. Otherwise the ME goes into the normal mode of operation.
5.2.2 Network subset personalisation cycle
5.2.2.1 Personalisation Cycle

The process of personalisation can only be carried out on a currently unpersonalised ME, i.e., if the network subset
process results in the NSCK being set, the network subset personalisation indicator being set to "on" and the storage in
the ME of the (list of) network subset code group(s) which identify the specific network subset(s) to which the ME is
being personalised.
The network subset personalisation process is as follows:
a) The network subset code group(s) is (are) entered into the ME. This may be accomplished by one of the
following means:
- for the case of a single network code group, the ME reads the IMSI from the SIM/USIM and extracts the
network and network subset codes;
- the ME reads the Co-operative Network List (CNL) from the SIM/USIM and extracts the list of network
subset code group(s);
- keypad entry;
b) The ME carries out the pre-personalisation checks contained in clause 13, on the new codes entered into the ME.
If they all pass, the network subset code group(s) is (are) stored in the ME. If any fail, the personalisation process
shall be terminated.
c) The NSCK is stored in the ME. This may be entered via the keypad by the user or by a manufacturer defined
process.
d) The network subset personalisation indicator is set to "on".
5.2.2.2 De-personalisation cycle

To de-personalise the ME the correct NSCK shall be entered. It is optional whether or not a SIM/USIM is inserted. If a
SIM/USIM is inserted, then de-personalisation shall be offered whether or not the network subset personalisation check
passes or fails.
Network subset de-personalisation shall be possible by keypad entry. If there is no keypad, then an alternative
ME-based solution shall be provided. Other de-personalisation methods may also be provided such as a network
initiated process whereby the control key is sent to the MS over-the-air (see clause 9).
The network subset de-personalisation process is as follows:
a) the NSCK is entered into the ME;
b) if the entered NSCK is the same as the one stored in the ME the network subset personalisation indicator is set to
"off".
If the entered and stored NSCK values differ, the de-personalisation process shall be stopped and the ME remain
personalised. The stored network and network subset codes and the NSCK are left unchanged.
3GPP
Release 12 12 3GPP TS 22.022 V12.0.0 (2014-10)
6 SP personalisation
Service provider or SP personalisation is a feature which allows a service provider to associate a ME with the SP. This
feature only works with IMs which support the GID1 file. For the purpose of SP personalisation the GID1 file is
programmed with an SP code that identifies the service provider.
The ME is SP personalised by storing the SP code group(s) and setting a SP personalisation indicator in the ME to "on".
Whenever a SIM/USIM is inserted, or the ME is powered up with a SIM/USIM already in place, the SP code group is
read from the SIM/USIM and checked against those stored in the ME. If no match is found the ME shall go into
emergency calls only mode as defined in annex A.2.
The SP personalisation feature is controlled by a Service Provider Control Key, (SPCK) which has to be entered into
the ME in order to SP de-personalise it.
In order to support the SP personalisation feature the ME shall have storage for the SP personalisation indicator, the (list
of) SP code group(s) and the SPCK.
6.1 Operation of SP personalised MEs

The personalisation check described below is performed whenever a SIM/USIM is inserted or the ME is powered up
with a SIM/USIM already in place.
a) check whether the ME is SP personalised: The ME checks the SP personalisation indicator, if it is set to "off"
the personalisation check shall be stopped and the ME goes into its normal mode of operation;
b) check whether the SIM/USIM supports GID1: The ME checks that the SIM/USIM supports the GID1 file;
c) check the SP code group: The ME reads the SP code group from the SIM/USIM and checks it against the (list
of) stored value(s) on the ME;
If b) fails or no match is found in c), the ME may display an appropriate message (e.g. "insert correct SIM") and shall
go into emergency calls only mode, as defined in annex A.2. Otherwise, the ME goes into the normal mode of
operation.
6.2 SP personalisation cycle

6.2.1 Personalisation cycle
The process of personalisation can only be carried out on a currently unpersonalised ME, i.e., if the SP personalisation
indicator is set to "off". Access to the personalisation process shall be restricted in order to prevent unauthorised,
accidental or unwanted personalisation. Other restrictions are described in clause 13. The personalisation process results
in the SPCK being set, the SP personalisation indicator being set to "on" and the storage in the ME of the (list of) SP
code group(s) to which the ME is being personalised.
The SP personalisation process is as follows:
a) The SP code group(s) is (are) entered into the ME. This may be accomplished by one of the following means:
- the ME checks that the SIM/USIM supports the GID1 file, if not the SP personalisation process is aborted
with an appropriate error message. The ME reads the SP code group from the SIM/USIM. If the SP code is
set to the default value (see annex A.1) then the personalisation process shall be aborted with an appropriate
error message. Otherwise the SP code group is entered into the ME.
- the ME reads the Co-operative Network List (CNL) from the SIM/USIM and extracts the (list of) SP code
group(s);
- keypad entry;
3GPP
Release 12 13 3GPP TS 22.022 V12.0.0 (2014-10)
b) The ME carries out the pre-personalisation checks contained in clause 13 on the new codes entered into the ME.
If they all pass, the SP code group(s) is (are) stored in the ME. If any fail, the personalisation process shall be
terminated.
c) The SPCK is stored in the ME. This may be entered via the keypad by the user or by a manufacturer defined
process.
e) The SP personalisation indicator is set to "on".
6.2.2 De-personalisation cycle

To de-personalise the ME, the correct SPCK shall be entered. It is optional whether or not a SIM/USIM is inserted in
the ME. If a SIM/USIM is inserted, then de-personalisation shall be offered whether or not the SP personalisation check
passes or fails.
SP de-personalisation shall be possible by keypad entry. If there is no keypad, then an alternative ME-based solution
shall be provided. Other de-personalisation methods may also be provided such as a network initiated process whereby
the control key is sent to the MS over-the-air (see clause 9).
The SP de-personalisation process is as follows:
a) the SPCK is entered into the ME;
b) if the entered SPCK is the same as the one stored in the ME, the SP personalisation indicator is set to "off".
If the entered and stored SPCK values differ, the de-personalisation process shall be stopped and the ME remains SP
personalised. The stored network and SP codes and SPCK shall be left unchanged.
7 Corporate personalisation
Corporate personalisation is a refinement of SP personalisation which allows companies to prevent the use of MEs they
provide for their employees or customers with other IMs without that corporate personalisation.
This feature only works with IMs which support both the GID1 and GID2 files. For the purpose of corporate
personalisation the GID1 file is programmed at pre-personalisation with an SP code that identifies the service provider
and the GID2 file is programmed by the service provider or corporate customer with a code that identifies the corporate
customer.
The ME is corporate personalised by storing the corporate code group(s) and setting a corporate personalisation
indicator in the ME to "on". Whenever a SIM/USIM is inserted, or the ME is powered up with a SIM/USIM already in
place, the corporate code group is read from the SIM/USIM and checked against those stored in the ME. If there is no
match the ME shall go into emergency calls only mode, as defined in annex A.2.
The corporate personalisation feature is controlled by a Corporate Control Key (CCK), which has to be entered into the
ME in order to de-personalise it.
In order to support the corporate personalisation feature the ME shall have storage for the corporate personalisation
indicator, a (list of) corporate code group(s) and the CCK.
7.1 Operation of corporate personalised MEs

The personalisation check described below is performed whenever a SIM/USIM is inserted or the ME is powered up
with a SIM/USIM already in place.
The personalisation check is as follows. When more than more personalisation is active in the ME, normal mode of
a) check whether the ME is corporate personalised: The ME checks the corporate personalisation indicator, if it
is set to "off" the personalisation check shall be stopped and the ME goes into its normal mode of operation;
3GPP
Release 12 14 3GPP TS 22.022 V12.0.0 (2014-10)
b) check whether the SIM/USIM supports GID1 and GID2: The ME checks that the SIM/USIM supports the
GID1 and GID2 files;
c) check the corporate code group: The ME reads the corporate code group from the SIM/USIM and checks it
against the (list of) stored value(s) on the ME;
If b) fails, or no match is found in c), the ME may display an appropriate message (e.g. "Insert correct SIM") and shall
go into emergency calls only mode, as defined in annex A.2. Otherwise, the ME goes into the normal mode of
operation.
7.2 Corporate personalisation cycle

The process of personalisation can only be carried out on a currently unpersonalised ME, i.e., if the corporate
process results in the CCK being set, the corporate personalisation indicator being set to "on" and the storage in the ME
of a (list of) corporate group(s) codes to which the ME is being personalised.
The corporate personalisation process is as follows:
a) The corporate code group(s) is (are) entered into the ME. This may be accomplished by one of the following
means:
- the ME checks that the SIM/USIM supports the GID1 and GID2 files, if not the corporate personalisation
process shall be aborted with an appropriate error message;
the ME reads the corporate code group(s) from the SIM/USIM. If either the SP code or the corporate code is
set to the default value (see Annex A.1), then the corporate personalisation process shall be aborted with an
appropriate error message. Otherwise the corporate code group is are entered into the ME;
- the ME reads the Co-operative Network List (CNL) from the SIM/USIM and extracts the (list of) Corporate
code group(s);
- keypad entry;
b) The ME carries out the pre-personalisation checks contained in clause 13 on the new codes entered into the ME.
If they all pass, the corporate code group(s) are stored in the ME. If any fail, the personalisation process shall be
terminated.
c) The CCK is stored in the ME. This may be entered via the keypad by the user or by a manufacturer defined
process;
d) The corporate personalisation indicator is set to "on".

To de-personalise the ME the correct CCK shall be entered. It is optional whether or not a SIM/USIM is inserted in the
ME. If a SIM/USIM is inserted, then de-personalisation shall be offered whether or not the corporate personalisation
The corporate de-personalisation shall be possible by keypad entry. If there is no keypad, then an alternative ME-based
solution shall be provided. Other de-personalisation methods may also be provided such as a network initiated process
whereby the control key is sent to the MS over-the-air (see clause 9).
The corporate de-personalisation process is as follows:
a) the CCK is entered into the ME;
b) if the entered CCK is the same as the one stored in the ME, the corporate personalisation indicator is set to "off".
3GPP
Release 12 15 3GPP TS 22.022 V12.0.0 (2014-10)
If the entered and stored CCK values differ the de-personalisation process shall be stopped and the ME remains
corporate personalised. The stored network operator, SP and corporate codes and CCK are left unchanged
8 SIM/USIM personalisation
SIM/USIM personalisation is an anti-theft feature. When a ME is SIM/USIM personalised to a particular SIM it will
refuse to operate with any other SIM/USIM. Hence, if the ME is stolen the thief will not be able to use it with another
SIM/USIM (see note). While this does not stop the ME being stolen it should make it less attractive to the thief.
NOTE: If the ME and the SIM/USIM to which it has been personalised are stolen together the ME would become
unusable once the SIM/USIM is reported stolen and is disconnected.
The ME is SIM/USIM personalised by storing the SIM/USIM code group (which is equivalent to the IMSI) of the
relevant SIM/USIM in the ME and setting the SIM/USIM personalisation indicator in the ME to "on". Whenever a
SIM/USIM is inserted, or the ME is powered up with a SIM/USIM already in place, the SIM/USIM code group (IMSI)
is read from the SIM/USIM and checked against the SIM/USIM code group(s) stored in the ME. If there is no match the
ME shall go into emergency calls only mode as described in annex A.2.
The SIM/USIM personalisation feature is controlled by a Personalisation Control Key (PCK). This key is selected by
the user at SIM/USIM personalisation and shall be entered into the ME to SIM/USIM de-personalise the ME.
In order to support the SIM/USIM personalisation feature the ME should have storage for the SIM/USIM
personalisation indicator, a (list of) SIM/USIM code group(s) and the PCK.
Multiple instances of SIM/USIM personalisation can be supported, i.e. whenever a SIM/USIM is inserted, or the ME is
powered up with a SIM/USIM already in place, the IMSI is read from the SIM/USIM and checked against a list of
SIM/USIM code groups stored in the ME.
8.1 Operation of SIM/USIM personalised ME

The SIM/USIM personalisation check described below is performed whenever a SIM/USIM is inserted or the ME is
powered up with a SIM/USIM already in place.
a) check whether the ME is SIM/USIM personalised: The ME checks its SIM/USIM personalisation indicator, if
it is set to "off" the personalisation check shall be stopped and the ME goes into the normal mode of operation,
omitting the remaining steps of the check;
b) read IMSI: The ME reads the IMSI from the SIM/USIM;
c) SIM/USIM personalisation check: The ME checks the read IMSI against the (list of) SIM/USIM code
group(s) stored in the ME. If no match is found, the ME shall display an appropriate message (e.g. "Insert correct
SIM" or "Insert correct USIM") and shall go into emergency calls only mode as described in annex A.2.
Otherwise, the ME goes into the normal mode of operation.
8.2 SIM/USIM personalisation cycle

The process of personalisation can only be carried out on a currently unpersonalised ME, i.e., if the SIM/USIM
unauthorised , accidental or unwanted personalisation. Other restrictions are described in clause 13. The personalisation
process results in the PCK being set, the SIM/USIM personalisation indicator being set to "on" and the storage in the
ME of a (list of) SIM/USIM code group(s) to which the ME is being personalised.
The SIM/USIM personalisation process is as follows:
3GPP
Release 12 16 3GPP TS 22.022 V12.0.0 (2014-10)
a) the SIM/USIM code group(s) is (are)entered into the ME. This may be accomplished by one of the following
means :
- the ME reads the SIM/USIM code group (IMSI) from the SIM/USIM and stores it;
b) the ME carries out the pre-personalisation checks contained in clause 13. If they all pass, the SIM/USIM code
group(s) is(are) stored in the ME. If any fail, the personalisation process shall be terminated;
c) to personalise the ME to more than one SIM/USIM and if the reading of the IMSI from the SIM/USIM is used to
enter the SIM/USIM code group in the ME, the procedures given in a) and b) shall be repeated;
d) the PCK is then stored in the ME. A single value of PCK shall be used for both single and multiple SIM/USIM
personalisation;
e) the SIM/USIM personalisation indicator is set to "on".

To de-personalise the ME, the correct PCK shall be entered. It is optional whether or not a SIM/USIM is inserted in the
ME. If a SIM/USIM is inserted, then de-personalisation shall be offered whether or not the SIM/USIM personalisation
SIM/USIM de-personalisation shall be provided by keypad entry. Other de-personalisation methods may also be
provided.
The SIM/USIM de-personalisation process is as follows:
a) the user enters the PCK in the ME;
b) if the entered PCK is the same as the one stored in the ME, the SIM/USIM personalisation indicator is set to
"off".
If the entered and stored PCK values differ, the de-personalisation process shall be stopped and the ME remain
personalised. The stored IMSI and PCK are left unchanged.
9 Over the air de-personalisation cycle

As an optional ME feature, the ME may be de-personalised over-the-air (OTA) by the network. The network, network
subset, SP and corporate categories may be de-personalised in this way. More than one category may be de-personalised
at the same time. The process results in the relevant personalisation indicator(s) being set to "off". The ME must be
registered on a network.
Two OTA methods are defined both of which use MT SMS-PP messages. With the first method, the IMEI of the ME to
be de-personalised and the Control Key(s) of the personalisation categories to be de-personalised are sent directly to the
ME. The ME performs checks on both the IMEI and the key values and the outcome of the attempted
de-personalisation(s) is acknowledged to the network.
With the second method, the keys of the personalisation categories to be de-personalised are sent to the ME via the
SIM/USIM. The IMEI is not included and the de-personalisation process only checks the keys. The outcome of the
attempted de-personalisation(s) is acknowledged to the network.
The network de-personalises the ME by one of the following methods:
(i) SMS-PP, ME-specific:
a) A point-to-point SMS message is sent by the network to the MS oe UE, the message being marked as being
destined for the ME only and for the purposes of ME de-personalisation (see TS 23.040 [6]). The User Data
of the SMS contains the de-personalisation key(s) and the IMEI (see annex A.4). If the ME supports the
feature, then it shall not display the data on the ME.
3GPP
Release 12 17 3GPP TS 22.022 V12.0.0 (2014-10)
b) The ME compares the values of the IMEI and the key(s) sent by the network with the corresponding values
stored in the ME. If they are the same, the relevant personalisation indicator(s) is (are) set to "off".
If the IMEI values differ, the personalisation status of all categories shall be left unchanged.
If any key values differ, the corresponding personalisation status shall be left unchanged.
c) The MS or UE sends a SMS acknowledgement to the network indicating the result of the attempted
de-personalisation process (see annex A.4).
(ii) SMS-PP Data Download:
a) A SMS message is sent by the network to the IM updating the EFDCK. In the GSM system, it is done by using
the SMS-PP SIM Data Download of the SIM Tool Kit (see GSM 11.14 [8]). In the 3G system, it is done by
using the SMS-PP Data Download of the USIM Toolkit (see TS 31.111 [10]).
b) The SIM/USIM causes the ME to send an SMS acknowledgement to the network, as a result of the terminal
response to the ENVELOPE command.
c) The SIM/USIM shall issue a REFRESH command to instruct the ME to perform an initialisation procedure.
During the initialisation procedure the ME reads the de-personalisation key field(s) from EFDCK stored in the
SIM/USIM after performing all personalisation checks.
d) For each control key in EFDCK which is empty (set to default), the corresponding personalisation status shall
be left unchanged.
e) For each control key in the EFDCK which is not the same as the corresponding stored key, the personalisation
status shall be left unchanged.
f) For each control key in EFDCK which is the same as the one stored in the ME, the corresponding
personalisation indicator is set to "off".
g) All the keys in the EFDCK are reset to the default value by the ME.
10 Disable Personalisation
There shall be a means to disable the personalisation at each level individually such that the ME shall operate with any
(i.e. all) SIM/USIM at that level.
The process of disable-personalisation can only be carried out on a currently unpersonalised ME, i.e., if the
personalisation indicator for that level is set to "off". It results in the personalisation indicator remaining set to "off".
When a particular level is disabled in this manner there shall be a means to make it impossible to change this status i.e.
the disable becomes irreversible thus eliminating the need for key-administration.
11 Manufacturer personalisation and de-personalisation

Manufacturers may enter into private arrangements to personalise MEs before delivery or at other times. They may also
have the capability to de-personalise/reset MEs for example, when a ME needs repairing, when the relevant control key
has been forgotten or lost or if the ME has been blocked as a result of excessive failed attempts at de-personalisation.
In all cases, secure arrangements shall be followed with the transfer and handling of the critical data such as the IMSI
and the associated control keys.
In common with the normal de-personalisation processes, the manufacturer controlled processes should be secure and
be key or password controlled.
3GPP
Release 12 18 3GPP TS 22.022 V12.0.0 (2014-10)
12 Automatic personalisation
ME manufacturers may offer alternative means of personalizing the ME such as adding functionality to the ME so that
it automatically personalises itself to the first IM inserted in it, using one or more of the five personalisation levels
described in clauses 5 to 8. In the case of SP and corporate personalisation, this is subject to the SIM/USIM supporting
GID1 and GID2 (as required) and the contents of those files being non-default.
13 Personalisation Cycle Restrictions

Security mechanisms shall be implemented to ensure that additions or changes to any personalisation category shall
only be made by persons authorised to do so for that category (see Section 14).
During the Personalisation cycle of a category, before any changes are made to the existing personalisation data, it shall
be checked that :
- the category to be personalised is not currently activated;
- the new codes to be stored are a subset of the existing codes.
(e.g. for a ME which is already network-personalised with the network code N1 and that is to be personalised for the SP
category, N1-SP1 can be added but N2-SP2 cannot be added).
NOTE 1: If no personalisation category are active, then no checks are necessary.
NOTE 2: If the entities of an active personalisation category are to be modified, then this shall only be possible if
the personalisation category is first de-personalised by means of the appropriate Control Key.
NOTE 3: After each personalisation cycle, the number of SIM/USIMs with which the ME can operate decreases. If
further personalisation cycles of specific personalisation categories are to be prevented, the
disable-personalisation feature can be used (see clause 10).
14 Security
This clause lists a number of security requirements which should be satisfied if the personalisation features are to be
effective. The requirements are not arranged in any particular order.
a) The control keys shall be decimal strings with an appropriate number of digits for the level of personalisation.
PCK should be at least 6 digits, and the remaining control keys at least 8 digits in length. The maximum length
for any control key is 16 digits.
b) Where more than one of the personalisation features are in use, distinct control keys should be used for the
different features.
c) The NCK, NSCK, SPCK and CCK should be randomly selected or pseudo-randomly generated and differ from
ME to ME.
d) The PCK should be randomly selected for each ME. In particular, subscribers should be strongly encouraged not
to use obvious values such as part of the dialling number.
e) It should be impractical to read or recover any of the control keys from the ME.
f) It should be impractical to alter or delete the values of the personalisation indicators, the control keys, the stored
IMSI or the stored network operator, SP and corporate codes, other than by the defined personalisation and
de-personalisation processes, without completely disabling the ME from working with any SIM/USIM. (Possible
methods that might be used by criminals to alter or delete the values include freezing, baking, exposure to
magnetic fields or UV light.)
g) For each de-personalisation procedure, there shall be a mechanism to prevent unauthorised attempts to
de-personalise the ME. These may include blocking the ME if the number of failed attempts to de-personalise
3GPP
Release 12 19 3GPP TS 22.022 V12.0.0 (2014-10)
the ME exceeds a certain limit, or alternatively introducing an increasing delay after each successive failed
de-personalisation attempt. Other mechanisms may be also be used.
h) The SIM/USIM personalisation feature will only succeed in discouraging thieves if they know or suspect that the
ME is SIM/USIM personalised. Therefore, unless and until SIM/USIM personalised MEs become the norm, it is
desirable that the ME should advertise the fact that it is SIM/USIM personalised.
i) Manufacturers should not de-personalise a ME for a user unless they have obtained the appropriate level of
approval, e.g., from the network operator for network personalisation, from the service provider for service
provider personalisation, etc.
j) ME manufacturers should ensure that the personalisation processes (except for SIM/USIM personalisation) are
protected against unauthorised, accidental or malicious operation.
3GPP
Release 12 20 3GPP TS 22.022 V12.0.0 (2014-10)
Annex A (normative):
Technical information
A.1 GID1 and GID2 files

The GID1 and GID2 elementary files on the SIM are specified in GSM 11.11 (ETS 300 977) [7].
The GID1 and GID2 elementary files on the USIM are specified in TS 31.102 [9].
For the purposes of this TS, a SIM/USIM is said to support one of these two files if it is marked as both allocated and
activated in the SIM/USIM service table.
The SP and corporate codes are stored in byte 1 of the appropriate files.
If byte 1 contains a hexadecimal value between "00" and "FE" inclusive, then this represents the SP/corporate code in
the GID1/GID2 files respectively. For the purpose of these personalisation features, the ME shall ignore the contents of
any other bytes of the file.
The value "FF" is the default value to be used in byte 1 when no meaningful SP/corporate code is represented in the
GID1/GID2 files respectively. This value shall not be allocated as an SP/corporate code.
Note that network operators would normally allocate SP codes for its service providers and SPs would normally allocate
corporate codes for its corporate customers.
A.2 Emergency calls only mode

The expression "emergency calls only mode" is used in this TS to describe the state the MS (combined ME and SIM) or
US (combined ME and USIM) enters when a personalisation check fails. In this mode, the state of the MS/UE is
equivalent to the "limited service state" (see TS 23.122) [4]. Although the personalisation has failed, the ME will be
able to access the TMSI and IMSI from the SIM/USIM, and therefore any emergency call request shall use these as the
MS/UE identity.
Set up of emergency calls remains as usual dependent on the status of Access Class 10 being broadcast in the cell (see
TS 22.011) [2].
3GPP
Release 12 21 3GPP TS 22.022 V12.0.0 (2014-10)
A.3 Co-operative Network List

The Co-operative Network List is specified in GSM 11.11 (ETS 300 977) [7].
For the purposes of this TS, a SIM is said to support this feature if it is marked as both allocated and activated in the
SIM service table.
The value "FF" is the default value to be used when no meaningful code is represented. This value shall not be allocated
as a code value.
A.4 Over-the-air de-personalisation

a) The ME-specific de-personalisation SMS messages sent by the network to de-personalise the ME shall be coded
according to TS 23.040 [6]. If length of every key does not exceed 8 digits, the TP-UD field shall be coded as
follows:
Character Description
1 - 40 Operator specific text padded with spaces to
character 40.
41 - 48 Network control key
49 - 56 Network subset control key
57 - 64 SP control key
65 - 72 Corporate control key
73 - 88 IMEI
If length of one or more keys exceed 8 digits the message in TP-UD field shall be extended with additional 32 digits as
follows:
89-96 Network control key extension

97-104 Network subset control key extension
105-112 SP control key extension
113-120 Corporate control key extension
The key shall be divided into main and extension fields as follows:
- If key length is equal to or less than 8 digits, the key value shall be coded to the main field as specified above,
and the corresponding extension field shall be encoded as "FFFFFFFF".
- If key length is more than 8 digits, the 8 most significant digits shall be coded to the main field and the
remaining digits shall be coded to the extension field. If the length of the key is less than 16 digits, then
extension field shall be populated from the beginning of the extension field, and each of the remaining digits
shall be encoded as "F".
NOTE: If the key value is "12345678901234", then the main field value will contain the string "12345678" and
the extension field "901234FF".
If an ME receives a key value with "F" padding, it shall ignore the "F" padding characters and only use the received key
part.
As the IMEI is 15 digits long (see TS 23.003 [3]), the sixteenth digit present here is ignored by the ME during the de-
personalization procedure and should be set to zero.
For the IMEI and each control key, the most significant digit is coded first in the string, e.g. character 41 is the most
significant digit of NCK.
All characters are coded according to the default alphabet described in TS 23.038 [5].
The string "FFFFFFFF" shall be used in place of a key to indicate that de-personalisation of that category is not
required.
3GPP
Release 12 22 3GPP TS 22.022 V12.0.0 (2014-10)
b) The acknowledgement to the ME De-personalisation Short Message shall be a SMS-DELIVER-REPORT for

RP-ACK as described in TS 23.040 [6] with the TP-User-Data coded according to the default alphabet
described in TS 23.038 [5] as below:
Character Description
1-16 IMEI of ME
17 Network personalisation status
18 Network subset personalisation status
19 SP personalisation status
20 Corporate personalisation status
As the IMEI is 15 digits long (see TS 23.003 [3]), the sixteenth digit present here is ignored by the network during the
de-personalization procedure and should be set to zero.
Status codes shall indicate the resulting status of each personalisation category as below.
Status code Description

0 Currently not personalised
1 Permanently not personalised
2 Personalised
3 IMEI mismatch
Other RFU
If the IMEI of the ME does not match the IMEI included in the De-personalisation Short Message, then the status of all
the personalisation categories shall be coded "IMEI mismatch".
c) The format for the control keys stored on the SIM is specified in GSM 11.11 [8]. The format for the control keys
stored on the USIM is specified in TS 31.102 [9].
For the purposes of this TS, a SIM/USIM is said to support this feature if it is marked as both allocated and activated in
the SIM/USIM service table.
The value "FF" is the default value to be used when no meaningful value for a key is represented. This value shall not
be allocated as a key value.
3GPP
Release 12 23 3GPP TS 22.022 V12.0.0 (2014-10)
Annex B (informative):
Change history
Change history
TSG SA# SA Doc. CR Rev Rel Cat Subject/Comment Old New WI
SP-16 SP-020339 004 - Rel-4 A IMEI format for de-personalisation over the air 4.0.0 4.1.0 SEC1
SP-17 - - - - - Upgrade to Release 5 4.1.0 5.0.0 -
SP-39 SP-080194 005 3 Rel-7 F Control key length increase in OTA de-personalisation 7.0.0 7.1.0 TEI7
message
SP-40 SP-080419 006 1 Rel-7 F Completion of sentence concerning control key length 7.1.0 7.2.0 TEI7
increase in OTA de-personalisation message
SP-48 SP-100397 008 - Rel-9 A Correction of Reference 9.0.0 9.1.0 TEI8
2011-03 - - - - - Update to Rel-10 version (MCC) 9.1.0 10.0.0
3GPP

3GPP TS 22.022

Uploaded by

Copyright:

Available Formats

3GPP TS 22.022

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

3GPP TS 22.022

Uploaded by

Copyright:

Available Formats

3GPP TS 22.022 V12.0.

3rd Generation Partnership Project;

3GPP support office address

No part may be reproduced except as authorized by written permission.

9 Over the air de-personalisation cycle ..................................................................................................... 16

x the first digit:

1 presented to TSG for information;

2 presented to TSG for approval;

3 or greater indicates TSG approved document under change control.

- Network subset personalisation;

- Service Provider (SP) personalisation;

- SIM/USIM personalisation (SIM for GSM systems or USIM for 3G systems).

• For a specific reference, subsequent revisions do not apply.

[1] 3GPP TR 21.905: "Vocabulary for 3GPP Specifications".

[2] 3GPP TS 22.011: "Service accessibility".

[3] 3GPP TS 23.003: " Numbering, addressing and identification".

[5] 3GPP TS 23.038: "Alphabets and language-specific information".

[9] 3GPP TS 31.102: "Characteristics of the USIM application".

[10] 3GPP TS 31.111: "USIM Application Tool Kit".

3 Definitions and abbreviations

CCK Corporate Control Key

Further GSM abbreviations are given in TS 21.905 [1].

network code: MCC and MNC.

network subset code: digits 6 and 7 of the IMSI.

network code group: same as network code

Table 1: Codes used by each personalisation category

Code Network (MCC, Network Subset SP Corporate SIM/USIM

5.1 Network personalisation

5.1.1 Operation of network personalised ME

5.1.2 Network personalisation cycle

5.1.2.1 Personalisation cycle

The network personalisation process is as follows:

- a manufacturer defined process.

d) The network personalisation indicator is set to "on".

5.1.2.2 De-personalisation cycle

The network de-personalisation process is as follows:

a) the NCK is entered into the ME;

5.2 Network subset personalisation

5.2.1 Operation of Network subset personalised ME

5.2.2 Network subset personalisation cycle

5.2.2.1 Personalisation Cycle

The network subset personalisation process is as follows:

- a manufacturer defined process.

d) The network subset personalisation indicator is set to "on".

5.2.2.2 De-personalisation cycle

The network subset de-personalisation process is as follows:

a) the NSCK is entered into the ME;

6.1 Operation of SP personalised MEs

6.2 SP personalisation cycle

The SP personalisation process is as follows:

- a manufacturer defined process.

e) The SP personalisation indicator is set to "on".

6.2.2 De-personalisation cycle

The SP de-personalisation process is as follows:

a) the SPCK is entered into the ME;

7.1 Operation of corporate personalised MEs

7.2 Corporate personalisation cycle

The corporate personalisation process is as follows:

- a manufacturer defined process.