Identifying subscribers within a secure environment
In mobile networks, each SIM card is issued a unique identifier. In 2G, 3G, and 4G networks this identifier is referred to as International Mobile Subscriber Identity (IMSI). In 5G networks, it is called Subscription Permanent Identifier (SUPI).
In networks up to 4G, this identifier is transmitted in clear text and is therefore vulnerable to attacks via so-called IMSI catchers. By intercepting the subscriber’s identity, attackers could retrieve valuable information such as the subscriber’s location, shared information, or even the data itself. In 5G, the Subscriber Permanent Identifier (SUPI) is encrypted and transmitted as Subscriber Concealed Identifier (SUCI). The key used for this purpose is stored securely in the 5G SIM / eSIM.
Subscriber Identity De-concealing describes the process of decrypting a subscription concealed identifier (SUCI) to reveal the subscriber’s permanent identifier (SUPI) in the home network.
Utimaco offers a specialized Hardware Security Module for the telecommunications industries, which supports subscriber identity de-concealing while storing the home network private key in a hardened environment, ensuring the privacy of the subscriber’s permanent identifier.