abstract · 2016-07-16 · esim have evolved. ... including mobile telecommunications. ... a...
TRANSCRIPT
INTERNATIONAL TELECOMMUNICATION UNION COM 20 – C Q2 - E
TELECOMMUNICATION STANDARDIZATION SECTOR
STUDY PERIOD 2013-2016
July, 2016
Engl ish only
Orig inal: Engl ish
Question(s): Q2/20 Document no. : T13-SG20-C-0245
STUDY GROUP 20 - Contr ibution Q2
Source: TEC, DoT, Govt. Of India; Sensorise Digital services Pvt. Ltd.;
T it le: M2M SIM and Digital Identity for enablement of Vehicle Registration and Transfer
Contact:
Sushil Kumar Tel: +91 11 23323471
TEC, DoT Fax: +91 11 23329088
India Email:[email protected]
Sharad Arora Tel: +91 9212109999
SensoriseDigital Services Private Ltd. India.
Email: [email protected]
AbstractTelecommunication Engineering Center (TEC), Department of Telecommunications (DoT),Ministry of Communication& IT, Govt. of India, formed 11 multi stake holders workinggroups (WGs) in the last two years to work in M2M/ IoT domain. Nine WGs are in theverticalsPower,Health,SafetyandSurveillance,IntelligenttransportSystems,SmartCities,Smart Homes, Smart village & Agriculture, Environment & pollution control and SmartGovernance.TwoWGsareonM2MGateway&ArchitectureandsecurityofM2Mdomain.Nine technical reports were released and available on TEC website(www.tec.gov.in/technical-reports/).Outofnine,twotechnicalreports,relatedtointelligentTransportSystemsareasgivenbelow:
1. M2MEnablementinIntelligentTransportSystems2. V2V/V2IRadiocommunicationandEmbeddedSIM
ConnectedCars(Vehicles)aregrowingrapidlyastheindustrymovestowardsdeployingnewtechnologies that benefit the connected car ecosystem – vehicle manufacturer, vehicleuser,vehicleowner,fleetmanager,insurer,serviceagencyandthegovernment–tonameafew.
Althoughmillionsofvehiclesareconnected,theprocessforthecarregistrationandtransferismostlymanual,whereasthevehicleregistration,identification,trackingandmanagementcanbenefittremendouslyfromthedeploymentofnewtechnologiessuchastheM2MSIMandDigitalIdentity(e-KYC).
This paper discusses an approach to enabling the vehicle registration, identification andtraceability using technologies such as the M2M SIM (eUICC) and e-KYC. The use casedefined in the annexure, if implemented, can substantially reduce time and cost of thevehicleregistration/transferprocessandinturnmaybehelpfulinreducingtheftandcrime.
Page2of14
Annexure:UseCaseforM2MSIMandDigitalIdentityenablementoftheVehicleRegistrationandTransferProcess
TableofContentsAbstract.....................................................................................................................................1
1 Title.....................................................................................................................................4
2 Objective.............................................................................................................................4
3 Background.........................................................................................................................4
3.1 TECTechnicalReports...............................................................................................4
3.2 SIMEvolution............................................................................................................5
3.3 DigitalIdentity(E-KYC)..............................................................................................5
3.4 M2MServiceProvider...............................................................................................5
4 Description..........................................................................................................................6
4.1 Ecosystemdescription...............................................................................................6
4.2 AbouttheeUICC........................................................................................................7
4.3 ActorsandBusinessRoles.........................................................................................7
TheimportantIdentitiesandtheirissuersareshownbelow...............................................8
Actorsarevisualizedinthefigurebelow:.............................................................................8
4.4 ContextualIllustration...............................................................................................9
4.5 ProposedProcessFlow..............................................................................................9
4.6 Pre-requisites..........................................................................................................10
4.7 Pre-conditions.........................................................................................................10
4.8 Triggers....................................................................................................................10
4.9 Scenarios.................................................................................................................11
4.10 Post-conditions........................................................................................................11
4.11 InformationExchange.............................................................................................11
5 ArchitecturalConsiderations............................................................................................11
6 PotentialMarket...............................................................................................................12
7 ImplementationConstraints.............................................................................................13
8 Standards,StatutorycompliancesandrelatedRegulations.............................................13
9 AvailableGlobalStandards...............................................................................................13
Page3of14
10 References........................................................................................................................13
11 Generalremarks...............................................................................................................14
12 Proposal............................................................................................................................14
Page4of14
1 TitleM2MSIMandDigitalIdentityforenablementofVehicleRegistrationandTransfer
2 ObjectiveThisusecasedealswithsignificantlyimprovingtheconvenienceandsecurityofthevehicleidentification,registrationandtransferprocessusingthenewagecapabilitiesofM2MSIM(eUICC)andDigitalIdentity(e-KYC).
TheobjectiveofthecontributionistocreateadetailedunderstandingofhowtheeUICCande-KYCenablementofVehicleRegistrationandTransfercanbenefitthetransportationecosystem,thegovernanceandthesecurity.
3 Background
3.1 TECTechnicalReports
Over the last two years, the Telecommunication Engineering Centre (TEC),Department ofTelecommunications (DoT), Ministry of Communication & IT, Government of India, hasreleased nine Technical reports inM2M/ IoT domain. These reports are available on TECwebsite (www.tec.gov.in/technical-reports/). These reports relate toM2M enablement inPower sector, Remote Health management, Safety and Surveillance systems, IntelligentTransport Systems and ICT deployment and strategies for India’s Smart Cities: A CurtainRaiser.TworeportsareonM2MGateway&ArchitectureandNumberingplan.TwotechnicalreportsreleasedintheareaofIntelligentTransportSystemsareasgivenbelow:
1. M2MEnablementinIntelligentTransportSystems2. V2V/V2IRadiocommunicationandEmbeddedSIM
Thisusecase isadetaileddescriptionofoneoftherecommendationsoftheprevioustworeportsintheareaofM2MSIMandDigitalIdentity.AbriefquotefromthepreviousStudyreportisreproducedbelow:
EmbeddedSIM:ThenormalSIMcardisnotsuitableforharshconditionsofvehicleslike vibrations, temperature, and humidity. GSMA has created specifications forembedded M2M SIM, for remote Over-the-Air (OTA) provisioning, hermeticallysealedor installed inhazardousorremote locations. Itcanwithstandtemperaturevariation for automotive grade temperature range of -40 degree to- +125 degreeCelsius.EmbeddedSIMtechnologyoffersbigopportunitiesforautomanufacturersasthe lifecycleofaneSIMis,onaverages,10-15years. InternationalstandardsforeSIMhaveevolved.
OneofthechallengesidentifiedintheITSTechnicalReportrelatedtotheKnow-Your-customerprocessforissuanceoftheM2MSIM.
Know-Your-Customer(KYC)normsfortheM2MSIMusedinITSDevices(GPS/GPRSetc.)maybedifferentthantheKYCnormsforSIMbeingusedformobilephone.Currently,thereisnomechanismtoensurevehicleownershiptransferisinsyncwiththedeviceSIMconnection,whichneedstobeaddressed.
This working group has looked into the technology and its enablement for theIntelligentTransportsector,includingtherequirementsandstandardsforM2MSIM,andtheprocessesrequiredtoproliferatetheM2M/IoTUseCases.
Page5of14
ThisusecaseaddressestheuseofDigital IdentityandM2MSIMforVehicle Identification,Registration, Transfer and Tracking using National Identity Database for the purpose ofonlineauthenticationofanindividual/Company/Vehicle.
3.2 SIMEvolution
The traditionalSIMcard isa formfactor thataconsumercan insertandremove fromthedevice. It stores an operator defined profile which is programmed duringmanufacturing,andenablestheidentification,authenticationanduseofthenetworkresourcesandservicesbythecustomer.
TheSIMisbuiltonSmartCard(UICC)technology,whichisjustlikethebankcards.TheUICCis a physically secure computing device that can be used across multiple vertical sectorsincludingmobiletelecommunications.
TheEmbeddedSIMisa formfactorthat isphysically integrated intothedevice,mostlybysolderingtothedevicePCB.TheEmbeddedSIMcannotbeeasilyremovedinthefield.Asaresult, the Embedded SIM requires remote provisioning, which is the ability to remotelyselect the SIM profile deployed on a SIM without physically changing the SIM card. ThistechnologyisstandardizedandcanbeimplementedonaSIMcardwithanyformfactor.
ThetermeUICCisusedtorepresentaSIMcardthatcanberemotelyprovisioned.
3.3 DigitalIdentity(E-KYC)
Technopediadefinesadigitalidentityasanonlineornetworkedidentityadoptedorclaimedin cyberspace by an individual, organization or electronic device. These users may alsoprojectmorethanonedigitalidentitythroughmultiplecommunities.
InIndia,theparliamenthaspromulgatedanAct(TheAadhaarACT,2016),AnActto“providefor,asagoodgovernance,efficient,transparent,andtargeteddeliveryofsubsidies,benefitsandservices,theexpenditureforwhichisincurredfromtheConsolidatedFundofIndia,toindividualsresidinginIndiathroughassigningofuniqueidentitynumberstosuchindividualsand for matters connected therewith or incidental thereto”. The Reserve Bank of India(Central Bank) has recently notified that the paperless electronic authentication, orelectronic know-your-customer (eKYC), process provided by the Unique IdentificationAuthorityofIndia(UIDAI)is“officiallyvalid”.
3.4 M2MServiceProvider
The GSMA Embedded SIM Business Process document “GSMA Embedded SIM BusinessProcessCLP-05-v1-0“defines the roleof theM2MServiceProvideras“Actorwhoprovidesservices to its service Subscribers on a contractual basis and who is responsible for theservicesoffered”
AMckinseyreport“E-SIMforconsumers—agamechangerinmobiletelecommunications?“ identifies the role of an Independent Third Party for setting up the server for real timediscoveryoftheSubscriptionProfile.
Page6of14
Figure1:RoleofIndependentThirdParty
4 Description
4.1 Ecosystemdescription
Currently there is a massive shift in the fleet management market; both regulatoryrequirements,suchasthatforspeedcontrollers,safetyandsurveillanceforpublictransport,alongwith costmanagement by fleet owners are creating a need for different telematicsdevicesinthevehicles.
ThisleadstoasituationwhereM2Mconnectivitybecomesacriticalenablerforthemissioncriticalandoftenlife-savingusecases.Inemergingmarkets,thecoverage/capacitygapscangoupto30%,worsenedbytheuseofconsumergradeSIMcards,whichsuffera2-5%failureratewhenusedintheharshenvironmentsuchasthatofvehiclesontheroad.
GovernmentshaveenactedparliamentaryactstosetupNationalIdentityRegistersthatcanbe used for online authentication of citizen identity. Examples are Sweden, France, India(UIDAI),tonameafew.
Governments everywhere are pursuing a strategy of digitization and automation, both toconveniencethecitizenry,asalsotoeasethegovernanceinitself.
Therecommendationsinthisusecaseenablesboththestatedobjectives
1) DigitizationandAutomationoftheVehicleTransferProcess
2) UseofDigitalIdentity(e-KYC)forauthentication
TheGSMA’s eUICC Specification provides a single, de-facto standard mechanism for theremoteprovisioningandmanagementofmachinetomachine(M2M)connections,allowing
Page7of14
the “over the air” provisioning of an initial operator subscription, and the subsequentchange of subscription from one operator to another. GSMA eUICC is a vital enabler forMachine to Machine (M2M) connections including the simple and seamless mobileconnectionofalltypesofconnectedmachines.
ETSIhasstandardizedtheeUICCthroughitsTechnicalSpecificationSmartCards;EmbeddedUICC;RequirementsSpecification.
4.2 AbouttheeUICC
TheeUICChasthefollowingimprovementsoverthegenerallyavailableconsumerSIM
a. SecureandTamperresistant
b. Factoryreadyduetotheoptionalsolderableformfactor,whichenablesthedevicestobeIP67compliant
c. Readytohandletheindustrialandautomotiveenvironment
d. 10yearlifewithsignificantlyenhancedRead/WritecyclesandStorage
e. Storesup to5 subscriptionprofiles, therebyenablinga selectionofbootstrapandcommerciallife-stagesfromavarietyofMobileNetworkOperators
4.3 ActorsandBusinessRoles
Thefollowingactorscontributetotheusecase
1:ActorsandBusinessRoles
SNo
Actor BusinessRole
1 TransportAuthority
RegistrationofVehicles
2 VehicleOEM ManufacturestheCar
3 DeviceOEM ManufacturesTelematicsdeviceswithappropriateM2MSIM
4 SIMcardsupplier
SuppliesfactoryreadySIMCardsinMFF2formfactor
5 M2MServiceProvider
ProvideroftheenablingProvisioning(bootstrap)connectivityandovertheairmanagementofSubscriptionsSIMlifecyclemanagementande-KYC.
ThisrolecouldbeplayedbyanMNO,VNOoraregisteredM2MServiceProvider
6 TrustProvider CertificationandAuthenticationAuthority(likeNationalIdentityRegisters)thatprovideonlineauthenticationforcitizenidentification
7 MobileOperator
TheproviderofmobileservicesfromaGSMnetwork
8 Buyer TheBuyeroftheVehicle
9 Seller TheSelleroftheVehicle
Page8of14
TheimportantIdentitiesandtheirissuersareshownbelow
Figure2:KeyIdentitiesandIssuers
1. TheidentitiesofeUICCande-KYCwhenlinkedintheTransportAuthorityDatabaseprovideapowerfulandsecuretraceabilitytoolforthevehicleanditsowner
2. TheeUICC-IMEIpairing(whichcanbelockedtoeachother)providesauniqueidentitypairwithwhichavehiclecanberemotelyreachedforpurposesoftracking,safety,remotemonitoringandsurveillance
3. TheownerauthenticationusingaCitizenIDmayberestrictedtotheownerasanindividual.Insuchcases,aDigitalCertificateissuedtotheCompanymaybeusedforauthenticationoftheCompany
Actorsarevisualizedinthefigurebelow:
Figure3:Actors
VehicleID:Registration
NumberTransportAuthority
Person
ID:CitizenID NationalTrustProvider
SIM
ID:IMSI MobileOperator
Page9of14
4.4 ContextualIllustration
Theprocessofvehicleregistrationandtransferasitistoday,passesthroughseveralmanualstepsthatrequirefillingofformsandofflineauthenticationandverificationofthedata.
TheIndiancaseinpoint,withtheDelhistateasaspecificexample,isasfollows
The transfer of ownership of a vehicle is to be applied in the concerned zonal office where vehicle is alreadyregisteredandfollowingarethedocumentstobesubmitted:-
1. Registrationcertificateinoriginal2. Formno.29dulyfilledinduplicate3. Formno.30dulyfilledinduplicate4. Attestedcopyofvalidinsurance,infavourofbuyer5. Attestedcopyofaddressproofofbuyer6. Attestedcopyofvalidpollutionundercontrolcertificate7. AttestedcopyofG.I.R./Panno.orFormno.60/Formno.61(incaseofcarsonly)8. Prescribedfee9. Forcommercialvehiclesinadditiontoabove10. PermitsurrenderslipforS.T.A.11. ChallanclearancefromTrafficPolice&Enforcementbranchofthetransportdeptt.arerequired.12. TaxclearancereportfromAccounts
4.5 ProposedProcessFlow
Thisprocess flowdescribedthecar registrationandtransferserviceadditionofanautomationstepasdescribedbelow:
1) The Vehicle OEM / Dealer enters the Vehicle details online at the PoS orGovernmentRegistrationAuthorityieattheRegionalTransportOffice(RTO)
2) VehicleBuyerdetailsareenterednext3) VehicleBuyerisidentifiedusinganAadhaarNumber(oraDigitalCertificate
ifthebuyerisaCompany)4) An e-KYC OTP is sent to the Mobile phone of the buyer(or a Digital
CertificateOnlineAuthenticationforCompanies)5) ThebuyerisaskedtoentertheOTP6) Theregistrationrecordsareupdated
The Process flow diagram below exemplifies the process using the Indian context. Thegenericrolesdescribedearlierareclarifiedbelow
2:ProcessActorsandIndianRoletakers
SNo GenericActor IndianBusinessRole
1 TransportAuthority RTO
2 VehicleOEM VehicleOEM
3 DeviceOEM DeviceOEM
4 SIMcardsupplier SIMCardSupplier
5 M2MServiceProvider M2MServiceProvider
6 TrustProvider UniqueIdentificationAuthorityofIndia-UIDAIORDigitalCertificationAuthority
e-AadhaarforIndividualsORDigitalCertificatebasedAuthenticationforCompanies
KYCUserAgency(KUA)
Page10of14
7 MobileOperator MobileOperator
8 Buyer TheBuyeroftheVehicle
9 Seller TheSelleroftheVehicle
Figure4:VehicleRegistrationwithe-KYC
Theaboveprocesswill improve the authenticity of customer; itwill empower theauthority with more knowledge about registrant and will improve traceability ofregistrantifneedarisesaddressingcountrylevelsecurityconcerns.
4.6 Pre-requisites
ThePre-requisitestoimplementsuchaprocessaredefinedbelow- ExistenceofanOnlineNationalCitizenDatabase- VehiclesembeddedwithaneUICCbasedSIM- M2MService Provider for enabling / provisioning (bootstrap) connectivity and
overtheairmanagementofSIMandSubscriptionProfiles- Transport Authority with online registration capability linked to the online
NationalIdentityauthentication- WebinterfacesforVehicleregistrationbytheOEM/Dealer
4.7 Pre-conditions
Thefollowingpre-conditionsenabletheproposedusecase- VehiclesareembeddedwithM2MSIMCard- TheVehicleOEMhasregisteredthevehiclewiththeTransportAuthority- TheM2MSIMcardhasabootstrapconnection(ProvisioningProfile)sothatthe
buyer’spreferredconnectioncanbeselectedontheM2MSIMcard- TheSellerandBuyerareregisteredattheNationalIdentitydatabase
4.8 Triggers
Theprocessflowsaretriggeredfromthefollowingevents
- VehicleOEMproducingabatchofConnectedCars
Page11of14
- VehicleOEMdealerregisteringtheCarswiththeTransportAuthority- AbuyerwantingtoPurchaseaConnectedcar- ScrappingofaConnectedCar
4.9 Scenarios
Theprocesscanbeappliedto1) NewVehicleRegistration2) VehiclePurchase&TransferProcess3) VehicleHealth,FitnessandPollutionControlTracking4) VehicleIdentification5) VehicleLocationProcess6) VehicleFinesandTicketsrecordingProcess
4.10 Post-conditionsOncethetransfersarecompletedaspertheprocess,thefollowingactionsarerequired
- UpdationoftherecordsoftheBuyeratthefollowingdatabaseso VehicleOEMforreceivingvehiclediagnosticsinformationo VehicleOEMServiceCentreso MobileOperatoro TelecomAuthority
4.11 InformationExchange
Althoughtheeventualimplementationmayrequireadditionalinformationflows,thefollowingarethecriticalonesforastartupusecase
a. M2MDevice information triplet -Device SerialNo,DeviceCommunicationModule identity (IMEI) and SIM Serial Nos (IccID) Pairing for bootstrapsubscriptions
b. ConnectedVehicleEngine/ChassisandM2MDevicePairinginformationc. NewConnectedVehicle/CarProductioninformationtoTransportAuthorityd. UpdatedVehicleRegistration,M2MDeviceInformationtriplet,Operational
Subscription information to Transport Authority, TelecommunicationsAgencies,VehicleOEM,Buyer
5 ArchitecturalConsiderationsThefollowingarchitecturalaspectsareimportantfortheimplementationoftheproposedusecase
- ArchitectureoftheNationalOnlineAuthenticationsystemscapableofonlineverificationandauthenticationofindividualsandcompanies
- ArchitectureoftheTransportAuthoritysystemspermittingonlineVehicleRegistrationandbuyerAuthentication
- ArchitectureoftheTelematicsDeviceforfactoryreadyconnectivitywithanembeddedSIM
- ArchitectureoftheM2MSIMforhostingProvisioningProfiles(bootstrapsubscriptionfromtheM2MServiceProvider)andOperationalProfiles(buyer’smobilesubscription)
- ArchitectureoftheOvertheAirSubscriptionLifecyclemanagementplatforms
TheArchitecturemustconsiderthefollowing
Page12of14
- OpenAPIarchitecture- IPV6support
6 PotentialMarketConnectedVehiclesaresettodrivetheadoptionofM2Mglobally.
SafetysystemsincarswillbethekeygrowthdriversfortheautomotiveelectronicsmarketinthenextfewyearsasitattainsCompoundedAnnualGrowthRate(CAGR)of21.8%asperresearchestimates.
Acceleratinggrowthinembedded,in-carTelematicsoverthenext15yearswillleadtocarsrepresentingover5%ofallconnecteddevicesby2025,comparedwithjust0.1%today.TheautomotiveembeddedTelematicsmarketisexpectedtogrowataCAGRof24.6%overthenext15yearstoreach€20billionby2025.
ArecentMcKinseyreportsaysthefollowingregardingtheM2Menablementwiththee-SIM
Figure5:ConnectedVehiclesForecast
Page13of14
Figure6:McKinseyResearch,Jan2016
7 ImplementationConstraintsThefollowingimplementationconstraintsarevisualized
- MandatingthestandardsforTelematicsDevices- PolicymandatesfortheM2MServiceProvider- OpenAPIforTransportAuthorityDatabasesforonlineregistrationand
authentication- ANationalIdentitydatabasewhichoffersonlineauthentication
8 Standards,StatutorycompliancesandrelatedRegulationsThefollowingrelateddocumentsarenotedhere
- GSMAssociationNon-confidentialOfficialDocumentSGP.02-RemoteProvisioningArchitectureforEmbeddedUICCTechnicalSpecification
- AAdhaarAct2016andRBINotificationregardinge-KYCusingUIDAIAadhaar(Indiaspecific)
9 AvailableGlobalStandards- ETSITS102225V12.1.0:“SecuredpacketstructureforUICCbasedapplications
(Release12)”.
- ETSI TS 102 671 V9.2.0 (2015-06) Smart Cards; Machine to Machine UICC;Physicalandlogicalcharacteristics
Page14of14
- ETSI TS 102 267 V7.1.0 (2010-04) SmartCards;ConnectionOrientedServiceAPIfortheJavaCard™platform(Release7).ForAllotherrelevantstandardsfortheSmartCardspleasereferhereandforSIMpleasereferhere
-OneM2MTS0002onMachine-to-Machinecommunications(M2M);M2Mservicerequirements.AllotherrelatedoneM2Mspecificationareavailablehere
- ETSITS122101UniversalMobileTelecommunicationsSystem(UMTS);Serviceaspects;Serviceprinciples(Release8orlater)
- ETSITS124008(Release8orlater)
- ETSITS124123(Release8orlater)
- ETSITS126267(Release8orlater)
- ETSITS126268(Release8orlater)
- ETSITS126269(Release8orlater)
- ETSITS127007(Release8orlater)
- ETSITS151010(Release8orlater)
10 ReferencesTheUIDAIAadhaarbasede-KYCProcesshttps://developer.uidai.gov.in/book/export/html/41
TheIndianNationalTelecomRoadmaphttp://www.dot.gov.in/sites/default/files/Draft%20National%20Telecom%20M2M%20Roadmap.pdf
MckinseyReport“E_SIM_for_consumers_a_game_changer_in_mobile_telecommunications“
11 GeneralremarksThetrilogyoftheM2MSIM,DigitalIdentity(electronicKnow-Your-Customer)andtheroleoftheM2MServiceProviderhavethepotentialtodramaticallychangetheM2Menablementscenariofortheindustry.
Government,Regulation,Policy,StandardsandIndustrybodieshavealotofworktodointhedomain,ensuringthattheenvironmentisconducivetothesafeyetspeedyintroductionofthedigitizationcapabilities.
12 ProposalTheuse case submission to ITU is intended tobenefit themember countries thatmaybeconsidering the use of Digital Identity andM2M SIM for vehicles and related registrationprocessesandrecords.
It is proposed that this use cases may be taken in to account (as appropriate) in thestandardizationworkplanoftheM2M/IoT.