FIELD OF THE INVENTION

The present invention generally relates to ^' communications methods and communications systems and in particular to a method and system for operating a communications device in at least to two different communications environments.

BACKGROUND OF THE INVENTION

Mobile communications, particularly in the field of mobile telephone communications, is well known. Usually, mobile communications are limited to a home communications environment of a communications device, e.g. in a geographical area in which a user of the communications device lives.

In some cases it is possible to operate a communications de- vice in different communications environments such that, for example, the communications device can be moved from a geographical area serviced by a telephone network to a geographical area serviced by another telephone network (e.g. telephone networks in different countries and/or different telephone networks in the same country) . In the field of mobile telephone communications, this capability is also referred to as "roaming" .

However, providing mobile communications capabilities going beyond the boundaries of a single communications environment and including different communications environment require that a communications device to be operated in different communications environments can be identified in and can log on to each communications environment of interest.

In the case of mobile telephone communications, this is com- monly accomplished by storing, in the Home Locations Registers

HLRs of the involved communications environments, data indicating that a particular communications device may be operated in the respective communications environment. For example, the HLRs store an International Mobile Subscriber Identity IMSI of the communications device to be operated in the communications environments. Upon request from the communications device to communicate in one of the communications environments, the concerned communications environment proofs whether the IMSI received from the communications device is stored in its HLR. If the stored IMSI and the received IMSI correspond, the communications device is allowed to communicate in the communications environment. If the stored IMSI and the received IMSI do not correspond, communications by this communications device in the communications environment is denied.

However, such mobile communications is usually not provided in general. For example in the field of mobile telephone communications, mobile telephones using so-called prepaid cards are not allowed to use roaming services. Rather, to use such a telephone in different communications environments requires using the telephone with a prepaid card for each communications environment .

A reason for such restrictions is, for example, the way communications to and from a communications device operated outside its home communications environment are routed, the manner a communications device outside its home communications environment is identified and addressed, and how administrative and managing processes (e.g. billing procedures) are designed.

Therefore, there is need for enhanced solutions providing increased mobility in communications, preferably to allow world- wide mobile communications without restriction.

It is an object of the present invention to provide a communications method and a communications system as well as related components, which overcome the above-mentioned problems, for example, relating to an operation of a communications device in different communications environments.

SUMMARY OF THE INVENTION

According to an aspect, the present invention provides a method for operating a communications device, which has first identity data associated to a first communications environment, in at least one further communications environment, which method comprises the steps of communicating, from the communications device to a central entity, a request to operate the communications device in a second communications environment, communicating, from the central entity to the communications device in response to the request, second identity data associated to the second communications environment, and storing, by the communications device upon receipt of the second identity data, the second identity data.

According to a further aspect, the present invention provides a system comprising a first communications environment, a communications device, which has first identity data associated to the first communications environment, a second communications environment to which second identity data is associated, and a central entity, wherein the central entity is adapted to communicate, upon a request from the communications device to operate the communications device in the second communications environment, the second identity data to the communications device, and the communications device is adapted to store the second identity data.

According to a further aspect, the present invention provides a software program including software program portions for carrying out the method steps according to the present invention.

According to a further aspect, the present invention provides a communications device being adapted to carry out the method steps according to the present invention.

According to a further aspect, the present invention provides a central entity being adapted to carry out the method steps according to the present invention.

According to a further aspect, the present invention provides a communications environment being adapted to carry out the method steps according to the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS

Embodiments of the invention will now be described, by way of example, and with reference to the accompanying drawings, in which:

Figs. 1 to 7 show preferred embodiments of the present in- vention.

DESCRIPTION OF PREFERRED EMBODIMENTS

The figures illustrate, in exemplary manner, preferred embodiments of the present invention. Before proceeding further with the detailed description of the figures, however, a few items of further preferred embodiments will be discussed.

In the method according to the present invention, the communications device may be a mobile communications device, the first and second communications environments may be mobile telephone environments, and the central entity may be an en- tity providing roaming services for the communications device in the first and second communications environments.

Examples for a communications device, which can be used in the present invention, include mobile telephones (e.g. GSM and

UMTS devices) , mobile computing devices having communications capabilities and the like.

Examples for a communications environment, which can be used in the present invention, include mobile telephone environ- ments (e.g. GSM and UMTS networks) , communications systems including wireless and wired communications links (e.g. radio and terrestrial communications networks optionally including the Internet) and the like.

Examples for a central entity, which can be used in the pre- sent invention, include a communications network interconnecting the first communications environment and second communications environment, a communications server, a telephone switch and the like.

The request may be communicated from the communications device to an identity data providing entity and from the identity data providing entity to the central entity.

The central entity, upon receipt of the request, may retrieve a first part of the second identity data.

The first part of the second identity data may be stored in association to the central entity and the identity data providing entity such the central entity and the identity data providing entity have access to the first part of the second identity data.

Examples for such a storage include to store the first part of the second identity data in a first storage means to which the central entity is connected via at least one of a wired communications link and a wireless communications link and a second storage means to which the identity data providing entity is connected via at least one of a wired communications link and a wireless communications link, or in a storage means to which both the central entity and the identity data providing entity

are connected via at least one of a wired communications link and a wireless communications link.

The identity data providing entity, upon receipt of the request, may retrieve a second part of the second identity data.

The second part of the second identity data may be stored in association to the identity data providing entity only such the identity data providing entity has access to the second part of the second identity data, while access to the second part of the second identity data by the central entity is de- nied.

Examples for such a storage include to store the second part of the second identity data in a storage unit to which only the identity data providing entity is connected via at least one of a wired communications link and a wireless communica- tions link, while the no communications link between the central entity and the storage unit is allowed.

The central entity may communicate the first part of the second identity data to the identity data providing entity.

The identity data providing entity may communicate the first part of the second identity data and the second part of the second identity data to the communications device.

The first part of the second identity data may be an International Mobile Subscriber Identity IMSI for a mobile communications environment, and the second part of the second identity data may be a Ki key for a mobile communications environment.

At least one of the first part of the second identity data and the second part of the second identity data may be encoded by the identity data providing entity before being communicated to the communications device.

The at least one encoding step may be carried out by using a general encoding key.

At least one of the first part of the second identity data and the second part of the second identity data may be decoded by the Communications device upon receipt.

The at least one decoding step may be carried out by using a general decoding key.

The general decoding key may be previously stored in the communications device under control of the identity data provid- ing entity. This can be for example accomplished by the identity data providing entity before the communications device is provided to a user, e.g. during a manufacturing process of the communications device.

Communicating by means of the communications device in the first communications environment may include a step of identifying the communications device in the first communications environment by means of the first identity data.

The identifying step may include operating the communications device such that the first identity data is defined as valid identity data.

The first identity data may be communicated from the communications device to a first communications system in the first communications environment.

The identifying step may include communicating first communi- cations request data to the central entity. Examples for the first communications request data include data indicating that the communications device is now to be operated in the first communications environment.

The first communications request data may be communicated di- rectly from the communications device or via a first communi-

cations system in the first communications environment to the central entity upon receipt of the first identity data by the first communications system.

Examples for a communications system useable as first communi- cations system in the present invention include a provider or operator of the first communications environment and respective components and units, respectively, a telephone switch, a GSM switch, an UMTS switch and the like.

The central entity may communicate erasing data to the commu- nications device in response to the first communications request data, wherein the erasing data effects removing the second identity data from the communications device.

The erasing step may include communicating an empty identity data template replacing the stored second identity data.

For communications in the first communications environment, the second identity data may be marked as invalid identity data.

The marking step may be carried out by a second communications system in the second communications environment upon receipt of a marking request communicated from the central entity to the second communications environment in response to the first communications request data.

Examples for a communications system useable as second communications system in the present invention include a provider or operator of the first communications environment and respective components and unit, respectively, a telephone switch, a GSM switch, an UMTS switch and the like.

In preparation of communications by means of the communications device in the second communications environment, the re- quest may be communicated from the communications device being

operated in the first communications environment to the central entity.

The second identity data may be then communicated from the central entity to the communications device in the first com- munications environment.

Communications from the communications device to the central entity may be carried out via a first communications system in the first communications environment, while communications from the central entity to the communications device may be carried out via an identity data providing entity, at least as regards the communications related to the second identity data.

Communicating by means of the communications device in the second communications environment may include a step of identifying the communications device in the second communications environment by means of the second identity data.

The identifying step may include operating the communications device such that the second identity data is defined as valid identity data.

The second identity data may be communicated from the communi- cations device to a second communications system in the second communications environment.

The identifying step may include communicating second communications request data to the central entity. Examples for the second communications request data include data indicating that the communications device is now to be operated in the second communications environment .

The second communications request data may be communicated from a second communications system in the second communications environment to the central entity.

The second communications request data may be communicated from the communications device being operated in the second communications environment directly to the central entity.

The central entity may communicate, in response to the second communications request, a identity data transfer request to a first communications system in the first communications environment, and the first communications system may then route communications, which are to be carried out with the communications device and including first identifying data for iden- tifying the communications device in the first communications environment, to the central entity.

Examples for data to be used as first identifying data include data identifying the communications device as such (e.g. a Mobile Subscriber ISDN Number MSISDN, a Mobile Subscriber Iden- tification Number MSIN, International Mobile Subscriber Identity IMSI) , a telephone number of the communications device, an Internet address of the communications device, a communications link via which the communications device can receive communications, a CLIP (Calling Line Identification Presenta- tion) and the like.

Then, the central entity may replace, in the communications routed to the central entity, the first identifying data by second identifying data for identifying the communications device in the second communications environment, and the communications to be carried out with the communications device and now having the second identifying data can be routed to the communications device in the second communications environment.

Examples for data to be used as second identifying data include data identifying the communications device as such (e.g. a Mobile Subscriber ISDN Number MSISDN, a Mobile Subscriber

Identification Number MSIN) , a telephone number of the communications device, an Internet address of the communications device, a communications link via which the communications de-

vice can receive communications, a CLIP (Calling Line Identification Presentation) and the like.

Communications to and from the communications device in the second communications environment may be routed via the cen- tral entity, preferably at least partially routed via an SS7/C7 voice link.

Communications from the communications device to be carried out in the second communications environment may include second identifying data for identifying the communications device in the second communications environment, wherein the central entity may replace the second identifying data by first identifying data for identifying the communications device in the second communications environment, and wherein the central entity may route the communications from the communications de- vice and now including the first identifying data to a communications target in the second communications environment with which the communications from the communications device are to be carried out. Above examples for identifying data apply to this embodiment also. Examples for a communications target in- elude communications devices comparable to the above mentioned communications device.

Communications from the communications device to be carried out in a communications environment outside the second communications environment may include second identifying data for identifying the communications device in the second communications environment, wherein the central entity may replace the second identifying data by first identifying data for identifying the communications device in the first communications environment, and wherein the central entity may route the com- munications from the communications device and now including the first identifying data to the communications environment outside the second communications environment in which the communications from the communications device are to be carried out .

Communications to the communications device to be carried out in the second communications environment may include first identifying data for identifying the communications device in the first communications environment, wherein the central en- tity may replace the first identifying data by second identifying data for identifying the communications device in the second communications environment, and wherein the central entity may route the communications now including the second identifying data to the communications device.

The central entity, in response to the second communications request data, may transfer communications allowance data indicating that the communications device is allowed to communicate from a first communications allowance data providing entity associated to the first communications environment to a central communications allowance data providing entity associated to the central entity.

The central entity, in response to the second communications request data, may transfer communications allowance data indicating that the communications device is allowed to communi- cate from a first communications allowance data providing entity associated to the first communications environment to a second communications allowance data providing entity associated to the second communications environment.

Examples for communications allowance data include data repre- senting an account associated to the communications device, a balance associated to the communications device, data obtained from a prepaid communications card and the like.

Examples for communications allowance data providing entities include billing platforms, units, clearing centers and the like respectively associated to the first communications environment, the second communications environment and the central entity.

The second identity data is preferably selected from a plurality of identity data reserved to be used as second identity data for carrying out the method.

Communicating by means of the communications device may in- elude operating the communications device in a second identity data request mode under control of a software program associated to the communications device.

Storing the second identity data in the communications device may include operating the communications device in a second identity data storing mode under control of a software program associated to the communications device.

Preferably, the communications device is adapted to store the first identity data and a plurality of second identity data.

The second identity data may be communicated from the central entity to the communications device by means of at least one of a SMS, a MMS, an e-mail and a WAP link.

Communications to and from the communications device may include at least one of voice communications, SMS communications, MMS communications, e-mail communications and data communica- tions.

The above given examples correspondingly apply to the following preferred embodiments.

In the system according to the present invention, the communications device may be a mobile communications device, the first and second communications environments may be mobile telephone environments, and the central entity may be an entity providing roaming services for the communications device in the first and second communications environments.

The system may further comprise an identity data providing en- tity and wherein the request may be communicated from the com-

munications device to the identity data providing entity and from the identity data providing entity to the central entity.

The system may further include at least one first storage entity in which a first part of the second identity data is stored such that access to the first part of the second identity data by the central entity and the identity data providing entity is allowed and wherein the central entity, upon receipt of the request, may retrieve the first part of the second identity data from the at least one first storage entity and may communicate the second part of the second identity data to the identity data providing entity.

The system may further include a second storage entity in which a second part of the second identity data is stored such that access to the second part of the second identity data by the identity data providing entity is allowed and access to the second part of the second identity data by the central entity is denied and wherein the identity data providing entity, upon receipt of the request , may retrieve the second part of the second identity data from the second storage entity.

The identity data providing entity may communicate the first part of the second identity data and the second part of the second identity data to the communications device.

The first part of the second identity data may be an International Mobile Subscriber Identity IMSI for a mobile communica- tions environment, and the second part of the second identity data may be a Ki key for a mobile communications environment.

The identity data providing entity may comprise an encoding unit for encoding at least one of the first part of the second identity data and the second part of the second identity data before being communicated to the communications device.

The encoding unit may comprise a general encoding key.

The Communications device may comprise a decoding unit for decoding at least one of the first part of the second identity data and the second part of the second identity data.

The decoding unit may comprise a general decoding key.

The system may further comprise a first communications system in the first communications environment .

The system may further comprise a first voice communications link between the first communications system and the central entity.

The system may further comprise a second communications system in the second communications environment.

The system may further comprise a second voice communications link between the second communications system and the central entity.

Preferably, at least one of the first communications link and the second communications link is an SS7/C7 voice link.

The system may further comprise a first communications allowance data providing entity associated to the first communications environment .

The system may further comprise a second communications allowance data providing entity associated to the second communications environment .

The system may further comprise a central communications allowance data providing entity associated to the central entity.

The system may further comprise at least one secured data link between at least two of the communications allowance data providing entities.

Preferably, at least one of the at least one secured data link is at least one of a n x 64 Kbps data link and a tunneling Internet connection.

Preferably, the system is adapted to be operated according to the method steps according to the present invention.

In the following the present invention will be described with respect to mobile communications environments providing mobile telephone communications for a communications device in form of a mobile telephone in two different communications environ- ments both being in form of a telephone communications environment based on GSM technology.

However, referring to such a scenario is not intended to limit the present invention.

For example, the present invention contemplates communications in three, four up to a plurality of communications environments. Also, the present invention is not limited to telephone communications. Rather, the present invention can be used in any communications scenario wherein a communications device, which may communicate in a communications environment, is not (automatically) allowed to communicate in another communications environment. For example, the present invention envisages scenarios wherein a computing device having communications capabilities (i.e. a communications device) may access a computer network or computer network area (i.e. a communica- tions environment) , while access to a different computer network or computer network area would be denied if the present invention is not used. Further, communications environments envisaged by the present invention can be based on any type o 2nd and 3rd generation communications environments.

Fig. 1 illustrates a first communications environment 2.

The first communications environment 2 comprises a first mobile telephone network 4 serviced by first base stations of

which a single first base station 6 is shown as representative example .

The first communications environment 2 further comprises a first switching unit 8 and a first communications allowance data providing entity including a first billing server 10. Optionally, the first communications allowance data providing entity includes a first prepaid platform 12 serving as billing unit in relation to users of the first communications environment 2 utilizing prepaid communications services (e.g. utiliz- ing a mobile telephone using prepaid cards) . Although, Fig. 1 shows the first communications allowance data providing entity as integral part of the first communications environment 2, the present invention contemplates that the first communications allowance data providing entity is at least associated the first communications environment 2.

The first communications environment 2 further comprises at least a communications connection 14 (e.g. a SS7 link) to a first non-mobile telephone network 16 (e.g. public switching telephone network) , which may be a part of the first communi- cations environment 2 also.

The first switching unit 8 is coupled with the first base stations 6 for routing communications to and from the first mobile telephone network 4 from and to, respectively, first non- mobile telephone network 16 and, and as set forth below, from and to, respectively, further communications environments.

Billing of communications within the first mobile telephone network 4 and between the first mobile telephone network 4 and other communications networks is accomplished by the first billing server 10. To this end, the first billing server 10 is coupled with the first base stations 6. The same applies to the first prepaid platform 12 if provided.

For communications between the first billing server 10 and, if applicable, the first prepaid platform 12 and another server (s)

also serving for billing purposes, a communications connection 18 (e.g. a n x 64 Kbps secured link) is used.

For communications via the first switching unit 8 to another communications environment and/or communications network, a communications connection 20 (e.g. a n x El SS7/C7 voice link) is used.

Communications devices in form of mobile telephones (in Fig. 1 for illustrative purposes only one communications device 22 is shown) can communicate in the first mobile telephone network 4 with each other and can communicate via the first mobile telephone network 4 with communications device not serviced in the first mobile telephone network 4. For example, communications devices 22 may communicate with the first non-mobile telephone network 16 and/or via communications connection 20.

Fig. 1 further illustrates a second communications environment 24.

The second communications environment 24 comprises a second mobile telephone network 26 serviced by second base stations of which a single second base station 28 is shown as represen- tative example.

The second communications environment 24 further comprises a second switching unit 30 and a second communications allowance data providing entity including a second billing server 32. Optionally, the second communications allowance data providing entity includes a second prepaid platform 34 serving as billing unit in relation to users of the second communications environment 24 utilizing prepaid communications services (e.g. utilizing a mobile telephone using prepaid cards) . Although, Fig. 1 shows the second communications allowance data provid- ing entity as integral part of the second communications environment 24, the present invention contemplates that the second communications allowance data providing entity is at least associated the second communications environment 24.

The second communications environment 24 further comprises at least a communications connection 36 (e.g. a SS7 link) to a second non-mobile telephone network 38 (e.g. public switching telephone network) , which may be a part of the second communications environment 24 also.

The second switching unit 30 is coupled with the second base stations 28 for routing communications to and from the second mobile telephone network 26 from and to, respectively, the second non-mobile telephone network 38 and, and as set forth below, from and to, respectively, further communications environments .

Billing of communications within the second mobile telephone network 26 and between the second mobile telephone network 26 and other communications networks is accomplished by the sec- ond billing server 32. To this end, the second billing server 32 is coupled with the second base stations 28. The same applies to the second prepaid platform 34 if provided.

For communications between the second billing server 32 and, if applicable, the second prepaid platform 34 and another server (s) also serving for billing purposes, a communications connection 40 (e.g. a n x 64 Kbps secured link) is used.

For communications via the second switching unit 30 to another communications environment and/or communications network, a communications connection 42 (e.g. a n x El SS7/C7 voice link) is used.

Communications devices in form of mobile telephones (in Fig. 1 for illustrative purposes only one communications device 44 is shown) can communicate in the second mobile telephone network 26 with each other and can communicate via the second mobile telephone network 38 with communications device not serviced in the second mobile telephone network 26. For example, communications devices 44 may communicate with the second non-

mobile telephone network 38 and/or via communications connection 42.

Fig. 1 further illustrates a central entity 46. The central entity 46 comprises a central network 48 coupled with the first communications environment 2 via communications connection 20 and coupled with the second communications environment 24 via communications connection 42.

The central entity 46 comprises a central switching unit 50 and a central billing server 52 serving as central communica- tions allowance data providing entity. As alternative, instead of central billing server 52 a communications allowance data providing entity, which is associated (i.e. is no integral part of the central entity 46) can be used.

The central entity 46 further comprises a database 54 and, connected with the database 54, an SMS center 56, both of which will be described in greater detail below.

For communications with the first billing server 12 and the second billing server 32 and, if applicable, with the first prepaid platform 12 and the second prepaid platform 34, the central billing server 52 is connected to communications connection 18 and communications connection 40, respectively.

For carrying out a preferred embodiment of the method according to present invention, the central entity 46 utilizes the central billing server 52 to store CRDs information, to manage balances and financial transactions as regards communications devices and their subscribers, respectively, using the present invention.

In this context, the central entity 46 utilizes the central database 54 to store identity data in a from described below and telephone numbers of communications devices and their subscribers, respectively, using the present invention in order to ensure a proper identification thereof.

Still in this context, the central entity 46 utilizes the SMS center 56 for SMS communications with communications devices and their subscribers, respectively, using the present invention as set forth below in greater detail . Providing the cen- tral entity 46 with its own SMS center, instead of using an SMS facility Df,- for example first and/or second communications environment, allows to communicate with participating communications devices using their home mobile telephone network numbers, to up-date participating communications devices, particularly their SIM cards, and to provide identity data to participating communications devices as described below.

As noted above, an aspect of the present invention is to communicate, in response to a request from a communications device to operate that communications device in a different com- munications environment (i.e. outside its communications environment) , identity data from the central entity to the requesting communications device.

This aspect will be illustrated if the following with respect to the first communications environment 2 in form of a GSM telephone network, a communications device 22 in form of a GSM telephone and identity data in form of International Mobile Subscriber Identities (IMSIs) and keys used for generating so- called authentication triplets (Ki ¹ S).

Each communications device in the assumed scenario uses a SIM card to which a unique IMSI and a Ki associated to the IMSI are associated. By means of these parameters, a communications device can be identified in a telephone network and authorized to communicate in the telephone network. To this end, usually a GSM switching unit of the telephone network has access to and/or maintains a database providing information on correlations of IMSIs and associated Ki ' s for different communications devices .

Traditional SIM cards have a single IMSI and a single associated Ki.

For preferred embodiments of the present invention illustrated here, it is preferred that communications devices and, in case of the specifically assumed scenario of GSM communications, SIM cards are able to hold more then one IMSI-Ki-pair . For ex- ample, in a preferred embodiment a communications device (or SIM card) can hold up to 256 different IMSI-Ki-pairs . However, holding capabilities for one IMSI-Ki-pair for a home communications environment and one IMSI-Ki-pair for a further communications environment can be considered sufficient.

Nevertheless, it has to be noted that communications devices

(or SIM cards) holding only one IMSI-Ki-pair at a time will be also sufficient. In such cases, the procedures described below should be modified in manner to include steps of removing a IMSI-Ki-pair from the communications device (SIM card) upon receipt of a new IMSI-Ki-pair and re-installation of the previously removed IMSI-Ki-pair (e.g. the IMSI-Ki-pair of a home telephone network) , for example be transmission thereof from the home telephone network provider or the central entity.

Consistent with Fig. 1, Fig. 2 illustrates the first communi- cations environment 2, the central entity 46 and a communications device 22. Fig. 2 further illustrates a identity data providing entity 58 in form of a manufacturer of SIM cards.

The identity data providing entity 58 comprises, beside further not shown parts, a Ki generator 60, an SMS gateway 62 and a database 64.

The Ki's generator 60 serves for generating Ki ' s each to be associated to an IMSI.

The SMS gateway 62 serves for SMS communications with communications devices, in particular to communicate IMSIs and asso- ciated Ki's to communications devices.

The database 54 stores, inter alia, IMSIs and associated Ki's.

The identity data providing entity 58 creates a special group or block of Ki ¹ S, the number of which may, for example, depend on an assumed or anticipated average and/or peak number of participating communications devices .

To ensures security, the identity data providing entity 58 further generates two encoding and decoding keys, here referred to as "open key" only for encoding and "secret key" only for decoding.

The secret key will be written to the SIM card of the communi- cations device 22 by the identity data providing entity 58, for example, during a manufacturing process of the SIM card. The secret key is preferably written to an assigned location on the SIM card such that no undesired access (copy and/or read access) is possible.

Further, the identity data providing entity 58 communicates the group or block Ki ' s to the first communications environment 2, for example using a conventional "transport key".

In addition, the identity data providing entity 58 encodes the group or block Ki ' s with the "open key" and stores them in the database 64 together with IMSIs reserved for being used in combination with these Ki ' s . These IMSIs are also encoded with the "open key" . In general terms of the present invention, an IMSI represents a first part of identity data and a Ki represents a second part of identity data.

These IMSIs are communicated to the central database 54 and stored therein. In has to be noted that the central entity 46 has access to the IMSIs only, but no access to the Ki ' s .

Upon request from the communications device 22 to operate the communications device 22 in a communications environment 24 outside the communications service range of its home communications environment 2, the request is forwarded to the central entity 46. The central entity 46 confirms the request and for-

wards the request to the identity data providing entity 58. An encoded IMSI-Ki-pair is retrieved from the databases 54 and 64 and communicated via the SMS gateway 62 to the communications device 22. Preferably, the IMSI-Ki-pair is communicated by means of a secured and/or encoded SMS.

Upon receipt of the IMSI-Ki-pair, the communications device 22 decodes the IMSI-Ki-pair using the "secret key" and writes the decoded IMSI and Ki to its SIM card.

Then, the communications device 22 is prepared to be used for communications in a communications environment 24 outside the service range of its home communications environment 2, here first communications environment 2. However, it has to be noted that the communications device 22 is yet not set up such that communications in a different communications environment is actually possible. Rather, the communications device 22 is still configured for communications in the first communications environment 2.

For generating a request to be operated in a different communications environment, communications devices usable with the present invention preferably comprise hardware and/or software supported functions. For example, it is envisaged that communications devices usable with the present invention provide a so-called "roaming service menu" at least supporting in generating the request. The "roaming service menu" may, for example, provide information on all available communications environments in which communications with the communications device 22 can be requested. In order to request communications in a desired communications environment, selection of a respective menu entry will generate a respective request. Communications environments not longer available and/or communications environment newly available can be added, for example, by SMS communications from the central entity 46.

Further, communications devices usable with the present invention preferably comprise dedicated software and/or hardware

portions and components, respectively, for the above decoding and storing steps .

With reference to Figs. 3 to 7, a preferred embodiment of the method of the present invention will be described.

The communications device 22 is associated to the first communications environment 2 (e.g. a wireless telephone network) and has a home IMSI-Ki-pair associated to first communications environment 2 (i.e. first identity data) enabling the communications device 22 to communications within the first communications environment 2 and from first communications environment 2 to further communications environments. The first identity data of communications device 22 is not sufficient for communications by the communications device 22 within communications environments other than its home/first communications environment 2.

To communicate in other communications environments (e.g. a wireless telephone network) , for example, in the second communications environment 24, the communications device 22 sends a request to the central entity 46 "I want to go to second com- munications environment 24" (see Fig. 3) . This can be accomplished by activating a respective entry in the above "roaming service menu" .

In response to this request, the central entity 47 communicates an encrypted IMSI-Ki-pair, which is associated to second communications environment 24 (i.e. second identity data), to the communications device 22, e.g. as set forth above, via the SMS gateway 62 of identity data providing entity 48 (see Fig. 4) . Upon receipt of the second identity data, the communications device 22 decodes the encoded second identity data and stores the same on its SIM card. It contemplated that the communications device 22 receives a confirmation from the central entity 46 that the second identity data has been communicated and that communications in the desired communications environment 24 is possible now.

Now, the Communications device 22 has first and second identity data, i.e. an IMSI-Ki-pair associated to first communications environment 2 and an IMSI-Ki-pair associated to second Communications environment 24. However, the communications de- vice 22 is still in the first communications environment 2 and only the first identity data, i.e. the IMSI-Ki-pair associated to first Communications environment 2, is active (see Fig. 5).

Upon entry in the service range of second communications environment 24, the Communications device 22 activates the second identity data, i.e. the IMSI-Ki-pair associated to second communications environment 24, and logs on to the second communications environment 24 using the second identity data, i.e. the IMSI-Ki-pair associated to second communications environment 24 (see Fig. 6) . Now, the communications device 22 can use all communications services of the second communications environment 24. Activation of the second identity data can be accomplished by operating the communications device 22, for example by means of the "roaming service menu", to mark the first identity data as not active and to mark the second iden- tity data as active. Then, log on of the communications device 22 to second communications environment 24 can be carried using the second identity data.

When the communications device 22 returns to the first communications environment 2, the communications device 22 acti- vates the first identity data, i.e. the IMSI-Ki-pair associated to first communications environment 2, and logs on to the first communications environment 2 using the first identity data, i.e. the IMSI-Ki-pair associated to first communications environment 2. Activation of the first identity data can be accomplished by operating the communications device 22, for example by means of the "roaming service menu", to mark the first identity data as active and to mark the second identity data as not active. Then, log on of the communications device 22 to first communications environment 2 can be carried using the second identity data.

Now, the Communications device 22 can use all communications services of the first communications environment 2. Upon log on to first communications environment 2, the central entity 46 communicates erasing data to the communications device 22 such that the second identity data is removed (e.g. erased) from the communications device 22 (see Fig. 7)

In the following some exemplary communications scenarios are described.

Assuming second communications environment 24 detects from the block of first parts of second identity data (e.g. IMSIs) provided to its switching unit 30 allocated for the method according to the present invention (e.g. roaming service) that the communications device 22 is trying to login to the second communications environment 24. Then, at least procedures de- scribed below are contemplated.

The second communications environment 24 requests from the central billing server 52 a account and/or balance associated to the communications device 22.

The central entity 46 receives this request from the home first communications environment 2 of the communications device 22. The central entity 46 complies with this request, i.e, virtually transfers money to the an account and/or balance of the communications device 22 associated the second communications environment 24, e.g. maintained in the second billing server 32. Then, the account/balance of the communications device 22 associated to its home first communications environment 2 is " zero" .

In case the second communications environment 24 capabilities are not sufficient to proceed in this way (e.g. if the second communications environment 24 is a GSM telephone network and has no IN platform) , the central entity 46 will handle the account/balance of the communications device 22 online. This may be accomplished, for example, by storing and managing an ac-

count/balance, which is associated to the communications device 22 as being operated in the second communications environment 24, in the central billing server 52. Then, for example, in case the second communications environment 24 is a telephone network, the second communications environment 24 can treat the communications device 22 as normal "prepaid communications device" .

Also, in reply to the request of the second communications environment 24, the central entity 46 communicates data (e.g. a special order) to the home first communications environment 2 of the communications device 22 effecting that the first communications environment 2 transfers first identifying data for identifying the communications device 22 in the first communications environment 2 (e.g. home telephone number) to the cen- tral entity 46.

After this transfer, any communications device trying to communicate with the communications device 22 using the first identifying data will be routed to the central entity 46, which, in turn, will forward a communications link to the com- munications device 22 in the second communications environment 24.

In case the second communications environment 24 is not able to recognize a login of the communications device 22, the login request and/or a respective service message is communi- cated from the communications device 22 directly to the central entity 46. Then, the central entity 46 executes the same sequences as described above.

Now, the communications device 22 can communicate within the second communications environment 24 (e.g. make outgoing tele- phone calls and send SMS) , from the second communications environment 24 to outside communications environments and can receive communications to the communications device 22 (e.g. incoming telephone calls) .

All Communications will be routed via the central entity 46. Data for identifying the communications device 22 in the second communications environment 24, here referred to as second identifying data (e.g. a telephone number) is not known to anybody except the central entity 46. Communications from the communications device 22 are going through the central entity 46 first where the second identifying data is substituted by the central entity 46 with first identifying data (e.g. the original/home number of the communications device 22) .

In case of telephone communications, the first and second identifying data may be a first CLIP' for the first communications environment 2 and a second CLIP for the second communications environment 24. Then, it is contemplated that the central entity 46 makes a substitution of the second CLIP for outgoing calls with the first CLIP of the communications device 22.

Incoming communications to the communications device 22 are also routed via the central entity 46. The second identifying data for identifying the communications device 22 in second communications environment 24 is not known. Communications to the communications device 22 will therefore identify the communications device 22 as communications target by using the first identifying data. Due to the transfer of the first identifying data to the central entity 46, such communications will be routed to the central entity 46. The central entity 46 in turn routed the communications to the communications device 22 by using the second identifying data.

Routing of communications can be carried out according to according the LCR of the second communications environment 24 or the LCR of the central entity 46 for communications to communications environments outside second communications environment 24 (e.g. international outgoing telephone calls) and according to the LCR of the second communications environment 24 for communications within the second communications environ- ment 24 (e.g. outgoing domestic telephone calls) .

Billing for communications of the communications device 22 in the second communications environment 24 can be handled, as set forth above, by the second communications environment 24 or the central entity 46.

If the account/balance of the communications device 22 is empty, the second communications environment 24 or the central entity 46 denies communications from the communications device 22; this may also apply to communications to the communications device 22. Communications are allowed again if the ac- count/balance is re-filled again. This can be accomplished by using a prepaid card of the second communications environment 24 and/or re-filling the account/balance of the communications device 22 in its home communications environment, i.e. the first communications environment 2, and transferring the ac- count/balance to the second billing server 32 or the central billing server 52.

When the communications device 22 returns to the first communications environment 2, the first identity data (e.g. IMSI and Ki) is activated, e.g. by manually choosing the first identity data from a SIM menu. Then, further logins to the first communications environment 2 will be carried out as usually.

The first communications environment 2 detects from the block of first parts of first identity data (e.g. IMSI) provided to the first switching unit 8 allocated for the method according to the present invention (e.g. roaming service) , that the communications device 22 is trying to login to the first communications environment 24. Then, at least the procedures described below are contemplated.

The first communications environment 24 requests from the central entity 46 the account/balance the communications device 22. Then, the central entity 46 transfers the account/balance from the second billing server 32 of the second communications environment 24 or the account/balance from the central billing

server 52 to the first billing server 10. As a result, the account/balance of the communications device 22 in the second billing server 32 or the central billing server 52 is "zero".

In response to a marking request from the central entity 46, the second communications environment 24 blocks the second identity data previously used by the communications device 22 and the first communications environment 2 cancels the transfer of the first identifying data of the communications device 22 to the central entity 46.

The central entity 46 communicates erasing data (e.g. by sending a service message) to the communications device 22, which erasing data effects a removal of the second identity data from the communications device 22. This may be accomplished, for example, by communicating from the central entity 46 to the communications device 22 a blank IMSI-Ki-pair, which erases or over-writes the previously stored IMSI-Ki-pair. Then, the IMSI-Ki-pair for the communications environment 24 can be used for another communications device requesting communications in the communications environment 24 (e.g. by marking this IMSI-Ki-pair accordingly in the database 54 of the central entity 46) .

In case the first communications environment 2 is not able to recognize a login of the communications device 22, the login request and/or a respective service message is communicated from the communications device 22 directly to the central entity 46. Then, the central entity 46 executes the same sequences as described above.

Although the invention has been described herein with respect to specific embodiments thereof, the appended claims are not to be construed as limited to those embodiments, but rather to include any modifications an variations of the invention which may occur to one of ordinary skill in the art which fairly fall within its scope.