I wanted to create J2ME application, in which the application should work only with the SIM card that was used during installation. On SIM card (GSM) change the application should now work. For achieving this, i thought of taking an signature of the simcard and save it in a persistent storage. On every start of the application the signature can be verified. Any idea of how to implement this. Thanks in advance
A:
I believe this is not possible. If it was possible with a specific phone it would not be possible in a generic way.
martin
2009-12-29 17:43:35
A:
For ATT in US, for J2ME apps, the handset embeds "CarrierDeviceId" in the Jad file. This is unique per SIM card. So, if something similar is available to you, just read this Jad parameter the first time the app starts, save it to RMS or send it to server. Now each time the app starts, you can verify this number matches, and thus verify the SIM card is same.
You can also try obtaining the phone number that is tied to the SIM card and thus verify the old SIM is being used.
omermuhammed
2009-12-30 07:33:18
A:
The 'SATSA' (Security and Trust Services API aka JSR177) could be used from your J2ME application to communicate with the SIM. You could send '3GPP TS 11.11' commands to obtain the IMSI (select file DG_GSM, select file EF_IMSI, read binary).
Drawbacks are: (1) You're talking to the SIM on a relatively low level of abstraction (the ISO7816-4 layer); (2) Not all handsets support JSR177 at the moment.
martijno
2010-02-05 14:15:02
That would be a hard job. i used a method to save some key in RMS making the Java app signed. Hence on first login the app will get signed. The same person cannot login to the using any other app. binding the user to the application. I tried to bind the application to the semcard instead. Anyway thanks for ur support
rosarioarun
2010-02-06 13:41:33