The Entitlement Server: why the mobile network operators need it?

Every service we use on our mobile devices requires specific capabilities, both on the device itself and within the carrier’s network. 

The Entitlement Server ensures that mobile devices are automatically provisioned with the necessary service configurations for carrier services, reducing compatibility issues, enhancing service performance and ultimately providing the best user experience. Therefore, the Entitlement server is a collection of various use cases which are related to device entitlement and service entitlement, within the operator’s network.

With the increasing prevalence of companion devices like smartwatches or tablets, it becomes essential to ensure consistent service capabilities and configurations across all connected devices. By sharing relevant information and maintaining synchronisation across devices, the Entitlement Server ensures a cohesive experience across multiple devices.

What are the most used cases of Entitlement Server deployment?

The most common are the following cases for Entitlement Server as listed below:

• VoLTE Entitlement
• VoWiFi Entitlement
• 5G Entitlement
• Secondary Device eSIM Provisioning.
• eSIM Transfer
• Account Management

The first three ones are the standard entitlement check cases, when the systems check and reward or don’t reward the device with this or that service. The customer flow starts with the initiation of entitlement check performed by the device. The Entitlement Server processes the request and sends it to the MNO’s BSS to confirm if the service is enabled for a user. BSS gives its response to the Entitlement Server. And the latter sends the response to the device accordingly. The device shows the option to turn on the service to the consumer.

Th other cases are more complicated and request to involve not only device, Entitlement Server, BSS, but also Websheets Server and SM-DP+.

The Entitlement Server Certification

The primary specification outlining the main requirements for the Entitlement Server and regulating its operation is the “TS.43 Service Entitlement Configuration”, provided by the GSMA.

This document details the procedure for configuring a device-based service, which is undertaken either during the entitlement verification stage or the activation of the service. The specification covers the following cases:

• Voice-over-Wi-Fi (VoWiFi)
• Voice-over-Cellular (VoLTE and VoNR)
• SMS over IP (SMSoIP)
• On-Device Service Activation (ODSA) for eSIM devices (including Primary, Companion, and Enterprise)
• Direct Carrier Billing
• Private User Identity (IMSI encryption for WiFi access)
• Phone Number Acquisition.

In addition to the TS.43 specification, the Entitlement Server must also obtain the following certifications:

• Apple Entitlement Ecosystem specifications
• Samsung Companion Device Subscription Management 1.13
• GSMA RCC.14 – Service Provider Device Configuration specification
• RFC 4187 – EAP-AKA authentication

The Entitlement Server Architecture

The high-level architecture of the Entitlement Server is given on the picture below.

The main components are:

• User’s Device
• MNO’s BSS
• MNO’s AAA
• SM-DP+
• Entitlement Server
• Websheets Server.

The Entitlement Server directly interfaces with the subscriber’s User Equipment (UE) to notify the device whether the network permits the subscriber to use a specific service. The Entitlement Server communicates with a carrier bundle on the device provided by the OEM, which may differ for each mobile network operator (MNO) depending on their agreement with the device manufacturer. Other network components integrated with the Entitlement Server include the Authentication, Authorization, and Accounting (AAA) server for subscriber authentication, the network’s Business Support Systems (BSS) to determine if subscribers are authorised to use particular services, and a Websheet Server for websheet functionalities.

What is the Websheets Server?

Websheets Server plays a crucial role in device onboarding and the entitlement process, ensuring a smooth end-user experience. These websheets are akin to miniature web pages hosted by the mobile operator and displayed on the device.

They serve various purposes, including:

– Acknowledging the operator’s terms and conditions

– Providing additional login/authentication procedures

– Selecting a new plan

– Displaying and collecting information from the subscriber

– Changing subscription details

– Cancelling subscriptions, and more.

What is a common user case?

In a typical scenario illustrated below, the device initiates an entitlement check. This request is forwarded to the Entitlement Server, which then queries the MNO’s Business Support System (BSS) to verify whether the subscriber’s plan permits access to specific services. The BSS conducts the necessary checks and communicates the result back to the Entitlement Server. The Entitlement Server processes this information and subsequently notifies the device. The device displays relevant notifications on-screen, prompting the subscriber to enable the service or providing instructions on how to obtain permission from the MNO.

When a consumer wants to use the same mobile number for their secondary devices or transfer the eSIM to a new secondary device, the Multi-SIM and eSIM transfer use cases are applied. In these scenarios, the Websheets Server and SM-DP+ are included in the flow along with the Entitlement Server and the mobile operator’s BSS. For more details about these cases, please contact us at sales@cardcentric.com. We would be pleased to provide you with all the details and technical aspects of the service.

FAQ

What do VoLTE, VoWiFi, and 5G Entitlement mean?

The Entitlement Server enables VoLTE (Voice over Long-Term Evolution), VoWiFi (Voice over Wi-Fi), and 5G-capable devices to verify if the subscriber is authorised to use the service. When a VoLTE, VoWiFi, or 5G entitlement request is received, the Entitlement Server queries the network’s Provisioning system and informs the device whether the service can be activated.

What are some business cases for the Entitlement Server?

Here are some examples of business cases, but each network operator can create their own scenarios for using the Entitlement Server:

• 5G usage is included in a more expensive or specialised subscriber plan.
• A consumer wants to transfer their eSIM from an old to a new secondary device.
• The MNO can provide VoWiFi to a limited group of consumers based on their location to ensure good call quality in areas with poor mobile coverage.
• Seamless provisioning of eSIM from primary to secondary device.
• and others.

Does the mobile operator need to sign an agreement with Apple and other OEMs?

It’s important to note that the Entitlement Server is based on device vendor specifications. Thus, the Entitlement Server provider receives the specifications directly from the vendors. On the other hand, the MNO receives the carrier bundle from OEMs. This means that the mobile operator must have a direct contract with the device manufacturers to receive this set of data.

What devices can work with the Entitlement Server?

All devices that support the GSMA TS.43 specification can communicate with the Entitlement Server and receive these entitlements.