Description
The Application Layer User ID (ALUID) is a privacy-sensitive identifier defined within the 3GPP Proximity Services (ProSe) architecture, primarily specified in TS 23.303. It operates at the application layer, decoupled from the underlying cellular network identifiers like IMSI or MSISDN. The ALUID is used by ProSe-enabled applications to identify users or devices during ProSe Discovery and ProSe Direct Communication procedures. Its primary function is to allow a user's application to be discoverable by or communicate with other nearby users' applications while protecting the user's permanent subscription identity from exposure over the air interface.
Architecturally, the ALUID is managed in conjunction with the ProSe Function in the network. A user's device (ProSe-enabled UE) can register one or more ALUIDs with the ProSe Function. These ALUIDs are typically derived or mapped from application-specific identifiers (like a social media username) but are formatted and managed according to 3GPP specifications to ensure interoperability and security within the ProSe system. The ProSe Function acts as a trusted entity that validates ALUIDs and may assist in discovery by maintaining mappings between ALUIDs and other ProSe identifiers, such as ProSe Application Codes or ProSe Restricted Codes, depending on the discovery model (e.g., Model A "I am here" or Model B "who is there?/are you there?").
During ProSe Discovery, an announcing UE broadcasts a ProSe Application Code, which is a temporary, frequently changing identifier derived from or linked to its registered ALUID. A monitoring UE receiving this code can query the ProSe Function (via the PC3 interface) to resolve the code to the corresponding ALUID of the announcing user, but only if authorized by the discovery policy. This resolution process allows the monitoring user's application to identify the announcing user at the application layer (via the ALUID) without ever learning the announcing user's cellular identity. For ProSe Direct Communication (one-to-one or one-to-many direct data paths between UEs), ALUIDs can be used within session establishment signaling to identify the communicating parties at the application layer.
The security and privacy aspects of ALUID are crucial. Specifications like TS 33.303 detail the security mechanisms. The use of ALUID, combined with ephemeral ProSe Application Codes and network-assisted authorization, prevents tracking of a user's permanent identity based on over-the-air discovery signals. The ProSe Function ensures that ALUID resolution is subject to strict policies, including user consent and subscription checks. The ALUID itself is typically not transmitted in the clear over the PC5 direct interface between devices; instead, its derived temporary codes are used, adding a layer of privacy protection.
Purpose & Motivation
ALUID was created to address the fundamental identity and privacy challenges inherent in device-to-device (D2D) proximity services standardized in 3GPP Release 12 and beyond. Prior to ProSe, cellular networks primarily identified users via network-layer identifiers (IMSI, IMEI, MSISDN) tightly bound to the subscription and the SIM card. Directly using these identifiers for over-the-air discovery between nearby devices would create severe privacy risks, enabling tracking, profiling, and unsolicited contact. Furthermore, application developers needed a way to integrate user identities from their own ecosystems (e.g., app usernames) with the underlying 3GPP proximity service mechanics.
The primary problem ALUID solves is enabling user and application recognizability for proximity services while enforcing privacy-by-design. It allows a user's social, public safety, or commercial application persona to be used for discovery and communication without linking that persona directly to their private, billable cellular identity. This decoupling was essential for regulatory compliance (e.g., for public safety services used by government agencies) and for user acceptance of commercial "find people nearby" features. The motivation stemmed from use cases like public safety communication between first responders, social networking discovery, and local area advertising, all of which require a notion of user identity but must protect subscriber privacy.
ALUID also provides a standardized interface between the 3GPP network ProSe capabilities and over-the-top applications. By defining a formal application-layer identifier, 3GPP enabled application servers and ProSe Functions to interoperate securely (via interfaces like PC2 and PC4). This allows network operators to offer ProSe as an enabler to application providers, who can then use ALUIDs to identify their users within the ProSe system, facilitating a service ecosystem beyond simple network connectivity.
Detected Changes Across Releases
from 3GPP Change RequestsSpecific changes extracted from the „Change history“ tables of 3GPP specifications (9 CRs across 3 releases). Complements the general historical overview above with the evidence-based evolution of this function.
Studied in Rel-12, normative work from Rel-15.
In Release 15, the ALUID (Application Layer User ID) function was introduced as part of the Proximity Services (ProSe) framework, defined as an identity identifying a user within the context of a specific application. This release also expanded ProSe capabilities by incorporating WLAN direct discovery technologies as an alternative for ProSe Direct Discovery, including both WLAN technology-agnostic and NAN-specific components. Additionally, Release 15 added the ProSe Per-Packet Priority (PPPR) to ProSe QoS descriptions and provided updates for WLAN-based ProSe Direct Discovery procedures.
- Inclusion of WLAN direct discovery technologies as an alternative for ProSe Direct Discovery: WLAN technology agnostic part TS 23.303CR0324
- Inclusion of WLAN direct discovery technologies as an alternative for ProSe Direct Discovery: NAN specific part TS 23.303CR0325
- Add PPPR introduction to ProSe QoS descriptions TS 23.303CR0328
- Updates for WLAN based ProSe Direct Discovery TS 29.345CR0053
In Release 16, the specification for the ALUID (Application Layer User ID) was refined alongside updates to open ProSe direct discovery procedures. The ALUID is explicitly defined as an identity identifying a user within the context of a specific application, such as those within a mobile operating system's namespace. This release included corrections to ensure the proper functioning of these application-layer identifiers within the open ProSe direct discovery framework.
- Correct open ProSe direct discovery TS 29.343CR0031
In Release 17, the primary update for the Application Layer User ID (ALUID) function was the introduction of security enhancements for ProSe, specifically the support of TLS v1.3. This update was part of broader corrections and refinements to ProSe discovery and communication procedures, including fixes to the restricted discovery procedures for 4G ProSe. These changes improved the security and reliability of the application-layer identity context within the Proximity Services framework.
Explore further
Broader topics and technologies where ALUID plays a role.
Defining Specifications
3GPP specifications that define or reference ALUID, with the latest known release. Sourced from the 3GPP document catalog — see methodology.
| Specification | Title | Release |
|---|---|---|
| TS 23.303 vj00 | Proximity Services (ProSe) Stage 2 | Rel-19 |
| TS 29.343 vj00 | PC2 Reference Point Stage 3 Specification | Rel-19 |
| TS 29.345 vj00 | Diameter-based PC6/PC7 interfaces for ProSe | Rel-19 |
| TS 33.303 vj00 | ProSe Security Specification for EPS | Rel-19 |