A method for enabling a security device to access a service protected by a conditional access system, wherein the service has associated with it two conditional access (CA) system identifier pairs. The device extracts the two CA identifier pairs and automatically identifies the pairs based on a predefined convention, for example, the order in which the identifier pairs are sent. The identifier pairs may comprise a conditional access entitlement control message identifier and a local entitlement control message identifier.