13 questions about eSIM

Posted 14 September 2022 by IDEMIA

What is eSIM? And eUICC?

Everyone knows what a SIM looks like and what it’s used for – at least every person with a smartphone in their pocket. eSIM (e for embedded SIM) has the same function, but it is also reprogrammable. It takes up less space – which is very useful for small connected objects – and the eSIM profile can be loaded over-the-air via the mobile network. eSIM and eUICC (embedded Universal Integrated Circuit Cards) are often used interchangeably but, strictly speaking, eSIM refers to the SIM hardware that is permanently embedded in a device during the manufacturing process, whereas eUICC is the term used to describe the operating system (OS) and software which, when combined with the eSIM hardware, enable a device to be configured and managed via a remote connection. eSIM is also used more broadly to describe the end-to-end architecture and services that the technology enables.

What are the differences between eSIM and iSIM?

eSIM is a chip built into the device’s motherboard, whereas iSIM (integrated SIM) is a new eSIM form factor that is integrated into a trusted area of the device’s main chip, i.e., system on a chip (SoC). Just like eSIM, iSIM relies on an eUICC and comes complete with a secure architecture to store mobile network credentials. It is reprogrammable and may be used to download several eSIM profiles remotely.

Compared to eSIM, iSIM frees up space on the motherboard that can be used to accommodate new features and use cases. It also saves energy—a big plus when dealing with connected devices.

What are the key advantages of eSIM for consumers? And for mobile operators?

For consumers: eSIM technology gives consumers more freedom and flexibility as they can choose and activate their connectivity services remotely and seamlessly anytime, anywhere, when they are on the move or in the comfort of their own home. eSIM enables consumers to connect multiple devices belonging to a single or several different users with a single subscription. This could include different members of the same family for example, an effective way of boosting customer loyalty. Another advantage when traveling is the ability to instantly connect to a local mobile operator to avoid roaming fees.

For mobile operators: embedded SIM is useful for connecting more devices and accessing new distribution channels and revenue streams. It streamlines logistics and inventory management – in short, it drastically reduces costs. This technology has arrived at just the right time given the current chip shortage and the accelerating consumer demand for more advanced digital services.

What are the M2M and IoT use cases of eSIM?

eSIM technology is not new to the IoT and has existed since 2013 for machine-to-machine (M2M) uses, particularly in the automotive industry. eSIM is especially useful for sensitive operations or for hard-to-access monitoring devices that are far out at sea, for example. Aside from connected vehicles, eSIM is increasingly being used in shipping, logistics and agriculture for asset tracking, as well as in smart meters across multiple verticals such as energy or smart cities. This technology is also a vital component of Industry 4.0 for managing supply chains, autonomous robots and secure plants. In the home, eSIM delivers more secure and reliable connectivity for domotics where it has a whole range of uses, from security cameras, temperature and appliance management to entertainment systems.

What is an eSIM profile?

An eSIM profile contains the operator’s credentials based on a subscription, and can be remotely downloaded over-the-air using remote eSIM provisioning solutions. An eSIM management service provider can be in charge of generating, customizing, securing and downloading the eSIM profiles onto the connected device on behalf of the mobile operator.

How many eSIM profiles can an eSIM have?

Several eSIM profiles can be downloaded on the same eUICC onto the same device. With an eSIM-enabled smartphone for example, the consumer can have different eSIM profiles for mobile operators in a number of different countries to minimize roaming fees when traveling. In the soon to be released new version of the Consumer eSIM GMA specification, an eSIM will be able to support Multiple Enabled Profiles (MEP), which will allow users to have several eSIM profiles activated simultaneously on the same device. This can be useful for example, for activating personal and professional connectivity subscriptions simultaneously using the same device. For the IoT, switching connectivity service using different eSIM profiles is very useful when a device changes location, when technology changes (2G, 3G sunset), or when business agreements change, for example.

Does a mobile operator need to adapt its eSIM profiles to each eSIM-enabled device?

A single eSIM profile type cannot be used for all types of eSIM devices. For instance, an eSIM profile adapted for 4G would not fit on a 5G device. Therefore, an eSIM profile needs to be able to adapt to the capabilities of each type of device. Mobile operators can use just-in-time profile generation to avoid multiplying the number of eSIM profile types they need to handle a growing variety of eSIM devices. With dynamic eSIM profile generation, the default profile is adapted at the very last minute before being downloaded onto the device.

How does eSIM management work for consumers? And for M2M?

Currently there are two different specifications and two different architectures. For eSIM M2M solutions, the subscription is triggered automatically in the back-end system. In terms of components, eSIM M2M uses SM-DP (Subscription Manager – Data Preparation), which prepares and triggers profile download and SM-SR (Subscription Manager – Secure Routing), which then manages the profile on the eUICC (i.e., enable, disable, delete). For eSIM consumer solutions, the subscription is triggered and managed by the end-users themselves and eSIM only uses SM-DP+ (Subscription Manager – Data Preparation +), which performs both preparation and profile download. 

Is eSIM as secure as SIM?

eSIM and SIM both have robust GSMA certification and are protected by strong security keys, algorithms and protocols. The GSMA Security Accreditation Scheme (SAS) provides two schemes to assess eSIM security: SAS-UP (UICC Production) analyzes manufacturers’ production sites, while SAS-SM (Subscription Management) evaluates subscription management services. One advantage of eSIM is that it cannot be removed or stolen to compromise the device, which is very useful for unsupervised connected devices.

How can eSIM consumer be activated?

There are four eSIM activation methods:

  1. GSMA eSIM Discovery: the most transparent and user-friendly eSIM activation method. When the user buys a subscription from a mobile operator, the mobile operator sends the eUICC identity (EID) to the subscription management server (SM-DP+). The mobile operator’s SM-DP+ then informs GSMA eSIM Discovery that it has a profile for a specific device that, once switched on, will automatically download the eSIM profile from the right mobile operator.
  2. eSIM activation via a default SM-DP+: if a mobile operator has partnered with a device manufacturer, at first activation the device connects to the SM-DP+, which seamlessly downloads the eSIM profile onto the device, with no action required on the part of the end user.
  3. eSIM activation via a unique QR Code: a specific QR code is provided to the user containing the SM-DP+ URL in which their eSIM profile is stored. The customer scans the QR code with the eSIM device, which then triggers the eSIM profile download.
  4. eSIM activation via a group QR Code: mobile operators can use a single QR code to onboard groups of subscribers for marketing campaigns or to acquire customers on the move, for example.

Why is connectivity orchestration so important for M2M connectivity management?

The M2M ecosystem is complex and requires a considerable degree of integration between multiple actors. In particular, OEMs (Original Equipment Manufacturers) often partner with multiple mobile operators in order to have multiple connectivity providers. An orchestration layer is therefore needed to create and manage business workflows and streamline integration between mobile operators and OEM back-end systems.

Why is it time to move eSIM management onto the Public Cloud?

eSIM technology is beginning to take off with more and more connected devices in both the consumer and the IoT ecosystem. Roll out of 5G is also opening up new use cases in many verticals. With this market evolution and the pressing demand, eSIM is becoming business critical for mobile operators to deliver the best user experiences. In this context Public Cloud is the right way to go for eSIM management as it helps to provide always-on service to support mobile operators’ business growth with 4 main benefits:

  • high availability of service, avoiding downtime and service interruptions
  • resilience to major physical events (earthquakes, fire, etc.) and logical disasters thanks to an architecture that makes databases geo-redundant,
  • capacity and elasticity to handle significant volumes of eSIM activation and dynamically adapt to peaks in traffic (new device launches, holidays season, Black Friday, etc.),
  • security, using systems that provide advanced protection from attacks such as DDoS (Distributed Denial-of-Service)

Why has GSMA defined a new eSIM management specification for new IoT use cases?

New IoT use cases rely on devices with limited power and no user interface as well as on low-power networks. The current M2M specification is not completely satisfactory for handling all these new use cases. The new approach consists in combining the best of both specifications (i.e. M2M and Consumer), in other words, a simpler integration model based on Consumer specifications and M2M-enhanced remote management capability—without any human interaction. This new specification is a game changer that will pave the way for new eSIM use cases in the IoT market.