Unlocking eSIM for IoT

How GSMA’s new eSIM specifications make IoT use cases even more accessible

Unlocking eSIM for IoT

By Rameez Sultan, Technical Product Manager at Truphone

Remote SIM provisioning has been one of the most rapidly maturing technologies in the SIM industry. With the advent of eSIM, the connected ecosystem is constantly changing to deliver advanced security, seamless, flexible connectivity and full end-to-end digitalisation with a significant positive impact on the ecosystem.

The latest research from TCA has revealed a steady growth in eSIM shipments which saw a 9% year-on-year increase to reach 337 million units in 2021. Similarly, the number of profiles downloaded to eSIM devices (i.e., the number of profiles activated via a remote sim provisioning platform), saw a radical jump of 54% in 2021.*

The market shift towards eSIM is very real, and if the global chip shortage has taught us anything, it is that eSIM is the future.

As you may already be aware, RSP (Remote SIM Provisioning) was a standard created by the GSMA and other industry leaders contributed to standardise it. The goal was to introduce remote provisioning of operator profiles on an eSIM, which allows users to swap their connectivity providers without replacing the SIM card. The group working on this standardisation came up with two different flavors of RSP, with one intended for consumer devices with eSIM support (check our list of devices here) and the other for M2M devices.

Both versions of the standards have their pros and cons, but the industry realised that neither standard is fit for purpose when it comes to everyday IoT devices such as cars, cameras or scooters, which could range from battery-operated devices to devices with a user interface, or very simple devices without any Local Profile Assistant (LPA) or eSIM management possibilities. As a result, the same group joined forces to work on a new RSP standard that addressed the longer tail of IoT devices and use cases.

This new standard - referred to as the new GSMA eSIM IoT Spec - is being worked on under a new standard naming convention which would be the SGP 31 and 32. The aim again is simply to overcome the challenges faced by both of the existing standards and to make profile provisioning for IoT devices as seamless as possible.

Before examining these new specifications themselves in depth, it’s important to note the limitations of the current consumer and M2M specs which the new specs will try to address.

For the RSP consumer specifications, a Local Profile Assistant (LPA) is mandatory to control the profile lifecycle on the device but hosting an LPA on a simple IoT device is technically very challenging. Secondly, user consent is mandatory for installing, enabling, disabling and deleting a profile, meaning that all of these actions are user driven. However, for IoT devices that have been deployed in hard-to-reach areas, this kind of user consent is not possible.

The consumer specification is based on a single method of profile download and profile download is a user action, so it isn't much help when we need to manage a fleet of IoT devices.

M2M specs on the other hand, aren’t subject to these limitations, but they still have to deal with their own unique set of complexities. The main challenge is that M2M standards are still wholly dependent on the use of SMS, while SMS is unsupported by most of the Low Power Wide Area Networks (LPWAN). From a business perspective, M2M specs introduce very complex integrations between multiple SMDP(s) and SMSR(s), and that hurts the go-to-market, impacts the overall investment into the solution and creates unavoidable lock-ins for OEMS and MNOs.

So how does the new GSMA eSIM IoT Spec simplify this all? By reusing most of the consumer architecture where there was a single platform (referred to as the SMDP+) and introducing the eSIM IoT remote manager(eIM). The eIM is responsible for remote Profile State Management Operations on a single IoT Device or a fleet of IoT Devices and this can be owned by the OEM to manage their devices without the need for an SMSR. The eIM, unlike the SMSR (from M2M specs), can be associated to multiple eSIMs, where multiple eIMs don’t need any technical integration. It is also possible to delete the association of the Embedded Universal Integrated Circuit Card (eUICC) with the eIM which makes it simpler than an SM-SR swap.

The new GSMA eSIM IoT Spec would be able to enjoy the SMDS (Subscription Managed Discovery Service) to send a notification to consumer IoT devices for the downloading of profiles, along with the support of other consumer eSIM download use cases, such as using default SMDP+ address, activation codes and QR codes.

Another key issue this new standard intends to address is the complexity around downloading a profile for battery constrained devices and ensuring that they get eSIM profiles during a power on cycle. To address the newer generation devices, profile download via local interface such as Bluetooth or wired connection would be made possible.

Currently GSMA has released the first draft of SGP 31 eSIM IoT Architecture and Requirement Specification. While the full specifications aren’t expected to be released until December 2022, Truphone has already added the new specs into its RSP roadmap, as we’re in a unique position to be early adopters of these standards. With our in-house capabilities to develop the RSP, eSIM OS, IPA/LPA and connectivity, we have all the ingredients to serve our Operator, OEM and IoT customers.

Related articles