The SM-SR communicates with the eUICC using a secure channel on interface ES5 – either SCP80 or SCP81.
In addition the SM-DP will establish an SCP03 or SCP03t secure channel ( ES8 ) which tunnels through the ES3 link between the SM-DP and SM-SR and through the secure ES5 channel between the SM-SR and eUICC.
A key requirement for eUICC’s to operate in a device ( see Annex G of SGP.02 ) is that the device supports Bearer Independent Protocol ( BIP ). This protocol exists only between the device and the eUICC and enables an eUICC to request the device to set up a data session with the SM server. This provides a much faster method of access to the eUICC than SMS. A good explanation of BIP can be found here.
Unfortunately not many devices in the field support BIP. Even though new devices are being designed to incorporate support for BIP, this has severely restricted the adoption of eSIMs
The GSMA Consumer standard ( SGP.22 ) was specified later in than the M2M ( SGP.02 ) version. It consolidates the functionality of the SM-DP and SM-SR into a single component, called the SM-DP+. It’s function is to take the raw profile information from an MNO, personalise it with the appropriate IMSI/Ki pair information, convert it to the appropriate format for an eUICC/eSIM and transmit the profiles to the eUICC/eSIM.
In most cases the Local Profile Assistant ( LPA ) will be present in the device ( LPAd ), in which case the below architecture applies:
It is possible however to also have the LPA in the eUICC ( LPAe )
It is not specified what format should be used to deliver the generic profile from an MNO to an SM-DP or SM-DP+ operator. There are various file formats that can be used to provide the profile e..g UXP, ASN.1 or even a simple Excel spreadsheet. The most commonly used format is UXP as specified by the SIM Alliance. This is called the SIM Profile Mark-up Language and is based on XML.
In addition a file of IMSI/Ki pairs must be generated in order to personalise the generic profile.
ETSI ( group SCPTEC#73 ) have been specifying a standard called Smart Secure Platform ( SSP ). The functional requirements for this standard are outlined in ETSI TS 103 465 and the technical requirements in ETSI TS 103 666. The standards are expected to be published in the next 3 months. The 3GPP anticipate incorporating this standard into Release 15 of their specification. This is the version that specifies 5G.
The ETSI SSP standard defines certain functions which ETSI call ‘bundles’ that can be implemented in the smart card such as eSIM functionality, payment and identity.
It is possible to go further than the current eUICC specifications and implement the eSIM functionality in the baseband modem chip itself. This approach is being referred to as iUICC ( Integrated Universal Integrated Circuit Card ) and is being driven by GSM modem manufacturers such as Qualcomm.
ARM Technology have announced a similar solution that makes use of the TrustZone technology on their SoC ( System On a Chip ) which they are calling iSIM.
GlobalPlatform have signed an MoU with the IoT Connectivity Alliance ( ICA ) to promote the use of their two secure component technologies, Secure Element (SE) and Trusted Execution Environment (TEE) in an IoT environment. It is envisaged that their Virtual Private Platform ( VPP ), details of which can be obtained here.
The GSMA have a working goup looking at specifying an iUICC solution.
There are various bodies involved in the certification of the different elements involved in eSIM applications.
The GSMA operate a scheme called Security Accreditation Scheme ( SAS ) that provides a certification of the site belonging to an organisation that provides Remote SIM Provisioning services. Details of the scheme and a list of approved sites is available on their web site.
GlobalPlatform tests and lists the actual certified eUICC chips on their website. Select “eUICC” from the dropdown to see the eUICCs that are currently approved.
The Global Certification Forum ( GCF ) operates a scheme to certify RSP compliance of consumer devices, the details of which are available on their website.
The Global Certification Forum ( GCF ) provides a certification process for consumer eSIMs.
This is described on their web site.
All new cars are being designed as being ‘connected’. An eSIM ( eUICC ) provides a better approach in the connected car than a conventional removable plastic SIM. It is more smaller, more robust and can be remotely programmable. By incorporating a programmable device this means that car manufacturers can make a single model that can be sold in various countries.
eCall/112, now mandatory for all new car and light commercial vehicle models in the European Union from 31 March 2018, will shorten the time between an accident and the arrival of the emergency services by up to 50 percent throughout Europe, and reduce the number of fatalities on the road by around 10 percent.
In Russia there is an equivalent service called ERA-GLONASS which is based on the Russian GLONASS satellite positioning technology rather than GPS.
An eSIM is ideal to provide these services. In addition they can offer services such as accident management, breakdown and maintenance management, remote vehicle diagnostics, and remote services for customers.
The purpose of an SM-DS is to hold a list of profiles that are available to an end user in a consumer eSIM environment. This discovery service is currently operated by the GSMA although there are plans for alternative discovery services to be offered in the future. Further details of the GSMA service can be found here.
The sequence of events is as outlined in the diagram below.
The GSMA operate a Security Accreditation Scheme ( SAS ).
Companies wishing to manufacture eSIMs must get their site accredited to SAS-UP ( SAS for UICC Production ) while those wishing to program eSIMs must get their site SAS-SM accreditation.
The schemes are in place mainly to ensure that the highly sensitive Profiles from the MNO’s are secure. They have components of ISO 27001 to ensure that an ISMS ( Information Security Management System ) and BCP ( Business Continuity Plan ) are in place. In addition they require that all of these procedures are operated in a High Security Area ( HSA ), over a secure network by trained personnel who comply with strict HR policies.
The GSMA currently use two outside companies to conduct the audits for SAS-UP, FML and ChaseWaterford
For SAS-SM they use NCC Group and SRC Security Research & Consulting GmbH
The audit usually takes about a week and is performed by both auditors.
A provisional approval is given once the site is able to demonstrate that they have all of the processes in place to meet the requirements but is not yet operating with real customers. This is sometimes called a ‘dry audit’. Another audit is conducted up to 9 months after provisional approval to finalise the certification. This is sometimes called a ‘wet audit’.
A list of SAS accredited sites is available on the GSMA web site.