The SM-DP is used in an M2M RSP environment. It’s function is to take the raw profile information from an MNO, personalise it with the appropriate IMSI/Ki pair information and convert it into a form that is suitable for transmission by the SM-SR to the eUICC/eSIM.
The process for a profile download in an M2M environment is as follows:
- SMS sent to eUICC by the SM-SR via the SMSC belonging to the provider of the provisioning profile to trigger a session
- eUICC requests that the device sets up a data session using BIP and the URL ( or IP address ) of the SM-SR ( contained in the SMS )
- CAT_TP or HTTPS transport link established between eUICC and SM-SR ( ES5 )
- A secure channel is established between the SM-DP and eUICC
- A profile download is initiated by the SM-DP
Remote Application Management ( RAM ) or Remote File Management ( RFM ) can be implemented between the SM and eUICC using the data connection as per above or simply using SMS.
The latest version of the Microsoft Surface ( Surface Pro LTE ) has a consumer eSIM built into it. The version of eSIM is thought to comply with Version 2 of the consumer GSMA RSP standard. This provides LTE/4G service without the need for a regular SIM. However in addition the Surface has a slot for a regular removable plastic SIM card. It is possible to buy and download data plans for various countries using an LPA incorporated into Windows 10.
Operating instructions can be found here.
Machines incorporating eSIMs are expected shortly from Acer, Asus and Lenovo.
Consumer eSIMs are defined by GSMA documents SGP.21 and SGP.22. SGP.21 is a functional specification while SGP.22 defines the technical realisation of the functional spec. Within the GSMA SGP.21 is defined by the GSMA member operators ( MNO’s ), while the OEMs are tasked with producing SGP.22 which is the technical implementation specification.
The figure below describes the basic architecture used for Consumer eSIMs.
The consumer specification is a later addition than the M2M version. The separate functions of the SM-SR and SM-DP have been combined into a single function SM-DP+. This is responsible for both establishing a secure programming channel to the eUICC and manipulating and personalising the Profile that is provided by the MNO into a suitable format for download. Certificates loaded into each component above and issued by a trusted Certificate Issuer ensures that the whole process is secure.
The major addition is that of a Local Profile Assistant ( LPA ) in the device that allows the End user to control what profile is active and select new profiles. There is no need for a provisioning profile as the device can be connected to the Internet using WiFi.
M2M eSIMs are defined by GSMA documents SGP.01 and SGP.02. SGP.01 is a functional specification while SGP.02 defines the technical realisation of the functional spec. Within the GSMA SGP.01 is defined by the GSMA member operators ( MNO’s ), while the OEMs are tasked with producing SGP.02 which is the technical implementation specification.
Most M2M eUICC’s currently in the field comply with version 3.1 of SGP.02.
The figure below describes the basic architecture used for M2M eSIMs.
An SM-SR is responsible for establishing a secure programming channel to the eUICC while an SM-DP manipulates and personalises the Profile that is provided by the MNO into a suitable format for download. Certificates loaded into each component above and issued by a trusted Certificate Issuer ensures that the whole process is secure.
There are two distinct kinds of profile in the eUICC. The provisioning profile provides default connectivity so that the eUICC can be bootstrapped into full functionality by downloading an operational profile.
Further information about M2M eSIMs can be found on the GSMA web site.
Currently mobile service is distributed on a plastic SIM card that must be purchased and inserted into a device. As SIM cards are becoming smaller and now require a tool to replace them in a device this is inherently more expensive, less reliable and problematic. Whereas most other ‘digital’ services can be purchased online and downloaded ( or streamed ) to a device. Examples of this are music, movies and eBooks. The connected car is being designed with inbuilt eSIM’s ( or eUICC’s ).
The GSM Association ( GSMA ) have developed a standard that has been accepted by most of their member operators around the world ( details here ). This allows the intrinsic ‘digital signature’ content of a SIM card to be downloaded ‘Over-The-Air’ ( OTA ). They initially referred to this as ‘Remote SIM Provisioning ( RSP )’ and the chips that facilitate this were known as eUICC’s ( Embedded Universal Integrated Circuit Cards ), however these chips and the whole technology are now being referred as part of the wider eSIM terminology.
There are 2 different kinds of eSIM, one that is used in Machine to Machine ( M2M ) devices like connected cars and the other that is used in Consumer devices like mobile phones.
eSIMs offer significant advantages over conventional removable plastic SIM cards. They are smaller, more robust and can be remotely programmed. Their programability means that a single skew of device can be made for several countries and removes the need for expensive field engineers to replace the SIMs in an M2M application.
In order to remotely provision an eSIM it is necessary to have some software loaded in a server which is called ‘Subscription Manager ( SM )’. The Subscription Manager for an M2M eSIM has 2 components, one is called the SM-DP ( Data Preparation ) and the other is called the SM-SR ( Secure Routing ). The SM in the consumer world has combined and enhanced both functions and is called an SM-DP+.
In the consumer world it is preferable to have a server where the end user can discover what mobile services ( profiles ) are available. This is called a Discovery Server ( SM-DS ).