SoftSIMs implement eSIM functionality in software and so presents a very low cost solution. This approach is very popular in Asia where it is considered essential to have a very low Bill of Materials ( BoM ). The implementation of a SoftSIM eSIM solution is proprietary as no standards bodies have got involved with this method yet.
The software that facilitates a profile download can execute in one of 3 ways:
- On the GSM modem processor ( e.g. the Qualcomm or MTK chip ) but does not use a silicon trust zone and so does not offer a very high level of security. The manufacturers of the GSM modem chips have released demonstration code that can be used for this.
- On the processor of the OEM device itself. Most of the large Chinese handset manufacturers ( such as Xiaomi and Huawei ) offer this kind of solution and refer to it as a ‘virtual SIM’ or ‘virtual roaming’ solution.
- In an STK applet on the SIM processor chip inside a conventional SIM Java-card. This is usually implemented by sending a message via USSD to a server requesting a profile download and then sending the IMSI/Ki pair via an encrypted SMS
ETSI ( group SCPTEC#73 ) have been specifying a standard called Smart Secure Platform ( SSP ). The functional requirements for this standard are outlined in ETSI TS 103 465 and the technical requirements in ETSI TS 103 666. The standards are expected to be published in the next 3 months. The 3GPP anticipate incorporating this standard into Release 15 of their specification. This is the version that specifies 5G.
The ETSI SSP standard defines certain functions which ETSI call ‘bundles’ that can be implemented in the smart card such as eSIM functionality, payment and identity.
It is possible to go further than the current eUICC specifications and implement the eSIM functionality in the baseband modem chip itself. This approach is being referred to as iUICC ( Integrated Universal Integrated Circuit Card ) and is being driven by GSM modem manufacturers such as Qualcomm.
ARM Technology have announced a similar solution that makes use of the TrustZone technology on their SoC ( System On a Chip ) which they are calling iSIM.
GlobalPlatform have signed an MoU with the IoT Connectivity Alliance ( ICA ) to promote the use of their two secure component technologies, Secure Element (SE) and Trusted Execution Environment (TEE) in an IoT environment. It is envisaged that their Virtual Private Platform ( VPP ), details of which can be obtained here.
The GSMA have a working goup looking at specifying an iUICC solution.
A key requirement for eUICC’s to operate in a device ( see Annex G of SGP.02 ) is that the device supports Bearer Independent Protocol ( BIP ). This protocol exists only between the device and the eUICC and enables an eUICC to request the device to set up a data session with the SM server. This provides a much faster method of access to the eUICC than SMS. A good explanation of BIP can be found here.
Unfortunately not many devices in the field support BIP. Even though new devices are being designed to incorporate support for BIP, this has severely restricted the adoption of eUICCs
The SM-SR communicates with the eUICC using a secure channel on interface ES5 – either SCP80 or SCP81.
In addition the SM-DP will establish an SCP03 or SCP03t secure channel ( ES8 ) which tunnels through the ES3 link between the SM-DP and SM-SR and through the secure ES5 channel between the SM-SR and eUICC.