iOS 12.1 Public Beta 1 supports eSIM on iPhone XS eSIM support added to iOS 12.1 Public Beta 1

Apple have added eSIM support to the latest version of their iOS 12.1 Public Beta 1. The LPA now includes an LUId that allows the subscriber to either scan a QR code or enter an activation code manually.  All that the subscriber has to do is purchase an appropriate activation code/QR code from an Operator and download the profile. This is effected by going into ‘Settings’, selecting ‘Mobile Data’ and then selecting ‘Add Data Plan’. It is curious that when UK English is set in the phone, Apple are referring to ‘Data Plan’ when there is no reason why a downloaded profile could not support Voice, SMS and Data. Although when the language in the phone is switched to US English the menu entry becomes ‘Add Cellular Plan’. It would appear that Apple will permit voice, SMS and data and that the UK English words are a bit misleading. Another point of note is that there does not yet seem to be any UI for searching for available plans using any form of Discovery Service.





eSIMs in Apple XS and XR iPhones Apple have annouced that the latest iPhones will include an eSIM

Yesterday ( 12th September ) Apple announced that the new XS, XS Max and XR iPhones will include eSIMs in addition to the normal nano-SIM slot that holds a physical plastic SIM. This allows a user to have 2 mobile plans ( and telephone numbers ) in their phone at the same time. As expected, they are supporting the Dual SIM Standby standard rather than the Dual SIM Active mode. This means that only one line can be active at any time. If you are on one line and a call comes in on the other then the incoming call will go to voicemail.

The eSIMs will not be available on the Chinese version of these phones – apparently for regulatory reasons. Instead a version of the XS Max will be available that supports two back to back physical plastic nano-SIMs in this region. Apple have been fitting eSIMs into the cellular versions of their iPads for some time and seem to be offering similar carrier support to iPhone users that is available for iPad users. 

They currently list several local MNOs that provide local service and a couple of MVNOs with global roaming support.

The new phones will begin shipping on 21st September. The Apple web site says that in order to take advantage of the eSIM the user will need “an update to iOS 12 coming later this year”



iOS 12 should be available on 17th September, although it would appear that eSIM support will not be in 12.0.  The update will contain additional settings to provision a new mobile service in the eSIM or switch between services. These are outlined in a support note on the Apple web site. Provisioning is effected in much the same way as used in Android Pie, either by scanning a QR code supplied by the operator or downloading a carrier app provided by the operator. It is not clear whether Apple have released the information to developers to facilitate the development of a carrier app.

Android Pie support for eSIMs eUICCs are supported in the latest version of Android Pie

Google fully released version 9 of their Android OS on 6th August. They have called this ‘Pie’ or ‘p version’ and has level API 28. For the first time Android have included API’s to manage eUICCs whereas there is currently no support for eUICCs in IOS.

The Pixel 2 phone from Google can be upgraded to Pie and has an eUICC built-in. The Pixel 3 is expected to be shipped in October already loaded with Pie. Project Fi ( Google’s mobile service ) makes use of the eUICC, but is currently only available for USA customers.

Support for eUICC’s in a handset requires some software in the phone called a Local Profile Assistant ( LPA ).  The LPA in Pie comes in the form of a ‘back end LPA’ which is built into the OS and a separate front end LPA or ‘Carrier App’. The back end LPA communicates with the eUICC and Subscription Manager ( SM-DP+ ) while the Carrier App provides the User Interface ( UI ) to allow the subscriber to request profile downloads and switch between them. The Carrier App is normally supplied by the mobile operator that is offering their profiles to provide service to the subscriber and can be branded accordingly. It communicates with the back end API through a series of API’s supported by Pie’s SDK. Service is normally sold to the subscriber by providing them with an Activation Code. This can either be a plain text code or a QR code and is entered into the Carrier App usually by the subscriber.

Carrier Apps require special permissions, called Carrier Privileges which were introduced in Android 5.5. This requires signing the App with a certificate and a key provided by the Mobile Operator and then loading the ‘fingerprint’ produced by the signing mechanism onto the SIM card or eUICC. This ensures that only Apps produced by a specific carrier can control information on their SIMs.

In older versions of Android it was possible to download an App from the Google Play store called eSIM Manager but this is now built into Pie and no longer required.

‘iPhone X Plus’ – eSIM or dual SIM slot? Will one of the new iPhones have an eSIM, dual-SIMs slot or neither?

There has been much speculation as to whether one of the new iPhones that are due for launch in September will be fitted with either an eSIM or provide a dual SIM slot or neither.

There is no doubt that eSIMs are the future and that at some point all handsets will be fitted with one. However the GSMA consumer standard for eSIMs has experienced a bit of a set-back recently with the US Department of Justice investigation. This concerns the push by some operators to build into the standard a method of locking the phone so that it will only work with the SIM card with which it was supplied.

Phones that support 2 physical SIMs via a dual-SIM slot are extremely popular in the Asian market with most Chinese manufacturers ( e.g. Huawei and Xiaomi ) offering them. There are 2 different kinds of dual SIM phones. One is called ‘dual-SIM standby’ ( sometimes referred to as DSS ) and the other is called ‘dual-SIM active’ ( DSA ). DSS allows only 1 SIM to be active at any time while DSA has 2 radios that allow both SIMs to be active at once. It is thought that Apple will be supporting the DSS method of operation.

Much of the rumour has been fuelled by the discovery of references in iOS 12 Beta 5 to ‘second SIM status’ and ‘second SIM tray status’. The latter would infer that Apple intends to provide 2 physical SIMs rather than a regular SIM plus eSIM. However it is unlikely that Apple would incorporate 2 separate physical SIM trays. All of the Chinese manufacturers use the neater solution of having a single large tray that takes 2 SIMs.

Apple is rumoured to be launching 3 phones, a 6.5 inch OLED screen iPhone X Plus, a 6.1 inch LCD screen iPhone and a 5.8 inch revamped iPhone X. One theory is that the dual SIM slot will only be provided on the cheaper 6.1 inch LCD version and that this will only be supplied to the Chinese market. Although it would be odd if Apple was to make the cheaper version more attractive in the Chinese market than it’s most expensive flagship OLED version.

One must ask why dual-SIM handsets are very popular in the Asian market and almost non-existent in Europe and North America! It is unlikely that the preferences of European subscribers are totally different from those of Chinese end users. One may become persuaded that the dearth of dual-SIM phones in one region is due to once again the insistence of some operators to lock the phones to the SIM. If there was a second SIM then this may become used more than the primary SIM. It will be very interesting to watch how Apple market dual SIM phones, whether they have 2 physical SIMs or a single plastic SIM with eSIM.

We will have more news soon.

GSMA Public Key Infrastructure ( PKI ) Certificate Policy

The GSMA implement a trusted system using certificates based on Public Key Infrastructure ( PKI ) to control what components of a Remote SIM Provisioning system can talk to each other.

The policy is outlined in SGP.14

In order to permit any certified component can talk to any other certified component the GSMA issue signed root certificates.

They have appointed Cybertrust to act as the Root Certificate Issuer for M2M RSP systems ( version 3.1 ) and Digicert as the Certificate Issuer for Consumer RSP systems. The Cybertrust root certificates were acquired by Digicert in 2015. In order to obtain a certificate from one of these sources it is necessary to have SAS certification.

Different kinds of eSIMs

Currently mobile service is distributed on a plastic SIM card that must be purchased and inserted into a device. As SIM cards are becoming smaller and now require a tool to replace them in a device this is inherently more expensive, less reliable and problematic. Whereas most other ‘digital’ services can be purchased online and downloaded ( or streamed ) to a device. Examples of this are music, movies and eBooks. The connected car is being designed with inbuilt eSIMs.

On this site, the word ‘eSIM’ will be used to describe any mechanism used to facilitate an IMSI/Profile download. There are basically 3 main kinds of eSIM:

  1.  eSIMs that comply with standards developed by the GSM Association ( GSMA ). These offer a very high level of security and are accepted by most of the tier 1 MNOs. They derive their level of security by relying on a physical device, a chip which is commonly called an Embedded Universal Integrated Circuit Card ( or eUICC ). These are currently more common in Europe and North America.
  2.  Devices that incorporate software that provides the same functionality of a physical SIM chip. These offer less security than a physical eUICC, but provide a lower cost Bill of Materials. These are very popular in Asia and are commonly referred to as SoftSIMs. Each SoftSIM implementation tends to be proprietary.
  3.  System on a Chip ( SoC ) devices that integrate the eSIM functionality inside an SoC device such as a GSM modem processor chip. They are a cross between an eUICC and a SoftSIM in that the eSIM functionality is implemented in a silicon ‘trusted zone’ inside the processor. These are currently being developed and there is no standard for this.

eSIM Profile format from SIM Alliance

It is not specified what format should be used to deliver the generic profile from an MNO to an SM-DP or SM-DP+ operator or in a SoftSIM/SoC eSIM application. There are various file formats that can be used to provide the profile e..g UXP, ASN.1 or even a simple Excel spreadsheet. The most commonly used format is UXP as specified by the SIM Alliance. This is called the SIM Profile Mark-up Language and is based on XML.

In addition a file of IMSI/Ki pairs must be generated in order to personalise the generic profile.

Connected cars with built in eSIM,eUICC

All new cars are being designed as being ‘connected’. An eSIM ( eUICC ) provides a better approach in the connected car than a conventional removable plastic SIM. It is more smaller, more robust and can be remotely programmable. By incorporating a programmable device this means that car manufacturers can make a single model that can be sold in various countries. In this application the security provided by an eUICC is key and there is no way that SoftSIMs would be acceptable.

eCall/112, now mandatory for all new car and light commercial vehicle models in the European Union from 31 March 2018, will shorten the time between an accident and the arrival of the emergency services by up to 50 percent throughout Europe, and reduce the number of fatalities on the road by around 10 percent.

In Russia there is an equivalent service called ERA-GLONASS which is based on the Russian GLONASS satellite positioning technology rather than GPS.

An eSIM is ideal to provide these services. In addition they can offer services such as accident management, breakdown and maintenance management, remote vehicle diagnostics, and remote services for customers.