eSIM Growth: What You Need to Know About GSMA Specifications

Bee Hayes-Thakore -
eSIM Growth: What You Need to Know About GSMA Specifications
Illustration: © IoT For All

The introduction of the eSIM is a big change. In fact, for device personalization and customer account identification, it’s the most significant one for decades – with benefits for device makers and connectivity network operators alike. Now, the momentum of eSIM adoption with 5G IoT is accelerating. In May 2023, GSMA released the new eSIM for IoT Specification (SGP.32 v1.0), all of which we will discuss.

At least 175 mobile service providers already offer commercial eSIM services for smartphones spanning more than 69 countries. Juniper Research forecasts the value of the global e-SIM market will increase from $4.7 billion in 2023 to $16.3 billion by 2027. Further, IoT connections will outpace smartphone eSIM growth by 2026.

Although device shipments and projections are sound indicators, eSIM profile downloads show real activity – encouraging estimates from Trusted Connectivity Alliance show that IoT/M2M eSIM downloads increased by 148 percent in 2022.

Counterpoint Technology and Research projects that more than 6 billion xSIM (eSIM + iSIM) devices will be shipped over the next 5 years in its eSIM Devices Market Outlook. 70 percent of all cellular devices shipped in 2030 will sport an eSIM. Further, iSIM (iUICC) will grow fastest as it becomes the preferred SIM form factor by 2030 for all cellular categories.

eSIM Hypergrowth

eSIM technology is set for hypergrowth and is crossing a critical inflection point, as many respected analysts in the industry observe. Another vital factor bringing eSIM to the fore is that the latest Release 17 of the 3GPP standards that define the 5G technologies have also incorporated full support for NB-IoT and CAT-1 Low Power Wide Area Networks (LPWAN) as “New Radio” or NR.

“eSIM technology is set for hypergrowth and is crossing a critical inflection point, as many respected analysts in the industry observe.”

So, to support OEMs who wish to take advantage of the growth potential of eSIM, there needs to be a standardized approach to eSIM management and services. This is the remit at hand of the collaboration of the eSIM Working Group at GSMA.

This group looks after the eUICC definition in consumer and IoT, eSIM discovery service, eUICC identity scheme, and eUICC security accreditation. Kigen has been deeply invested in helping build the specifications at GSMA, with many of our technical experts contributing to multiple working groups.

Advancing eSIM Growth With Standards

May 2023 marked a key milestone with GSMA releasing the new eSIM for IoT Specification (SGP.32 v1.0).
Kigen’s Saïd Gharout leads the GSMA eSIM Working Group 7, which defines the SGP.31 and SGP.32 GSMA eUICC Specifications for IoT Remote SIM Provisioning (RSP). We sit down with Saïd to ask some questions and learn about all you need to know about eSIM RSP for IoT:

How Did eSIM Come to Exist?

Innovations leading to cellularly connected machines with the rise of IoT saw a need for SIMs to further reduce in size, increased spoilage resistance, and offer greater electrical and memory endurance.

ETSI (via TS 102 671, first published in 2010) took notice of this and, to ease their adoption and ensure quality assurance, standardized a new class of SIM with more robust physical and logical characteristics. This included a move from discrete, physical SIM cards to “soldered down” M2M form factors, which delivered on the resiliency requirements but posed an issue around choosing or switching networks.

To address this, the GSMA (the Carriers’ industry trade association), agreed to establish a solution through an industry-backed set of specifications via a specialized SIM group. GSMA released the first version of this, defining eSIM that is suitable for Remote SIM Provisioning to target the M2M market, in 2013.

Since then, the world of IoT has evolved beyond the point-to-point connectivity that the terminology of M2M applied to and moving more towards hyper-connected cloud and data. For this, the eSIM group has been exploring how to simplify RSP for the variety of use cases IoT now serves.

What Specifications Are Most Relevant?

Specification relevance will depend on the role and or activity you perform. For anyone looking to build a GSMA-compliant IoT RSP component or deployment, SGP.31 & SGP.32 explain why and how to implement the standards.

Beyond the two core documents, the testing (SGP.33) and conformance (SGP.24 with IoT RSP extensions) documents are used to ensure you can assure your offering is interoperable and have it accepted in the market. Where appropriate must be referenced together with the consumer specifications SGP.21 v2.4 & SGP.22 v2.5 which set out requirements, architecture, and description of eSIM across the board.

Lastly, not everyone needs to be an expert in these documents themselves to take advantage of these specifications.

Why is a New IoT eSIM Specification Needed?

IoT is seen as an emerging market, with its origins set in M2M. However, as new technologies diversified cloud connectivity and wider data usage, IoT use cases blur the boundary between consumer and M2M.

As ideas for new connected things and their deployment options emerge, the original business cases and requirements that initially scoped the M2M and consumer RSP architectures fell short of fulfilling what is now expected for IoT.

Learning from customer feedback for how pragmatically specifications ease interoperable and scalable IoT has been a core of Kigen’s collaboration at the GSMA. The focus of the collaboration since the initial RSP architecture was defined has been to ensure maximum security for all stakeholders and coverage of evolving needs. Now, with the new specification published, MNOs and providers are ready to support OEMs in the knowledge that they offer support for the widest set of use cases.

Changes from M2M to IoT eSIM RSP

There are three main drawbacks to the M2M specifications:

  1. The mandated use of either SMS or HTTPS to deliver the Profile from the SM-DP to the eUICC is challenging for memory-restricted LPWAN devices.

  2. Complex integration between SM-SR and SM-DP.

  3. SM-SR needs to be configured at eUICC manufacturing. In some scenarios, we don’t know which SM-SR will be used at deployment. This makes it harder to support global deployments in countries which may require a swap to comply with regulations.

eIM is a standardized eSIM provisioning tool allowing large-scale deployment and management of eSIM‑enabled IoT devices. eIM is defined in GSMA SGP.31 and standardizes the process for the mass deployment of eSIM-enabled IoT devices.

The IoT specifications give interoperable resolutions for all the points described above:

  • A wider list of protocols has been specified to cover many categories of devices. CoAP/UDP/DTLS has been specified for LPWAN Devices. It is also possible to use HTTP/TCP/TLS for broadband devices. It also defines mechanisms for the eIM to verify the compatibility with the IoT Device.

  • The eIM can communicate with any IoT Device and any SM-DP+. The IoT Device can communicate with any SM-DP+ or any eIM. There is no need for pre-negotiation between actors.

  • eIM can now be configured flexibly at eUICC Manufacturing, IoT Device manufacturing, or in the field, whichever suits the manufacturing flow better. The process of adding, deleting, or changing an eIM is fully standardized.

There may be situations in which OEMs may use the older M2M specification; however, with a more capable way to manage large-scale eSIM-based deployments, momentum is shifting to the new RSP IoT Specifications.

Addressing the Transition

In many IoT use cases and industries, a device has a much longer lifecycle (10-20 years), and contracts in those industries are significantly longer than in consumer use cases. We anticipate that OEMs will take advantage of the simpler eSIM IoT functionality and flexibility for the majority of new deployments. We already see leading businesses in smart metering and energy, logistics, and transportation are active in preparing to use the new IoT specification.

In addition to the eIM, the new eSIM IoT Specification introduces a simplified IoT profile assistant (IPA). This is a tuned local profile agent available in two variants that can run either directly on the eUICC (LPAe) or in the IoT device (LPAd). Both operate the same way as far as the eIM and SM-DP+ are concerned. Customers can activate local profile switching in more convenient and user-friendly forms.

Lastly, a common challenge for OEMs is when an MNO issues profile subscriptions for eUICC, the end deployment model or geography is unknown.

How to Prepare

OEMs and MNOs should consider end-to-end testing for eUICC devices that will use their eSIM IoT solutions. There will be some variances depending on whether the IPA runs in the eUICC or the device module and how these connect to the SM-DP+ and eIM.

Bee Hayes-Thakore - VP Marketing, Kigen UK Ltd

Kigen is the global security leader for Integrated SIM (iSIM) and eSIM technology solutions and services or connected devices. Connect with #futureofSIM conversation on LinkedIn and via Kigen_Ltd on Twitter.
Kigen is the global security leader for Integrated SIM (iSIM) and eSIM technology solutions and services or connected devices. Connect with #futureofSIM conversation on LinkedIn and via Kigen_Ltd on Twitter.