eSIM introduction

e for
embedded

When in 1991 the first digital cellular mobile GSM network launched, one of the key components of the system architecture was a removable smart card called SIM, the subscriber identity module storing subscriber specific information. It made the mobile device independent of the user’s subscription and with a simple exchange of an intelligent piece of plastic the user would be able to switch from one connectivity provider to the other. This contributed significantly to the massive expansion of the mobile telecommunications market ever since.

In the 2000’s, however, the increasing use of machine to machine (M2M) applications in tough industrial environments drove the need for non-accessible SIM cards, embedded and sealed within the device. So the European Telecommunications Standards Institute (ETSI) released a specification for M2M SIM in 2010 introducing the soldered form factor MFF (M2M Form Factor).

Figure 1: ETSI defined form factors

Difficult if not impossible replacement of the SIM (aka UICC), on the other hand, should not result in a permanent lock-in with the mobile network operator (MNO) issuing the cards since the lifetime of M2M devices can be very long with typically 10 years and more. This raised the requirement for a remote management solution of the complete “embedded UICC” (eUICC, now commonly referred to as eSIM), including network access applications and related credentials, for which the traditional SIM was unsuited.

Figure 2: Traditional SIM lifecycle

The GSM Association (GSMA) took over the task of developing an industry standard for eSIM and the Subscription Management functionality. An important aspect of the GSMA specification design was to add remote profile management capabilities while maintaining the existing SIM ecosystem, including established ordering and activation processes, as well as compliancy with the well-known SIM standards developed by ETSI and 3GPP (3rd Generation Partnership Project). As a result the eSIM does not differ from the regular SIM card in terms of device and mobile network interfaces but is an extension of the existing technology.

eSIM
principle

As defined by GSMA, the term eSIM refers to the explicit functionality of the operating system to store multiple MNO profiles and perform remote provisioning and management of these profiles after its issuance. This allows the separation of the profile (i.e. the connectivity) lifecycle from the hardware lifecycle, which is not available with the plastic SIM card that links the profile to the card at the time of production in a non-reprogrammable way.

Figure 3: eSIM lifecycle

The new capability of remotely managing operator profiles needed to offer at least the same level of security as with existing SIM card management systems. GSMA selected time-proven Global Platform (GP) card management standards as well as state-of-the-art algorithms (Elliptic Curves Cryptography, AES) to make sure that eSIM technology would not compromise mobile network security standards.

Although the term “embedded” may imply this, not every non-removable SIM is an eSIM.

It is the functionality - not the form factor - that defines eSIM; the functionality can be made available as removable 2FF/3FF/4FF, embedded MFF1/MFF2 or in non-standardised formats.

The evolution of mobile IoT technologies (e.g. LTE-M, NB-IoT) that constantly seeks decreasing size and power consumption of devices, including the eSIMs soldered in these devices, is leading to the emergence of further eSIM form factors. The integrated SIM (iSIM or iUICC) is one such example where the eSIM functionality is implemented in a trusted environment of the System-on-Chip (SoC). This is not yet standardised and several industry implementations can be expected.

MNO
profile

The core functionality of the operator profile, since inception of the first digital mobile standard GSM in the 1980s, is the storage of subscriber credentials and the implementation of algorithms used for network access authentication. Whether 3G, LTE or 5G - its role in the 3GPP Authentication and Key Agreement (AKA) remains a key feature of cellular mobile network security.

Figure 1: Authentication and Key Agreement (AKA)

The operator profile, in order to perform the authentication procedure as well as numerous other tasks, must contain at least the following components:

MNO-SD (MNO Security Domain)

  • managing the applications in the profile on behalf of the profile issuer, i.e. the mobile network operator (MNO)
  • MNO-SD performs same function as ISD (Issuer Security Domain) on SIM

NAA - Network Access Application

  • applications such as SIM, USIM and ISIM, which are selected by the device in order to access the related mobile network

File System - containing

  • data files (Elementary Files - EF) that store subscriber and network information
  • directory files (Dedicated Files - DF/ADF/MF) that allow functional grouping of files

Figure 2: MNO Profile on eSIM (eUICC) vs. SIM (UICC)

Further applications and Supplementary Security Domains (SSD) may also be part of the profile depending on the requirements of the operator controlling the profile.

eSIM
architecture

Decoupling the profile from the platform, which are bound together on SIM, requires a mechanism to securely isolate the profiles and the eSIM platform, providing access only to the respective owner.

Distinct Security Domains are specified for this purpose based on existing GlobalPlatform standards: the ISD-P for each profile owner and the ISD-R for the eSIM owner. The ECASD (eUICC Controlling Authority SD) provides cryptographic services to ISD-R and ISD-P.

Figure 3: eSIM (eUICC) architecture

Overview of eSIM Security Domains:

ISD-R: Issuer Security Domain Root

  • performs eSIM management functions on ISD-Ps
  • installed and personalized by eSIM manufacturer (EUM)

ISD-P: Issuer Security Domain Profile

  • hosts a unique profile
  • contains connectivity parameters and policy rules for eSIM management procedures
  • only one ISD-P is enabled at any point in time

ECASD: eUICC Controlling Authority Security Domain

  • the ECASD is installed and first personalized by EUM during eSIM manufacturing
  • its services can only be used by ISD-R and ISD-Ps

Designing eSIM based on established standards, for all its advantages, also creates challenges. SIM and eSIM, as defined today, contain complex functions for running and managing applications as well as legacy elements acquired over three decades of mobile technology evolution.

Especially in the highly cost sensitive IoT market there’s a clear need for solutions with a smaller footprint that focus on the core functionality of network authentication and more efficient profile download and management procedures without compromising overall network security.