Our technological expertise extends across a wide array of interrelated standards defined by industry bodies such as GSMA, 3GPP and TCA*


These standards describe the functionality of smart cards in general and the telecom specific security tokens SIM and eSIM is particular. With senior experts that have been part of the industry for decades we possess a deep understanding of this technical landscape.

By actively engaging with the different governing bodies we are shaping the evolution of these technologies, while gaining insights of where the technology is going to move tomorrow.


* GSMA=GSM Association | 3GPP=3rd Generation Partnership Project | TCA=Trusted Connectivity Alliance



In December 2013, the GSMA released version 1.1 of the “Remote Provisioning Architecture for eUICC”, creating the de facto standard for Subscription Management systems. The technology has evolved ever since across segments and its implications are now becoming ever more crucial for all involved participants.

Read more about the history and technical details of the GSMA standards or download our eSIM handbook.


Remote profile management was already defined in GSM under the term OTA (Over-The-Air). It is used by a mobile network operator (MNO) to access and update its profile which is either loaded on SIM (single profile, non-reprogrammable) or eSIM (multi profile, reprogrammable).

In both cases OTA can be used to manage the profile's data files as well as its applications without having a physical connection to the card.

Java Card

The first Java Card was introduced in 1996 and is now widely used as the OS for embedded security tokens across industries such as mobile telecom, banking and health. It's a software technology that allows Java-based applications, so called applets, to be run on smart cards.

These applications give the card issuer the ability to make the devices application specific and to create interoperable applications not bound to a specific manufacturer's smart card product.


Leveraging a hardware secure element, or ‘Root of Trust’, to establish end-to-end, chip-to-cloud security for IoT products and services is a key recommendation of the GSMA IoT Security Guidelines. This requires both the provisioning and use of security credentials that are inside a secure place within the device.

IoT SAFE (IoT SIM Applet For Secure End-to-End Communication) provides a common mechanism to secure IoT data communications using a highly trusted SIM, rather than using proprietary and potentially less trusted hardware secure elements implemented elsewhere within the device.