Industry Insights

previewImage

February 15, 2017

Remote SIM Provisioning of eUICCs for M2M and Consumer Devices

Article published in COMPRION Customer Magazine “Testability Times“, January 2017

Today, mobile data communication is used in two rather different environments: machine to machine (M2M) and consumer devices. M2M is the communication of two machines without any human interaction. Consumers obviously show a different behavior than machines and have specific equirements. That’s why the GSMA has created two different sets of eUICC standards.

 

The Two GSMA Specifications

  • M2M

    In 2014, the GSMA (supported by many leading operators, two major M2M alliances, and a large number of equipment manufacturers) finalized the GSMA Embedded SIM Specification that regulates the remote SIM provisioning for M2M. The key idea of this attempt was to agree on a single, common, and global approach to speed up growth in the M2M market. The latest GSMA specification delivers a standardized subscription management architecture that guarantees profile interoperability: a basic prerequisite allowing all ecosystem players to work on common ground.

  • Consumer Devices

    In January 2016, the GSMA released the first version of a specification that allows consumers to activate the SIM embedded in a device such as a smart watch, fitness band, or tablet from a remote location. With the SGP.21 RSP Architecture 1.0 and the SGP.22 Technical Specification 1.0, the GSMA delivered the first important building block that can be used for implementation in simpler products. In June 2016, a second version of this specification has been released introducing an extended feature set. The next step is creating a test specification that is expected to be released in spring 2017. COMPRION is part of the Test Expert Team (TET) drafting this document.

 

M2M Environment

The characteristic of M2M communication is that no user interaction is required. The profile management activities are pushed exclusively by the MNO or service provider.

 

 

 



GSMA eUICC architecture in M2M environment

 

To allow remote access to an M2M eUICC, the GSMA has specified several key entities:

  • The Subscription Manager Data Preparation (SM-DP) securely packages and encrypts the profiles, and manages the installation of these profiles within an Issuer Security Domain Profile (ISD-P) onto the eUICC using the ES8 interface. Download and installation are protected by credentials shared between the SM-DP and the eUICC.

  • The Subscription Manager Secure Routing (SM-SR) ensures the secure transport of both, eUICC platform and eUICC profile management commands in order to load, enable, disable, and delete profiles on the eUICC using the ES5 interface and the card-based Issuer Security Domain Router (ISD-R).

  • The Mobile Network Operator (MNO) owns the profile and initiates procedures as profile download, enabling, disabling, or deletion.

  • The eUICC Manufacturer (EUM) issues the eUICC certificate for a specific individual eUICC that enables eUICC authentication and certification to other entities.

 

 

Consumer Device Environment

Users of consumer devices like smartphones or wearables want to choose their carrier. Hence, they want to decide, which profiles should be available and activated on the eUICC.

 

 

GSMA eUICC architecture in consumer device environment


This requires the following individual roles and entities within the consumer device environment:

 

  • The End User plays the role of a decision-maker who triggers the RSP procedure.

  • The Local Profile Assistant (LPA) is part of the device, connected to SM-DP+/LDS and directly to the eUICC, and taking the end user requests. Once triggered, it initiates the profile download and controls the execution of the respective profile management actions on the eUICC.

  • The LPA consists of the Local User Interface (LUI), Local Profile Download (LPD), and Local Discovery Service (LDS).

  • The LDS is also part of the device and connects to the Subscription Manager Discovery Service (SM-DS) to look for available SM-DP+ server events.

  • The Subscription Manager Data Preparation (SM-DP+) securely packages, encrypts, and binds profiles to devices/eUICCs and provides these profiles for download onto the eUICC using the ES8+ interface.

  • The eUICC Manufacturer (EUM) issues the eUICC certificate for a specific individual eUICC that enables eUICC authentication and certification to other entities. This is done by the help of the “root of trust” entity, called Certificate Issuer (CI).

 


Matthias Krampe, Product Marketing Manager


Latest news

previewImage
GCF Validation of COMPRION GSMA SGP.23 RSP Device Tests Activates GCF Work Item 274

Thanks to newly validated test cases on a COMPRION test platform, an important step forward was taken for the eUICC consumer devices ecosystem: Remote...

Read more

previewImage
Design Validation Platform Among Finalists of SESAMES Awards

The new solution stands out through a unique vector field probe which enables manufacturers and integrators of NFC readers to validate their...

Read more

Kathleen Knievel

Corporate Marketing Manager

Phone +49 5251 6859 154
kknievel@comprion.com

Related Products

RSP M2M Platform
The flexible platform for advanced testing of M2M remote SIM provisioning scenarios

Read more

eUICC Profile Manager
The modular tool for efficient eUICC life cycle management

Read more

COMPRION Network Bridge
The lean software solution for testing OTA remote provisioning capabilities of non-soldered (e)UICCs

Read more

Read Also