Remote SIM Provisioning

The SIM card acts as a highly secure personalized container that allows the telecom operator to bind the communication device to a contract concluded with the end user. Today, SIM cards are issued by a mobile operator. It transfers it to the end user for installation in the device. Any use of the SIM card by other service providers should be coordinated with the operator issuing the card and carried out with its direct participation. The complexity of this process and the lack of interest of the card issuer stopped the development of third-party services and sometimes forced users to have several cards of different operators.

Now it is proposed to transfer the SIM card emission function to a global trusted center managed by GSMA or independent service providers. When concluding a contract, the communication operator acts as an intermediary between the trusted center and the end user, transmitting to the user a set of cryptographically protected data to activate his profile in the communication device. The user enters this data set into his device, after which the device confirms the new profile in a trusted center by connecting to its servers via the Internet. The service provider must provide such a connection.

Thus, the mobile operator becomes one of many equal users of a SIM card service that does not actually belong to it. Anyone who wants to create a service based on SIM cards will negotiate with a single trusted center, and not with many mobile operators.

Embedded SIM (eSIM)

Since such an architecture does not require a separate SIM card from the communication device, it is proposed to make the SIM card non-removable: it will be installed by the device manufacturer. This initiative is called embedded SIM (eSIM). Integration of the card into the device will reduce the cost of the device due to the rejection of the card installation design and reduce the cost of ownership of the device due to the rejection of SIM cards. This savings is especially relevant in connection with the upcoming mass spread of the Internet of things technologies.

A number of specifications have been released as part of the technology. Recent changes are dated 2017. The most interesting documents:

• SGP.21 "RSP Architecture"
• SGP.02 “Remote Provisioning Architecture for Embedded UICC Technical Specification”
• SGP.22 "RSP Technical Specification"

• Understanding by mobile operators of the need to support the concept of always best connected - the possibility of a better connection to one of the mobile operators at a given time.
• The explosive growth of the Internet of Things (IoT) - according to IDC in 2017, about 2.8 billion connections will be accounted for in this segment.
• Miniaturization and cheapening of mobile devices.

The specification was initiated by the GSM Association (GSMA), which brings together about 800 operators and 250 companies in the mobile ecosystem. The start of the specification was announced in the summer of 2014. In 2017, the current version of the system architecture specification 2.1 was adopted.

Initially, the specification was planned to be created only for m2m devices, but in December 2015, the specification began to apply to user wearable devices. Also, amendments were made to the right of independent service providers to send commands to download profiles of SIM cards to devices and the ability to store arrays of profiles in independent certified data centers (Subscriptions manager) was allowed.

In 2017, GSMA began accrediting companies that implemented the specification.

In the summer of 2016, ComfortWay created a SIM card without roaming and binding to a single mobile operator CwSim. In the fall of 2016, FreedomPop announced a SIM card with free Internet access for travelers.

• Single wire protocol
• Virtual sim

• Specifications