0.0.3
Blockchain and eSIM are disruptive technologies in the mobile industry facing resistance from established players. Despite this, they are slowly being adopted due to innovation and companies that see the value in change. Both technologies have a secure future and it's only a matter of time before eSIMs become the norm, with blockchain helping to drive their adoption.
Here’s the link of the second article of this series in which I’m aiming to build Blockchain Powered eSIM.
In this article i’m going through eSIM Whitepaper by GSMA:
The eSIM (embedded SIM) is a new type of SIM card that is integrated into devices and cannot be physically removed or swapped like a traditional SIM card. The GSMA (Groupe Speciale Mobile Association) is an industry organization that represents the interests of mobile network operators worldwide. In 2016, the GSMA published a whitepaper titled "eSIM for Consumer Devices," which explains the benefits of eSIM technology and its potential impact on the mobile industry.
This whitepaper explains that eSIMs offer several advantages over traditional SIM cards, such as:
Greater flexibility: eSIMs can be programmed over-the-air, meaning that consumers can switch between mobile network operators without needing to physically change their SIM card.
Better user experience: eSIMs eliminate the need for consumers to wait for a physical SIM card to be delivered or go to a store to purchase one. This makes it easier for users to get connected to mobile networks.
Improved security: eSIMs can be securely provisioned with operator-specific credentials, reducing the risk of SIM card fraud.
More efficient device design: eSIMs take up less space in devices than traditional SIM cards, which can allow for more efficient device designs.
This whitepaper also discusses some of the challenges that need to be addressed for eSIM technology to become widely adopted. For example, there is a need for standardized methods of provisioning and managing eSIMs, and there are regulatory considerations that need to be addressed.
Overall, the eSIM whitepaper by GSMA provides a comprehensive overview of the benefits and challenges of eSIM technology and is a valuable resource for anyone interested in learning more about this emerging technology.
The ubiquitous SIM card has played a fundamental role in mobile telecommunications for over 25 years. It is recognised by end users and provides a secure means for authenticating devices onto networks, all inside a removable “Secure Element”, which is easily transferrable between mobile devices.
The GSMA has defined a radical new way to load it into devices. Now the SIM may be securely downloaded into a ‘Secure Element’ that can be permanently embedded inside any type of device.
For everyone, eSIM provides an equivalent level of security as the removable SIM
card. This is vital as it is the subscription credentials stored on the SIM card that enable
secure and private access to mobile networks. It also supports the integrity of the billing
process, especially in roaming scenarios.
For the device end user, eSIM enables simplified management of subscriptions and
connections. End users will no longer have to manage several SIM cards.
For organisations, eSIM enables remote management of subscriptions. This is a significant benefit where devices are not managed by the end user or are not be readily accessible (for example due to operational scale, making individual device management cost prohibitive). This enables pioneering categories of connected devices.
For distributors, simplified logistics are possible, customisation for specific operators or
regions may be reduced.
Operators will have simpler means to expand their businesses into emerging markets, for
example, automotive, wearables and consumer electronics. SIM card distribution costs will be eliminated, and eSIMs will enable new distribution models for devices and for marketing of subscriptions:
Device Manufacturers, can exploit the reduced space within their products to make smaller devices. Their products could also be made more tolerant to environmental factors such as dampness, temperature and vibration as they can be hermetically (completely airtight) sealed. Manufacturers can also leverage eSIMs to optimise supply chain processes.
eSIM is a technology that allows mobile devices to connect to a mobile network without a physical SIM card. The SIM credentials are pre-installed directly into the device during manufacturing and can be remotely provisioned and managed by the network operator over the internet. The device contacts the remote subscription management platform (SM-DP+) server to download and install the operator profile, containing the SIM credentials required for network connection. The SM-DP+ server is managed by the network operator and can remotely provision and de-provision SIM profiles, manage SIM updates and modifications, and monitor SIM usage and performance. eSIM technology simplifies SIM logistics and switching between different operator profiles, is smaller in size, and ideal for small devices.
eSIM is a technology that extends the reach of traditional SIM cards to any location where the device can be reached over the internet. This is done by providing secure facilities for the manufacture, software loading and operator credentials of eSIMs.
eSIM protocols provide security and integrity for data transfer. However, the distribution channels for SIM cards also contain 'business logic' which is required by various service models.
The GSMA has created solutions suited to different types of channels, including the Consumer solution for the 'direct to consumer' channel
and the
M2M solution for the 'business to business to consumer' channels,
specifically in the IoT market.
The Consumer solution requires a high degree of end user interaction, while the M2M solution manages all SIM provisioning operations remotely.
Traditional SIM cards use various security and encryption mechanisms to ensure the confidentiality, integrity, and authentication of the SIM card and the mobile network communication.
One of the main security mechanisms used in traditional SIM cards is the use of encryption algorithms such as Advanced Encryption Standard (AES) and Data Encryption Standard (DES) to secure the SIM card's data and communication with the network.
Another important security mechanism is the use of secure authentication protocols such as the Global System for Mobile Communications (GSM) Authentication and Key Agreement (AKA) protocol, which authenticates the SIM card and ensures that only authorized devices can connect to the network.
The SIM card's storage is also protected by various security measures, including PIN and PUK codes, which prevent unauthorized access to the SIM card's data.
Finally, traditional SIM cards are manufactured and managed in secure facilities that follow strict security protocols and procedures to ensure the integrity of the SIM card's data and operation.
A SIM card is a small device that stores a user's subscription information for accessing a mobile network.
Users receive a SIM card from their chosen mobile network operator when they sign up for services.
The SIM card contains the user's phone number and network access credentials.
The user inserts the SIM card into their mobile device to connect to the operator's network and use mobile services.
If the user wants to switch to a different network operator, they must sign up for new services and receive a new SIM card with different subscription information.
The user must physically swap out the old SIM card with the new one to connect to the new operator's network.
SIM cards provide a level of security by authenticating the device on the network and protecting the user's personal information.
Some SIM cards can store multiple profiles, allowing users to switch between different networks or services without physically swapping SIM cards.
Other advanced SIM cards can also store payment information and act as a mobile wallet for making payments.
Remote SIM Provisioning eliminates the use of traditional SIM cards in mobile devices.
Instead, an embedded SIM (eUICC) is used, which can accommodate multiple SIM profiles.
To set up mobile services, the end user receives instructions on how to connect their device to the operator's Remote SIM Provisioning system, typically via a QR code.
The device securely downloads a SIM profile from the system, which allows it to connect to the operator's network.
To switch to a different operator, the end user can receive a QR code from the new operator and scan it to download the new profile.
With Remote SIM Provisioning, the end user can switch between profiles to connect their device to whichever operator's network they choose.
Other methods for configuring the eSIM solution within a device include pre-configured devices, use of Subscription Manager-Discovery Server, and companion devices.
Remote SIM Provisioning (RSP) is the process of remotely managing and updating a SIM card in a mobile device without requiring physical access to the device. The GSMA has developed two different RSP solutions - one for M2M (machine-to-machine) devices and one for Consumer devices.
The reason for two different solutions is the fundamental difference in the direction of control.
In the M2M solution, the mobile device is managed by the operator backend infrastructure, without any local human control of connectivity. This means that the operator selects the Profiles to be downloaded and enables/disables them depending on factors such as the country the device is operating in. On the other hand, the Consumer solution requires that all subscription Profile operations are under end-user control, or at least subject to end-user permission. This is done through an end-user interface on the device.
Despite the differences in control, both solutions share some common features.
Both use a network-domain Remote SIM Provisioning system (SM-DP/SM-DP+) and a secure element within the mobile device for the storage, management, and operation of Profiles (eUICC).
They also use Pre-Shared Key (PSK) and Public Key Infrastructure (PKI) based cryptography, and require a GSMA Certificate Issuer (CI) that issues digital certificates to enable entities to securely communicate with each other.
However, there are also unique features to each solution.
In the M2M solution, everything is remotely managed, requiring no human interaction. The eUICC connects to the SM-SR using Bearer Independent Protocol (BIP) and the SM-SR acts as a gateway from the operator and SM-DP through to the eUICC. The M2M solution includes the SM-SR that is not required in the Consumer solution.
In contrast, the Consumer solution has the LPA in the device (or eUICC) that assists with the download of Profiles and secures the end-user interface on the device that is used for local control.
All Profile downloads use IP protocols, and where applicable use the greater capacity of the device TCP/IP stack to reduce the communication overhead.
As messages cannot be pushed to the device and eUICC, there is a ‘Discovery Service’ that devices can check from anywhere, at any time, to see if there are any Profiles or management operations waiting to be downloaded from an SM-DP+.
Finally, there are differences in compliance between the two solutions.
While the principles of compliance are similar for both,
The compliance process for Consumer solutions places greater emphasis on functional compliance, which has to be demonstrated before the eUICC manufacturer or Subscription Management platform provider can apply for a digital certificate from the GSMA Certificate Issuer. The compliance process is up and running for all Consumer solution product types, with a similar scheme now being considered for M2M to strengthen the entire ecosystem.
A Profile in the eSIM solution consists of the operator's subscription data, including their credentials and SIM-based applications. The eUICC is the secure element in the solution that can accommodate multiple Profiles.
Profiles are remotely downloaded over-the-air into the eUICC, and although the eUICC is an integral part of the device, the Profile remains the property of the operator as it contains items owned by them.
Interoperable Profiles stored on eUICCs have a similar content and structure to those installed on traditional SIMs. The SIMAlliance defines the interoperable description of these Profiles.
for the ‘business to business to consumer’ channels, this solution serves the
needs of business to business customers, specifically in the Internet of Things (IoT) market.
The GSMA M2M solution was the first Remote SIM Provisioning solution developed.
There were two reasons for this:
The M2M solution is simpler as end user interaction is not required, or desirable, in the business to business to consumer (B2B2C) segment, and
The immediate commercial need was for technical solutions that supported B2B2C deployments alongside regulatory requirements for the launch of services such as eCall.
Main System Elements:
Remote SIM Provisioning for M2M utilises a server driven (push model) to provision and remotely manage operator Profiles. The solution is organised around 3 elements: the SM-DP (Subscription Manager - Data Preparation), the SM-SR (Subscription Manager - Secure Routing) and the eUICC.
SM-DP
The SM-DP is responsible for preparing, storing and protecting operator Profiles (including the operator credentials). It also downloads and install Profiles onto the eUICC.
SM-SR
The SM-SR is responsible for managing the status of Profiles on the eUICC (enable, disable,
delete). It also secures the communications link between the eUICC and SM-DP for the delivery of operator Profiles.
eUICC
The eUICC is a secure element that contains one or more subscription Profiles. Each Profile
enables the eUICC to function in the same way as a removable SIM issued by the operator that created it. An eUICC may be built using any form factor from the traditional removable card to embedded formats soldered into devices.
Compliance
To ensure the security of the eSIM ecosystem, a set of criteria has been developed to demonstrate compliance with the core requirements. Compliance with the GSMA M2M specification requires verification of several factors.
Firstly, the eUICC security, which references a Common Criteria Protection Profile, must be at the assurance level of EAL4+.
Secondly, production environment and process security must be in place, which can be achieved via the GSMA's Security Accreditation Scheme: SAS-UP for eUICC personalisation or SAS-SM for Subscription Management platforms.
Finally, functional compliance is required, which is based on the GSMA's test specification. GlobalPlatform has created and implemented a functional test and qualification programme for eUICCs based on the GSMA defined test cases.
Only eUICC manufacturers, and SM-SR and SM-DP hosting organisations that have successfully been accredited by the GSMA SAS can apply for the necessary certificates from the GSMA Certificate Issuer to participate in the GSMA approved ecosystem. Compliance with these standards helps to reassure all participants that the eSIM ecosystem is secure.
Consumer solution for the ‘direct to consumer’ channel, this solution is required where the end user (or consumer) has direct choice of the operator supplying connectivity. Consumer solutions require a high degree of end user interaction, with the principle that the end user is familiar with operating the end user interface and actively choosing their network connectivity provider. The Consumer solution also targets enterprises who use devices targeted to the consumer market.
The GSMA Consumer solution has been developed from the base provided by the M2M solution, plus consideration of requirements for end user-managed devices. This solution is required to manage use cases are more complex than the M2M solution. Consequentially, more features are required in the specification. In particular the Consumer solution manages end user interaction via the mobile device end user interface, and also supports standalone and companion device types.
Main System Elements:
The GSMA Remote SIM Provisioning Consumer solution follows a client driven (pull model) and enables control over remote provisioning and local management of operator Profiles by the end user of the device. The solution is organised around 4 elements: the SM-DP+ (Subscription Manager - Data Preparation +), the SM-DS (Subscription Manager - Discovery Server), the LPA (Local Profile Assistant) and the eUICC.
SM-DP+
The SM-DP+ is responsible for the creation, download, remote management16 (enable, disable, update, delete) and the protection of operator credentials (the Profile). It is given the + designation as it encapsulates the functions of both the SM-DP and the SM-SR of the M2M solution.
LPA
The LPA (Local Profile Assistant) is a set of functions in the device responsible for providing the capability to download encrypted Profiles to the eUICC. It also presents the local management end user interface to the end user so they canmanage the status of Profiles on the eUICC17. The principal functions of the LPA may also be in built into the eUICC.
eUICC
The eUICC in the Consumer solution serves the same high-level purpose as the eUICC in the
M2M solution. Implementation is different to support the end user interaction within the Consumer solution.
SM-DS
The SM-DS provides a means for an SM-DP+ to reach the eUICC without having to know which network the device is connected to. This feature is important as devices can be connected using different access networks with different addresses. The SM-DS overcomes this by allowing SMDP+ to post alerts to a secure noticeboard and for devices to extract those alerts. It is used to notify the LPA when Profile data is available for download to the eUICC. Notifications are sent from the SM-DP+ to the SM-DS. The device LPA polls the SM-DS for notifications when required (supporting the “pull” model). Polling frequency is determined by the eUICC state and by end user actions.
Compliance
Compliance with the GSMA Consumer solution specification is crucial for entities that wish to participate in the GSMA-approved Consumer solution ecosystem. To be compliant, entities must verify three things: eUICC Security, Production Environment and Process Security, and Functional Compliance.
The eUICC Security requirement uses the same mechanisms as the M2M specification, focusing initially only on a silicon-level Protection Profile (PP0084). A GSMA-specified Protection Profile to the level of EAL4+ is currently under development.
The Production Environment and Process Security requirement uses the same security accreditation schemes as the M2M specification, namely the GSMA's Security Accreditation Scheme: SAS-UP or SAS-SM, depending on the Consumer solution entity type.
For Functional Compliance, all Consumer solution entities must undergo functional test and certification programs based on GSMA test specification SGP.23. These programs have been established in partnership with GSMA by GlobalPlatform (for eUICC), Global Certification Forum, and PTCRB (for Consumer solution devices).
Once eUICC manufacturers, SM-DP+ and SM-DS hosting organizations successfully prove their compliance with both the security and functional requirements, they can apply for the necessary certificates from the GSMA Certificate Issuer to participate in the GSMA approved Consumer solution ecosystem.
During their normal deployment processes, vendors and operators would expect to perform extensive interoperability and compatibility testing. In this case between, for example:
eUICC and the Subscription Management platforms (for example installed certificates,
functional behaviour),
eUICC and the device (for example the UICC Refresh command support is mandatory for
both solutions),
Device and the Subscription Management platforms (for Consumer solution only, with the
LPA),
Operator Profile and the targeted eUICC.
Therefore, to minimise the need for repetitive interoperability testing, the various stakeholders looking to deploy Remote SIM Provisioning must check that all their suppliers have products satisfying the relevant GSMA product compliance process covering:
Product certification
eUICC product security assurance
Product site and data-centre accreditation according to the GSMA Security Accreditation
Scheme (SAS)
And subsequently perform:
NOTE: EAL4+ is a security evaluation assurance level (EAL) within the Common Criteria (CC) certification scheme. EAL4+ is a combination of EAL4 (which is the fourth-highest assurance level) and additional requirements that are specified by a specific scheme or organization.
The Common Criteria is an international standard (ISO 15408) that provides a framework for evaluating the security features and capabilities of information technology products. The EAL ratings within the Common Criteria range from EAL1 (the lowest) to EAL7 (the highest).
EAL4+ is a relatively high assurance level and requires a significant level of testing, analysis, and review. It provides a reasonable level of confidence that the evaluated product has been designed, implemented, and tested in a way that meets specific security requirements. The additional "+" designation indicates that the product has also undergone additional testing or has met additional requirements beyond the standard EAL4 level.
After reading this whitepaper, I gained a comprehensive understanding of the eSIM architecture and identified several small but significant concepts that are crucial to my development of a blockchain-based eSIM solution.