How eSIM & IoT are Changing the Mobile Connectivity and Security Landscape

No matter if you are still on your first mobile phone, or you’ve started with big, bulky “brick-phones” in the 90s – you know what a SIM card looks like.

Nowadays its Micro- and Nano-SIMs that are most often used, but would you believe that first phones had enough room to fit in the full, credit-card-sized SIM!

It all started in 1991 with the first 300 SIM cards delivered to an operator in Finland, and today this is a multi-million-dollar industry. Only in 2017, vendors manufactured over 5.6 billion new SIM cards, which generated more than $6.5 billion in revenue. And the numbers keep going up.

But although Nano-SIMs are small, not all devices have enough room to fit them in. Also, device vendors want more flexibility, and consumers as well. This is why GSMA developed eSIM.

What is eSIM?

Embedded SIM or eSIM for short, is a new standard developed by GSMA, in cooperation with a host of their trusted partners. It is designed to bring several benefits for consumers, vendors, and operators while keeping the same level of security and protection as the removable SIM card.

eSIM is a chip that will be built-in into the phones (and other devices) and it occupies less space than a Nano-SIM. This enables vendors to better utilize the space they have for new technology and better water & dust proofing of the device’s insides. A new type of SIM will also enable mobile connectivity for devices that just didn’t have enough room for a traditional SIM without becoming too bulky. Think smartwatches, fitness bands, but also smart clothes, beauty accessories, portable health devices… The possibilities are boundless.

Since eSIM is embedded in the device, it can’t wear out or be lost. And consumers and operators will love the possibility for remote network provisioning. Consumers will be able to store several operator profiles in their eSIM and use them one at a time – which can be great for travelers wanting to have the optimal experience wherever they go. And mobile operators don’t have to issue physical cards anymore – they can send their information to the device over the air immediately after selling the service.

The main downside, from the consumers’ point of view, is when you want to switch phones, give your old one to a family member, and similar scenarios. It just won’t be possible to remove a SIM and factory-reset the phone. But with mobile operators’ self-service portals becoming more powerful – it isn’t hard to imagine one will be able to log in, remove operator’s SIM data from the current device and send it to a new device, thus freeing the old one for someone else to use.

A lot more than smartphones and wearables

The eSIM technology came into the spotlight with the announcement that new iPhones support it. Of course, these are not the only devices with embedded SIMS. There are a couple of Google and Samsung phones, as well as a couple of Android and Apple smartwatches using it. But we are on a brink of eSIM adoption.

We should expect more eSIM enabled devices before the end of 2018, and an avalanche of them in 2019. By 2020, I expect, we will stop mentioning when devices have it, but instead, remind ourselves only that some new devices still use “obsolete” physical SIMs.

You may have noticed, that so far I was careful not to go beyond consumer devices. For most users, these eSIM applications are the most exciting. But for me, the bigger issue is coming with wider eSIM adoption. Particularly, in IoT devices.

Before eSIM, they have occasionally used traditional SIM cards, but more often they relied on the physical network connection. With new SIMs we can expect a lot more IoT devices starting to use mobile networks to connect with other devices in their systems.

Gartner estimates that by 2020 there will be over 20 billion connected devices and more than 80 billion by 2025. And eSIM is the tech that will greatly influence this.

With eSIM installed, IoT users will be able to freely choose and change networks they use for connecting their devices, while manufacturers won’t have to think about slots to put in removable SIMs.

What about security?

Introducing a new type of SIM does not change anything in terms of making mobile authentication more secure. If anything, this makes the landscape much more complex.

Why do I say that?

Let me go back to the basic description of eSIM – it is designed to bring several benefits for consumers, vendors, and operators while keeping the same level of security and protection as the removable SIM card.

And we already know that there is a great need for better authentication and authorization methods than those that are most often used and based on mobile network connectivity.

With billions of connected devices, security landscape changes enormously, and although they have some benefits, SMS 2FA and Header Enrichment technologies are not the answer.

For IoT networks to work as intended, the first key step is device authentication to the service, hub or a gateway device. This happens during the provisioning process, and this is where – I am happy to say – our IPification technology fits in perfectly.

But not only can we help authenticate IoT devices featuring eSIM during provisioning, we can do it in real-time, continuously, so any changes are detected before a compromised device starts making harmful actions.

And harm can be real. Even deadly.

Just consider this – a compromised device, accessed by someone with malicious intentions, starts sending wrong information to the IoT platform. Without authentication, this data will enter the system and lead to bad decisions. If the platform is used by hospitals… you can imagine the rest.

Compromised devices can also be used to spread malware, and create IoT botnets, which takes the threat to another level. Continuous authentication is the way to stop this.

Our authentication solution is ready for the connected future and we are not shy to say that IPification is technology for tomorrow, available today!



More on our blog