M2M (SGP.01) eUICC explained

By Guillaume Crinon, eUICC & Connectivity Product Line Manager, Avnet Silica

1 Foreword

This document is an update of a paper originally published in March 2019, “eUICC demystified”, at which time the M2M eUICC (SGP.01) was the de facto industry standard. With the advent of Consumer eUICC (SGP.21) in consumer smart devices, a degree of confusion arose in the market over what could and could not reasonably be excepted from eUICC technology.

While focusing on M2M eUICC, this paper also brings some perspective on how the eUICC technology is set to evolve, with a third standard due imminently, which will bring much more flexibility and scalability to the system.

2 Introduction

As M2M applications transition to the IoT, the rule is that everything should connect to the Internet and should now be administered remotely from a platform in the cloud, often hosted in a data center located on another continent.

The almost 30-year-old SIM card is no exception and its IoT connected-self is called the “eUICC”.

Long feared and delayed by mobile network operators who were seeing the technology as the end of their monopoly with customers, it is now commonly agreed within the industry that the eUICC will replace the SIM card in most B2B and B2B2C appliances and devices.

This new technology promises to simplify the production and distribution of IoT devices, by enabling Remote SIM Provisioning, (RSP). To fully realize this promise, however, a fundamental change in current MNO business models and relationships is required. The vision of RSP on a global scale requires the establishment of provisioning platforms that are MNO agnostic and operated by neutral, independent parties. To succeed, the eUICC model requires significant levels of integration and interoperability between the systems of MNOs and these third parties. MNOs have been historically reluctant to open their systems to others, mainly due to fears over loss of customer ownership and profitability. However, industry pressure and emerging eUICC standards are paving the way for this new business model.

Avnet, as a global distributor with a customer base which includes many of the industry’s global players, is well placed to become one of these new service providers, operating an eUICC administration and provisioning service for our customers. 

Contact our eUICC experts

 

Image of eUICC Test pack

e2c - eUICC to Connect

We offer flexible cellular connectivity solutions for your IOT projects and devices

Learn More

3 What is the difference between Consumer eUICC and M2M eUICC?

Consumer eUICC (SGP.21) allows the end user to self-order new profiles from the smart phone or device. Consumer eUICC relies on QR codes to be scanned on the smartphone in order to trigger a profile download and is not yet easily applicable to B2B.

M2M eUICC (GSMA SGP.01) is intended for the B2B, B2B2B or B2B2C markets. The download of a new MNO profile is remotely controlled from a service platform by a third party, such as Avnet, following orders from the customer, who will then subscribe to data plans.

Avnet’s customers will typically deploy fleets of devices and manage and/or resell services, including connectivity. As such, it will always be a corporation and never an individual end user who will operate the eUICC and subscribe to data plans.

Consider the example of a connected car navigator. The consumer purchases the device from his favourite brand and subscribes to live traffic services. The consumer does not know which MNO is operating the device and does not care about the cost of the data plan. The manufacturer of the navigator manages this for his global fleet of deployed devices and may decide to download different MNOs in different countries for cost and data service optimization.

4 Vocabulary

  • Profile: a “profile” contains the same subscription-related data as a traditional SIM, including operator credentials and, often, operator or third-party SIM based applications
  • SIM: Subscriber Identifier Module (plastic format) – this is a non-reprogrammable device   
  • eSIM: embedded SIM (surface mount device- SMD - format) – this is a non-reprogrammable device with identical functionality as a SIM
  • UICC: Universal Integrated Circuit Card = reprogrammable SIM (plastic format)  
  • eUICC: embedded UICC = reprogrammable eSIM (chip format)  

          Note: for the sake of simplicity, we are using the term eUICC to refer to both an M2M UICC and an M2M eUICC

  • MNO: Mobile Network Operator – a cellular operator owning spectrum and deploying base-stations on territories – Vodafone, Orange, Deutsche Telekom, TIM, T-Mobile, AT&T, Tata, etc.
  • MVNO: Mobile Virtual Network Operator – a cellular operator relying on various MNO spectrum and infrastructure via business agreements able to resell connectivity services – Arkessa, Aeris, Sierra Wireless, etc.
  • SM-SR: Subscription Management Secure Routing – the platform remotely administers eUICCs in the field and manages the correspondence database of MNO/MVNO profiles vs chips. Avnet has established an SM-SR platform, enabling us to sell these administration services
  • SM-DP: Subscription Management Data Preparation – a profile issuance tool used by MNOs/MVNOs to send their profiles to remote devices via an SM-SR, such as the one operated by Avnet

5 What is an eUICC?

eUICC stands for Embedded Universal Integrated Circuit Card and is a reprogrammable SIM card with the format of a plastic 2FF component or a tiny chip.

This eUICC has exactly the same electrical interfaces to a 2G/3G/4G/Cat-M1/Cat-NB1 modem as a slotted 2FF plastic SIM card.

Because the eUICC is reprogrammable, it can host up to three or four MNO or MVNO profiles, depending on their size, in its flash memory at the same time, and these profiles can be changed and replaced over time. One profile only can be active at a time but switching from one profile to another is possible.

In order to administer the eUICC across multiple MNOs/MVNOs, a clean, up-to-date, and secure database and platform, the SM-SR, has to be maintained, reflecting which profile is loaded and/or active in each eUICC deployed in the field.

This platform is the cloud part of the eUICC and enables the administration of eUICCs over the air (OTA) and the operation of various services such as MNO/MVNO swap campaigns.

 

6 What are the immediate benefits of an eUICC over a traditional SIM card?

6.1 Connectivity as a Service

Until now, if a manufacturer wanted to change MNO in deployed devices, it was necessary to physically change SIM cards, requiring a technician visit to each deployed device. The cost of such a retrofit operation would usually exceed any potential saving in connectivity fees, effectively discouraging any change and locking the device to the MNO for its full life cycle. 

The eUICC was developed to address this issue. The operator of the deployed devices can renegotiate the connectivity contract multiple times during the life of the device, without having to incur the cost of manually retrofitting SIMs. New profiles can be OTA downloaded to the eUICC in the devices. The device operator can now leverage the installed base of devices, as well as any new deployments, when purchasing connectivity. 

Connectivity is now as simple as a SW service

6.2 Localization of the equipment

For equipment, such as smart meters or trackers, which is mainly stationary or which changes country infrequently, local regulations may forbid a permanent roaming scheme, forcing service providers to subscribe with local MNOs. In such cases, the eUICC enables the service provider to avoid the cost of manually retrofitting device SIM cards; a new profile can be injected OTA into the devices, enabling remote provisioning of the new, local data plan.

6.3 Late Product Customization

When an OEM produces equipment for several customers/geographies, production needs to be differentiated manually in the factory to ensure that each device has the correct SIM card corresponding to its final destination. This increases the number of product references, builds stock, complicates logistics, adds cost, and increases time to market.

 

The eUICC solves this by decoupling connectivity from the physical device. An eUICC can be implemented at the product design/manufacture stage with an initial, or “bootstrap” profile. Once in the field, a new profile, corresponding to the chosen MNO, can be downloaded to the eUICC OTA, “as a service,” simplifying logistics and greatly reducing manufacturing costs.

7 How is the system architected?

An eUICC is provisioned at manufacturing with an initial MNO or MVNO profile acting as a “bootstrap”, enabling the manufactured device to be remotely administered by the SM-SR via a cellular network.

Administration operations, which can only be issued from the SM-SR to which the eUICC is registered to, include:

  • Auditing of an eUICC to collect its state and synchronize the platform
  • Downloading of a new profile provided from an MNO SM-DP connected to the SM-SR
  • Activation of a profile
  • Deletion of an inactive profile

MNO profiles are issued by the MNOs, and it is important to understand that profiles are, and remain, the property of the MNOs at all times. These profiles are delivered in the form of unique files by SM-DP (Subscription Management Data Preparation) instances, which are stored on servers owned and operated by the MNOs themselves.

In order for a profile to leave the operator SM-DP and reach an eUICC, there needs to be a pre-established IT connection between the SM-DP and the SM-SR. This is one of the current limitations of the system, since, establishing this connection can require up to three months of work between the MNO IT, its SM-DP supplier, and the destination SM-SR.

8 How are operations sent to the eUICC?

For an always-ON device, tasks are operated in PUSH mode from the SM-SR and immediately executed, provided that the device is within cellular coverage of the SM-SR. The sequence is as follows:

  • An operation is triggered on the SM-SR targeting an eUICC
  • The SM-SR sends an SMS to the device asking it to initiate a client to server https
  • Upon SMS reception, the device modem transfers the request to the eUICC which opens a secure https channel with the SM-SR based on pre-provisioned secret keys
  • The SM-SR pushes the instructions
  • The eUICC executes the instructions
  • The eUICC closes the channel

For a typical low-power device which spends most of its time in sleep mode, the SM-SR push scheme will not work since the sleeping device will be disconnected form the cellular network and will not receive the SMS. For this class of device, where wake-up periods are determined by the application and local code running on the device, it is possible to deliver eUICC services by polling the SM-SR:

  • An operation is triggered on the SM-SR targeting an eUICC
  • The SM-SR queues the operation for a given time (typically 24 hours)
  • The SM-SR then awaits an https connection request from the eUICC
  • When the local application wakes up the device, an AT command is sent to the eUICC to open a secure https channel with the SM-SR based on pre-provisioned secret keys
  • The device eUICC polls the SM-SR for pending operations
  • The SM-SR pushes instructions if any
  • The eUICC executes the instructions
  • The eUICC closes the channel

9 How about NB-IoT?

As of today, administering an eUICC requires an https link + SMS to the SM-SR and SM-DP. These channels are available with all cellular technologies except for NB-IoT which does not support SMS and does not guarantee sufficient bandwidth for https.
Consequently, the eUICC in a device on a NB-IoT network, behaves like a SIM card with the active operator and cannot currently be administered by an SM-SR.

10 MNOs/MVNOs are also offering eUICC services

Some MNOs and MVNOs are also announcing eUICC services, but there is a major difference between an MNO-operated eUICC service and a true, third-party service, such as that offered by Avnet.

MNOs and MVNOs currently have global roaming agreements with their peers, which allow them to remain the sole point of billing, even when the customer device is connected to another operator’s network, which could be anywhere in the world. 

But roaming represents a cost to the MNO, and it is commonly agreed within the industry that it is not financially efficient above a threshold of 50MB of data per month. By building their own eUICC ecosystem with strategic MNO partners, MNOs can “localize” a device, ie push a local MNO profile into the eUICCs of the travelling devices, reducing their operational costs with a peer-to-peer business agreement less expensive than roaming.

An MNO eUICC system therefore allows the MNO to retain customer ownership while reducing his back-office costs which may not reflect on the customer bill. All decisions regarding choice of local operator remain with the MNO and the extra degree of liberty provided by the eUICC technology never reaches the end customer.

Moreover, since the cost of interconnecting SM-DPs and SM-SRs is 3 months-worth of work for different IT teams, it can be easily understood that it is not the interest of any operator to invest money into interconnecting their eUICC system with their competition, eventually allowing customers to leave them.

Only a third party eUICC system, provided by independent agents such as Avnet can offer enhanced customer choice and service:

  • The customer always decides who they pay their connectivity bills to
  • The customer always decides which profile is downloaded and active inside their eUICC
  • The customer always owns the eUICC, which is not true with MNOs/MVNOs where they retain ownership of the component
  • An eUICC can exist on one and only 1 SM-SR at a time:
    • The customer can always leave the Avnet system to join these MNO environments if they decide to
    • Conversely a customer having started with another system can decide to transfer their fleet into Avnet’s environment

11 How will the system evolve in the future?

A new M2M standard (SGP.31) is currently being developed by the GSMA, which will provide the IoT industry with the flexibility of the consumer eUICC (SGP.21) with theoretical immediate access to hundreds of MNO profiles as well as a better system integration than that currently possible by the M2M eUICC (SGP.01).

Both SGP.01 and SGP.31 standards will coexist for some years, most probably with different business models but the new SGP.31 standard will eventually dominate the market.