eSIM: How Much Should Operators Worry?

The evolution of eSIMs, supporting remote provisioning of mobile operators’ profiles, could allow new IoT devices and business-models to thrive. However, the promise is countered by fears that eSIM could enable Internet companies and device manufacturers to become connectivity gatekeepers. We analyse the threats, opportunities and practicalities, and give our view of the likely outcomes.

What is eSIM? Or RSP?

There is a lot of confusion around what eSIM actually means. While the “e” is often just assumed to stand for “embedded”, this is only half the story – and one which various people in the industry are trying to change.

In theory the term “eSIM” refers only to the functionality of “remote provisioning”; that is, the ability to download an operator profile to an in-market SIM (and also potentially switch between profiles or delete them). This contrasts with the traditional methods of pre-provisioning specific, fixed profiles into SIMs during manufacture. Most SIMs today have a particular operator’s identity and encryption credentials set at the factory. This is true of both the familiar removable SIM cards used in mobile phones, and the “soldered-in” form used in some M2M devices.

In other words, the original “e” was a poor choice – it was intended to stand for “enhanced”, “electronic” or just imply “new and online” like eCommerce or eGovernment. In fact, the first use in 2011 was for eUICC – the snappier term eSIM only emerged a couple of years later. UICCs (Universal Integrated Circuit Cards) are the smart-card chips themselves, that are used both in SIMs and other applications, for example, bank, transport and access-security cards. Embedded, solderable SIMs have existed for certain M2M uses since 2010.

In an attempt to separate out the “form factor” (removable vs. embedded) aspect from the capability (remote vs. factory provisioned), the term RSP sometimes gets used, standing for Remote SIM Provisioning. This is the title of GSMA’s current standard. But unsurprisingly, the nicer term eSIM is hard to dislodge in observers’ consciousness, so it is likely to stick around. Most now think of eSIMs as having both the remote-provisioning function and an embedded non-removable form-factor. In theory, we might even get remote-provisioning for removable SIMs (the 2014 Apple SIM was a non-standard version of this).

Figure 1: What does eSIM actually mean?

Source: Disruptive Analysis

This picture is further muddied by different sets of GSMA standards for M2M and consumer use-cases at present, where the latter involves some way for the end-user to choose which profiles to download and when to activate them – for example, linking a new cellular tablet to an existing data-plan. This is different to a connected car or an industrial M2M use-case, where the manufacturer designs in the connectivity, and perhaps needs to manage whole “fleets” of eSIMs together. The GSMA M2M version of the standards were first released in 2013, and the first consumer specifications were only released in 2016. Both are being enhanced over time, and there are intentions to develop a converged M2M/consumer specification, probably in H2 2017.

eSims vs Soft-SIM / vSims

This is another area of confusion – some people confuse eSIMs with the concept of a “soft-SIM” (also called virtual SIMs/vSIMs). These have been discussed for years as a possible option for replacing physical SIM chips entirely, whether remotely provisioned, removable/soldered or not. They use purely software-based security credentials and certificates, which could be based in the “secure zone” of some mobile processors.

However, the mobile industry has strongly pushed-back on the Soft-SIM concept and standardisation, for both security reasons and also (implicit) commercial concerns. Despite this we are aware of at least two Asian handset vendors that have recently started using virtual SIMs for roaming applications.

For now, soft-SIMs appear to be far from the standards agenda, although there is definitely renewed interest. They also require a secondary market in “profiles”, which is at a very early stage and not receiving much industry attention at the moment. STL thinks that there is a possibility that we could see a future standardised version of soft-SIMs and the associated value-chain and controls, but it will take a lot of convincing for the telco industry (and especially GSMA) to push for it. It might get another nudge from Apple (which indirectly catalysed the whole eSIM movement with a 2010 patent), but as discussed later that seems improbable in the short term.

Multi-IMSI: How does multi-IMSI work?

It should also be noted that multi-IMSI (International Mobile Subscriber Identity) SIMs are yet another category here. Already used in various niches, these allow a single operator profile to be associated with multiple phone numbers – for example in different geographies. Combined with licences in different countries or multiple MVNO arrangements, this allows various clever business models, but anchored in one central operator’s system. Multi-local operators such as Truphone exploit this, as does Google in its Fi service which blends T-Mobile US and Sprint networks together. It is theoretically possible to blend multi-IMSI functionality with eSIM remote-provisioning.

eSIMs use cases and what do stakeholders hope to gain

• There are two sets of use-cases and related stakeholder groups for eSIMs:
• Devices that already use cellular radios & SIMs today; This group can be sub-divided into:
  • Mobile phones
  • M2M uses (e.g. connected cars and industrial modules)
  • Connected devices such as tablets, PC dongles and portable WiFi hotspots.
• Devices that do not have cellular connectivity currently; this covers a huge potential range of IoT
  devices.
• Broadly speaking, it is hoped that eSIM will improve the return on investment and/or efficiency of existing cellular devices and services, or help justify and enable the inclusion of cellular connections in new ones. Replacing existing SIMs is (theoretically) made easier by scrutinising existing channels and business processes and improving them – while new markets (again theoretically) offer win-win scenarios where there is no threat of disruption to existing business models.

The two different stakeholders want to receive different benefits from eSIMs. Mobile operators want:

• Lower costs for procuring and distributing SIMs.
• Increased revenue from adding more cellular devices and related services, which can be done incrementally with an eSIM, e.g. IoT connectivity and management.
• Better functionality and security compared to competing non-cellular technologies.
• Limited risk of disintermediation, increased churn or OEMs acting as gatekeepers.

And device manufacturers want:

• To reduce their “bill of material” (BoM) costs and number of design compromises compared to existing removable SIMs
• To sell more phones and other connected devices
• To provide better user experience, especially compared to competing OEMs / ecosystems
• To create additional revenue streams related to service connectivityTo upgrade existing embedded (but non-programmable) soldered SIMs for M2M

The truth, however, is more complex than that – there needs to be clear proof that eSIM improves existing devices’ costs or associated revenues, without introducing extra complexity or risk. And new device categories need to justify the addition of the (expensive, power-consuming) radio itself, as well as choosing SIM vs. eSIM for authentication. In both cases, the needs and benefits for cellular operators and device OEMs (plus their users and channels) must coincide.

There are also many other constituencies involved here: niche service providers of many types, network equipment and software suppliers, IoT specialists, chipset companies, enterprises and their technology suppliers, industry associations, SIM suppliers and so forth. In each case there are both incumbents, and smaller innovators/disruptors trying to find a viable commercial position.

This brings in many “ifs” and “buts” that need to be addressed.

Contents

• Executive Summary
• Introduction: What is eSIM? Or RSP?
• Not a Soft-SIM, or multi-IMSI
• What do stakeholders hope to gain?
• A million practical problems So where does eSIM make sense?
• Phones or just IoT?
• Forecasts for eSIM
• Conclusion 

---