The cards that mean business

07 March 2019

It may be getting smaller, but the humble SIM card is the major link between the subscriber and the mobile operator. 

RAHIEL NASIR discovers that a future dominated by connected devices and 5G means there’s a whole lot of life still left in this fantastic plastic.

It is estimated that the total available global market for SIM cards grew by 2.75 per cent in 2017, with units rising from 5.45 billion to 5.6 billion.

IDEMIA says its FuZion single card system means that the compromise between having a second SIM or more room for storage is a thing of the past. 

IDEMIA says its FuZion single card system means that the compromise between having a second SIM or more room for storage is a thing of the past.

That’s according to figures published in April 2018 by the SIMalliance. Its members are said to represent around 90 per cent of the worldwide SIM market, and their collective shipments totalled 4.9 billion units in 2017.

Speaking at the time, SIMalliance chairman Remy Cricco said: “Technology advances and continued LTE migration continue to be the key growth drivers globally, contributing to the largest total available SIM market ever reported. These are transformational years for the global SIM industry as our technology and ecosystem evolve rapidly to serve an increasingly connected digital world, with unprecedented security requirements.”

The SIMalliance’s membership includes Gemalto, the France-based digital security specialist which claims to be the world’s largest manufacturer of SIM cards.

It currently serves nearly 60 mobile operators across Africa with various solutions for mobile security, digital identity and cloud backup. 

Sherry Zameer, the company’s SVP of IoT solutions for the CISMEA region, says that despite rising unique subscriber numbers and accelerating smartphone penetration, the continent’s operators continue to face “serious challenges” in the fight for market share and profitability. “In a region where price sensitive pre-paid markets are particularly significant, voice revenue continues to be squeezed. Churn rates of 10 per cent are not uncommon.”

So what challenges does Zameer see when it comes to SIM cards and SIM technologies? “With more devices coming with SIMs, and with the consumers’ propensity to use multiple SIMs, there are growing concerns about the non-renewable resources used in all this.

“eSIMs [embedded SIMs], which are built into the devices, have a role to play in making mobiles more environment-friendly by simplifying the manufacturing process and enabling a sleeker, more ergonomic design with fewer moving parts. This could reduce the amount of material used in the device manufacture and thus the environmental impact.”

Zameer goes on to say that eSIMs fundamentally alter the dynamics of the relationship between the operator and its customers by shifting the focus from the SIM itself to the services provided.

He believes this sets the stage for a customer experience that is constantly improving, and also the evolution of a mutually beneficial customer-service provider relationship.

“In particular, because eSIMs effectively provide an operator-agnostic platform, they make it easy for users to subscribe to the services they want from multiple providers, and also for providers to manage and service their subscriber base more effectively. For example, consumers will be able to link their mobile devices – phones, tablets and now wearables – easily to the mobile operator and package of choice.

In addition, eSIM technology means that activating a mobile package in a foreign country is seamless.”

Germany headquartered Comprion provides services and products for testing smartphones, eSIMs, NFC, etc.

The company’s marketing director Hajo Sandschneider agrees that, while plastic SIMs will continue to prevail for quite some time, eSIMs represent a big part of the future:

“With eSIMs being really small chips integrated into the device, a lot of plastic, energy and complexity can be saved – as can a lot of physical letter handling for shipment of the actual SIM cards or PIN codes. The higher flexibility and [eventual] lower costs combined with advantages for device makers will inevitably lead to a success of eSIM technology.”

The eSIM edge

So what exactly are the advantages of an eSIM compared to its plastic, conventional counterpart? Sandschneider reiterates that one technical benefit is that it gives end users greater freedom to select their mobile subscriptions more easily by directly choosing it on their cellphone without needing to go to a shop and without physically changing the SIM.

He says that the approach is the same when it comes to eSIMs in M2M environments but with the added benefit of simplified logistics for mobile network operators who need to make changes to globally connected devices or appliances.

“In both architectures, PIN handling becomes more digital and thus less susceptible to analogue attack vectors.”

IDEMIA – the rebranded company which came about in 2017 following the merger of Oberthur Technologies and Safran Identity and Security (Morpho) – agrees that the advent of eSIMs enables MNOs to digitalise the entire subscriber journey. 

Over-the-air SIM management is an essential part of the eUICC architecture where robust remote SIM provisioning must be ensured.

Over-the-air SIM management is an essential part of the eUICC architecture where robust remote SIM provisioning must be ensured.

In a blog posted in May 2018, Mathilde Barens, the company’s strategic positioning and product marketing manager, mobile operators, wrote:

“[eSIMs make] it possible for customers to select their tariff plan, enrol themselves, and instantaneously activate their mobile devices in complete security – whether in a mobile operator boutique, via a third-party reseller in a supermarket, or even from the comfort of their home on their smartphone. And this is just the beginning. Experts predict that the number of connected devices with eSIM capabilities will near 500 million by 2022.”

As has been well documented, connected devices and the Internet of Things signify huge opportunities for the mobile industry.

Africa is no slouch here, and a variety of stakeholders across the region are already leveraging mobile network coverage to usher in the new era in machine interconnectivity.

Zameer reckons that crucially, Gemalto can combine long-term reliability with the privacy and security essential for bringing trust to M2M deployments.

“[Our] ruggedised Machine Identification Modules (MIMs) are used in applications that range from transport and fleet management to security and power. For example in South Africa, MiX Telematics is using Gemalto MIMs to enable vehicle tracking, while separately, TLC Engineering has chosen them for a system designed to eliminate derailments on the national rail network.

“Another innovative application is the SOLARKIOSK, a self-contained, solar-powered business hub that can provide sustainable energy in virtually any location without the need for additional cabling or infrastructure. Wireless connectivity is supported via Gemalto’s robust Cinterion M2M modules.”

The SOLARKIOSK enables and empowers the sustainable economic, social, and environmental development of ‘base-of-the-pyramid’ (BoP) communities worldwide through the provision of clean energy services, quality products and sustainable solutions.

It is a modular, robust, secure and lightweight unit that is designed to be expandable and easily transportable even to remote areas.

The kiosk combines technology with an inclusive business model to foster local entrepreneurship at the BoP.

“With eSIMs, a lot of plastic, energy and complexity can be saved – as can a lot of physical letter handling for shipment of the actual SIM cards or PIN codes.”

“With eSIMs, a lot of plastic, energy and complexity can be saved – as can a lot of physical letter handling for shipment of the actual SIM cards or PIN codes.”

 

Comprion also believes the future will see an increasing number of M2M devices with an eSIM.

As a result, in 2018 the company claimed a first with the launch of a test eSIM (also known as test eUICC) for M2M architecture to ensure that switching to another mobile operator and the related remote SIM provisioning (RSP) work reliably.

The firm said its Test eUICC M2M enables MNOs and infrastructure suppliers to test the interoperability of the included components in the eSIM M2M environment during product development and integration.

According to Comprion, running RSP functions is protected by credentials that are normally not known to the user.

It said the Test eUICC M2M is personalised with test certificates and test keys to allow technicians to set up an RSP test infrastructure.

OTA management

For Sandschneider, one of the real advantages of SIM cards in general lies in their flexibility thanks to their remote provisioning and remote management capabilities.

He says over-the-air (OTA) SIM management is an essential part of the eUICC architecture which states that “robust” RSP must be ensured, adding:

“Most SIM card vendors who already have strong experience of OTA management are offering the required OTA servers for eUICC remote provisioning and can also offer this service for MNOs.”

Zameer reckons another big challenge for mobile operators is managing large numbers of subscribers at any one time.

He says Gemalto offers the capability via dedicated offshore centres to undertake this on their behalf, and goes on to claim that the company’s eSIMs are set to “radically transform” card management and OTA support. “They enable secure remote provisioning and can be used to manage identity securely and effectively, authenticating IoT devices and securely connecting to cellular networks globally. 

“Gemalto’s integrated approach thus enables mobile operators to secure both their own networks as well as those of the service providers using it, creating a trusted and secure platform on which mobile operators can build profitable ecosystems.” 

Giesecke+Devrient (G+D) Mobile Security describes itself as the “market leader” in eSIM management.

Since May 2018, Orange has been using the German company’s eSIM management platform to provide customers with secure, seamless and on-demand connectivity throughout the lifecycle of their devices.

G+D says this has enabled subscribers to remotely activate devices and add or remove services at their convenience, thereby reducing the need for customer service intervention.

Carsten Ahrens, CEO of G+D Mobile Security, said:

“Our unparalleled experience in eSIM management is driving the market toward a new norm, where remote provisioning and lifecycle management of devices will become commonplace.”

Following the deployment of G+D’s platform last year, Orange affiliates became among the first European carriers to commercially launch eSIM devices.

They include the latest smartwatches from Apple, Huawei and Samsung, as well as Apple iPads and iPhones.

G+D added that further eSIM devices were also in preparation and will be supported with its services.

CALLUP is another company specialising in eSIM remote management as well as VAS and mobile device management.

At AfricaCom last November, the firm introduced  a secured version of its eSIM remote management system for IoT.

The firm claims its IoT eSIM Engine features two key and innovative network elements: Subscription Manager Data Preparation (SM-DP) and Subscription Manager Secure Routing (SM-SR).

According to CALLUP, the IoT eSIM Engine allows operators to upload their eSIM profile and issue control commands to eSIMs embedded in M2M and IoT devices.

It says this enables remote lifecycle management of the eSIM from its activation, through upgrades and updates, and until it is cancelled.

With SM-DP, it’s claimed operators who use the engine can securely encrypt their credentials ready for OTA installation within the eSIM.

The SM-SR then allows them to deliver securely the encrypted credentials to the eSIM, and remotely manage eSIMs embedded in various devices.

CALLUP adds that the IoT eSIM Engine’s automatic report subscription system enables the operator’s executive and technical teams to subscribe to system reports and receive them directly via email.

It says the system will automatically repeat the update process on eSIM cards that could not accept the original update due to various reasons, such as devices that were turned off or subscribers who were in roaming.

The engine is also said to support the GSMA standard for subscription management, as well as all standard files of the eSIM IP Multimedia Services Identity Module (ISIM).

Furthermore, CALLUP says it includes an “advanced” GUI-configurable general OTA script that fits many operators for the activation and swap of eSIMs.

This GUI is said to include a variety of functionalities, such as editing features for eSIM profiles, cards, scenarios, scripts, and more.

SIMs, storage and security

According to IDEMIA, two clear trends have emerged with the rise of the smartphone: the desire for a second SIM in the same device so that users can separate work and personal calls without needing two handsets; and a growing demand for more storage.

The company says the solution to this has so far been a two-slot tray that offers room in the smartphone for either a second SIM or a storage card – it says having extra connectivity and extra memory at the same time was simply not possible until now.

IDEMIA reckons it has solved the problem with FuZion, a single card that combines a SIM and a 128GB MicroSD storage device while occupying only one slot on the tray of a dual SIM smartphone.

FuZion is said to be fully compatible with 55 models of dual SIM smartphones marketed by 15 major brands.

IDEMIA says future applications for the system can be developed in areas such as the IoT, or secure transactions in banking and government.

Comprion’s Test eUICC M2M enables MNOs to test the interoperability of components in an eSIM M2M environment.

Comprion’s Test eUICC M2M enables MNOs to test the interoperability of components in an eSIM M2M environment.

 

When it comes to the future of SIMs, most commentators agree that it is not only about eSIMs but that these will then be further integrated with digital ID security systems. 

“Using official digital IDs and biometrics such as facial recognition, Gemalto is developing technology to safely and reliably create digital IDs on mobile devices,” says Zameer. “Such digital IDs can then be used to verify transactions of all kinds, thus reducing fraud, which is a major challenge in the digital world.” 

Zameer believes that for mobile operators, OEMs and other enterprises, trusted digital IDs mean smoother digital workflows, faster customer acquisition processes, and consistent customer data. “Operating costs are reduced and the customer experience enhanced. Moreover, a Trusted Digital Identity can serve as a gateway for subscribers to access multiple security-sensitive services such as mobile money, e-gov and online banking, allowing MNOs to take the lead in these fast-growing sectors.

“In time, offering identity-as-a-service solution will help mobile network operators facilitate greater uptake of cloud services by enabling secure access to online resources and protecting the digital interactions.”

Zameer goes on to state that trusted identity management services can help cellcos enhance their value proposition by securing not only their own networks but also the growing number of transactions that take place on their platforms.

He says effective cyber security will have to encompass both cloud security and device security, covering the whole data lifecycle.

“Industry research consistently shows that security and trust are two of the top barriers to mobile technology adoption and innovation.”

“Industry research consistently shows that security and trust are two of the top barriers to mobile technology adoption and innovation.”

“Industry research consistently shows that security and trust are two of the top barriers to mobile technology adoption and innovation. Telcos must remain abreast of the risks, constantly upgrading security standards to ensure a seamless service – secure identity is the cornerstone of a dynamic and flexible security ecosystem.” 

IDEMIA also talks about a future where secure and reliable digital ID systems will be crucial.

In the blog mentioned above, Barens wrote: “As digital advancements increase the physical space between mobile operators and subscribers, the need for convenient, secure and reliable ‘Know Your Customer’ (KYC) solutions (the process of collecting customer identity information) will only become more apparent. Today, mobile operators are implementing more rigorous KYC solutions, with 150 countries requiring mandatory registration for contract and pre-paid users. These regulations vary according to the specific challenges countries may face – including terrorism, identity fraud or money laundering.”

Barens continued by saying that a streamlined, fully digitalised registration process also generates the need for mobile operators to guide their customers through this new journey. “After all, they are evolving from simple connectivity providers to providers of what we call ‘Augmented Identity’. This is a verified digital identity created through the embedded KYC process that can be used by subscribers to access other online services – an identity so reliable that mobile operators vouch for their customers with third-party services.”

When asked about the future of SIMs, Comprion’s Sandschneider says for the SIM, it will be the eSIM, and then there will be further integration such as iSIM (integrated SIM). “A VPP (virtual private platform) and SSP (smart secure platform) might help these tamper-resistant tokens not only in terms of remote configuration updates or MNO subscriptions, but also operating system updates. This will also enable the rollout of new features during the [eSIM’s] full lifecycle and is a huge win in terms of flexibility.”

So what about 5G?

As Sandschneider points out, this will support low latency, higher bandwidth and massive IoT, all of which will mean a whole host of new, cellular-based (i.e SIM-enabled) network services, applications and connections.

Will all this impact the subscriber identity module as we know it?

In December, the SIMalliance published guidance for the optimisation of 5G SIM capability beyond network access.

The recommendations provided in the technical document (3GPP R15 5G SIM Card: A Definition), specifically relate to 5G Phase 1 (the document can be downloaded for free at https://simalliance.org).

The alliance says its recommended 5G SIM addresses, among other things, subscriber privacy issues, offers reduced power consumption for extended battery life, and supports delivery of IP services.

SIMalliance chairman Remy Cricco says a SIM is the only platform that can be used to secure 5G network access according to 3GPP.

He adds: “SIMalliance recognises in its technical definition that a number of SIM technology options may enable 5G network access, yet the different capabilities they offer, which are defined for different 5G deployment use cases, are also outlined. On behalf of the SIM industry, [we] advocate only one type of 5G SIM which promotes the highest levels of security and functionality in 5G networks. 

“By deploying the recommended 5G SIM at 5G launch, MNOs will offer their customers the best possible experience, services, security and privacy, while optimising their investments and positioning themselves to realise the full potential of 5G as future use cases and possibilities unfold.”