In the previous part of this series I gave a quick introduction to the difference between today’s handling model of a physical SIM that the user can insert in any device and embedded-SIMs to which subscription information can be downloaded. In part 2 I’ll now give a high level overview of how this download process works in practice and how the user remains in charge of when and how often he wants to change the subscription information in the eSIM.
Physical vs. Virtual SIMs
Another way to look at eSIM and downloading subscription information is that instead of inserting and removing a physical SIM (which is no longer possible when SIM is soldered into the device), the user downloads a virtual SIM into a device and deletes the virtual SIM when he no longer needs it or wants to use the virtual SIM in another device. The analogy is not quite perfect but comes pretty close.
The Virtual SIM (Profile)
I’m trying to stay as far away as possible from acronyms in this post but a few need to be mentioned. The ‘virtual SIM’ card I’ve been talking about so far is referred to as a “Profile” in the GSMA specifications (linked to later when we go into further details). So when you read the word “Profile” from now on, translate it into “virtual SIM” and things will make a lot more sense. One other important point: “A profile” is not a template used for many customers. “A profile” is a single virtual SIM card!
Practical Scenarios
Let’s have a look at 3 different practical scenarios and how they are performed with a removable SIM and a non-removable eSIM in combination with a virtual-SIM (Profile) download:
Getting A New Device and A New Subscription
The first scenario is when a customer buys a new phone, for example in an electronics store and then goes to the store of a mobile network operator to buy a prepaid or postpaid subscription. This means that he buys the device and the subscription separately from different sources.
In the classic SIM card model, the customer buys the device in the electronics store and the SIM card slot is empty. In the mobile network operator store he then signs a contract and the network operator maps one SIM card he pulls out from under the counter to the contract. Mapping the SIM card to the contract means that the record that exists for this SIM card in the operator’s network database is activated. The network operator then hands over the SIM card to the customer who in turn inserts the SIM card into the device.
In the eSIM model, the customer buys a device in the electronics store which comes equipped with an embedded and non-removable SIM card. The eSIM is empty so the device is as unusable as the device above with the empty SIM card slot. Apart from the eSIM being soldered into the device another difference is that the device needs to come with an (Andorid, iOS, etc.) app for remote provisioning. This app can communicate with the eSIM and, over the Internet, with any network operator that supports eSIMs. This is an important point to realize! The app is NOT network operator dependent, it can talk to all of them!
Next, the customer walks into the store of the network operator and signs up for a subscription (prepaid, postpaid). Instead of getting a new SIM card the network operator assigns a virtual-SIM card (Profile) to the contract and hands over the information that is required by the provisioning app on the device to download the profile (the virtual SIM card) into the device. This information can for example be encoded in a 2D barcode. The provisioning app is then used to scan the 2D barcode. The provisioning app then decodes the barcode and extracts the domain name of the provisioning server, a reference to the contract that was linked to the profile (virtual SIM-card) and other parameters. It then contacts the provisioning server over the Internet, e.g. over Wifi, and sends it the reference number that was part of the bar code. The provisioning server uses the reference to find the profile (virtual SIM-card) in its repository that is waiting for this customer. The provisioning server then instructs the app to tell the embedded-SIM to establish a secure tunnel to it to download the profile (virtual-SIM). Once the download is complete the app on the device informs the user that the download is complete and activates the virtual-SIM (profile) in the SIM card after user confirmation.
It sounds complicated but for the user it is much less complex. Instead of inserting a SIM card he connects the device over Wifi to the Internet, uses the app to scan a 2D barcode after which everything will be handled in the background. Once the virtual-SIM (profile) has been downloaded the user is informed that everything is ready and that the new subscription (virtual-SIM, profile) can be activated. He then presses o.k. and he is done.
Replacing An Old With A New Subscription In An Existing Device
Let’s say the user wants to go to another network operator and wants to keep his existing device. In today’s world this works by removing the ‘old’ SIM card from the device and inserting the new SIM card into the device.
In the eSIM world this process works as follows: Instead of a new SIM card, the user gets a 2D barcode that he scans with the eSIM remote provisioning app as discussed above. The new virtual SIM card (profile) is then downloaded to the device and once done the user can activate it immediately.
Apart from the 2D bardcode that replaces the physical SIM another difference is that the eSIM that is soldered into the device now contains two profiles, i.e. two virtual SIMs. The subscriber can then use the provisioning app to switch between the two. This is like removing one physical SIM card and putting it in another one. In this case, however, nothing is physically removed. Instead, one profile is deactivated and another one is activated. The subscriber can toggle between the two as often as he wants and can even delete the profile that is no longer needed. This is the same as throwing away the old physical SIM card!
Moving a Subscription From One Device To Another
And finally let’s have a look at another typical thing done in practice, replacing an old device with a new one while keeping the existing contract. In today’s world this is done by removing the SIM card from the old device and putting it into the new device.
In the eSIM world with downloadable profiles this is done as follows: In a first step the user deletes the profile (virtual SIM) in the old device with the provisioning app on the device. In a second step the user then gets a new 2D provisioning bar code for his subscription from his network operator. He then scans the 2D barcode with the provisioning app on his new device and downloads a new profile (virtual SIM) that replaces the deleted profile in his contract.
It’s important to realize that the process of moving from one device to another is now slightly different from a conceptual point of view. Instead of moving a SIM card from one device to another, the virtual-SIM (profile) on the old device is discarded and a new virtual-SIM (profile) is downloaded into the new device. This requires that the customer interacts with his network operator which is not required in today’s world. Theoretically the network operator could deny the user a new profile for his contract or ask to be paid for the inconvenience. I hope that this will not happen in practice and I think it is unlikely as, especially in the prepaid landscape, customers would quickly find out which network operator is cooperative and which is not and make their future network selection decisions accordingly.
So much for part two of this series. In part 3 I’ll have a look at eSIM provisioning in companion devices, e.g. smartwatches that have their own cellular modem before we go and have a look at the standards. For those of you who can’t wait to dive into the specs where all of what I’ve written in this and the previous part is spelled out in much more detail, have a look at GSMA SGP.21 and SGP.22. In addition this video shows how the 2D bar code is used to trigger the profile download process.
OK, so there is this app which controls downloading the Profile. Is there an open source version of this app? Since the soldered in SIM card can hold multiple Profiles, and the app makes these Profiles visible (or not), the app would make a good trojan horse. Probably one could trust Apple to do the right thing, but Android users are not limited to the Android store, and malware can also be uploaded to the Android store.
So, one scenario is that a malware app has a second, hidden Profile, which it switches to when the phone is inactive, thus: botnet!
Hi Chris, I’m sure there is potential do do nasty things with that app but your scenario would not be one of them for two reasons:
1) The profile (virtual-SIM) comes from the provisioning server and not from the app.
2) The profile is exchanged directly between the eUICC and the provision server through an authenticated and encrypted tunnel, the app can look inside or change anything. I’ll go into more details of this in another part of this series 🙂
Martin