eSIM Technology in IoT Architecture
Hang Yuan, Artiom Baloian, Jan Janak, Henning Schulzrinne
TL;DR
The paper analyzes how eSIM technology, traditionally used in mobile devices, can be extended to IoT deployments to solve provisioning, scalability, and UI limitations. It presents a general eSIM provisioning architecture based on GSMA standards (SGP21) and introduces IoT-specific extensions: the eSIM IoT Remote Manager (eIM) and IoT Profile Assistant (IPA), which enable remote state management and IoT-tailored profile operations. The work details secure provisioning flows, including Common Mutual Authentication and Profile Download, for both mobile and IoT contexts, emphasizing certificate-based security, trust chains, and multiple download methodologies. The findings demonstrate that incorporating eIM and IPA enables scalable, remote subscription management for large IoT fleets, reducing manual intervention, enabling offline or limited-connectivity devices, and supporting multi-operator profiles with efficient lifecycle handling.
Abstract
eSIM(embedded SIM) is an advanced alternative to traditional physical SIM cards initially developed by the GSM Association(GSMA) in 2013 [1][2]. The eSIM technology has been deployed in many commercial products such as mobile devices. However, the application of the eSIM technology in IoT devices has yet to start being primarily deployed. Understanding the eSIM architecture and the basic ideas of the eSIM provisioning and operations is very important for engineers to promote eSIM technology deployment in more areas, both academics and industries. The report focuses on the eSIM technology in the IoT architecture and two major operations of Remote SIM Provisioning(RSP) procedure: the Common Mutual Authentication procedure, a process used to authenticate eSIM trusted communication parties over the public internet, and the Profile Downloading procedure, the way to download the Profile from the operator SM-DP+ server and eventually remotely provision the end-user devices.