Apple products fans have always lacked a second SIM card – at the same time smart-gadgets manufacturers lacked additional space for it. So when smartphones and smartwatches with e-SIM were released, the technology from 2016 has become a worldwide trend. Today, you can obtain e-sim services in 45 countries; in many others the operators have doubts while the regulatory mechanism and technological platforms are not ready.
What is a SIM card? Basically it is a microcomputer with the main objective to keep keys and encryption algorithms used to identify and authenticate subscribers in the mobile operator network. The algorithms are symmetric and involve storage of the user’s secret key in a protected area of the SIM chip memory, which can only be accessed by an application running on the chip itself. Entire encryption algorithms (which are actually applications running on the SIM-Chip) and encryption keys are recorded during production to ensure their security.
There are other apps on SIM such as SIM menu, which show weather forecasts, balance, etc., and can manage some services. Moreover, the operator can set a standardized option to download and run new applications on SIM, while the subscriber can be unaware about it. Without delving into the specifications and standards, we can notice this in the service of copying Contacts from a SIM card to the operator’s storage: the service is activated via subscriber’s account on the operator’s website, and after a while a backup copy of the Contacts is already created in the cloud. Magic? Thus, the operator has access to the subscriber’s device via SIM card and can receive data from this device and complete some operations with it … To provide quality services, of course. Learn more about how it works.
Contrary to common belief, the main difference from SIM is not the solder chip form factor (you can also buy the classic SIM in embedded form factor from operators), but pre-installed software that allows you to download subscriber profiles with encryption keys. This process is standardized by GSMA, an association of GSM operators and manufacturers, and is described in several specifications:
Another difference is that you need a third party to download the operator profile to e-SIM: SM-DP – a GSMA certified organization that will manage the profiles. It can be either a manufacturer of devices with built-in E-UICC or an independent company. Detailed description of e-SIM from GSMA.
The comparison of classic SIM and e-UICC gives an understanding that the latter is more focused on improving service and developing new lines of product in the industry. There are a lot of amenities for subscribers: for example, you can remotely connect to a foreign operator before leaving the country. When arriving abroad, it remains just to activate a new profile in a couple of clicks instead of searching an operator’s sales point. For those who consider two SIM cards are not enough it becomes possible to use 3-4 profiles and to switch between them as needed.
On the other hand, there is a risk of hackers’ interception and damage of the e-SIM profile, which can lead to extremely sad consequences. In case of failure of e-SIM you have to repair the entire device instead of replacing the card.
The presence of a third party is already being observed in the process of MNP – number transfer between operators. Today there are no critical problems in this regard. All operators were obliged to connect to the system – the system works, numbers are transferred. In general, it doesn’t cause challenges anyone.
In conclusion, the e-SIM technologie evokes mixed feelings. On the one hand, positive: this is a new step in the industry. On the other hand – there is another potential channel for the leak of personal and critically sensitive data from user devices.