Billions of small IoT devices will change our lives and transform industries, and the technology that supports this must adapt to this evolution. Although eSIM is a great candidate for low-power IoT solutions, there are certain challenges along the way. Read our proposal here.
Low-power IoT- In the not too distant future, small sensors will monitor the microclimate in cities, help agriculture to optimize irrigation and fertilization, and help track our goods when they pass through global logistics chains, to mention a few examples.
These small Internet of Things (IoT) devices need connectivity, while being installed in various remote locations – and cannot depend on recharging or rely on a local hotspot for connectivity. They also need to be secure – meaning they must be resilient to cyber attacks, and cannot become compromised or part of botnets (those networks of malware-infected devices controlled remotely by attackers).
Cellular networks, in particular 5G and NB-IoT, provide the energy-efficient connectivity and trustworthiness needed to allow small IoT devices to reliably and securely connect and communicate with other entities. Secure identities play a fundamental role for this much needed reliability and security, and are utilized at every layer for secure communication between devices, network nodes, applications, and humans – as discussed in Technology Trends 2020 by our CTO.
By secure identities, we mean digital identities that are securely anchored to physical entities, such as devices and network nodes using root-of-trust mechanisms. Examples of such mechanisms are secure storage and trusted environments, which can be found on a SIM card, for example. A digital identity is an identifier associated with credentials.
In this post we focus on secure identities for devices to authenticate and gain cellular network access. Traditionally Subscriber Identity Module (SIM) cards are used to store and operate on such identities. However, for IoT, the embedded SIM (eSIM) technology – for provisioning devices with secure identities for network access authentication – has many advantages, an and is explained further in the next section.
Today there are two different eSIM standards: one for machine-to-machine (M2M) devices, and one for consumer devices. Neither is perfectly suited for constrained low-power IoT devices, but the consumer device standard is fairly close to – and can be the basis for – a new eSIM solution for the industry. Here, we’ll elaborate on this conclusion and suggest the way forward.
The increasingly popular eSIM technology by GSMA, the association of mobile operators and mobile ecosystem players, allows the remote download and management of cellular network subscription data on eSIM-enabled devices. Non-removable SIM cards, known as embedded Universal Integrated Circuit Cards (eUICC), are used to securely store the subscription data, so called subscription profiles containing secure identities for network access authentication.
For IoT, eSIM technology offers several advantages:
- Logistical simplicity and cost advantages due to not having to ship and install physical SIM cards.
- Allows the device to be hermetically sealed and its size to be smaller since there’s no need for card readers.
- Simplifying the switch of the profile for IoT devices in hard-to-reach places.
Yet the current eSIM standards pose certain challenges for low-power IoT devices that connect via low-power wide area (LPWA) networks, such as NB-IoT. We’ll discuss this below, but let’s first briefly look how eSIM works.