eSIM: Fresh Paint For Mobile, Payments And Identity
If Apple has anything to say about it, embedded SIM cards, or eSIMs, may be poised to replace legacy SIM cards. Other manufacturers, including Google and Huawei, have also incorporated the technology into their recent mobile offerings, and Apple's official list counts 80 plus wireless carriers across the globe as eSIM-friendly. Users with eSIM equipped devices can activate or manage cellular plans through QR codes or a mobile application without having to acquire the physical SIM cards themselves. Additionally, eSIMs are fully reprogrammable, which means that users can alter permissions or restrictions on their plan via their device itself, or even change carriers altogether.
If eSIM ascends to the new standard — as mini-, micro- and nano-SIM did before — it could mean more than another step up the technological ladder for mobile. Because eSIMs allow for "remote provisioning," it overhauls how end users interact with their Mobile Network Operator (MNO). But more excitingly, eSIM may pave the way for a more payments-fluid world by putting digital identity directly into the hands of end users.
New Chip On The Block
The SIM card is the identity "fingerprint" of a mobile device. When a user initiates a mobile contract with an MNO, the MNO provides a physical SIM card. The SIM allows a user to connect their device to the MNO’s network, because each SIM contains subscription credentials which tell the network who the user is, their phone number, how much data they have, and other details. Where eSIMs differ is in the linkage between the device and network; rather than credentials residing on a SIM which tell the network whom a given device belongs to, the device itself (if it has eSIM) accesses a “Remote Provisioning System” and downloads a SIM profile. From there, profile management is handled on the device itself, and a single eSIM can handle multiple profiles on different networks or in different regions.
eSIM streamlines provisioning by effectively removing a few of the steps in the traditional provisioning process through digitization (e.g., finding a vendor, registering one’s credentials, obtaining and installing a SIM). Simplifications like these could prove particularly beneficial in emerging markets, where the not-exactly-watertight registration requirements of traditional provisioning have given rise to illicit backdoors and shortcuts which undermine the point of know-your-customer requirements in the first place.
But remote provisioning via eSIM comes with its own wrinkles, many of which likely will not be ironed out for years. For example, eSIM hardware is all-new; in other words, old devices cannot be retrofitted for eSIM, and consequently adoption will be slow as old devices are cycled out. Security is also a concern, as hosting multiple profiles on one chip could expose users to more damage in the event of a breach (though the GSMA has been diligently crafting and updating security standards for eSIM since 2017). Finally, eSIM cannot practically coexist alongside subsidized mobile devices (i.e., devices sold bundled with cellular contracts). When a user is tied to an MNO, it effectively nullifies a core benefit of eSIMs which is the built-in MNO marketplace.
The practice of selling subsidized devices bundled with contracts, however, appears to be on the decline. In developed markets — where subsidized devices have historically sold best — the share of new device sales which are subsidized has shrunk from 25 percent in 2013 to less than 10 percent this year. And although global smartphone sales continue to decline, the advent of 5G is forecasted to boost sales of new, eSIM equipped models from Apple and Google, with other manufacturers expected to follow suit.
Local Profiles, Broad Potential
If adoption takes off, eSIM will certainly change how users deal with MNOs. But, it may also unlock new potential for identity management, security and mobile money. eSIM allows users to switch between “profiles” (i.e., mobile contracts) on a single device without swapping out SIM cards through the use of a Local Profile Assistant, or LPA. The LPA is an application on the end user’s device that performs two functions: 1) it connects the end user’s device to an external “Subscription Manager” service which liaises with MNOs and stores the user’s various profiles and 2) allows the end user to manage their subscriptions and profiles.
Think of the LPA as a central hub where users can view, activate or modify cellular network profiles. Giving users the ability to freely manage their cellular profiles empowers them to switch carriers virtually at will, but it also allows them to manage the identity and payments features which can be tied to a phone number. For example: in Kenya, MNO Safaricom’s M-PESA mobile banking service allows users to make payments from mobile devices by linking the Safaricom SIM card in the device to an account (also managed by Safaricom). In the case of eSIM, the profiles in a user’s LPA could be tied to accounts and used for payments in a similar fashion. In theory, users could even maintain accounts across multiple carriers, or accounts in local currency with carriers in different countries.
What Else Can We Embed?
In addition to the increased flexibility it brings to cellular plans and its enablement of multiple wallet ownership, eSIM offers much in the realm of identity management. Given that eSIMs are already designed to securely download mobile network profiles from Subscription Manager services tied to MNOs, a similar mechanism could be established allowing eSIMs to securely download digital credentials from an “Identity Manager” service tied to a civil registry or other government database. The remote provisioning process for cellular profiles already requires KYC, anti-money laundering and security measures — why not replicate this process for identity? It’s a natural fit. In fact, a GSMA Intelligence survey of industry players in 2017 identified Digital Identity as the value-added service “most likely to gain momentum over the next 5-10 years."
Moreover, using an eSIM for cellular service, payments or identity is in many respects more secure than using a physical SIM card. Obviously, the fact that eSIMs are soldered into a device means they are less prone to theft than physical SIMs. Perhaps less obviously, being equipped with an eSIM makes any device traceable; if someone steals a smartphone, tablet or even a car with an eSIM in it, the moment they turn on the device, it connects to the Subscription Manager service and can be tracked down by authorities.
eSIM also delivers when it comes to network security. Cellular networks are generally considered more secure than WiFi due to built-in encryption and authentication, with 5G promising even tighter security. Profiles, wallets or identities downloaded over cellular networks would also be routed through the Subscription Manager service, which is operated by a third party that is in charge of verifying profiles with the MNO in question. Not only do Subscription Manager services need to be compliant and registered with the GSMA, the GSMA has also created rules governing eSIM manufacturing and even data center accreditation to ensure both security and interoperability among devices and services.
Is This When Everything Changes?
Arguably, the biggest obstacle to the eSIM takeover of legacy mobile processes is the fact that eSIM is exclusive to brand-new devices, and at present, few consumers are in a hurry to discard their current devices. For years, users in developed markets have been extending the time between device upgrades; meanwhile, flagship models are more expensive than ever. Additionally, economic anxiety resulting from trade conflicts is sure to affect consumer attitude toward big purchases in the U.S. and China, two of the most lucrative markets for mobile device sales. So while eSIM is indeed poised to dethrone physical SIMs by offering features that previous generations of technology could never have dreamed of, manufacturers could certainly have chosen a better time to throw their support behind the innovation.
Many signs do point to eSIM as the future — of SIM technology at the very least, but possibly of identity and mobile payments, too. Some have pointed out that the existing provisioning system for physical SIM cards is not terribly broken, which is basically true, but eSIM’s potential value-added services alone are enough to pique the curiosity of anyone interested in improving the mobile ecosystem. And if eSIM can put more power in the hands of consumers to take control of their relationship with MNOs, that is sure to be a popular idea once the public technologically adjusts.
Image courtesy of Stanislav Kondratiev
Click here to subscribe and receive a weekly Mondato Insight direct to your inbox.