eSIM series: Everything there is to know about eSIM (eUICC)

Tags: eSIM
A picture of Mikk Lemberg
Written by
Mikk Lemberg

The world is on the brink of significant communications transformation. This time, the focus is not on the network infrastructure but on the SIM cards that enable cellular connectivity in IoT (and consumer) devices.

Traditionally, IoT/M2M applications that rely on cellular networks for connectivity have used SIM cards (UICC). However, the many shortcomings of the technology have led to a new standard for connectivity - the eSIM.

Technically called "eUICC" or "eSIM" and colloquially referred to as "virtual SIM cards". It combines high-end security methods with connectivity protocols, rendering a next-generation connectivity solution that increases security speed and ease of deployment. The solution complies with GSM Association (GSMA) specifications​ and is approved by all world's largest mobile operators, device manufacturers, and SIM vendors.

In this article, we aim to clear the confusion around eSIM. What are the unique capabilities of eSIM, and what challenges does it face? Are there any downsides to using eSIM? Should you be adopting it for your IoT/M2M applications? These are some of the questions we aim to answer.

eSIM and “embedded” SIM—what’s the difference?

If you're confused about what the term "eSIM" actually refers to, you are not alone. Despite many articles referring to eSIM as a SIM form factor of an embedded chip, eSIM capabilities are actually available for all form factors: 2FF (Mini), 3FF (Micro), 4FF (Nano), MFF2 (the "embedded" SIM - the one that many mistakenly refer to solely as an eSIM), and recently iSIM (SoC - integrated SIM).

MFF2 soldered chip SIMs have been available since 2010, and are most commonly used in IoT devices. They make a perfect option for devices that are located outdoors (MFF2 chip SIMs can be sealed from moisture and corrosion) or are in constant motion (shocks and vibrations).

Nevertheless, that doesn't necessarily mean MFF2 chip SIMs are eSIMs. The carrier profiles are preloaded onto MFF2 form factor SIMs by the SIM vendor.

eSIMs (regardless of the form factor) come with technology and software that can remotely provision carrier profiles without having to swap out the physical card or chip inside the device.

eSIM (eUICC) comes with a standard that makes it possible to manage, download, enable, disable and delete carrier (Mobile Network Operator) profiles over the air.

For example: if you get a SIM from T-Mobile but later on decide that you want to be a client of AT&T but don't want to bother with swapping out the SIM inside your device. With eSIM, it's possible to delete the old carrier profile and download a new one over the air. The same process with a regular SIM (UICC) would mean that the card would be physically removed from the device and replaced.

Read more about the differences between SIM types and different numbers on SIM cards.

Differences between consumer and M2M eSIM

With consumer eSIMs becoming more popular with Apple leading the way, it's essential to understand the difference between a consumer eSIM and one made for IoT/M2M devices.

We have covered the topic more thoroughly in a blog post, talking about both the two's technical aspects and use cases. But in short, the main difference comes in the architecture and the standardisation between these eSIMs:

  • Consumer eSIM uses a "pull"-model, which means that the end-user can manage and activate the new network carriers based on their needs (usually through scanning QR codes)

  • IoT/M2M eSIM uses a "push"-model, which means that only the device's owner or service provider can "push" the carrier changes onto eSIM

Here's essential to note that even though the consumer eSIM market is growing, 1oT only focuses on IoT/M2M solutions.

Current challenges with widespread eSIM adoption

Although eSIM technology is becoming more and more popular, it still faces some challenges. It's up to companies like 1oT as a middleman to help network carriers and IoT businesses overcome them.

Mobile Network Operator's reluctance to adapt

As the world is revolutionising, mobile carriers need to rethink their business models to survive the global adoption of IoT. Carriers will need to target OEMs and IoT enablers to sell mobile data by bringing a flavour of the B2B model to their existing B2C model.

But, as the eSIM does not link the end-user to a specific carrier anymore, the carriers fear losing customers through a simple click of a button. The flexibility to easily change subscriptions (carrier profiles) means an end to expensive roaming for users.

So the question arises, why should mobile carriers actually invest in eSIM architecture when they foresee a higher churn rate and probably zero roaming usage?

Yet, this issue can be solved by companies like 1oT who act as a middleman between clients and Mobile Network Operators (MNOs). This creates a win-win situation for both parties, as 1oT acts as a sales channel for MNOs, and clients get a large pool of carriers to choose from without extensive contracts and with no strings attached.

For IoT enterprises, that also means having only one point of contact for support and troubleshooting, for example in case of a network failure.

Overall, MNOs' reluctance to adapt has been one of the reasons why eSIM adoption has been dead slow (though the technology has been available for years). The only players moving towards eSIM adoption have been Apple, Tesla, and other multinational device manufacturers.

Return of Investment

It doesn't matter who invests in the eSIM architecture itself. The return on investment (ROI) is the scary bit. Especially in the light of dropping mobile data and roaming prices that are consistently pressuring carriers' margins.

The cost of deploying an eSIM solution is high considering the limited use cases and the fact that "keeping things as-is" is made possible, as there have been no serious disruptors on the market. In other words, the current name of the game by carriers is "wait-and-see" - carriers are motivated to keep the status quo as long as possible and postpone all serious investments. On the other hand, technology deployers such as Thales, IDEMIA, GnD, Valid, Workz, and other eUICC Manufacturers have heavily invested in developing a fully certified and interoperable solution.

But when it comes to eSIM’s end-user, an IoT company, the ROI may be greater than initially thought.

For example, 1oT offers eUICC and UICC at the same unit fee. Additional transactions involving downloading and enabling a new carrier profile on eSIM is cheaper than getting a whole new SIM card from a different connectivity provider. Another thing to consider in favour of an eSIM is the labour cost. It’s vastly more reasonable to change a carrier profile over the air than sending somebody to every IoT device to physically change the card.

Changing Geographic regulations

Even though the GSMA is governing and ensuring the standardisation of Remote SIM Provisioning solutions, it still must be noted that the regulations for hosting a Subscription Management platform and Data-Centers vary from country to country. For instance, in certain countries, the regulation states that data centres should be located within the country's jurisdiction (e.g. China). This is a considerable investment, completely ruling out a hosted model which would be much more flexible.

The trust in Interoperability

The GSMA has heavily mandated the concerns of interoperability. eSIM is relatively new to the market, it standardises the whole ecosystem. This standardisation needs to be enforced to achieve a truly interoperable solution, one where every eSIM can be managed by any service provider on any device. Without an interoperable solution, it is practically impossible to bring together stakeholders to work with one another, mainly when trust is limited.


Security is considered the most significant risk for the IoT sector. Data exchange between IoT devices and servers has to be handled in a very secure manner. Even though the issue is being constantly worked on and has improved significantly, the quickly advancing new technology brings out loopholes and gaps in security.

For instance, devices equipped with eSIM that end up as waste, there is a high risk of illegal reuse. Reverse engineering is also a threat - a device could be still associated with a previous user's identity. If the user's credentials are not adequately dis-associated by the device's legitimate owner, the device and user credentials could remain available to a hacker. As an eSIM could be programmed remotely, all the user credentials could basically be shared over the air. If the hacker can penetrate the communication between the eSIM and the management platform, they could gain access to actual carrier profiles, which could be used for many fraudulent cases.

Developed Markets vs Underdeveloped Markets

The main idea behind eSIM is to have the flexibility of changing carrier profiles when needed. Even though carriers from Europe, North America, and Asia are already implementing eSIM technology, there are still areas where mobile phones or devices are not eSIM compliant. In such markets, eSIM is still a bit futuristic. This means that while you may have an eSIM capable device, you will not have any mobile carrier supporting it in some parts of the world.

Future-proofing the IoT sector

As mentioned above, generic UICC cards tend to lock users to a single carrier, and the card needs to be physically changed when switching cellular connectivity provider.

In contrast, eSIM gives an IoT device owner the option to choose among a broader range of cellular networks without needing a replacement.

Managing the carrier profiles is especially beneficial for devices that operate in hard to access or remote areas. Swapping the network operator profile over-the-air (OTA) is paramount, for it might be costly or simply impossible to access the SIM card.

eSIM also protects from evolving network technologies, such as the sunsets of legacy services like 2G and 3G and the rise of new technologies like LPWA networks. The same applies to increasing government and carrier regulations and policies for IoT connectivity.

eSIM technology brings choice and flexibility, making it the clear front runner of cellular IoT connectivity. The solution can be deployed once and modified remotely for 20 years without compromising security.


At 1oT, we firmly believe that the rise of IoT connectivity powered by eSIM technology can't be ignored. Counterpoint Research predicts the shipments of eSIM-based devices will reach almost six billion units by 2025, with enterprise IoT making up half of it. With eSIM evolving and becoming more and more secure, organizations can minimize the total cost of ownership of connected devices and thereby increase efficiency in a way that is not possible with a traditional SIM card.

With the world moving towards smart devices being the norm and the enterprises looking increasingly into IoT deployments, an eSIM might just be what they need.

If you’re interested in how to get your IoT devices connected to cellular networks, contact our sales team and we’ll find the best solution for you.

Contact sales