eSIM Series #2: Challenges for eSIM to Overcome

1oT is happy to announce that it will launch its eSIM (eUICC) at Mobile World Congress 2019 in Barcelona! We will keep you tuned about the launch closer to the date, but first, we would like to initiate our eSIM blog series to share more insight on this field. Since in May'18 we wrote about eSIM in the post called "eSIM Series #1: Clearing the Confusion around eSIM" then let's call this post #2. We start from the basics and are talking about the challenges that are hindering the eSIM’s take over of the IoT domain.

This insight is based on the market info 1oT has been gathering from numerous eUICC Manufacturers (eUM's), Remote SIM Provisioning Platform providers, mobile carriers and OEMs along its journey towards launching eSIM. 

Mobile Carrier's Reluctance

As the world is revolutionizing, mobile carriers need to rethink their business models in order to survive the global adoption of IoT. Carriers will need to target OEMs and IoT enablers to sell mobile data by bringing a flavour of the B2B model to their existing B2C model. But, as the eSIM does not link the end-user to a specific carrier anymore, the carriers fear losing customers through a simple click of a button, and the flexibility to easily change subscriptions (carriers profiles) means an end to expensive roaming for users. So the question arises, why should mobile carriers actually invest in eSIM architecture when they foresee a higher churn rate and probably zero roaming usage? This has also been the reason why eSIM adoption has been dead slow (though the technology has been available for years) and the only players moving towards eSIM adoption have been Apple, Tesla, and other multinational device manufacturers.

Return of Investment

It doesn't matter who invests in the eSIM architecture itself, the return on investment is still the scary bit. Especially in the light of dropping mobile data and roaming prices that are consistently pressuring carriers' margins. The cost of deploying an eSIM solution is high considering the limited use cases and the fact that "keeping things as-is" is made possible as there have been no serious disruptors on the market. In other words, the current name of the game by carriers is "wait-and-see" - carriers are motivated to keep the status quo as long as possible and postpone all serious investments. On the other hand, technology deployers such as Valid, GnD, Gemalto, IDEMIA and other eUICC Manufacturers have heavily invested to develop a fully certified and interoperable solution. 

Changing Geographic regulations

The trust in Interoperability

The GSMA has heavily mandated the concerns of interoperability. As eSIM is relatively new to the market, standardizing the whole ecosystem is quite challenging. This standardization needs to be enforced to achieve a truly interoperable solution, one where every eSIM can be managed by any service provider in any device. Without an interoperable solution, it is practically impossible to bring together all the different stakeholders to work alongside one another, particularly when trust is already limited.

Security

The biggest threat to the world of IoT is security. All the data that would be exchanged from devices to servers and vice versa has to be handled in a secure manner. Even though the IoT industry is mature enough to tackle this issue, new technology still brings new loopholes and gaps in security. For Instance, regarding eSIM equipped devices which end up as waste, there is a high risk of illegal reuse or reverse engineering a device which was previously associated with a person's identity. If the user's credentials are not properly dis-associated by the legitimate owner, both the device and user credentials could remain available to a hacker.

As an eSIM would be programmed remotely, all the user credentials would basically be shared over the air. This makes the eSIM architecture open to side channel attacks. In case the hacker is able to penetrate the communication between the eSIM and platform, they could gain access to actual carrier profiles which may be used for many fraudulent cases.

Developed Markets vs Underdeveloped Markets

The main idea behind eSIM is to have the flexibility of changing subscriptions (carrier profiles) as needed. Even though carriers from Europe, North America, and Asia are already implementing eSIM technology we have 60% of mobile users worldwide still using legacy phones or devices that are not eSIM compliant. In such markets, eSIM is still a bit futuristic. This means that while you may have an eSIM capable device, in some parts of the world you will not have any mobile carrier supporting it.

Seeing is believing

As it is a technological transformation, the trust in the solution will build once there are more and more live deployments and people can see eSIM in real life applications. Consumer demand would be the biggest game changer but until that happens we still rely on creating a need for eSIM rather than OEMs and mobile carriers asking for it.