The Differences between SIM, eSIM and iSIM
By Omer Harel
May 6, 2020
By Omer Harel
May 6, 2020
A familiar part of cellular connectivity for the past several decades, the physical SIM card continues to play a leading role in many consumer mobile devices and IoT deployments. However, the SIM market is evolving rapidly, and newer options exist that eliminate the need for a removable SIM. The embedded SIM (eSIM), soldered to a device’s printed circuit board (PCB), provides, among others, a way to send SIM profiles to devices over the air using a process called remote SIM provisioning (RSP). The newest iteration in the SIM market, the integrated SIM (iSIM) streamlines the eSIM’s functionality by porting the functionality into a system-on-a-chip (SOC) architecture, meaning the SIM does not require dedicated hardware.
While fresh interpretations of SIM technology are exciting, the newest incarnation is not the best option for every deployment. It’s best to consider specific use cases and match them with the SIM option that fits their needs.
The traditional SIM is a removable card that comes in a variety of sizes. Initially developed for the consumer mobile phone market and inherited by the M2M industry, they evolved into new form factors needed to fit smaller devices. They are straightforward and convenient for consumer applications and some IoT use cases but can present reliability and security risks for most large-scale device deployments. When the SIM is easy to access, it’s also easy to steal or be tampered with. IoT managers must continuously keep track of SIM cards in their devices to ensure that they are not removed and replaced in other devices.
When an organization switches mobile carrier and needs to change out device profiles, traditional SIMs can be very convenient in some use cases — remove the old SIM and plug in the new one. In large-scale IoT deployments, however, the need to physically remove and replace SIM cards on thousands of devices can be costly or impossible.
The eSIM developed in response to the shortcomings of traditional SIM cards for some use cases. In particular, the connected car industry pushed eSIM forward because automotive OEMs had a clear motivation to create a tamper-proof SIM with more robust security that would serve their connectivity needs and protect against extreme environmental conditions such as temperature, vibration, dust, moisture, etc. Today, the automotive industry has adopted the technology widely, and most connected cars use a soldered eSIM.
The embedded Universal Integrated Circuit Card (eUICC) standard makes the eSIM versatile, as it allows remote provisioning of the hardware with network profiles. The eUICC makes way for mobile network operators (MNOs) to send out their SIM profiles to eSIM devices remotely, without needing physical access, substantially improving the management of the connectivity aspect of IoT deployments at scale. The eUICC standard also allows for multiple profiles to be loaded, so devices can be manufactured for use in multiple geographies and then loaded and switched to the appropriate regional connectivity provider profile when the device is deployed or moved.
Using low-tier IoT connectivity options such as NB-IoT and LTE-M, OEMs need to create cost-optimized devices that are efficient in terms of BOM costs and data and energy consumption. By incorporating the SIM operating system into the cellular module hardware, the iSIM provides a way for industries to enable typical coverage with efficient data and energy consumption. The iSIM also saves space in hardware design. Every square millimeter matters when it comes to size-constrained applications. Since it does not require physical space for an eSIM chip or removable SIM card, the iSIM can reduce the footprint of a device.
With the iSIM functionality built directly into the base cellular module hardware, the result is savings from the elimination of one or more components like SIM trays, SIM cards or eSIM chips.
Still, many MNOs will choose to wait until GSMA standardizes the iSIM, which has not yet happened. A few private initiatives have emerged, such as Deutsche Telekom’s nuSIM, and GSMA has started creating specifications for integrated eUICC, which defines factory provisioning for iSIMs. However, these standards are not yet mature, and the field deployment of iSIM is limited for the moment.
There are two primary forms of security accreditation for SIMs. The first is the EAL standard, created by Common Criteria as a level of security that is adopted by the MNO community. If a chip manufacturer attains EAL4+ certification, it means the hardware is processed in such a way to ensure it is not vulnerable. Carriers make sure that their SIM vendors are compliant to this standard, which includes the physical security of the chip and applies to both traditional SIM cards and eSIMs.
The GSMA also provides a Security Accreditation Scheme (SAS) for SIMs and eSIMs with two different specifications:
Because the technology is still new and not yet standardized, most iSIM devices cannot be certified adequately with existing SIM accreditations. Another current problem with iSIM security is in today’s cellular IoT market, the device hardware companies who can manufacture iSIMs are not Common Criteria or GSMA certified, which creates bottlenecks in the production process. Solutions to this logistical problem are emerging, but it means iSIM production for IoT is slow to accelerate.
When selecting a SIM type and form factor for your IoT deployment, start with considering cost structure because it reflects the business model behind the particular device. For example, in the automotive sector, the cost of the end product might motivate you to invest in expensive chips because embracing a less expensive platform would mean compromising on resiliency and security. If your product is a low-tier device such as a pet tracker, however, spending an extra dollar or two on hardware per device could eliminate your profit margin. In that case, it makes sense to seek out a low-cost, integrated SIM solution.
Also, consider whether the use case will require remote provisioning. While eSIMs are best known for this feature, all the form factors are candidates for the eUICC software that enables OTA profile updates. GSMA has designed a large-scale provisioning scheme for the IoT space, allowing MNOs to provision devices in large volumes at once.
While remote provisioning offers tremendous value for many applications, its inherent shortcomings are worth noting. Remote SIM provisioning service also comes with relatively high costs, which does not fit well with the industrial IoT economy in low-tier IoT devices. If devices are deployed in places without proper coverage, network issues could prevent profile updates from going through. If a person is holding the device, you can attempt a manual update; however, if it’s in a remote area and you must send someone to fix it, that’s an expensive undertaking, especially if many other devices in the deployment are experiencing the same problem.
Despite the emerging potential of the eSIM and iSIM, traditional SIM cards continue to dominate the IoT market — at least for now. In many countries, prepaid service is still the predominant way to connect, making traditional plug-in SIM cards the most practical choice.
For high-end IoT use cases that have an inherently higher cost structure and require a high degree of MNO acceptance from the first day, eSIMs are an ideal solution. iSIMs will come into play for low-tier IoT connections where device size and energy efficiency are necessary strengths. There’s room for every form factor and SIM type for the foreseeable future, depending on the use case.
Speak with our IoT connectivity experts today and request an IoT connectivity starter kit.