What is GSMA SGP.32 for eSIMs?

GSMA SGP.32 is a transformative standard designed to streamline eSIM remote provisioning for IoT. It introduces simplified device architecture, autonomous profile management, and cloud-native scalability, laying the foundation for global, zero-touch IoT deployments. 

Traditional SIM card management and provisioning models have proven too rigid and resource-intensive for modern IoT devices, particularly those deployed in remote, unmanned, or power-constrained environments. With GSMA SGP.32, IoT devices can access the efficiency, flexibility, and scalability offered by eSIM technology without the costly, complex integration and vendor-locked limitations of previous standards.

This blog explores GSMA SGP.32, the history of eSIM GSMA standards, and the implications of SGP.32 for IoT innovations. We’ll explain how these cutting-edge technologies work and discuss the advantages the SGP.32 standard for eSIMs provides IoT manufacturers. 

What is GSMA SGP.32?

GSMA SGP.32 is a technical specification that defines eSIM remote provisioning architecture for IoT devices. Developed by the Global System for Mobile Communications Association (GSMA), SGP.32 is the new global benchmark for IoT interoperability and large-scale deployments. This standard was designed especially for use cases relying on constrained resources, like sensors, industrial modules, asset trackers, and smart meters. 

Aimed at improving connectivity and optimizing performance, SGP.32 emphasizes simplicity, scalability, and efficiency. Before SGP.32, logistical complexities prevented widespread eSIM adoption by IoT applications. Legacy standards (like SGP.02 for M2M) were too clunky and costly to support a framework of millions of low-power, low-touch devices. 

GSMA SGP.32 introduces an eIM (eSIM IoT Manager) and IPA (IoT Profile Assistant), technological features that allow for remote device management at scale. These new standards provide a structure that is lightweight and flexible enough to support the demands of the developing IoT ecosystem.

eSIM remote profile provisioning provides a roadmap for zero-touch global connectivity management. GSMA SGP.32 offers enormous opportunities for growth and expansion in the IoT space. SGP.32 reduces integration complexity for OEMs and network operators, enabling faster and easier deployment for eSIM-enabled devices. 

eSIMs for IoT devices

eSIMs (Embedded Subscriber Identity Modules) are SIM cards that can be remotely monitored and provisioned through eUICC technology. Most, though not all, SIMs with this technology are non-removable. With eSIMs, IoT devices can update and switch networks without requiring the physical removal and replacement of a SIM card. eSIMs accelerate IoT deployment times, streamline form factor design, and reduce operational complexity. 

eSIMs are updated Over-The-Air (OTA), unlocking the potential for unprecedented scalability and simplification for IoT use cases. Through remote provisioning, IoT devices can switch between cellular carriers and network technologies without compromising performance or requiring manual labor. 

eSIMs’ ability to seamlessly change networks allows OEMs and users to optimize around costs, security, global coverage, and network requirements. Additionally, eSIMs are a future-proofed strategy that can transition between carriers and networks as standards evolve. They don’t require expensive, time-consuming hardware changes to utilize emerging technologies. 

The history of eSIM standards

GSMA SGP.32 is preceded by two other eSIM technology standards: GSMA SGP.02 (M2M IoT) and SGP.21/22 (Consumer IoT). SGP.32 is built on these two standards, but resolves the lack of flexible connectivity inherent to M2M IoT and eliminates the need for user interaction that accompanies Consumer IoT. 

GSMA SGP.02 (eSIM for M2M devices)

GSMA SGP.02 is the foundational specification for remote SIM provisioning. This initial eSIM standard, released across 2014–2015, focused specifically on Machine-to-Machine (M2M) use cases and was launched in response to the automotive industry’s needs for remote network management.

M2M eSIMs are designed for autonomous IoT operations without user interfaces. SGP.02 detailed a server-driven “push model” to change a device’s profile, using SMS to push instructions out to devices. 

The push model immediately presented challenges for IoT devices. Most notably, devices themselves could not initiate profile alterations and required SMS functionality to leverage eSIM technology. SMS is not a feature supported by some cellular networks, like NB-IoT, limiting the scope of deployment. Additionally, these SIM profiles needed to be activated, deleted, and updated via an SM-SR (Subscription Manager Secure Routing) service. This remote management agent restricted flexibility, as devices’ eUICCs were often locked into a network connectivity vendor pre-deployment. For IoT devices requiring global and dynamic operator options, the SM-SR structure is untenable. 

While effective in fulfilling its stated purpose, this iteration of eSIM profile management was a complex undertaking poorly suited for many IoT use cases. 

GSMA SGP.32/.22 (eSIM for Consumer devices)

The next eSIM standard was rolled out in 2018-19. GSMA SGP.21 introduced a client-driven “pull model” approach, with end users selecting their carrier of choice to activate their IoT devices. This eSIM standard was built primarily for non-constrained devices like smartphones and tablets. 

Consumers trigger profile changes through leveraging an LPA (Local Profile Assistant) on the device, downloading profiles directly from multiple carriers, and installing them on the empty eUICC SIM. These profiles are downloaded from an SM-DP+ (Subscription Manager Data Preparation Plus). SM-DP+ addresses are used to connect and communicate with remote servers to download eSIMs.

This eliminated the carrier-to-carrier custom development and its associated expenses, as well as the need to physically replace SIM cards to swap networks. Users can enable and disable profiles, and mobile device management (MDM) software can be used to remotely manage the profiles owned by an enterprise. 

This approach was ideal for human-operated electronics, but it still failed to address the challenges presented by IoT devices with massive deployments that lack user interfaces and regular manual operation. The Consumer IoT eSIM standards are not a scalable solution for IoT OEMs.

GSMA SGP.32 (eSIM for IoT)

GSMA SGP.32 combines elements from the two previous standards while introducing innovative technological specifications designed to facilitate bulk SIM provisioning and management, simplify global device deployment, and reduce costs and complexities. The SGP.32 eSIM model adapts the previous LPA model into an IPA (IoT Profile Assistant) and introduces an eIM (eSIM IoT Manager). These architectural components allow for autonomous operation, improved connectivity, and network flexibility. The Consumer Model relies on users to initiate profile changes. Through GSMA SGP.32, the eIM initiates profile changes, eliminating the need for human interaction. 

The eSIM (eSIM IoT Manager)

GSMA SGP.32 introduced the concept of an eIM. eIM is the logical backend component orchestrating eSIM profile management in IoT deployments. The eIM acts as an interface between the device and the eUICC, downloading, enabling, disabling, and deleting profiles remotely. This remote access is essential for managing the application diversity amongst IoT applications, from trail cameras stationed in isolated locations to asset tracking devices traveling across the globe. 

eIMs can be linked and deleted from an eUICC at any point, avoiding vendor-locked restrictions. eIMs can also manage both individual eUICCs or be associated with entire IoT deployments, providing the flexibility essential to IoT success. eIMs also expand device management beyond just an OEM or end-user, potentially allowing cloud services, MNOs, and MVNOs operational control. 

The IPA (IoT Profile Assistant)

The IPA is an adaptation of the LPA introduced in Consumer IoT standards. The IPA enables autonomous interaction between the eSIM and the eIM. This on-device layer manages all communication with eIM. IPAs can be built into the IoT device itself (IPAd) or built into the eUICC (IPAe). OEMs of IoT often favor IPAes to reduce design and development complexity. 

eIMs send profile-related instructions (like device enablement or deletion) to the IPA. The IPA then translates the commands using GSMA’s standardized interface and communicates directly with the eSIM to download, update, and alter profiles. These profiles are downloaded from an SM-DP+ on demand.

The provisioning loop between the IPA, eIM, and SM-DP+ facilitates the seamless remote eSIM device management that is the core of GSMA SGP.32. For example, if an IoT tracker failed to connect to its primary operator and lost coverage, the IPA would contact the eIM and initiate a new profile download from an alternative carrier, circumventing service interruption. This allows eSIMs to offer reliable conectivity without manual reconfiguration, regardless of a device’s mobility or positioning.  

The advantages of the GSMA SGP.32 standards for eSIMs

IoT-optimized eSIM management brings a wealth of opportunities for innovation and expansion to the industry. By implementing remote provisioning, GSMA SGP.32 removes many of the logistical barriers that have kept IoT devices from harnessing the full potential of eSIM connectivity.

1. Zero-touch provisioning and autonomous profile management

The shift from centralized, operator-driven provisioning to a zero-touch model is the defining feature of GSMA SGP.32. Making eSIM technology widely accessible for IoT devices improves uptime, quality of service, global deployment readiness, and outage resilience. 

Through the IPA, IoT devices can enable, disable, delete, and download profiles with minimal backend input. The eSIM also eliminates the need for user interaction, like manually replacing SIM cards or interacting with an interface to initiate updates and activations. Devices can easily switch between cellular carriers and technologies and automatically trigger provisioning when new profiles need to be created.  

Actions like loss of signal, roaming failure, first-time device use, subscription expiration, policy update, and scheduled refreshes can all prompt automatic profile management without user engagement. This allows IoT devices to be designed without buttons and screens and easily deployed in unmanned and hard-to-reach locations. Fewer field technicians are needed to perform hands-on SIM management duties, as autonomous profile management lets devices adapt to new networks dynamically. 

2. Improved scalability

GSMA SGP.32 reduces the operational overhead required for IoT device deployment, dramatically improving scalability potential and deployment speed. Previous GSMA standards were ill-equipped to handle the massive numbers of devices demanded by applications like smart cities, logistics, automotive, and utilities monitoring. However, by eliminating manual provisioning, enterprises can easily manage millions of devices across diverse locations.

The cloud-native eIM technology supports a lightweight, API-accessible platform that can easily scale horizontally as new devices are added. The decentralization of provisioning enables devices to join the network at any time without manual intervention. Global scaling is further facilitated by reducing reliance on regional technicians and pivoting to remote management.

3. Cost savings

eSIMs allow for simpler, compact device design by eliminating user interfaces, screens, buttons, and physical SIM card slots. This can reduce manufacturing costs, a critical component for IoT devices eyeing massive deployment and rapid scaling. Smaller form factors are also key for wearable devices, healthcare technology, environmental monitors, and sensors. 

GSMA SGP.32 also facilitates improved global manufacturing and distribution by avoiding additional regional SKUs. Since field technicians aren’t required to swap out physical SIMs, overhead costs are lowered and global deployment is simplified. eSIMs are also more durable and less prone to damage from moisture and dust. This makes them well-suited for industrial, agricultural, and outdoor applications. The durability of eSIMs also extends the longevity and cost efficiency of IoT devices. 

4. Resource efficiency

GSMA SGP.32 standards emphasize compact device design and resource efficiency. By minimizing bandwidth and battery consumption, devices can capitalize on LPWANs operating under data and energy constraints. SGP.32 reduces the energy consumption associated with remote SIM provisioning, one of the many hurdles to implementing legacy standards for IoT. 

GSMA SGP.32 supports short-lived communication sessions, rather than persistent HTTPS connections. Devices can stay in deep sleep mode, only waking for provisioning, updates, and brief bursts of data transmission. This is ideal for battery-operated IoT devices, maximizing their uptime. 

Bulk provisioning and automation reduce the backend system load and network traffic. The IPA is lighter than the previous LPA component, resulting in a simpler software stack. SGP.32 eSIMs consume less data and leverage bandwidth far more efficiently than previous iterations. The improved operational efficiency results in less infrastructural strain on operators and platform providers.

4. Vendor and carrier interoperability 

Another defining strength of SGP.32 is the standardization of interoperability between devices, manufacturers, MNOS, and connectivity platforms. SGP.32 removes the roadblocks accompanying previous eSIM standards by enforcing streamlined interfaces across the eSIM provisioning chain. Legacy standards demanded complex, proprietary integrations between devices, mobile carriers, and eSIM management platforms. This model locked OEMs into vendors during production, required complex custom integrations, and fragmented deployment rollouts. 

Certification delays could further drag out the process and incur additional expenses. 

The standardization of eSIM technology introduces advanced multi-vendor and multi-carrier flexibility. OEMs are no longer limited by their firmware. They can choose the certified eUICC that best suits their application, without worrying about rewriting the logic for each carrier or region. Device deployment can be supported at scale without custom provisioning flows. 

This accelerates time-to-market, encourages greater collaboration, and makes the deployment cycle far more affordable and achievable. 

5. Enhanced security

Security is integral to any IoT enterprise. SGP.32’s security-first architecture ensures that user information isn’t compromised during deployment. By implementing end-to-end encryption, mutual authentication between the device and eIM, and secure key storage in eUICC, SGP.32 safeguards data and confidentiality throughout the provisioning process. 

The Profile State Management Operations (PSMO) are all handled by the eIM. The eIM and the eUICC are securely bound, preventing malware from controlling operations. Profiles are protected against unauthorized access through these robust security measures. They can securely operate even as they switch networks, carriers, and regions, without sacrificing performance or inhibiting growth. 

6. Future-proofed for 5G and IoT innovations

The GSMA SGP.32 standard is a forward-compatible framework built to support the next generation of IoT connectivity models. Through simplifying global scalability, interoperability, and integration, SGP.32 lays the foundation for adaptive technologies that evolve with the hyper-connected world built by IoT. 

GSMA SGP.32 facilitates 5G network slicing, allowing for customized connectivity control for different data types. The lightweight, low-latency communication between the IoT device and the eIM facilitates adaptive, autonomous decisions based on the device’s context, like latency requirements and location. Real-time provisioning allows devices to jump to more favorable network profiles on demand. 

GSMA SGP.32 position eSIM technology to embrace the future of innovation and provide OEMs with the tools to maximize the potential of future 5G connectivity. 

Learn more: 5G and IoT: What It Means for Connectivity

How does SGP.32 impact IoT?

GSMA SGP.32 enables versatile, scalable, and efficient IoT design. Under SGP.32, there are enormous opportunities for imaginative product creation, massive deployment, and global flexibility. eSIMs usher in the next generation of IoT innovation, allowing for massive deployments of autonomous, resource-optimized devices. The IPA and eIM introduce remote profile management, and the simplified infrastructure is built with cloud-native IoT platforms in mind. 

With the freedom to mix carriers, SIM providers, and cloud platforms, IoT OEMs can expand their enterprises without being locked in by the limitations of earlier GSMA standards. Under SGP.32, IoT devices are radically more efficient. They use less energy, less memory, and less data. These standards unlock a brand new landscape for modernized, adaptive IoT technologies. 

The IoT ecosystem is still waiting to see the full impact that eSIMs and remote provisioning will bring. But the implications of these standards are energizing and will undoubtedly shape the near future of internet-connected devices. 

Partner with Zipit and embrace the future of IoT

Zipit Wireless is a pioneer of cutting-edge connectivity solutions for IoT manufacturers. Throughout our history in the industry, we’ve listened to the challenges OEMs encounter and worked diligently to provide groundbreaking resolutions to our clients. Through Zipit, you can avoid negotiating with multiple carriers for global coverage by accessing our extensive network of Tier-1 carrier relationships. We help you manage your application regardless of data requirement, device volume, or network technology. 

Our connectivity and billing management platforms give you crucial operational insight through a single pane. We’ll help you maximize monetization opportunities, fueling data-driven, sustainable growth and accelerating your business’s ROI. Zipit reduces your internal workload while positioning you to scale freely and tap into recurring revenue channels. 

As eSIMs continue to alter the world of IoT devices, Zipit Wireless is here to partner with our clients and offer them cutting-edge connectivity solutions. Contact us to learn more about how we can help your company realize the full potential of GSMA SGP.32. 

You may also like: 

• Automatic vs. Manual Network Selection–Which Is Best for Cellular Devices?
• What is Telecom Billing and How to Choose Software for IoT Devices
• LTE Cat 1 bis: A Comprehensive Guide to Its Benefits and Uses