With Gartner predicting 6.4 bn mobile devices connected to the IoT or M2M worldwide in 2016, business opportunities for mobile network operators (MNOs) and other service providers are huge and setting up the right infrastructure to cater for this revolution in time to gain market share is crucial.
GoPROVeU! is the subscription management solution from Cairon and achelos addressing in the current version M2M and IoT market.
The growing ecosystem of electronic devices and machines communicating with each other from all corners of the world via mobile networks has prompted the development of the embedded SIM (eSIM or eUICC) technology, which represents the major evolution of the SIM card technology in the last 20 years. SIM cards embedded in M2M devices are able to host multiple provider profiles and offer the owner a greater flexibility of connectivity provider choice. The novelty brought in by embedded SIM technology is the change of ownership. Whereas the removable SIM card is owned by an MNO and provided to the consumer as a subscription token, the eSIM is part of a device and thus is owned by the device owner. Here the MNO merely owns the network access credentials that are loaded to the eUICC over-the-air (OTA) as part of the MNO profile.
The main principles of the GSMA specification design was to maintain the existing SIM ecosystem, including the ordering and activation processes, and compliancy with the industrial standards for SIM cards developed by ETSI and 3GPP. The most important issue was to ensure that the new technology does not compromise mobile network security standards.
As a consequence, the eSIM (also called eUICC) does not differ from the “regular” SIM card from the mobile device interface perspective. The choice of time-proven Global Platform standards for the remote provisioning of subscription data on eUICC, as well as the selection of state-of-the-art algorithms (Elliptic Curves Cryptography, AES) guarantee a high level of security.
GoPROVeU! has been specifically designed to enable the remote management of mobile network operator (MNO) profiles with network access credentials, empowering device owners to make the best possible connectivity choice for their business and M2M devices. In fact, the entire subscription management is managed over the air (OTA).
Cairon and achelos´ GoPROVeU! solution complies with the specifications developed by GSMA and SIMalliance for subscription management, eUICC and interoperable profiles. By loosening the dependencies between eUICC and the eUICC platform, the two institutions are opening the door for independent eUICC and platform providers to grow the adoption of eUICC technology by the M2M market. Cairon and achelos are among the first companies to offer such a comprehensive subscription management solution.
GoPROVeU! is an interoperable solution compatible with eUICC products from various manufacturers. This gives customers a choice of device and provider instead of a closed product ecosystem and allows customers to keep full control of their service. The key to success of subscription management deployments is an open platform that provides an easy and transparent way for all parties to connect: MNO, eUICC manufacturer, device manufacturer and M2M/IoT platform providers. GoPROVeU! can also be easily extended to provide OTA platform features to easily manage eUICC content (Remote File Management and Remote Application Management).
The GoPROVeU! platform performs two roles: profile warehouse (SM-DP) and remote eUICC manager (SM-SR). A close integration of SM-DP with MNO infrastructure and of SM-SR with the M2M Service Delivery Platform or Fleet Management Platform is the key to success for our subscription management services.
The logical components of the Cairon and achelos GoPROVeU! SM-DP and SM-SR are:
Subscription Management-DP performs the following tasks:
Subscription Management-SR performs the following tasks:
In addition, the eUICC owner can register eUICCs via batch file provisioning interface at the SM-SR. Any other type of data exchange can be implemented on demand.
This procedure is outside the SM-DP product scope. The unpersonalized profile is created using external tools and procedures. The SM-DP has an interface to import a profile template (proprietary or compliant with the SIMalliance specification).
The SM-DP by default supports the batch ordering mechanism. A file format for input and output files shall be agreed between MNO and Cairon and achelos. This batch file can be imported via SM-DP GUI or via WS interface. Other types of ordering protocols can be implemented on customer demand.
In addition to the notification mechanisms defined by the GSMA, notification of the eUICC Owner connected to the SM-SR is supported.
This procedure is similar to the Profile Download and Installation defined by GSMA, but can be triggered by the eUICC Owner via SM-SR over ESM2M. Respectively, the eUICC Owner is notified about the results of the operation.
The “initiator” of this procedure is the eUICC Owner and the stakeholder is notified upon successful completion of the Master Delete procedure.
In addition to the GSMA defined procedure, the eUICC owner can also initiate this procedure via ESM2M interface and is notified after successful completion of the Profile Enabling procedure.
In addition to the notification mechanisms defined by GSMA, the notification of the eUICC Owner connected to the SM-SR is supported.
In addition to the GSMA defined procedure, the eUICC owner can also initiate this procedure via ESM2M interface and is notified after the successful completion of the Profile Disabling procedure.
In addition to the GSMA defined procedure, the eUICC owner can also initiate this procedure via the ESM2M interface and is notified after the successful completion of the ISD-P Deletion procedure.
In addition to the notification mechanisms defined by GSMA, the notification of the eUICC Owner connected to the SM-SR is supported
The product supports the secure export and import of database entries with relevant eUICC information defined for the SM-SR change (EIS, Audit Trail, history, etc.). The new SM-SR shall be able to securely receive the data from the old SM-SR and resume the service of the affected eUICC fleet. The transferred data is then securely removed from the database of the old SM-SR.
ECC-based Key Establishment is fully supported as defined by GSMA.
The eUICC Owner sets the fallback attribute via ESM2M interface. The SM-SR notifies the eUICC owner about fallback mechanism activation and deactivation in addition to the notification echanism defined by GSMA.
eUICC certificates are stored in EIS in the SM-SR database and are provided by SM-SR to SM-DP for verification on request.
The POL2 verification mechanism is supported. The Connectivity Provider provisions POL2 values via ES4 interface or via SM-DP.
The product APIs are declared in a language-neutral format and can be mapped to a number of different programming languages and called via HTTP (also known as REST-services) or via SOAP interfaces defined by GSMA as a standard (ESx).”
The M2M market covers a broad spectrum of applications ranging from updating electronic billboards, device tracking, in-vehicle-entertainment and accident prevention mechanisms, smart meter monitoring, and IoT applications such as machine lifecycle management or data transfer between devices. All are using mobile networks and requiring MNOs to facilitate accessibility and flexibility for business customers and consumers in this highly profitable market.
With a growing number of devices fitted with eUICCs, application cases for subscription management technology are manifold:
M2M SP operates a fleet of devices offering a service to business users (e.g., smart meters) with a service availability guarantee for more than 10 years.
Connectivity is included in the M2M service offering and billing for connectivity is transparent to the end user. Connectivity contracts between M2M SP and MNOs are established for a fixed period of time.
Another M2M SP or consumer owns a device purchased from a device manufacturer, OEM, MNO. Connectivity is included in the service to the end user.
Regularity of connectivity provider switch is driven by the application and by the end user profile. Connectivity contracts between M2M SP and MNOs are established for a fixed period of time.
MNO, the device manufacturer or service provider offers a device with a service package to an end user (e.g. tablet). The consumer selects a connectivity provider directly or via service provider to install simultaneously multiple subscriptions on a device.
User drives the choice of connectivity provider. In case a device is subsidised, technical enforcement of contractual policies may be required (device lock).
With the Cairon and achelos GoPROVeU! solution, customer can choose different software to meet the requirements of internal software and IT policies. Cairon and achelos support various software on project basis on the condition of a successful feasibility study.
We are independent and experienced players. Our team consists of experts in security and prevention in various market segments. We are developing innovative technical solutions securing electronic identities. Our customers benefit from our strong knowledge in micro-processor-technology, a powerful product portfolio and the consequent implementation of specifications, as well as additional features to meet customer requirements.