Industry Overview

GlobalPlatform technology is relevant for authenticated connectivity and Remote SIM provisioning (RSP)

Authenticated connectivity

When a smartphone attempts to connect to a cellular network, both the device and user, known as a subscriber, must be authenticated by the network owner (mobile network operator, or MNO), to gain network access. To achieve this, the MNO initiates an optimized authentication mechanism between the network and the device. On the device, the Subscriber Identity Modules (SIMs) within each phone protect confidential identifying data unique to each subscriber and authentication engine. To protect against unauthorized access, secret keys, algorithms and other sensitive data held on both the SIM card and within a centralized authentication server must be fully secured both while at rest and when data is being exchanged between the two entities Over-the-Air (OTA).  GlobalPlatform has a long history of collaboration with the Smart Card Platform (SCP) technical committee of the European Telecommunications Standards Institute (ETSI), to enable the management of multiple authenticated connectivity profiles to 2G, 3G and 4G cellular networks on one SIM.

Remote SIM provisioning

Besides authenticated connectivity, a new cellular use case is now being standardized by the GSMA: Remote SIM Provisioning (RSP). It has emerged in parallel with the increase in usage of embedded SIMs (eSIMS), particularly in machine-to-machine (M2M) deployments. Despite their name, eSIMs can be either soldered or removable. They are defined by their capability to support secure OTA remote subscription provisioning, as well as updates to the operating system, keys, application and connectivity parameters.

RSP plays a central role in the growth of the Internet of Things (IoT) landscape; it allows network subscriptions to be loaded on demand in M2M devices and enables consumers to choose subscriptions and connect multiple devices seamlessly. RSP allows MNO subscriptions to be securely downloaded to a device dynamically OTA, at any point post-production and when devices are already deployed in the field. It also enables subsequent OTA subscription changes, from one MNO to another – this is especially important in cases of certain connected device types with long lifecycles, such as cars and industrial equipment. From a corporate and consumer perspective, RSP delivers many advantages, including flexibility and greater choice over MNO contracts; open roaming opportunities and increased competition within the marketplace.

RSP is integral to the GSM Association (GSMA)’s Embedded SIM Specification, which provides a standard mechanism for the remote provisioning and management of both M2M and consumer device connections.

GlobalPlatform Technology

The ETSI SCP technical committee is responsible for creating a series of specifications for an interoperable smart card platform. GlobalPlatform Secure Element (SE) technology is firmly embedded within ETSI’s SCP specifications, thanks to over a decade of synchronization between the two bodies on key technology developments such as application management and OTA application download.

The SCP specifications provide the foundational infrastructure for Universal Integrated Circuit Cards (UICCs), which were developed by ETSI in response to requirements outlined by the Third Generation Partnership Project (3GPP); an initiative which unites telecommunications standard development organizations to develop specifications for cellular telecommunications network technologies. UICCs encompass the SIM and offer a multi-application security platform, allowing applications to run in parallel.

GlobalPlatform’s UICC Configuration outlines requirements for implementing GlobalPlatform Specifications on the UICC platform according to ETSI specifications and GSMA’s requirements for third-party application management and contactless application support. It is integral to the estimated 5.3 billion SIMs that comprised the total available market in 2016.

Relevant to both the cellular authenticated connectivity and the RSP use cases, GlobalPlatform technology enables:

Protection:

  • The secure and confidential storage of sensitive keys and data within the SIM/eSIM (a hardware-based tamper-resistant secure element);
  • Encryption of data in transit between the SIM/eSIM and authentication center;
  • The execution and integrity of the network authentication algorithms.

Certification:

  • GlobalPlatform’s functional certification program provides objective evidence that UICCs and eSIMs (eUICCs) are interoperable. This offers reassurance that the end-user experience will be consistent.

Remote management:

  • A secure OTA communication based on HTTPS exchange between the SIM/eSIM and authorized third parties.

GlobalPlatform continues to cooperate closely with ETSI on future 5G technical requirements. As such, the organization’s technology will play a key role in the standardization of the emerging 5G ecosystem.

GlobalPlatform continues to collaborate and contribute to the GSMA’s RSP and eSIM specifications.

Industry Partner Comments

“The GSMA has used GlobalPlatform specifications for key technical aspects in all of its eSIM specifications. In addition, GlobalPlatform’s Certification Program provides the essential compliance infrastructure needed to manage the qualification of eUICC products, as well as the test tools and laboratories that enable this qualification. A core objective of our collaboration with GlobalPlatform is to promote interoperability, stability and flexibility within the eSIM ecosystem. We look forward to continuing our successful partnership in the future.”

- Jean-Christophe Tisseuil - Head of SIM, GSMA
GSMA Jean-Christophe Tisseuil - Head of SIM
Chairman of the ETSI Technical Committee Smart Card Platform (TC SCP) Klaus Vedder
Resources

GlobalPlatform SE Specifications

View

GlobalPlatform UICC Configuration

View

GlobalPlatform Certification

Learn More

Receive the latest news from GlobalPlatform

GlobalPlatform
Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.

GOOGLE CHROME
FIREFOX
MICROSOFT EDGE