This looks like paid Qualcomm PR, for the following reason.
From the article, it looks a lot like Qualcomm trying to coopt the eSIM success now a few years old, by saying the electronics of iSIM are a custom block in their silicon, not a separate small chip.
But it doesn't clarify that others (like Apple obviously) can't realize their eSIMs in their custom SOC, as far as i see.
> Qualcomm says "the new iSIM is fully compliant with the GSMA Remote SIM Provisioning standard; meaning its subscriptions are remotely manageable through any standard platforms." That's the same standard as eSIM, and it's held to all the same security requirements, so theoretically, any carrier that works with eSIM shouldn't see a difference between an eSIM and an iSIM. iSIM is still just a hunk of silicon that needs software provisioning—where the silicon lives shouldn't really matter to your carrier.
> From the article, it looks a lot like Qualcomm trying to coopt the eSIM success now a few years old, by saying the electronics of iSIM are a custom block in their silicon, not a separate small chip.
I haven't gone into the details but certification is a major undertaking. So yes the logical functionality of what goes into an eSIM may be almost identical to that of an iSIM but integrating that same logic into an SoC means a whole new certification process. In particular certification will consider resistance to physical attacks and the hardening employed will be effected by the SoC integration. You need to bury critical nets deep in the metal stack to help defeat probing attacks and add detectors for intrusions. Integrating these across the whole SoC could be a particular challenge so work may required to apply them only across the chip area used by the iSIM. New design work was likely required for the on-chip interfacing between the iSIM and the rest of the SoC, again needing to ensure it complied with certification requirements.
I don't think it's fair to describe this as a mere PR piece. Significant work will have been required by backend engineers to integrate the iSIM so it's suitable for certification plus all the work required to generate the collateral for certification.
Qualcomm haven't created a whole new piece of technology here but this doesn't mean integrating the existing technology wasn't a major amount of work and a milestone worth publicising (especially as it is the first instance of this).
Yeah AFAICT this article is just: Qualcomm is now a certified producer of eSIMs. They put them in the SoC.
Everything else including the term "iSIM" just seems to be marketing cruft?
Perhaps I'm missing some detail but it seems the only people who would have any reason to care about this would be Qualcomm's customers in the mobile OEM space.
Because it's in software, they can legally disable your phone and force you to buy a new phone every 3 year citing "security patches no longer being issued".
Bye bye aftermarket firmware second life !
Because doing that on a phone with a physical SIM does not have a plausible justification.
But with a software-based solution, they can argue that due to the lack of updates your device is now vulnerable and your SIM can be cloned, spoofed and so you should get rid of it.
With a physical SIM those hacks are not possible even if I'm on a 20 yr old dumb-phone, because all the auth logic resides in the SIM itself.
> With a physical SIM those hacks are not possible even if I'm on a 20 yr old dumb-phone, because all the auth logic resides in the SIM itself.
Not nearly all parts of authentication and encryption happen in the SIM, and older generation phones are regularly deprecated (most recently for CDMA in the US and 3G in Germany for example, but also for non-VoLTE-capable devices on some networks in the US).
>most recently for CDMA in the US and 3G in Germany for example, but also for non-VoLTE-capable devices on some networks in the US
This is quickly turning into all networks. I'm seeing a lot more people running into VoLTE issues now in dumbphone and digital wellbeing groups that are picking up old/cheap LTE capable phones to try out the lifestyle. T-Mobile was the last to fold and start whitelisting even in the MVNO space where usually we don't run into problems. There are cheap VoLTE capable phones that are available, but its become an easy way for carriers to thin out older devices from the networks.
They can't do that with physical SIMs, because at least in the EU, there are regulations against that (to regulate stuff like phones and SIMs locked to each other)
By EU law, the vendor of the phone has to provide updates for N year.
There is no such regulation for SIM cards. ( Provided by telco's )
This means the vendor of the phone, not the telco, can simply say "we did our N years of updates", rendering the phone useless as esim requires it in order to function. It's beyond the power of the telco, because it did not provide the esim.
It's not a "SIM lock", it's far more devious.
People whose devices get obsoleted by eSIM won't suddenly drop off the grid - they'll go and buy a new phone, because being on the mobile network is almost a requirement in most of the world these days.
With the above in mind, note that it just so happens that telcos sell mobile devices as well as the service. This means they'll make money on increasing device churn.
Ars Technica says they in fact do paid articles; it's in their funding description at least post Conde Nast acquisition. They might not for car reviews, however.
I've always found that space rather isolated, for whatever reason. We read daily about yet-another-run-js-on-the-backend tool, but rarely see happenings in the mobile world.
I for one would much appreciate anyone taking time to shed light. And as someone who can also say dumb things, I also appreciate being corrected/educated.
Not that either is your job, just listing my feelings as an avid reader.
disclaimer: not sure why it is or was top comment either, but i did work for several years both at Qualcomm on a custom soc block and on extending V8 to use a new architecture, then several years at Apple in hw also. So i do know what you mean, and i do wonder what is up with the article, but presume you similarly know Qualcomm's contentious relation with Apple, historically.
This seems like an inevitability; since eSIMs are already here, and manufacturers are going to be thrilled to have fewer moving parts.
But it’s disappointing all round. I absolutely love how easy it is for me to buy a new phone, swap in my old SIM and I’m instantly using my old number. As painful as transferring everything else is with new phones, at least I easily keep the same number.
With this (and I’d guess with eSIM too) I just have to hope that their process to transfer SIMs work flawlessly. And I have very little confidence in that.
Sidenote: also disappointed this gets published uncritically as if published by the phone manufacturers themselves, celebrating this as a pure positive instead of the trade off it is.
> "But it’s disappointing all round. I absolutely love how easy it is for me to buy a new phone, swap in my old SIM and I’m instantly using my old number."
In theory, with an eSIM it's even easier to swap in your old SIM because you don't have to deal with the physical SIM card. Especially so if you don't have the physical SIM because it's lost or whatever. In my experience it's super frustrating to have to wait for a new SIM to arrive in the mail because you lost it or the old one is faulty!
Some carriers [1] also support "eSIM Quick Transfer" which allows you to swap eSIMs between devices instantly in the phone's carrier settings, with no need to contact the carrier or deal with their website/software.
eSIMs are a massive win when travelling, too. Instantly activate a data plan at cheap local rates in whatever country your travelling to, without having to first get your hands on a physical SIM...
> eSIMs are a massive win when travelling, too. Instantly activate a data plan at cheap local rates in whatever country your travelling to, without having to first get your hands on a physical SIM...
For many years I've owned dual-SIM phones and on many occasions have bought a local SIM a the airport or corner store when travelling for a week or more to countires outside my roaming allowance. This is almost always cheap, usually also easy, but can sometimes be a hassle if it takes a bit of time to track down the SIM.
When I bought my current phone with one physical and one eSIM, I was expecting it to be a huge improvement. The reality so far has been rather different... Twice now I have had to waste a lot of time online shopping around to find an eSIM for the destination country. Most of the international providers are surprisingly expensive (often 10x the cost of a locally bought SIM), have awful websites that look like they were thrown together in a weekend, and they often require you to install their own app to manage the eSIM/account, which is also invariably awful. You're also less likely to have much choice of which network you end up on, which can be a significant issue in less developed countries.
Now that I only have one physical SIM slot and always need it for my home country SIM (my mobile provider doesn't yet even support eSIMs) I regret chosing eSIM over a dual SIM phone. I do expect the situation to improve, but for now at least it still feels like a big step backwards for travel compared to dual SIM.
I was really thinking of being able to grab an eSIM directly for a local network, rather than one of the "global eSIM providers". You'd just grab your eSIM over WiFi when you land rather than seeking out a physical SIM from an airport vendor.
Obviously it's not the reality that these are easily available in all destinations, yet, but should become more so over time.
There's frankly no reason for a local network to make it easy for foreigners to sign up when they can instead get paid 10x as much in roaming fees if the foreigner stays on their home network instead.
Sure there is: competition. Why let your competitor network grab those 10x roaming fees when you can grab the 1x yourself? Last time I was in Thailand, vendors at the airport were practically falling over themselves to sell you their SIM card on their network!
Besides, I doubt roaming fees are all that lucrative considering all the "free global roaming" plans there are now days. Those networks that charge crazy per-MB roaming rates are, presumably, keeping most of it for themselves.
I'm sure that network X would not be offering free roaming on network Y without an agreement in place between carriers that made it free (or, at least, very cheap) to do so.
That very much depends on whether the traffic between the two networks is equal. If it's very asymmetric one side can take advantage of the situation. Also keep in mind that in some locations, free roaming is mandated by law so carriers have no choice but to offer it - in this case visited carriers can take advantage.
It seems like they meant that the existence of free global roaming suggests that roaming fees may not be very lucrative for the visited carrier, and exorbitant roaming rates are mostly to the benefit of the home carrier.
Have you traveled? Mobile vendors at airports and also regular mobile carrier stores will happily sell you an eSIM, not a problem. Scan the QR code and it’s done.
I think you are getting scammed: airport SIMs are way more expensive than actual SIMs you get in town and eSIM you get on an app like Airalo. International providers are obsolete in the age of the eSIM, since you can get a local provider at the click of a button.
eSIMs are still a bit more expensive than physical SIMs you buy in a phone shop far from any airport... but that expense is worth having internet from the second you land.
My only disappointment with this is how hard it is to migrate, but eSIMs work perfectly for travelling.
> airport SIMs are way more expensive than actual SIMs you get in town
That's definitely not true for many of the places I've visited. Additionally, the airport SIM shops are often the only retailers that know how to register/KYC SIM cards with international passports and/or where the staff speaks English.
I have not traveled out of the country since Covid but the last few times I would just enable an international plan on my carriers account. It was not much more than a local sim and I was able to use my number and everything.
Outside Europe? Identity verification is mandatory in the EU and afaik there are very few states that haven't implemented it in local law (the netherlands and croatia, I think).
I haven't bought one in Europe, since I have both registered and anonymous Danish SIMs, and an anonymous British SIM. (They can be bought anonymously in both countries.)
Are you sure it's EU law? I can't find anything on it.
While a local sim is always cheaper than something resold, apps like Nomad make buying a 3-5GB esim in the range of $15-25 super easy. It might cost only $2 for that if you were to buy a local sim in-person, but as long as the cost is not absurd then it's worth the convenience of having internet as soon as the plane lands & while going through the airport without having to rely on the wifi.
I think OP is right to note that this gives more control to operator. Unless telecom regulators make moving around easy, most operators will tie device IMEI to eSIM (calling it security) and make it hard to move.
Also you failed to notice, all the custom ROM world (yes, they do exist to avoid dumping tons of money onto bloatware infested phones) will be left out. The operator in my country providing eSIM needs no root/jailbreak etc.
(Sure iPhone users do not care)
> are a massive win when travelling, too
Most people in the world are usually in the same place. From my experience, these business travellers are usually not just rich but also have tons of roaming/data plans.
> In theory, with an eSIM it's even easier to swap in your old SIM because you don't have to deal with the physical SIM card. Especially so if you don't have the physical SIM because it's lost or whatever. In my experience it's super frustrating to have to wait for a new SIM to arrive in the mail because you lost it or the old one is faulty!
In practice however, they can be a customer hating disaster. Some telcos here even charge like 30EUR to generate a new eSIM code when you swap out phones, others need physical visit of their office for the same actions and third throttle the amount of swaps you can make.
All issues that can be severe from normal users (think of a simple case of dropping a phone and breaking it - how much money and time do you need to spend to make a temporary loaner work?)
It's yet another venue how telcos use enshittening to lock in users.
Yeah, sometimes the telcos have a self-service portal that gives you a new QR code. However, last time I needed it, my telcos service happily returned 500 so I was left without connectivity.
Also, eSIM backup transfers don't work between brands of Android phones (e.g. from Pixel to Samsung and back).
eSIM is good when the carrier does a good job of it, but it's terrible when the carrier does a bad job. There are carriers where any change to eSIM must be called in and you have to talk to a rep, where it takes hours to issue, etc.
Basically we're going back to the USA-style CDMA days where the carrier is in full control of your experience, which worries me.
I agree they're great for the use case of just buying a travel eSIM and activating that.
> There are carriers where any change to eSIM must be called in and you have to talk to a rep, where it takes hours to issue, etc.
There's also now the option to just keep your primary phone number on a cheap plan, and have multiple other eSIMs for data usage. There's no longer the problem with having to contact a carrier to switch data plans if used in this way.
Though, hopefully in time they will improve the experience anyway.
I use Google Fi in the US, which offers (unlimited?) data-only SIMs for no cost in addition to my phone number-associated SIM.
What exactly did eSIM enable here? With dual SIM phones, you can even put one data SIM and one number SIM in a single phone at the same time. Plus it's simple and easy to move either SIM to any other SIM-compatible device at any time.
* Backup service in the event that an attacker gains access to your Google Fi account. A backup eSIM with data service for a year has pricing starting at like $2.
* Fast network access in other countries. As far as I know, Google Fi is a carrier in the United States, and does not include network access in other countries.
* Deprioritized on data? The ability to instantly buy a major carrier eSIM and have the data speeds back.
> * Fast network access in other countries. As far as I know, Google Fi is a carrier in the United States, and does not include network access in other countries.
Google Fi offers network access in over 200 countries.
> In theory, with an eSIM it's even easier to swap in your old SIM because you don't have to deal with the physical SIM card. Especially so if you don't have the physical SIM because it's lost or whatever. In my experience it's super frustrating to have to wait for a new SIM to arrive in the mail because you lost it or the old one is faulty!
"Even easier" until eSIMs become commonplace or the default, and then manufacturers and OS vendors start locking things down. I'm guessing there are few, if any, regulations around eSIMs.
> eSIMs are a massive win when travelling, too. Instantly activate a data plan at cheap local rates in whatever country your travelling to, without having to first get your hands on a physical SIM...
Not without a data connection, you can't. Meanwhile in most of the world you can walk into any bodega and walk out a minute or two later with a SIM that pops into your phone. Hell, in damn near any country you can have a SIM in your phone before you've left the airport.
The push for eSIMs has little to do with "reducing parts counts" or thinner devices, and everything to do with carriers wanting more control over their customers now that they have to unlock people's phones, by law. Right now I can pop a SIM out of a damaged phone, pop it into a new phone. Or buy a temporary plan and swap SIMs when traveling, just by going into any corner market. Even in the US, you can get a SIM damn near anywhere. Supermarkets, convenience stores, bodegas, electronics stores, cell phone shops.
Mark my words, we'll start seeing eSIM transfer fees, locks, policies - all designed to keep people from participating in a free market for cell phone services. Probably mandatory app installation, too - and of course the apps will demand a ton of permissions for things like "fraud prevention", when really they just want to snarf even more of your data.
> "The push for eSIMs has little to do with "reducing parts counts" or thinner devices, and everything to do with carriers wanting more control over their customers"
And yet, it's the phone manufacturers who are pushing eSIMs. Many carriers seem resistant to rolling them out! Why? If anything, it's because the opposite is true: eSIMs make it easier to switch providers, by eroding the barrier of having to first acquire a physical SIM card in order to switch.
> "Mark my words, we'll start seeing eSIM transfer fees, locks, policies - all designed to keep people from participating in a free market for cell phone services."
I think if that were to happen in Europe, we'd quickly see a regulatory response from the EU (if it isn't illegal already).
I think the carriers probably do not like it, as it allows their customers to easily switch service. I also think it could possibly be part of the reason Apple released an eSIM only phone, as it forces the carriers to use eSIMs.
It was really inconvenient to switch to an MVNO or another carrier. You almost always had to order a SIM and wait a week for it to be shipped. Right now, I can activate an eSIM and be using the plan within like 10 minutes. I also am able to continue using my current plan.
In my current setup, I have a plan with primary carrier for my primary number, then a backup data only eSIM with non-expiring data for if I'm SIM swapped or overuse my data plan on my primary plan. I've actually tried and used different MVNOs.
It can be made difficult if you want to keep your number. Years ago I worked for a startup mobile operator. The incumbents didn't like the new threat, and did all sorts of shenanigans to stop growth, things like paying people to object to new cell sites etc. One of these things was releasing ported numbers on the last possible day. So, while you had your new device and SIM card, you didn't yet have your old number. The old operators legally had 30 days to release/transfer the old number, and would wait for 29 days before doing so. You'd be surprised at the amount of contract cancellations this would cause, with the customer thinking it was the new operator being useless. The legislation ended up being changed to a more reasonable timeframe because of this anti-competitive behaviour.
Can't speak for the rest of the world, but in South Africa mobile service providers will let you do eSIMs for things like Apple Watches, but not for anything else.
I think this is because it's common for them to offer "data only" SIMs which have far lower rates than data on a SIM card which can do both data and voice. Typically these data only SIMs are made available just for mobile WiFi hotspots. My suspicion is that not generally offering eSIMs is about protecting this business practice.
I don't know anyone who likes any of the mobile companies here, people just use whoever they feel is the least intolerable.
> Some carriers [1] also support "eSIM Quick Transfer"
See, that's the problem right there: your carrier is the one who enables and allows you to do this. With physical SIM cards, all you need is a thin pointy thing and two fingers - no software, no cloud services, no network connection.
My experience with this was very disappointing. I decided to buy an eSIM at the airport while my friend opted for a physical SIM. He was done in 30 seconds, meanwhile I was struggling to find an open Wi-Fi network since provisioning apparently requires internet access. Then my device took almost 5 minutes "setting up" before I was online. Until an eSIM can be provisioned without internet access I don't see how it's a better experience than a physical SIM.
Great point. I'd love to see eSIMs managed via an open standard over NFC, phone-to-phone or POS-to-phone to "simulate" the transferability of physical SIMs without the tiny piece of plastic.
But until then, I'm avoiding eSIMs entirely. I used to have a CDMA Verizon iPhone back in the day, and every time I switched to or from it (it eventually became my backup phone) I had to call Verizon to beg them to move my number between phones. Slow, annoying, and error-prone: I ended up with no usable phone more than once.
And now a lot of carriers are charging $15-30 "activation fees" in the US every time you set up an eSIM on a phone. No thank you.
Hopefully this will fall under the junk fee act proposed by Biden. Telcos are among the worst offenders and deserve nothing less than corporate euthanasia.
What you have described is an “artist’s impression” diagram but not how it works IRL. Having physical SIM removes the requirement of the entire phone having to be a certified malware proof secure device, which is hard and a bit anti-consumer.
Just imagine how nice things could be if physical SIM also doubled as a trust enclave for all your TFA etc needs that could be easily transferred to a new device, survive through OS reinstalls and so on.
That was kind of tried with public transit/FeliCa but didn’t seem to work. For whatever reasons, even VISA is more comfortable with phone integrated secure element for payment, it seems. Maybe the way it is is less eggs in similar baskets.
It's great if they make it easy but it also gives them lots of control to make things difficult if they want to. With physical SIMs they don't have this option short of blacklisting unknown IMEIs which would cause them a huge support burden.
I like the idea of eSIM but this quick transfer should be mandatory, not an option.
> In theory, with an eSIM it's even easier to swap in your old SIM because you don't have to deal with the physical SIM card.
But dealing with the physical SIM card is the thing that's easy. People already know how to move a physical thing from A to B. Figuring out how to electronically transfer an electronic SIM is necessarily less easy, even if we lived in a fantasy world where operators all cooperated to try to make it as easy as possible to switch to a competitor (heh).
iPhone 13 user in the US here. ESIM's have been both nice and a complete pile of shit. Not a single prepaid service I've tried supports transferring ESIMs between iPhones yet. Instead of just moving a physical SIM between phones I'm stuck in a webchat line for 30-45 minutes waiting for a rep to help move the eSIM. It's especially frustrating when you juggle phones for testing purposes.
Even worse I ran into an issue lately where a carrier I thought about moving too but decided not to accidently ported my number to their service. (in store error). Which left me unable to even dial carrier services, something you can usually do with a SIM still in the phone.
On the plus side, I needed emergency phone service after my phone number was stolen, and I was able to get on public wifi and buy prepaid service with a new prepaid company and register an ESIM in minutes since it was an all new line.
ESIMs have their benefits, but between ESIMs and VoLTE whitelisting it really feels like US carriers are trying to drag us back to the shitty old days of cell service lock-in and carrier phones. None of which usually hurt people with flag ship devices, only people hunting for budget unlocked solutions they can drop any SIM card in and go.
I'm replying to your post since so many replies to you mention their positive/negative experiences but leave out the most important part - what country they've visited.
I feel like this is gearing up to bring back contracts or phone locks, in a way. A family member recently bought an iPhone from the US to a non-US country, without realizing that the US models are eSim-only. They have to change carriers because only the fancy, expensive carriers offer eSim. I would not be surprised if they find other ways to make it harder to install an eSim in a different carriers phone.
Also, another thing I hate about having an eSim is that it sorta forces you to install your carriers app, which for some cheap/mid-tier carriers is an ad-infested mess.
I've travelled with my eSIM and switched carriers domestically. I've also switched phones. Here are some samples of why it doesn't have to be a problem:
- AT&T makes transferring iPhone - to - iPhone trivial; offers to transfer automatically during setup
- Visible provides an example of a simple app that can install an eSIM on your new device without talking to a customer support rep or waiting for something to come in the mail;
- The previous also applies when moving between competitors - means one can switch carriers in an hour from your living room
- Traveling to Greece with the Airalo eSIM app was trivial to set up (open app, search country, pick data package) and while I'm sure I paid more than I could've if I'd found a local physical SIM, I was able to set it up before leaving the US so it worked instantly the moment we landed, and the app made it easy to track data usage and reload if needed without phone calls or local apps.
With eSIM when I buy a new phone I just open my provider’s app on my old phone and request a new SIM, then scan a QR code on the new phone and bam my new phone is setup using the same phone number.
You can have multiple eSIMs on the device and activate them when you need… for example travel SIM, or a SIM for your home country, etc. It’s way more convenient than physical SIM cards.
You can have multiple physical SIMs with any reasonable phone as well. It's only the handful of US flagship phones that removed that support (just as they removed headphone jacks or microSD slots)
SIM cards were never swappable for me. They were locked to a phone. Changing to a new handset meant going to the carriers store or having them ship me one. I welcome the ease of portability that eSIM brings.
In France, (many/all?) phones bought from the carriers (with a subscription with some time commitment) were (are?) simlocked, meaning that they could only accept SIMs from these carriers. But carriers are also forced by law to let you sim-unlock your phone for free after a few months. So yes, pretty seamless and common indeed. Everybody expects to be able to switch carriers and keep their phones.
Not an inherently American perspective. I've been able to swap SIM cards between devices in the US using both large and small carriers since the 90s in the US.
In France for example SIM cards where a thing since cellphones exist, however I've lived in Japan and US in the 2000s and in both countries there was no SIM, you had to go through your carrier to change phones and they would setup your phone in the shop.
I'm on docomo and I only have a SIM from them, I brought my own iPhone from abroad. When I turned my iPhone in to Bic Camera to have the display swapped, I could just swap my SIM into a spare old phone quickly and it worked seamlessly.
Oh that's good, I went into one of their branches and they told me it wasn't possible and I'd have to buy a phone from them. Probably just pushy salespeople trying to meet quota.
International plans are less expensive than they were in the past, and usually, with decent carriers, they can be enabled and disabled on demand from their customer app.
Conversely, eSIM has the advantage that a thief can't simply remove the SIM after stealing your phone.
If I understand it correctly, it's not possible to switch esim to another phone in two scenarious:
- dead battery in the current esim holder phone
- no internet
- crashed or somehow broken esim holder phone
The worst thing is that it probably won't be even possible to buy anything since banks tend to tie 2nd payment factor to phone (notifications) or sms. Complete lock up is very possible.
That is incorrect.
Carriers hold the provisioning power on the esim. They can easily send you a new QR code after invalidating the previous esim in the dead or stolen phone. It’s literally a procedure that takes a few seconds. Many providers here in Europe already have automated web based interfaces in place for that, or a dedicated customer support pathway/process.
Some are trying to turn this into a paid-for service and that’s of course not acceptable.
The scenarios you describe are all taken into account. It’s much more of a hassle to deal with physical sims in the scenario of a destroyed, stolen or lost phone.
In terms of privacy nothing changes. Most country require a full scale ID procedure to emit and assign a sim. That’s the same for esims and physical sims.
What changes for carriers right now is that they have to recoup the investment on the esim management infrastructure and that’s why, at least initially, the friction will come from having to pay for esim-related services that should be free.
While in some cases you need to transfer the eSIM, you can also just as easily provision a new eSIM - ex. on Visible, you'd just download the app to your new phone, sign in, and tap install eSIM button.
> Now we are back at the cellphone is the SIM card.
No, because the eSIM provisioning process, as well as eSIM profiles themselves, are standardized, down to how the activation code is represented in a QR code.
SIM-less CDMA phone provisioning was never that flexible, as far as I know.
Of course, providers can make this as easy or hard as they want to (e.g. by not allowing the reuse of activation codes, tying activation codes to an IMEI, having an allowlist of supported phone models despite eSIM being a standard etc.), but they can already do much of that for physical SIMs as well.
Can anyone explain why eSIM was the stopgap solution and we didn't go straight from physical SIM to iSIM? What special requirements does a SIM card have that it was easier to put it on a seperate chip? Now that we've moved to iSIM, does this remove the artificial limitation on the number of SIMs a phone can support? Can I buy a phone in 2030 and load it up with 50 different PAYG SIM cards?
SIMs are smartcards - separate systems storing cryptographic material and performing trusted operations. A TPM that can be plugged and unplugged, basically, using the same standards as a chip-and-pin credit card.
Equivalent keystores haven't been available built in to cell phones until the last few years.
TrustZone and Secure Element have been available for quite some time now. I think this problem is more because carriers/users don't want to give up control to software companies than it's about lacking hardware.
What apple calls Secure Element is a separate chip that essentially is an eSIM with NFC interface (or in other words, smart card MCU with larger memory and more IO). Apple's implementation of what TrustZone is supposed to solve is called Secure Enclave and also involves separate CPU core (inside the application SoC) that is isolated from the application cores by how the hierarchy of various buses on the chip is structured.
I assume that there are two reasons why it is done this way instead of software/weird-CPU-state solutions (like TrustZone): this construction is easier to reason about and at least in the Secure Element case easier to certify to the requirements of card issuers (as it is essentially standard off-the-shelf secure MCU).
I agree that a separate secure chip is a superior option to TrustZone. However, if TrustZone is good enough for authorising bank transfers, it's also good enough for me.
Security chips have also had their vulnerabilities over the years, through power injection attacks or similar, that allow cloning just like bypassing the security of TrustZone would. The attack may be harder to pull off, but nothing is unhackable.
TrustZone is iffy security-wise, and built-in SEs have only been available for iPhones and the highest-end quarter or so of Android phones until recently.
TrustZone is a technology building block, not a complete implementation. You couldn't simply run a SIM on TrustZone, but you probably can use it to implement an eSIM execution environment, which seems to be what Qualcomm is actually doing here.
With the continued development of specex attacks, having those features in a separate ___domain reduces the attack surface some, compared to sharing a core with attacker controlled code.
As I understand, the SIM is designed by special trusted companies, with special security requirements. It's easier to meet those requirements when the SIM is a separate chip that the company making them have full control over.
When you integrate it in the SoC, some of those requirements (tamper protection) will apply to the whole SoC, and you have to integrate the SIM module on the SoC without the company designing it, or the company manufacturing it, having the ability to compromise its security.
I'm guessing it has just taken time hash out the procedure for integrating the iSIM.
You don't need the tamper protections to apply to the whole SoC, you just need the trusted element (TPM, SE, whatever you call it) to be physically isolated from the rest of the system and include tamper protections.
Well the first eSIM devices where smartwatches(Gear S2) and they used the lower powered SOC and the core design was from previously used smartphone SOC. Physical SIM cards where hard to package into a smartwatch, hence the introduction of eSIM. Also smartwatches have much lower profit margin, hence the reason they use older process node and no one wanted spend money on integrating it into SOC when they can use an older smartphone SOC design.
My guess is that the French SIM companies put all kind of artificial limitations on esim so they could keep their marketshare and continue earning money on licensing and patents
It's not only french companies producing them and the entities who are involved in pushing SIM replacements aren't as interested in mundane things such as marketshare, money etc. as you might think.
We are discussing two completely different issues :)
If you ever worked in telecom, you know for the fact that the SIM companies have sabotaged and vetoed every attempt to get a sane eSIM or SIM-free standard.
And nothing against the French :) , it just happens that the two largest and most agreesive companies in this area have French connections (Thales and Gemalto)
>If you ever worked in telecom, you know for the fact that the SIM companies have sabotaged and vetoed every attempt to get a sane eSIM or SIM-free standard.
Care to link me to any credible/juicy article where I can actually read on this?
No denial from my side there, but regarding the other point: what else do those two have in common with each other ?
Sometimes things really are what they look like.
-it is more cumbersome to replace phones, as you have to move identities from phone to phone and get approvals by carriers and device makers instead of just replacing the physical SIM
-you can't just hand over your phone to someone else, you have to unroll yourself and enroll the other person
-you don't have anonymity and privacy since is no longer possible to use a prepaid physical SIM
And what are the advantages? Cost savings of maybe $1 for a pohone that costs over $1000?
> it is more cumbersome to replace phones, as you have to move identities from phone to phone and get approvals by carriers and device makers instead of just replacing the physical SIM
That really depends on the carrier. In my case, setting up a new iPhone to replace an old one means saying yes in the prompt displayed by the phone. Nothing else. This is more convenient than having to search for the SIM removal tool.
> -you can't just hand over your phone to someone else, you have to unroll yourself and enroll the other person
For me this is a big feature because I would never hand my phone to somebody else, but an attacker is very likely to remove the SIM card and put it into their phone. Now suddenly many 2FA accounts are protected by a 4 digit PIN rather than my 20 digit phone passphrase.
> -you don't have anonymity and privacy since is no longer possible to use a prepaid physical SIM
It works exactly the same way as it did with physical SIM cards only the physical card is replaced by a QR code displayed on a screen or a printed paper. If the carrier sells anonymous prepaid SIM cards, nothing prevents them from selling anonymous prepaid QR codes.
Two years ago I made a QR code for a local bar so a visitor could just scan it to join the news group.
One night I helped a girl to scan that QR code, because she said what scanning QR-codes never works on her phone. Turns out you need to go to the settings and check some options to allow a built-in camera to process QR codes. I think it was some premium Samsung Galaxy S20-something. *shrug_emoji*
That's the point. Now, suddenly carrier has more powers than they should. Having a standard where consumer is in charge is much more desirable than the other way around.
> This is more convenient than having to search for the SIM removal tool.
Then let the manufacturer know that a SIM tray without the need of SIM removal tool is your preference.
you scan the QR code with your android phone. That will cause your existing phone to be unregistered.
What eSIM does is turn the physical smart card into a QR code which can be shown on a screen in addition to being printed on a piece of physical paper.
Coming from the original point of view that "we don't need these physical cards anymore" .. You actually make some really solid points. Specifically the ability to resell your phone conveniently.
Imagine having to agree on a sale and then waiting for the changeover process to complete. Which knowing certain phone carriers would take at least 24 hours.
Wasn't one of the benefits of a smart card model was having a totally isolated chip that could run minimal software and provide a limited surface for attack? If you add everything to the same chip then doesn't this reduce the advantages of having that separate smart card (together with it's anti-tampering design)? We're also supposed to trust Qualcomm that this is secure... Sounds totally legit.
SIM cards aren't perfect but I feel like there is a benefit to them. Especially since they use the same tech as credit card chips, don't they (universal integrated circuit cards.) It's hard for me to want to trust this as much as a platform used by literally every consumer payment bank and carrier out there vs Qualcomms priority spec. I think anyone who does secure communication already doesn't want to touch Qualcomm products because you can't audit their designs. Unfortunately, that's usually what is shipped as the baseband modem in most phones... A single company making one of the most important communication products... Nope, no problem there...
I don't necessarily know how eSIMs or iSIMs are supposed to work, just throwing out some ideas here discussing how they could be implemented.
Just because a device is on the same package or die doesn't mean all features need to be exposed to everything else on that package or die. Imagine if you just took the design for a regular SIM card, and then essentially just directly connected it on the package or on the die. Its still the same interface, but instead of it being a separate package connecting to pins on a board that connect to other pins on a board and then to the SoC its just all in the same plastic package. Then go from instead of wiring it in the plastic package, you're not wiring it on the die itself.
Now, of course, this obviously isn't how these things work, since they can load cryptographic material from things like QR codes and apps. While older SIMs were mostly read only (usually a small amount of user memory like address book stuff and what not) these newer eSIMs and iSIMs allow for provisioning in the field. This does bring some attack surface to them, but once again these kind of interfaces could be locked down. It doesn't necessarily need to share logic with the main CPU or have its memory in system RAM, it can still hold all its cryptographic secrets in its own private non-accessible memory and do its functions with its own logic designs. The provisioning step is still potentially attackable, but if designed right its secret storage and management can still be highly isolated to the main processors in the same way older SIMs were.
I haven't worked on iSIM myself, but I have colleagues that work on integrating iSIM onto an SoC.
The procedure around integrating an iSIM into an SoC is ridiculously strict. The integration and simulation has to happen on a workstation in a special room, not connected to the rest of the network, with camera surveillance, etc.
> We're also supposed to trust Qualcomm that this is secure
I don't know if Qualcomm can do things differently. I don't know if they can design the iSIM themselves instead of integrating from a trusted third party. But I doubt that the security requirement is any less strict. Telecom operators seem to be extremely paranoid about this stuff.
Essentially, it seems like it's not that much different from eSIM, you're just putting a similar kind of trusted module on the SoC instead of on the PCB.
> together with it's anti-tampering design
I'd be very surprised if iSIM and the whole Qualcomm SoC isn't designed with anti-tampering mechanisms. Seems like anti-tampering is becoming a general requirement for SoCs (with upgradable firmware and root-of-trust) being designed now.
Oh well I guess I should plan on stopping the usage of smartphones in a few years and start calling my congressman and lobbying to have laws that allow me to function in society without a smartphone.
I hated eSIMs but at least I could solder them off like bluetooth,gps or even wifi sometimes for some devices like the kindle paper (I just upload books to it with USB).
I know there is market demand for laptops with hardware key switches and that are pro-privacy but how big or competitive is it?
I want to make disconnected versions of products. From TVs to appliances, home automation, camera systems and smart phones (of course not on my own lol). I call this vision of products "smarter technology", because my goal is not to reduce functionality or features but to engineer products in a smarter way that does not require internet connectivity (but in some cases a hardware switch can enable network/radio connectivity. I am desparately searching for products like this these days.
An IP camera that is effectively PoE powered but acts like a webcam for your desktop when you set it up that way or with a mini-dvr that will stream it locally via wifi/ethernet or optionally through a paid cloud subscription (profit $$$). I want that.
A car with a hardware button to turn off connectivity features but also has all the cool modern car features that don't need network connectivity and a fully manual driving mode with optionally replacable batteries (replace them in seconds instead of wait in a queue and charge after an hour)
A TV where you can remove the builtin computer and it can still display hdmi,displayport,etc... and you can reprogram it as you wish.
A phone that can only make calls and stream display input via BLE or other radio from an optional computer that it can physically get attached to, but you can also take this optional computer with you and connect it to a wireless dock to use it as a desktop or laptop or to interface/manage your home automation and security.
I would prefer to donate to someone else to get them to do all this but if the market is strong enough, I don't mind making a lot of money doing it myself either.
eSIMs are less convenient and less flexible than regular SIM cards - will iSIMs be any different?
How many iSIMs will a phone support? Will they support dual iSIMs or triple iSIMs so I can use one mobile number for work, another for my personal life and a third to use when I'm travelling overseas and want to avoid expensive roaming charges?
I’m not sure what you’re talking about. I know people who traveled for months, and they have half a dozen eSIMs on their phone. When they enter one of those countries, they just toggle the sim to active and it’s good to go. They do this all the while having a USA physical sim as well. This on iPhone btw.
Okay but how do you get local prices if there is no local eSIM? The best you can hope for is a travel SIM which may be multiple times more expensive than a local SIM.
If you can’t find one then i guess you can’t get local prices, but I’ve never had a problem getting an esim, including in Albania and Turkey. You just go to the a carrier store and you ask, scan a QR code, and you’re done. Most of the time the big cities that you would arrive in anyways will have them.
Which is awesome, but it also means that dual-sim capabilities is completely software based. In 10-20 years, could this be part of a subscribption, or be disabled by certain carriers who don't want you to use a cheaper data plan along with their sim?
Dual-SIM phones were the hot shit for years when phones were beginning to take off. I remember some weird adapters that cycled through SIMs when the phone was restarted and all kinds of other hacks.
I mean, all top end Samsungs are proper dual SIM phones still(they take two physical Sims). #1 reason why I'm still buying them and not any other brand. iPhones also support dual SIM but only with one physical card and one eSIM.
Also not top end ones. Example, the Samsung A40, a mid range sub 300 EUR phone. There is plenty of space for SIMs in nowadays' ridiculously sized phones.
You don't even need Dual-SIM phones, contemporary SIM can contain various numbers/administrations. Both with and without hackery involved. It's just that the carriers don't want it / block it.
This is also why many of them outright refuse to sell phones with dual SIM capability.
> This is also why many of them outright refuse to sell phones with dual SIM capability.
At least here in the EU, carriers don't follow typical US customs any more... a series of court verdicts following the 2005 commerce directive has all but eliminated SIM locking and other hostile practices by carriers, the worst you (unfortunately) still get is bloatware.
eSIMs are more convenient - few days ago I changed carriers, and it was done just on the phone - I didn't have to go to physical store, I didn't had to wait for the SIM card to arrive by mail.
The only issue I can see is that I can't take that card out and put it in a USB modem to use in my router. But I have seperate SIM for that, that has cheaper data plan than my ordinary phone.
In all of the interactions I've had, eSIM works without issue and right away. Most of the times I've needed a physical SIM card I've had to wait for it to be mailed or plan a trip to a physical store, or the old one is the wrong size and I need a new one or an adapter.
I can swap sims in about 30 seconds. With eSim I need to ask my carrier for a new eSim registration code to be generated which takes 48 hours. It's insane and I have no idea why we agreed to this standard.
Sounds like an issue with your carrier rather than the eSIM standard. I recently went to Europe and was able to buy a cheap data eSIM (1GB for £2) and activate it in the airport basically instantly.
With SIMs I would have had to order it through the post like a week in advance, and there's no way I would have gotten that price.
I swap SIMs every couple of years, so a delay of 48h is well within the scope of planning for such an event. Additionally, I happened to do an eSIM swap today and it took about an hour.
For some use cases it's more convenient than a physical card, for some use cases (or implementations) it's less convenient. That doesn't make it insane.
- there are far less providers that support eSIM and the ones that do generally charge more than providers that also support a standard SIM
- it’s often not possible to create a new account using an eSIM. I’ve had to buy a physical SIM and then go through a complicated transfer process and have to either wait on hold for a long time or go into a store to swap over to an eSIM with two different providers.
Most physical SIM cards these days come as a 3-in-1 that fits standard, micro and nano sizes so the size incompatibility issues seem to be mostly fixed in my country at least.
If you can find a corporate AT&T store in your local area, they should be able to help you. The franchise stores weren’t able to do this last time I dealt with this.
Well just call any at&t store near you and ask them if they have eSIM and don't use their online chat for it. I had at&t eSIM on a Pixel not bought from them.
All the sims I have ever received(US) come as a credit card sized item(looks like a smart card) and you break out the size you need. (sim, mini sim, micro sim)
When can I provision my own eSIM/iSIMs? GSMA has a massive monopoly on the market preventing me from being able to provision my own SIM applications into the iSIM/eSIM because they have a certificate chain you must follow.
I'm working with private LTE networks at such small scale that I need to provision eSIMs for a handful of users and literally no eSIM provider that's been GSMA blessed will work with us.
It's a physical storage about the carrier. as far as i understand it's more convenient for carriers to onboard clients and also for users in general if a phone dies for example you can swap it into another.
There are CDMA enabled phones that do not need a SIM card but they're a pain to transfer to another carrier. At least today.
That applies to a physical SIM card, but why is it needed for some eSIM/iSIM that can't be physically separated from the device? At that point it should be done entirely in software.
but who is it secured from tampering, and secured to protect whom? The carriers? the customer? the NSA? Qualcomm? for encryption? for signing? ID/auth? "auth" of the above?
Something I don't understand: why eSIM or iSIM have to be hardware, why can't it be pure software, some credentials stored on the storage of the phone?
That's why I think too. We have secure enclave and all that for anything cryptographically secure and isolated. Just interface with that for the keystore/signing and have everything in software.
A possible attack vector? Perhaps if something's not coded correctly... which can easily be fixed with software update.
I'm sure there's more into this of course, but that should be the general motivation.
I don't see why this needs to be dedicated silicon at all...
Why not simply a Trustzone-like sandbox for all the code and data necessary for the sim?
Then the actual processing is done on the main application processor, and there is no physical device at all.
I assume carriers would want the user not to be able to inspect or extract the internals of the sim (logic, keys, etc), but most platforms already provide some way to do that for other purposes (DRM, secure boot).
So if the iSIM goes bad or stops functioning. Instead of replacing the SIM or eSIM chip. Now you have to replace the entire SoC because of one faulty component.
Good for phone designers (as mentioned, more space for other components). Amazing for phone manufacturers because it pushes more units when a device goes bad.
Bad for consumers because repairability is significantly reduced. Terrible for the environment.
It is an extremely simple chip and right now it is integrated into the motherboard of any phone. This would make sense if the eSim component was an easily swappable element, which it isn't.
Sorry but this critique holds no water. I would even add that, if anything, eSims and iSIMs would probably lower the environmental impact of Sim Cards, which are physical pieces of plastic that are produced (with CO-2 emissions) and shipped (with CO-2 emissions), and also contribute to plastic pollution, as they get shipped in credit-card sized plastic holders that are mostly trash as soon as you get a minuscule nano-SIM out of them.
Are you aware of any phone (released in the last 10-15 years) where it was possible to exchange faulty components, soldered onto a PCB, in the first place?
Man, what I as a consumer wants is to be able to have multiple cell phones on the same number... just like I used to have with a landline. This isim is just esim, except on the soc. And before anyone says just use google voice... no I don't want to use google. I don't want to deal with google. I don't want an abstraction.
Is this not offered by US carriers? In Germany I remember it being pretty common.
All phones on one "line" will ring at the same time, but only one will receive incoming texts, unfortunately, due to how SMS is implemented at the network level.
Not in the US, except someone in the thread mentioned ATT has a carrier specific feature... which is interesting, but it's not universal.
You mentioned SMS... it's also annoying that RCS doesn't seem to support multiple clients/syncing of texts/voicemail/phone. I mean, you spent all that time developing/deploying the "next-gen" SMS and then just drop the ball.
Does iSIM allow having multiple iSIM accounts loaded on a phone? For someone who travels a lot a great feature of eSIM is that I can load several accounts onto one device and then select which eSIM I need based on where I am for business. If iSIM doesn't allow this then it's a massive step backward.
I'll see this as a good move only if it can be fully supported by FOSS operating systems, otherwise it becomes just another tool to lock in users to closed platforms.
I get all the objections, but — eSIM is extremely convenient for traveling, when you just want data in another country. You can have many of them stored in your phone and activate them as needed if you travel a lot. You also get dual-SIM on most devices so you don't have to carry a second phone for your domestic number.
I'd never replace my actual SIM with one though. I can't bring myself to trust software this much.
I do the opposite. eSim for my primary sim. And then the sim for travelling sims, as not all countries or not all providers in those countries have esims. And if they do then esim it is. Otherwise the free sim slot is available for a physical sim.
All these software-that's-easier-in-hardware things Just Work™ until they don't. Bluetooth also works 99% of the time, the remaining 1% makes you want to yeet the damn thing at a wall in frustration. That's why I have trust issues with this stuff.
Reads like a PR move tbh. Anyway I don't like this push for eSIMs/virtual SIMs. I like to cycle my SIM and phone number every couple of years to refresh and an added bonus of this is to refine my rolodex of contacts and rekindle contact with some lesser-maintained relationships. Makes my life a little better whenever I refresh.
It looks like this is going to happen eventually, especially since eSIMs are already available and manufacturers will likely appreciate having fewer components to deal with.
I don’t see much real difference to an end user between an eSIM and an “iSIM.” iSIM seems to me just to be Qualcomm’s name for their own eSIM solution that will come in the same package as their SoCs. There may be an extremely small power-savings to be had, but that’s probably easily overwhelmed by other aspects of the phone hardware and software.
From the article, it looks a lot like Qualcomm trying to coopt the eSIM success now a few years old, by saying the electronics of iSIM are a custom block in their silicon, not a separate small chip.
But it doesn't clarify that others (like Apple obviously) can't realize their eSIMs in their custom SOC, as far as i see.
> Qualcomm says "the new iSIM is fully compliant with the GSMA Remote SIM Provisioning standard; meaning its subscriptions are remotely manageable through any standard platforms." That's the same standard as eSIM, and it's held to all the same security requirements, so theoretically, any carrier that works with eSIM shouldn't see a difference between an eSIM and an iSIM. iSIM is still just a hunk of silicon that needs software provisioning—where the silicon lives shouldn't really matter to your carrier.