GCF certification prepares for the next generation of eSIM for Consumer and IoT
- 23 Jun 2025
- Carlos Pedraz
We’re all familiar with the tiny SIM cards in our mobile phones. They provide a reliable, secure way to identify a subscriber, and to authenticate it onto a mobile network. But physical SIMs may soon be on the way out, replaced by embedded SIMs, also referred as ‘eSIMs’ which promise a convenient, cost-efficient alternative. In this article we’ll explain the technology of eSIMs, their likely market impact, and how GCF is contributing to the eSIM ecosystem with a certification program for remote SIM provisioning for eSIM capable devices.
The eSIM advantage
Physical SIM cards have some limitations: they need to be physically inserted into a smartphone or other mobile device when it is first used, and if you change to a different network operator you need to remove and replace a SIM card. These are awkward tasks, and the SIM card can be lost, damaged or just get discarded. More significantly, they can pose a huge challenge for internet of things (IoT) applications, where a mobile device may be installed or managed remotely, and operated with very little, if any, human intervention.
To overcome these and other issues, the GSMA has led the development of global specifications for eSIM, which imply secure, software-based SIM profiles that can be installed and executed over embedded, reusable eUICCs (embedded Universal Integrated Circuit Cards) that are included devices at manufacturing stage.
A SIM profile can be provisioned and updated remotely over the air (OTA). For consumers, eSIM technology can enable them to store multiple profiles on a handset, and easily migrate to a new network.
For IoT applications, using eSIM technology can improve flexibility to adapt an IoT product for use in different countries, or to switch to a different network provider, thus avoiding lock-in and getting the best commercial terms. An eSIM also improves business continuity, as it’s easier to swap to a second, backup profile if there are problems with the main profile or network provider.
Like with any other mobile technology based on 3GPP wireless standards, such as LTE and 5G, network operators need to ensure that the different elements in the eSIM comply with the standards.
In the case of Remote SIM provisioning for Consumer eSIM in devices, this is handled by certification from GCF. In this article we’ll discuss more on eSIM technology and standards, and the role of GCF’s certification in enabling reliable, efficient eSIM rollouts.
All about eSIM
There are three basic types of eSIM, each defined by a different version of the GSMA SGP (SIM Group Specification):
- SGP.01/02 - M2M eSIM. Focus on M2M/IoT use cases, enabling remote management of SIM profiles primarily for automotive and industrial use cases with robust security.
- SGP.21/22 - Consumer eSIM. Focus on consumer devices, primarily smartphones, wearables, tablets and connected PCs.
- SGP.31/32 - IoT eSIM. Evolves eSIM for the IoT ecosystem, targeting specific requirements for connected devices in multiple verticals, such as remote management, while maintaining high compatibility with elements from Consumer eSIM.
M2M eSIM has some limitations: for example, remote switching usually requires ad-hoc integrations between adopters and operators, which can become quite costly. To overcome these limitations, the newer IoT eSIM standard (SGP.31/32) leverages on existing Consumer eSIM capabilities to provide a simpler, easier to manage solution for many IoT applications and introduces a dedicated eSIM architecture to simplify remote provisioning and large-scale IoT management. This new standard simplifies manufacturing, distribution, activation, and operation of IoT devices.
The Consumer and IoT versions of eSIMs share a large common pool of technology and features, which means developments can be re-used and adjusted (see Figure 1). In particular, this means that adopting the newer IoT eSIM technology should be relatively easy, because it has a lot of similarities with Consumer eSIM.
The key differences in IoT eSIM, as compared to the consumer version, are mostly related to two software components:
- There is a new eUICC IoT Manager (eIM), which is a modified component from the consumer eSIM LPA. The eIM triggers profile downloads, and enables, disables and deletes the profiles.
- The IoT profile assistant (IPA) takes on the tasks handled by the local profile assistant (LPA) in a Consumer eSIM. However, the IPA does not need to capture user intent, as this feature has been moved to the eUICC IoT Manager.
In Consumer eSIM, user intervention is required, and devices cannot be remotely updated without a user action. In contrast, IoT eSIM allows remote updates without user interaction, thanks to the eIM.
It is expected that new areas like Mission Critical, Enterprise/B2B solutions and Private Networks will embrace the new SGP.31/SGP.32 IoT eSIM to facilitate the activation and update of SIM Profiles for users in a manager way, without their explicit consent.
Figure 1: GCF Certification scope for Consumer eSIM and IoT eSIM
Expected evolution of eSIM
The advantages of eSIM, particularly its capabilities for remote SIM provisioning (RSP), mean that it is likely to become dominant in many sectors, and that the traditional physical SIM card will disappear. In the consumer market, we expect eSIM to grow to become universally available in smartphones and wearables. Here its space savings compared to physical eSIM, and the ability to improve protection against water and dust by avoiding slots and allowing for improved casing are particularly beneficial. Not only traditional mobile network operators are embracing Consumer eSIM, but also Virtual Network Operators and new players offering eSIM-enabled services, such as flexible, time-limited eSIMs for travel users, are becoming increasingly available in the market.
For the IoT, the impact of eSIM technology will be revolutionary. With remote provisioning and management of eSIMs, there will be substantial savings in the logistics and human intervention needed – leading to big cost savings. In general, wherever there are IoT modules today, it is likely that eSIMs will be an option.
Needless to say, GSMA eSIM specifications only relate to 3GPP cellular standards, such as LTE, LTE-M, 5G NR, 5G NR Reduced Capability (5G RedCap) or NB-IoT. The eSIM specification is not relevant to other wireless protocols that are used in IoT, such as Zigbee, LoRaWAN, Wi-Fi and Bluetooth, as well as proprietary wireless links.
This means that IoT eSIM is likely to have a bigger impact in use cases requiring wireless access across larger areas or where mobility through public areas is essential, such as track and trace, fleet and vehicle management, multi-country developments and agriculture. In contrast, it is less likely to be used in factory or home automation applications that are not typically using 3GPP cellular technologies.
GCF certification for eSIM
Since 2018, GCF has maintained a certification program for remote SIM provisioning of Consumer eSIMs. This is based on the GSMA SGP.23 v2 Test Specification, expected to evolve to v3 during 2025. This is focused on the functionality and interoperability of devices with the remote SIM provisioning system, and is independent from certification of the eUICC hardware element.
There are three key building blocks of eSIM GCF certification:
- Core and test specifications from SDO (GSMA)
- Certification framework in GCF
- Commercially validated test platforms and test labs (RTOs) offering the service
GCF certification for eSIM based on SGP.23-2 can be associated with a complete GCF device certification (connectivity), but can also be ‘standalone’, where only the RSP function is certified. Full certification is used mainly by smartphones, modules and wearables, and requires manufacturer membership at GCF. In contrast, standalone certification is used mainly for laptops or tablets, with connectivity provided with a GCF-certified module.
In 2025, GCF is working to develop a certification program to ensure secure and reliable remote SIM provisioning for IoT eSIM-capable devices, using the GSMA SGP.33-2 test specification, and certification of first devices is expected to start in early 2026.
IoT eSIM is expected to reach mass-market IoT devices in late 2025 or 2026, and has the potential to be a game-changer, completely replacing MFF (soldered) and pluggable SIMs (2FF-4FF) over the years in the IoT space.
GCF is working on IoT eSIM with current and potential new members, including traditional mobile operators evolving Consumer eSIM services to support IoT eSIM, as well as IoT-oriented operators and service providers, and smartcard/security companies supplying eUICC, IPA, eIM and SM-DP+.
eSIM data from GCF
Once a year, GCF publishes data on how many devices it has certified, with detailed breakdowns of device type, technologies used, and more.
The latest version of this Device Technology Trends Report was published in February 2025, and gives us useful insight into the growth of the eSIM market. This was the sixth full year that the certification of RSP for consumer devices at GCF has been possible as part of a device certification or as a standalone certification.
Two trends stand out. Firstly, the report shows that one in every four (24.4%) devices certified by GCF in 2024 has already certified Remote SIM provisioning for Consumer eSIM. This figure has evolved in the first five months of 2025 to reach more than 28% (Figure 2) of all certified devices.
Figure 2: GCF certified products with Remote SIM provisioning for Consumer eSIM, 2020-2025 (2025 data up to June 1st).
Figure 3: GCF certified Smartphones with Remote SIM provisioning for Consumer eSIM, 2020-2025 (2025 data up to June 1st).
In 2024, for the first time, more than half of the GCF certified smartphones (51.7%) are eSIM certified, up from 34.8% in 2023 and less than 15% in 2022 (Figure 3). In the first half of 2025, this percentage has reached more than 56%. Certification of RSP for Consumer eSIM is also supported in more than 70% of all certified wearables since 2022 (Figure 4).
Figure 4: GCF certified product types supporting RSM for eSIM. 2022-2025 (2025 Data up to June 1st).
In total, 142 devices were certified by GCF in 2024 supporting RSP for Consumer eSIM. This compares with 97 devices in 2023, 66 in 2022, and 38 in 2021. Additionally, 54 devices certified compliance of RSP for Consumer eSIM as a standalone feature, most of them being connected PCs / laptops. This is down from 73 in 2023 and 68 in 2022.
Why GCF
GCF has certified over 9000 devices from more than 250 different manufacturers since 1999. In 2024, 90 manufacturers certified 574 devices. GCF certification programmes ensure compliance with global industry standards for connectivity and services. GCF certified products facilitate faster time to market and can avoid unnecessary support costs.
As eSIM technology and standards develop and adapt, the impact on consumer and IoT markets will be massive. Working with GCF enables operators, manufacturers and more to keep ahead of the eSIM transformation, now and in the years ahead.
Author
