By: Chris Jahr

The expansion of 5G networks is expected to enable an explosion of new IoT devices that require mobile network authentication. Currently, cellular network authentication happens via SIM technology, which itself is undergoing a transformation from physical SIM cards to digital eSIMs.

Regardless of the form factor, however, the reality is that the SIM industry is not set up to scale to meet the explosion in volumes expected, especially the needs of an ever-growing number of companies in the IoT market that will require smaller quantities of eSIMs.

Let’s explore the genesis of this impending eSIM crunch and what alternatives might exist for enterprises, IoT platform providers, and IoT device makers.

IoT Market Fragmentation Hinders Adoption

For years now, IoT pervasiveness has been heralded as “just around the corner.” Somehow, however, that corner seems to stay at the same distance ahead.  One reason is that today’s IoT market fragments in multiple directions, with a major dividing line being the ways in which IoT devices communicate.

Today many connected devices communicate over Ethernet, Wi-Fi, and other local-area networks including Zigbee, Z-Wave, Bluetooth, Thread, and Matter. IoT devices using these communication avenues include smart light switches, HVAC systems, security systems, watering systems, and various smart home products.

The most common network, Wi-Fi, poses several limitations, especially for industrial use. To overcome these limitations, more companies are investing in 5G cellular private networks and deploying remote connected devices such as water and gas meters and street lights, as well as connected scooters, eBikes, and cars. As demand for private cellular networks and remote IoT devices grows, so does the need for 5G connectivity, which in turn pushes demand for SIMs.

From a carrier’s perspective, IoT devices’ cellular communications volume and transmission frequencies fall along a spectrum. At one end is streaming data, such as with always-on security applications. At the other end are devices that send little snippets of data at programmed intervals, such as smart gas meters that report consumption hourly or daily.

The spectrum ranges trigger significant implications for carriers’ calculations of ARPU (average revenue per user). For example, a remote video security camera using a 5G modem requires a high-volume data plan, which might provide a carrier with $25 plus per month in subscription fees. The IoT device transmitting occasional data snippets might generate as little as 50 cents a month in revenues, which is too little to merit much attention from the carriers. Carriers’ business models require that they focus primarily on the major cellular users — the big spenders — rather than the more modest users.

Lack of eSIM Automation Creates Bottlenecks

A similar attention differential is at work in the eSIM market.

First, a bit of background on the Subscriber Identity Module (SIM) market. A SIM chip — technically a UICC, or Universal Integrated Circuit Card — is a specialized security device with a microprocessor, memory and I/O functionality. Together with the carrier-specific information stored on it, the SIM contains a unique identifier linked to a specific user account, allowing the device to securely access the cellular network. The purpose of the SIM is to authenticate a device to the network to ensure that cellular resources consumed by the device are associated with an actual subscriber that is paying for them.

SIMs have been part of mobile telephony since the deployment of the first GSM mobile networks, starting in 1991. The electronic SIM, or eSIM, is a digital version of the physical SIM card; the UICC is now embedded in the device itself. Any IoT device that connects to a cellular network needs SIM technology. And that’s where problems begin.

Since the early days of physical SIM cards, the expertise and processes for designing, developing and deploying SIMs — including receiving mobile network operators’ secure authentication keys, International Mobile Subscriber Identities (IMSIs), and other files to create profiles and generate individual, secure SIM contents — have rested with a small handful of SIM vendors. These SIM vendors, located in Europe, Asia or Brazil, also control the generation and deployment of digital eSIMs. (There are also a number of SIM vendors in China and India, but they mostly serve their local markets, operating much as the European vendors do.)

The GSMA, a trade association that represents the interests of the global wireless carrier community, estimates that the number of companies creating eSIMs is limited to fewer than 20 in all, with three of them having a combined market share in excess of 70 percent. Accompanying the limited number of SIM vendors is a serious shortage of SIM expertise. Creating SIM profiles, especially, is a highly complex endeavor requiring very specialized expertise. It’s estimated that worldwide, only about 2,000 or 2,500 individuals can be considered SIM experts. In North America, as few as 150 people possess the expertise needed to create profiles and generate SIMs.