Kigen extends GSMA SAS accreditation to unlock eSIM growth in India

Kigen extends GSMA SAS accreditation to unlock eSIM growth in India

Kigen is proud to announce its extension of the SAS-UP accreditation for supporting industrial SIM, multi-profile SIM, and eSIM manufacturing in India under the GSMA standards. Kigen’s data center in Noida, India, is now operational and fully certified to provide SIM/eSIM Data Generation and provisioning services with the highest level of security, functionality, and interoperability in compliance with the GSMA SAS-UP accreditation and operational having processed commercial orders.

Kigen is proud to announce its extension of the SAS-UP accreditation for supporting industrial SIM, multi-profile SIM, and eSIM manufacturing in India under the GSMA standards. Kigen’s data center in Noida, India, is now operational and fully certified to provide SIM/eSIM Data Generation and provisioning services with the highest level of security, functionality, and interoperability in compliance with the GSMA Security Accreditation Service – UICC Production (SAS-UP) accreditation and operational having processed commercial orders.

Kigen now can offer the capability to support world-class, industrial M2M, solderable SIM, multi-profile, eSIM or eUICC production to Indian ecosystem players, EUMs or eSIM Manufacturers, OEMs, and wider digital brands.

This goes a long way to serve the burgeoning demand for secure long-range 3GPP devices across NB-IoT, LTE-M, 2G, 3G, 4G, and 5G technologies in the context of wide-scale IoT and digitalization programs in India, as well as the unequivocal need from consumers to adopt eSIM convenience across connected devices such as smartphones, laptops, tablets, smartwatches, smart speakers, TVs, and more.

All customers can now appreciate the added assurance of Kigen’s GSMA additional SAS-UP certification in Noida, to that of Kigen’s SAS-UP data center in Dublin, and SAS-SM certification in Dublin. With this announcement, customers can now confidently leverage access to Public Key Infrastructure (PKI) management capabilities – essential for Know Your Customer (KYC) requirements, mission-critical for eUICC production, while unlocking scalability, agility, increased capacity and cost savings offered by working with Kigen. 

GSMA-SAS-UP-Certificate-Kigen-Noida-Pvt-Ltd

SAS certification (SAS-UP and SAS-SM)

The GSMA operates a Security Accreditation Scheme (SAS). This is a well-established scheme through which UICC and eUICC manufacturers subject their production sites and processes to a comprehensive security audit. The GSMA has developed the auditing standards, requirements, and methodologies for SAS in collaboration with SIM suppliers and world-class auditing firms. 

Companies wishing to manufacture eUICCs must get their site accredited to SAS-UP (SAS for UICC Production). In contrast, those wishing to carry out remote provisioning or to download needed profiles to eUICCs must get their site SAS-SM (SAS for Subscription Management) accreditation. The GSMA SAS-UP standard defines a comprehensive set of protocols and security measures for securely handling production data, such as certificate management, data generation, and data personalization for Smart Cards (SC) and eUICC-sensitive products.

The schemes are primarily in place to ensure that the highly sensitive MNOs credentials (network keys, profile data) and GSMA certificates for authentic eSIMs are securely and reliably handled by a trusted player. They have components of ISO 27001 to ensure that an ISMS (Information Security Management System) and BCP (Business Continuity Plan) are in place. In addition, they require that all these procedures be operated in a High-Security Area, over a secure network by trained personnel who comply with strict policies across the following security domains:

  • Generation of personalization data for xUICCs 
  • xUICC personalization 
  • Value-added fulfillment of xUICCs 
  • Processing of data for subscription management 
  • Security policy, strategy and documentation
  • Security organization and responsibility
  • Information security
  • Personnel security
  • Physical security
  • Certification and key management
  • Sensitive data management
  • Logistics and production management
  • Computer and network management

GSMA use two independent companies to conduct the audits for SAS-UP, FML and ChaseWaterford. The audit is performed by both auditors and takes a week. 

Who manufactures M2M SIMs or eUICCs?

The EUM – eUICC Manufacturer, is a supplier of the eUICCs and the resident software and is responsible for personalizing the physical eUICC hardware. It is responsible for the initial cryptographic configuration and security architecture of the eUICC. The EUM delivers eUICCs containing a Provisioning Profile and/or one or more Operational Profiles to the Device manufacturer. It also issues eUICC certificates to authenticate and certify the eUICC to other entities (viz., SM-DP, SM-SR, SM-DP+). 

The EUM production site must also be SAS-UP (Security Accreditation Scheme for UICC Production) certified for personalization under the GSMA requirements for secure loading and manufacture of finished eSIMs.

Why embedded SIMs / eSIM growth matters for India? 

Industrial SIM and eSIM growth

India’s potent vision to transform the nation into a digitally empowered society has created a fertile landscape for innovative technologies, including eSIM. This remarkable advancement in cellular technology entered the Indian market with its promise of flexibility and adaptability, replacing physical SIM cards that had long ruled the telecommunication industry. Incorporating an embedded chip within the device, eSIM eliminated the need for physical SIM card slots, leading to more streamlined device designs and a significant paradigm shift in connectivity management.

India’s nationwide program to improve passenger safety through vehicle tracking through a mandate from the Ministry of Road Transport and Highways and digital telematics for insurance of large commercial vehicle fleets from the IRDAI (more here) rely on eSIM-enabled capabilities. 

Further, India’s smart metering market is on the cusp of exponential growth. Smart meters hold the potential for substantial savings. According to industry estimates, India can save Rs 9.5 trillion by investing Rs 1.25 trillion in replacing 250 million conventional meters with smart meters. Smart meters offer a holistic overhaul of the metering landscape, benefiting utilities, consumers, and other stakeholders. They ensure greater operational efficiency for DISCOMs by aligning power procurement with real-time power demand, besides improving the customer value proposition and engagement. 

Smart meters hold the potential for substantial savings. According to industry estimates, India can save Rs 9.5 trillion by investing Rs 1.25 trillion in replacing 250 million conventional meters with smart meters. 

With nationwide availability of LPWAN technologies such as LTE-M and NB-IoT, Indian meter manufacturers are increasingly turning to cellular or adding cellular into the mix of solutions that have traditionally been RF-based. With the security of investment that can leverage a wider technology supplier range and make provisions for higher data capacity, OEMs and utilities demand for eSIM is rising.

Consumer eSIM growth

Early adopters of eSIM technology, such as Apple and Google, who banked on this technology to offer novel solutions over traditional challenges, primed the surge of interest that has followed from Indian consumers for the digital convenience it provides. India’s largest telecom operators, such as Reliance Jio, Airtel, and Vodafone Idea, have all embraced eSIM and are actively offering eSIMs to meet the growing enterprise and consumer expectations. This creates a unique and enviable potential for eSIM technology benefits in India.

India is a standout market on the global stage, with all major telecom operators leading the way in eSIM - Mayank Sharma, Kigen.

The eSIM technology also prominently supports multi-device usage with its capability to be shared across various gadgets, including smartphones, smartwatches, and tablets. Such functionality enhances the flexibility of digital transactions, including cross-device shopping or banking activities. Making a purchase on a tablet or a quick fund transfer through a smartphone has been made feasible with the advent of eSIM technology. Rather than carrying multiple physical SIM cards for each device, the eSIM offers the convenience of a single digital SIM for all devices, thereby promoting seamless digital sharing or switchovers including travel eSIM usage, companion device onboarding, number sharing between smartphone and companion devices.

As a stepping stone for digital literacy in India, eSIM technology fosters an environment of greater inclusivity and accessibility.

eSIM Frameworks in India influencing growth

There are, however, some hurdles along the path, which require eSIM suppliers to design solutions with energy efficiency, overall time and resources consumed in data generation, and management and meet regulatory compliance to the unique set of guidelines set by the Telecoms Regulatory Authority of India. 

Telecom Engineering Center (TEC), a technical body of the Department of Technology (DoT), Recommendations on Security by Design for IoT Manufacturers (March 2023) stipulate that:

For SIM-based devices, the following hardware security provisions are recommended:

  1. UICC/ eUICC enabled IoT device shall reserve minimum 32K of Non-Volatile Memory (NVM)/space for installing Government notified application like disaster management, social welfare, security, health, safety.
  2. Provisions to protect SIM from IMSI catcher should be integrated in SIM for 5G cellular technology security.
  3. For eSIM business in India, the certificate issuer for eSIM Remote Service Provisioning (RSP) must be located in India under GSMA.
  4. In view of the security of IT infrastructure related to eSIM remote service provisioning (SM-DP, SM-SR, and SM-DP+), these IT infrastructures need to be owned by any registered entity with DoT and located within Indian territory.”

This builds on directives from the DoT that the Personalization of SIM Cards and eSIMs, accessing the mobile network of Licensed Telecom Service Providers, shall be mandatorily done within India and that the IT equipment and the data utilized for personalization of e-SIMs shall be within India.

How does Kigen’s SAS-UP Data Center support embedded SIM / eSIM growth in India?

Given the strict regulatory framework in which manufacturers design eSIM products in India or import eSIM product components to serve the needs of the Telecom Operators, having Kigen’s SAS-UP accredited center in Noida is a boost. As a trusted provider and supplier to Telcom operators, EUMs can leverage Kigen’s data and certificate generation capabilities, which combines performance, reliability, and regulatory compliance enhancements in India, as elaborated below.

Kigen’s SAS-UP accreditation and concurrent OS enhancements on eSIM offer customers unique benefits such as:

  • Up to 6x faster data generation, reducing overall carbon emissions and increased capacity.
  • Tuned architecture to support interrupted sessions due to power loss, connection loss, or handling multiple session triggers.
  • Enhanced integration with logistics, manufacturing, and commercial departments of major Indian Telecom Operators for ease of profile download and management.
  • Shortened processing time irrespective of the numerous regions (circles), product inventory variation, and manufacturing setups.

Outside of eSIM, improvements have also been made in the memory management scheme to reduce memory fragmentation after multiple applet/file deletions, benefiting a wider set of products.

Future prospects: Why does unlocking India’s eSIM matter for Kigen?

In electronics manufacturing alone, nearly 12 lakh new jobs have been created as electronics manufacturing reached more than $100 billion in the last 10 years with the ‘Make in India’ program. As India begins its ambitious semiconductor journey towards ‘Atmanirbhar Bharat’, providing electronics component manufacturers, OEMs and semiconductor companies domestic access to key capabilities of GSMA certification will help bolster supply chain for eSIM. As this fundamental technology is a game-changer for digital transformation programs, such enablement is a crucial step towards fortifying the eSIM ecosystem in India. 

“eSIM is a game-changer, and we are committed to the development of a complete eSIM ecosystem in India” – Vincent Korstanje, CEO – Kigen

Welcoming all IoT manufacturers and OEMs

Manufacturers who are integrating cellular connectivity into their products, as well as electronics component manufacturers with a focus on fulfilling the burgeoning demand for eSIM-based products in domestic and export markets, can get started now!