eSIM security — SGP.22, GSMA, and what actually deploys.
eSIM is the new SIM. The trust model is different: instead of a removable card, the credentials live in an eUICC soldered into the device. Remote SIM Provisioning (RSP) replaces the physical card swap. AmbiSecure ships enano-card applets, RSP integration, and the security review across the stack.
The eUICC trust model
An eUICC is a secure element soldered into the device that runs SIM-equivalent applets. Profiles (operator-specific cellular credentials) are downloaded over-the-air from the operator's SM-DP+ server, signed by GSMA-rooted certificates, and installed into the eUICC under SCP03 secure messaging.
The trust model has three roots:
- EUM (eUICC Manufacturer) root — certifies the eUICC hardware.
- CI (Certificate Issuer) root — GSMA-anchored.
- SM-DP+ root — operator-specific profile server.
Each plays a role in the GSMA SGP.22 / SGP.32 mutual-authentication ceremony before any profile material crosses the air.
What we ship
eUICC OS / applets
Profile-receiving applets compliant with SGP.22 (consumer) / SGP.32 (M2M).
SM-DP+ integration
Reference SM-DP+ client and server-side integration. Profile encoding / signing / verification.
eIM proxy (SGP.32)
For M2M deployments where the device cannot reach SM-DP+ directly.
Security review
End-to-end review of an existing eSIM stack: trust roots, profile download, telemetry, rollback resistance.
eSIM ecosystem connection
The Ambimat Group runs a dedicated eSIM Initiative; eSIM-specific deep technical content lives at esim.ambimat.com. AmbiSecure handles the security half of the stack: eUICC applets, RSP integration, applet personalisation, security review.
Building a connected device with eSIM?
From eUICC selection through SM-DP+ integration to GSMA security review — we ship the security half of the stack.