What's new in GSMA SGP.02 Version 4.0
Following its release at the end of February 2019 it's time to take a look at the main additions compared to version 3.2.
As you might expect for a major release there are quite few new things but one clearly stands out.
Since the very beginning of eSIM the concept was highly MNO centric and did not define a role for those that actually own or operate the devices in which eSIMs are embedded. And that's a broad field of interested parties such as manufactures, OEMs, IoT Service Providers or even partner operators. They all are looking for possibilities to not only own the eSIM but to fully control its lifecycle management as well. By adding the role "M2M SP" (M2M Service Provider) GSMA has closed this gap and it's the major focus of this release. In order to accommodate this new role, while at the same time preserving the MNO centric architecture, a new mechanism has been defined called "PLMA" which stands for "Profile Lifecycle Management Authorisation".
A “PLMA” is a combination of identifiers and authorised actions allowing MNOs (that own the profiles) to grant authorisations to M2M SPs in order to perform certain operations, or receive certain notifications, related to their set of profiles. Another added function, in a way quite similar, is "ONC", the "Operator Notification Configuration". This feature allows MNOs to configure for which of their own profiles they want to receive certain notifications when a profile status has changed. The new ES4A interface between MNO and SM-SR has been defined for the specific purpose of configuring M2M SP authorisations and MNO notifications.
Still, this release misses again the mechanism allowing M2M SPs to request the download of MNO profiles to their eSIM devices. The profile download procedure is left exclusively to the MNOs, whom the M2M SP shall request via a process and interfaces, which are outside of the specification scope, in case a new profile shall be downloaded to the eSIM.
Another focus of this release concerns the local capabilities of the eSIM itself. There is now an emergency profile attribute that can be assigned to one of the profiles. The emergency profile complies with regulatory requirements and only provides the capability to make emergency calls and receive calls from an emergency centre. Furthermore an eSIM manufacturer can now provide eSIMs containing a test profile to connect to test equipment but which is not allowed to access a live network. Last not least, in order to enable and disable the test and emergency profiles locally without involvement of SM-SR and SM-DP, the interface ESx between device and eSIM has been introduced.