Our expertise extends across a wide array of interrelated technologies and standards


achelos experts have been part of the industry for decades and shape the technology evolution by actively engaging with the related governing bodies.




In December 2013, the GSMA released version 1.1 of the “Remote Provisioning Architecture for eUICC”, creating the de facto standard for Subscription Management systems. The technology has evolved ever since across segments and its implications are now becoming ever more crucial for all involved participants.

Read more about the history and technical details of the GSMA standards or download our eSIM handbook.


Remote profile management was already defined in GSM under the term OTA (Over-The-Air). It is used by a mobile network operator (MNO) to access and update its profile which is either loaded on SIM (single profile, non-reprogrammable) or eSIM (multi profile, reprogrammable).

In both cases OTA can be used to manage the profile's data files as well as its applications without having a physical connection to the card.

Java Card

The first Java Card was introduced in 1996 and is now widely used as the OS for embedded security tokens across industries such as mobile telecom, banking and health. It's a software technology that allows Java-based applications, so called applets, to be run on smart cards.

These applications give the card issuer the ability to make the devices application specific and to create interoperable applications not bound to a specific manufacturer's smart card product.


Leveraging a hardware secure element, or ‘Root of Trust’, to establish end-to-end, chip-to-cloud security for IoT products and services is a key recommendation of the GSMA IoT Security Guidelines. This requires both the provisioning and use of security credentials that are inside a secure place within the device.

IoT SAFE (IoT SIM Applet For Secure End-to-End Communication) provides a common mechanism to secure IoT data communications using a highly trusted SIM, rather than using proprietary and potentially less trusted hardware secure elements implemented elsewhere within the device.