The GSMA introduced SGP.32 to solve these problems. This specification brings remote SIM provisioning to IoT devices that lack user interfaces or operate on constrained networks. It represents a significant step forward for organisations deploying connected devices at scale.
What SGP.32 does differently
SGP.32 is the first remote SIM provisioning architecture built specifically for IoT. Previous specifications served different purposes. The M2M specification (SGP.02) relied heavily on SMS triggers and required complex server integrations. The consumer specification (SGP.22) assumed devices had screens and user interaction.
Neither approach worked well for a smart meter buried underground or a sensor mounted on a wind turbine.
SGP.32 combines the automation strengths of M2M provisioning with the scalable cloud infrastructure of consumer eSIM. It introduces a new component called the eSIM IoT Manager (eIM) that orchestrates profile lifecycle tasks without human intervention.
The specification enables profile downloads, switches, and updates to happen remotely over IP connections. Devices wake up, receive their instructions, and continue operating. No truck rolls. No manual intervention.
Technical advantages for constrained devices
IoT devices face unique constraints that SGP.32 addresses directly.
Smaller profile packages reduce resource demands
The specification introduces lightweight profile templates that require far less data to download compared to traditional operator profiles. For NB-IoT and LTE-M endpoints like smart meters and asset trackers, this means less flash wear, shorter radio sessions, and extended battery life.
IP-based provisioning eliminates SMS dependencies
Older M2M workflows required binary SMS triggers to wake modems for profile operations. SGP.32 removes this step. The eIM pushes profiles over IP when devices wake naturally, cutting SMS fees and reducing idle signalling.
Security builds on proven cryptographic foundations
The specification reuses the mature TLS/DTLS cryptography established in consumer eSIM standards. It adds IoT-specific safeguards including cryptographic authentication for every profile action and hooks for secure-boot attestation. Devices prove their integrity before they communicate with the network.
Operational benefits for deployment teams
Beyond technical improvements, SGP.32 changes how teams manage connectivity across device fleets.
Zero-touch rollouts simplify manufacturing
Bulk profile provisioning allows manufacturers to flash a single firmware and SIM image on the production line. The correct local profile gets injected before or after installation based on destination. Fewer SKUs mean simpler logistics and faster time to market.
Unified compliance reduces audit complexity
SGP.32 reuses consumer-grade SM-DP+ infrastructure. Existing compliance processes and certificate chains carry over. There is no parallel stack to audit.
Built-in resilience prevents service disruptions
Enterprises keep a bootstrap or backup profile resident on the eUICC. If primary coverage degrades, the eIM triggers an automatic fallback. Service restores without field intervention.
Sector applications
Different industries benefit from SGP.32 in specific ways.
Automotive and EV charging
Vehicles and roadside chargers need a single SIM architecture that crosses borders, updates firmware, and complies with local roaming regulations without workshop visits. Lightweight profiles fit in constrained telematics control units. The eIM pushes local profiles the moment a vehicle rolls off a ship or a charger gets installed in a new market. IXT Global SIM provides multi-IMSI fallback while IXT CMP automates profile swaps when coverage or regulations change.
Smart city infrastructure
Street-level sensors for parking, lighting, waste management, and air quality often run on NB-IoT or LTE-M. They sleep for hours to conserve power. SGP.32 removes SMS wake-ups and transmits only a fraction of the profile data, reducing radio time and extending battery life. City IT teams manage thousands of SIMs from a single dashboard and switch operators when a new network wins a public tender. IXT SecureNet keeps sensor traffic off the public internet and helps meet critical infrastructure policies.
Industrial IoT and manufacturing
Factory PLCs, condition-monitoring sensors, and autonomous mobile robots require deterministic uptime and strict security. SGP.32 adds secure-boot attestation so devices prove their integrity before connecting. OEMs ship a single hardware SKU and let the eIM inject local profiles at the destination plant. This simplifies supply chain logistics and keeps warehouses lean.
Migration approach
Organisations transitioning to SGP.32 benefit from a phased approach.
-
Start with new hardware. Enable SGP.32-capable eUICCs in all new devices. Most IoT-grade eUICCs shipped after mid-2024 include the required IoT Profile Assistant (IPA) functions.
-
Run a pilot. Import test devices into IXT CMP to validate eIM calls and establish data usage baselines. This builds operational familiarity before broader rollout.
-
Phase legacy equipment. Schedule profile migrations for endpoints coming off contract or entering scheduled maintenance windows. There is no standardised migration path from older M2M specifications, so legacy devices typically run their existing profiles through end of life.
-
Update operational processes. Align incident response with eIM audit logs. Configure SecureNet tunnels to terminate in the same region as new local profiles.
Frequently asked questions
Does SGP.32 replace consumer eSIM (SGP.22)?
No. SGP.22 remains the standard for smartphones and wearables with user interfaces. SGP.32 targets headless or bandwidth-limited IoT devices. Both specifications coexist on the same SM-DP+ infrastructure.
Does SGP.32 require specialised hardware?
Devices need an eUICC chip that supports the IoT Profile Assistant functions. Most IoT-grade eUICCs manufactured after mid-2024 include this capability. Check module datasheets or contact IXT support to confirm compatibility.
What about iSIM?
SGP.32 works regardless of where the secure element lives. If an MCU or SoC offers an integrated iSIM with GSMA compliance, the same eIM workflows apply.
When will certified solutions be available?
Compliance programmes for IoT eSIMs became ready by end of 2024. Industry analysts project over half of active eSIMs across IoT deployments will comply with SGP.32 by 2028.
Getting started
SGP.32 addresses a genuine gap in IoT connectivity management. It brings the flexibility of remote SIM provisioning to devices that were previously difficult to manage at scale.
For organisations planning new IoT deployments or looking to simplify existing operations, understanding SGP.32 capabilities helps inform hardware selection and connectivity strategy.
Talk to IXT connectivity experts for an SGP.32 readiness review.