What is an eSIM for IoT?

An  eSIM (embedded SIM) is a reprogrammable SIM chip soldered directly into a device. Unlike traditional SIM cards, it doesn’t need to be swapped to change operators. Connectivity profiles are downloaded and managed over-the-air (OTA).(source). 

For IoT deployments, this is game-changing because it:

• One soldered chip, many profiles:  eSIM (eUICC) lets you download, switch or retire SIM profiles over-the-air—no trays, no truck-rolls. 

• Built for scale:  Remote SIM Provisioning (RSP) keeps global roll-outs fast, compliant and cost-efficient. 

• Enterprise-grade security:  Profiles are encrypted end-to-end and can be routed through IXT SecureNet private APNs or IP-VPNs. 

• Future-proofing:  Today’s eSIM spec underpins tomorrow’s iSIM, ambient IoT and non-terrestrial (satellite) networks. 

How eSIM works compared to traditional SIM?

Key roles in the remote SIM provisioning ecosystem 

• SM-DP+ (Subscription Manager Data Preparation +) 
  Encrypts and delivers eSIM profiles to devices. This service is typically operated by a mobile network operator or a specialised connectivity provider. 

• SM-SR (Subscription Manager Secure Routing) 
  Oversees the ongoing life-cycle of each profile—enabling, disabling or deleting it as required. The SM-SR is usually run by the same organisation that hosts the SM-DP+. 

• LPA (Local Profile Assistant) 
  A software agent in the device OS or modem firmware that requests profile downloads, installs them and activates the selected profile locally. 

How eSIM provisioning works in IoT deployments:

eSIM provisioning allows IoT devices to connect and switch profiles automatically without manual SIM swaps. When a device first boots, it uses a bootstrap profile to authenticate with IXT’s Connectivity Management Platform (CMP). The CMP then triggers the secure download of a production profile via the SM-DP+, and the device’s LPA activates it—retiring the bootstrap profile if no longer needed.

1. Device boots with a bootstrap profile. 
2. It authenticates to IXT’s Connectivity Management Platform (CMP). 
3. CMP instructs the SM-DP+ to download the production profile. 
4. The LPA activates the new profile and, if needed, retires the bootstrap. 

eSIM vs. plastic SIM vs. iSIM

Plastic SIM (traditional card) 

• Removable 4FF or 2FF form factor. 

• Holds a single network profile that is difficult to change remotely. 

• Moderate tamper resistance. 

• Occupies 12 × 15 mm plus the tray, limiting ruggedisation options. 

eSIM (eUICC, MFF2 form factor) 

• Soldered 6 × 5 mm chip with no external tray. 

• Stores five to ten profiles that can be added, switched or deleted over-the-air. 

• High hardware security; credentials are stored in a secure element. 

• Removes a mechanical point of failure and frees valuable board space. 

iSIM (integrated SIM) 

• The secure element is embedded directly inside the cellular modem’s system-on-chip. 

• Shares all eSIM capabilities but further lowers power draw and bill-of-materials cost. 

• Expected to dominate ultra-small, battery-powered IoT designs in the next few years. 

Bottom line: eSIM eliminates logistics friction today, while iSIM will drive even greater size and power savings tomorrow. 

Explore the differences between SIM, eSIM, and iSIM more in-depth here.

Business benefits of eSIM for IoT teams

Faster time-to-market 

eSIMs can be provisioned with country-specific profiles at the factory or on first power-up. This eliminates delays waiting for local plastic SIMs and accelerates deployment.

Cost efficiency 

With IXT’s Global Data Pool, all eSIMs share one data allowance. This reduces wasted capacity, avoids unexpected overage fees, and makes costs predictable.

Operational agility 

When a carrier sunsets 3G or changes pricing, you can switch profiles across your entire fleet remotely with a few API calls. No truck rolls or site visits required.

Resilience & uptime 

Multi-IMSI and multi-network fallback ensure devices like EV chargers, meters, or trackers stay connected, even if one network goes down.

How eSIM architecture and security work in IoT

Relevant standards 

• ETSI TS 103 383 defines the security domains inside the eUICC and the roles of the SM-DP+ (Subscription Manager – Data Preparation) and SM-SR (Subscription Manager – Secure Routing).

• GSMA SGP.32 introduces a lightweight variant using JSON-over-HTTP, designed specifically for IoT devices with limited resources.

Security building blocks 

• Elliptic-curve cryptography and 3DES protect profile keys while they are transferred over networks.
• Hardware root-of-trust inside the eUICC stops attackers from extracting critical identifiers such as Ki and IMSI.
• Profile binding ensures only authorised SM-DP+ servers can load or update profiles on the eSIM. 

Security and compliance in eSIM for IoT

• Private and secure networking:  With IXT SecureNet, device traffic stays off the public internet by using private APNs and IP-VPNs. This reduces exposure and lowers the risk of unauthorised access. 

• Cloud-ready security (SASE integration):  eSIM traffic can be routed directly to major cloud providers like AWS, Azure, or GCP via secure cloud connectors. This supports modern SASE (Secure Access Service Edge) architectures for enterprises. 

• Regulatory alignment worldwide:  In regions with strict permanent-roaming rules (such as the EU, Brazil, and India), eSIMs can download localised IMSIs to stay compliant while keeping devices online. 

• GSMA security compliance:  Every eSIM vendor must pass more than 260 GSMA security controls before launch, ensuring that deployments meet global standards for confidentiality, integrity, and resilience. 

Explore IXT global SIM. 

eSIM implementation checklist for IoT

Choose the right hardware
Select a module that supports GSMA M2M or IoT eSIM standards and includes at least 300 kB of profile storage.

Plan your bootstrap strategy
Decide whether to use a global IMSI or a temporary test profile for initial device activation.

Define the profile lifecycle
Set clear rules for when to download, switch, or retire profiles as devices move across regions.

Integrate with the CMP
Connect your deployment to the IXT Connectivity Management Platform (CMP) via REST or MQTT APIs for zero-touch provisioning and remote management.

Test resilience scenarios
Simulate edge cases such as power loss during downloads or profile corruption to ensure system stability.

Set performance KPIs
Aim for benchmarks like >99% successful downloads and <3 minutes per download over LTE-M networks.

Automate monitoring and alerts
Use CMP webhooks to trigger alerts for failed downloads, profile loss, or excessive fallback to SMS

IXT connectivity experts can support any IoT deployment. 

Looking ahead: iSIM, NTN & Ambient IoT

The next five years will see cellular IoT jump from “just connected” to “truly pervasive”. Three parallel technology tracks are converging to make that happen:

iSIM becomes the default secure element

• Definition. Integrated SIM (iSIM) hard-wires the secure element inside the modem/SoC, removing the separate eUICC package altogether.

• Market trajectory. Counterpoint Research projects that nearly 70 % of all cellular devices shipped in 2030 will use eSIM or iSIM, with iSIM growing the fastest at ≈ 160 % CAGR (2024-30). (counterpointresearch.com)

• Why it wins for IoT

  • Lower BOM & power. One less chip; ~40 % idle-mode power savings on LTE-M modules.

  • Smaller footprint. Enables wearables, smart labels and sensor nodes below 50 mm².

  • Single-SKU manufacturing. Ship the same hardware worldwide and inject the right profile via SGP.32/41.

• Readiness checklist

  • Check for iSIM-ready chipsets (e.g., Qualcomm 9205S, Sony Altair ALT1350) in your module roadmap.

  • Ask vendors for Common Criteria EAL5+ certification dates and SGP.32 compliance roadmaps.

  • Plan an “xSIM abstraction” layer in firmware so you can migrate from eSIM → iSIM without rewriting code.

Standards roadmap (SGP.32 → 41 → 42)

Take-away: Start with SGP.32-capable modules today; insist on firmware upgradability so the same hardware can adopt SGP.41/42 without re-qualification.

How non-terrestrial networks (NTN) are changing IoT connectivity

• 3GPP baseline. Release 17 introduced NTN for IoT; Release 19 (functional freeze Jun 2025) adds performance tweaks and mobility enhancements for LEO/MEO constellations (3gpp.org)

• GSMA profile support. SGP.42 will define a “NTN profile type” so devices can roam seamlessly between terrestrial 5G and satellite links.

• Design tips

  • Pick modules with dual-mode (terrestrial + satellite) RF and GNSS assistance.

  • Budget for higher latency (LEO ≈ 50-70 ms, GEO ≈ 500 ms) in application logic.

  • Use IXT SecureNet to terminate satellite traffic in your private cloud and keep security posture consistent.

Ambient IoT: how battery-free tags scale with cellular networks

• What it is. Ultra-low-power tags (µW backscatter or ≲ 100 µW active) that harvest energy from ambient RF and talk directly to 5G base-stations or assisted UEs.

• Standardisation. A dedicated Study Item “Solutions for Ambient IoT in NR” is in Release 19, with work-item decision due December 2024 (3gpp.org)

• Use cases. Smart packaging, asset-embedded ownership certificates, real-time perishables monitoring—areas where today’s BLE/RFID either lacks range or incurs gatekeeper costs.

• Why eSIM/iSIM still matter. Even sub-1 µW tags need cryptographic roots-of-trust for supply-chain integrity. iSIM-on-chip provides that at negligible power cost.

Cellular IoT market outlook: growth and eSIM adoption by 2030 

The IoT market is entering a rapid expansion phase. GSMA Intelligence projects 38.7 billion cellular IoT connections by 2030, growing at an 8% CAGR from 2023. At the same time, over 9 billion xSIM-capable devices are expected to ship between 2024 and 2030, with iSIM emerging as the dominant form factor from 2027 onward.

• 38.7 billion cellular IoT connections by 2030 (8 % CAGR 2023-30) — GSMA Intelligence, Dec 2024 (gsmaintelligence.com)

• >9 billion xSIM-capable devices shipped 2024-30, dominated by iSIM from 2027 onward. (counterpointresearch.com)

Action plan for device makers & IoT teams

1. Specify xSIM today. Require SGP.32 compliance (+ firmware-upgradable to SGP.41/42) in all new designs.

2. Run NTN pilots in 2025. Test satellite fail-over early to harden device antennas, power budgets and buffer sizes.

3. Track Release 19 deliverables. Ambient IoT and AI/ML-driven RAN features will influence module selection and certification timelines.

4. Plan a migration path. Treat iSIM as the end state; build abstraction layers so eSIM and iSIM can coexist during the transition.

5. Leverage IXT SecureNet + CMP. Both already support multi-IMSI steering and will expose SGP.32/41 APIs, so you can automate profile swaps across terrestrial and NTN networks from a single console.

Bottom line: eSIM solved logistics; iSIM, NTN and Ambient IoT will solve scale. Designing with these road-maps in mind today ensures your devices stay connected—and secure—through the next decade of cellular innovation.

Related questions

• What’s the difference between SIM, eSIM, and iSIM?

• What’s the most cost-efficient way to manage large SIM fleets?

• What are the security risks of permanent roaming in IoT?

• How do eSIM and iSIM simplify remote fleet management?

Request a test SIM.

View our coverage map. 

Frequently asked questions