Recognising the need to demonstrate product compliance to technical specifications in a common accessible way, GSMA has developed a compliance framework for M2M remote provisioning eUICCs and Subscription Management servers.
The GSMA PRD SGP.16 details the compliance requirements, and expected means to demonstrate compliance, for product designed to the M2M remote provisioning specifications, SGP.02 and SGP.01. SGP.16 also provides declaration templates to be completed and submitted to GSMA once an M2M remote provisioning product has proven its compliance by test and/or certification
The compliance requirements focus on security assurance, functionality and interoperability. The result of a successful SGP.16 declaration of compliance is a recognised achievement plus eligibility to use an M2M Digital Certificate (PKI). This is used for authentication between eUICCs and Subscription Management servers (SM-DP and SM-SR).
Security Assurance by design
The eUICC IC/hardware platform requirement is Common Criteria certification to the Security IC Platform Protection Profile with Augmentation Package Certification (PP-0084 or PP-0117). Certification to PP-0035 is also acceptable.
All GSMA M2M compatible eUICCs that follow the industry GSMA eSIM Specifications (as defined in SGP.01 and SGP.02), need to prove their robustness. This means demonstrating compliance with the product security requirements and objectives, specified in SGP.05, with resistance against high-level attack potential.
Currently, there are two permitted methodologies for eUICC manufacturers – shown below. They all require a certificate reference to demonstrate their security evaluation of resistance to high-level attack potential. The permitted methodologies are:
- Common Criteria PP-0089 Certification report reference
- GSMA eSA Certification reference, learn more about it HERE.
Security Assurance in production and SM service location
GSMA’s established Security Accreditation Scheme (SAS) has been adopted as the required security accreditation for M2M remote provisioning entities handling sensitive assets. These include MNO profile information and Digital Certificates. SAS is an audit based scheme, and audit lead time should be considered when planning compliance.
For eUICCs: SAS-UP audits the handling of sensitive data during eUICC production.
For SM-DP and SM-SR: SAS-SM audits the robustness of processes for secure data management at the Subscription Management service location (eg datacentre or other hosting location).
Functional and interoperable
The GSMA M2M test specification, SGP.11, provides functional and interoperability test cases for M2M system operation. It is the basis for M2M testing for functional compliance and interoperability.
For eUICC: GlobalPlatform operates SGP.11 based test plans, with associated certification. This incorporates the TCA Interoperable Profile Test Suite (TCA Test Spec). M2M remote provisioning eUICCs declaring SGP.16 compliance must firs thave a GlobalPlatform Product Functional Certification.
For SM-DP and SM-SR: M2M remote provisioning Subscription Management developers are responsible for verifying correct functioning of all SM-DP and SM-SR interfaces, and system behaviour. Commercial SGP.11 test suites are available that fulfil this requirement. Alternatively, MNO based interoperability testing and other methods may be used, if all SGP.11 test scenarios for Subscription Management are covered.
Connecting to M2M remote provisioning
eUICC, SM-DP and SM-SR that have that have performed the pre-requisite test & certifications, submitted an SGP.16 declaration of eSIM compliance and received a confirmation are eligible to use GSMA PKI certificates. Details of the GSMA Root CI Public Key are at this link.
Self-assessment of eUICC Certified products updates
To notify Software changes on eUICC certified products there is a GSMA internal Operational procedure called EUM Self-assessment of eUICC Certified products updates. You can request this document by sending an email to M2Mcomplaince@gsma.com
The next steps need to be followed:
- GSMA send EUM the Self-assessment of eUICC Certified products updates
- eSIM vendors complete the Self-assessment of eUICC Certified products updates and send it to GSMA Compliance Team
- GSMA RSP Compliance Team analyses the proposed changes and:
- GSMA internal database is updated to reflect the change, the date and the new SW version resulted of the change.
- A Note within the IC2 database to indicate the update (in case the product was listed on IC2 previously)
- A revision of the previously issued ‘GSMA Confirmation of PKI Certificate Issuance’ is provided by GSMA (with a revision number). This will contain:
- A new ‘Declared build’ version
- A new date
- A note at the end indicating the additional changes have declared by the EUM as nor RSP, SAS neither TOE related features (the sentence will be further elaborated by the GSMA operations and legal teams)
Find out more
Download here all the eSIM M2M Specifications referred in this section, all the SGP.16, the M2M Compliance Process, for full details of active compliance requirements, current specification versions and declaration templates.
For further information or in case of any questions on the GSMA M2M compliance process, please contact M2MCompliance@gsma.com