GSMA Root Certificate Issuer for Remote SIM Provisioning
The Certificate Issuer issues Certificates for Remote SIM Provisioning entities and acts as a trusted third party for the purpose of authenticating the entities of the system.
Security and trust are an integral part of the GSMA’s Specification for Remote SIM Provisioning connections. The ability to provision operator subscription data securely “over the air” to change from one operator to another requires secure connections, as well as data confidentiality and integrity, and system availability. Paramount to the achievement of these objectives is the establishment and maintenance of an efficient and effective end-to-end trust infrastructure within the ecosystem. For the eUICC and Servers defined by GSMA for Remote SIM Provisioning an eUICC Public Key Infrastructure (PKI) to support the use of Certificate for authentication has been defined.
The GSMA has selected PKI infrastructure providers to act on its behalf as Root Certificate Issuer. These partners are:
| Organisation | Specifications | CI Contact | CI Website | GSMA Root CI Certificate | CRL Distribution Point |
 |
SGP.01 and SGP.02 All Versions | Visit | Download | n/a | |
 |
SGP.21 and SGP.22 Version 2 SGP.21 and SGP.22 Version 3 SGP.31 and SGP.32 Version 1 | Visit | Download | ||
 |
SGP.21 and SGP.22 Version 2 SGP.21 and SGP.22 Version 3 SGP.31 and SGP.32 Version 1 | Visit | Download |
To be able to receive certificate from the GSMA Root CI providers, some SAS accreditation and compliance scheme for Consumer must be performed.
For further information, or to register an interest in providing PKI infrastructure for Remote SIM Provisioning, please contact the GSMA by sending email to RootCAs@gsma.com.
Key Documents
GSMA eUICC PKI Certificate Policy SGP.14
Remote SIM Provisioning for M2M
Remote SIM Provisioning for Consumer