Episode 19

The curious case of the removable eSIM

Published on: 21st June, 2022

This week's episode of Android Bytes actually follows up on something our co-host Mishaal has been looking at for a while: a removable eSIM that lets Android phones without the technology built-in to access eSIM providers. We chat with Christos Omiridis of Telco Village who was part of the team that created eSIM.me.

  • 02:09 - What is a SIM? What is an eSIM? Why does it exist?
  • 09:15 - Why bring eSIM to a device that doesn't natively support it?
  • 15:50 - How does a removable eSIM interface with Android?
  • 27:55 - What's the extensibility of modularizing eSIM from other FOSS devs and wireless carriers?

Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.

Esper enables next-gen device management for company-owned and managed tablets, kiosks, smart phones, IoT edge devices, and more.

For more about Esper:

Our music is "19" by HOME and is licensed under CC BY 3.0.

Transcript
David:

Hello, and welcome to Android bites powered by Asper I'm, David

David:

Rudick and each week I'm joined by my cohost Michelle ramen diving

David:

deep into the world of Android.

David:

And this week we're embarking on a journey that I think is really

David:

interesting because it's an area that like many of our episodes, nobody

David:

really talks about, um, in, and they even in the kind of niche tech media.

David:

And today we're talking about EIM, which is something that I know is exciting,

David:

especially to pixel users, because Google's embrace the standard so much, but

David:

it also has massive global implications.

David:

As the telecom industry continues to evolve.

David:

And we have a very special guest today.

David:

Who's responsible for a very innovative product in this space.

David:

And I'll let Michelle introduce

Mishaal:

him.

Mishaal:

Thank you, David.

Mishaal:

So on today's episode, we've invited Christos from telco village.

Mishaal:

Welcome to the show Christos.

Mishaal:

Thanks, having.

Mishaal:

And so the topic of today's episode as David mentioned is EIM.

Mishaal:

So for those of you don't know, EIM stands for embedded SIM and SIM

Mishaal:

stands for subscriber identity module.

Mishaal:

It's a very interesting topic because there are not that

Mishaal:

many phones on the market.

Mishaal:

With EIM capabilities built in.

Mishaal:

But Ray recently I discovered a product by the company that Christos works for

Mishaal:

that actually enables bringing ES IM to almost any Android smartphone out there.

Mishaal:

Most Android smartphones are compatible with this product.

Mishaal:

So that got me wondering how in the heck is this possible knowing what we know or

Mishaal:

what we thought we know about ES IM how is it possible to bring something that's

Mishaal:

supposed to be embedded into a device?

Mishaal:

Externally through what looks to be a regular SIM card.

Mishaal:

So that topic that got me down a rabbit hole of, uh, GSMA specifications of

Mishaal:

what the heck a smart card is of what APIs are used in Android to talk to

Mishaal:

smart cards and all sorts of business.

Mishaal:

And that's kind of what I wanna talk about on today's episode is like

Mishaal:

how the heck does communication with the SIM card module actually work?

Mishaal:

What makes an EIM different from a regular SIM.

Mishaal:

On a technical level.

Mishaal:

And that's why I wanted to talk with Christos.

Mishaal:

Who's an expert in this field before we actually start talking about ES I and

Mishaal:

how this communication between Android and an ES IM module actually works.

Mishaal:

I think it's important to understand why the ES IM actually exists

Mishaal:

because there are two main reasons.

Mishaal:

One is the size.

Mishaal:

And that's probably the most obvious reason for anyone to understand why the

Mishaal:

em exists, because if you've used phones for a long time, you know, that SIM

Mishaal:

cards used to come in much bigger sizes.

Mishaal:

If anyone's used the regular, the original credit card size

Mishaal:

SIM card, the one FF size.

Mishaal:

But, uh, I wasn't using phones back then.

Mishaal:

I used that size, but I think most people today probably use the two

Mishaal:

FFF three FFF or four FFF, which is mini micro, and then nano respect.

Mishaal:

Most of our modern today support the nano SIM card.

Mishaal:

That's what you find on most devices, but even smaller than that, you

Mishaal:

have the EIM, which is I embedable into the devices motherboard.

Mishaal:

So instead of dedicating space for a physical SIM card trace

Mishaal:

lot that has to be removable.

Mishaal:

That requires extra space.

Mishaal:

Maybe somewhere on the side or in the body, you can just build it directly

Mishaal:

into the motherboard, saving some space, which is very valuable on

Mishaal:

a small device, like a smartphone.

Mishaal:

Then in the future soon, we'll have iSims, which are integrated directly

Mishaal:

into the system on chip saving, even more space that could be reserved

Mishaal:

for other components on the mother.

Mishaal:

I wanted to start off by asking you first, Christo, what do you

Mishaal:

know about the EIM form factor?

Mishaal:

Because many people don't know or at least, I didn't know until, uh,

Mishaal:

a couple of weeks ago that there are actually multiple ES I form factors that

Mishaal:

there's not just one size for an EIM.

Mishaal:

There's a F two, which stands for machine the machine form factor.

Mishaal:

And then there's also the.

Mishaal:

W L C S P, which stands for the wafer level chip scale package.

Mishaal:

I know there's two different sizes and like, I know there's

Mishaal:

different uses for them.

Mishaal:

I wanted to ask you, what can you tell us about them?

Mishaal:

Yes.

Mishaal:

Uh,

Christos:

basically everything starts with a wafer, which is the circuit, and

Christos:

then you can build the package around it, depending on the use case that you have.

Christos:

And for the embedded SIM, starting with the machine to machine devices, uh,

Christos:

they wanted to solar them on, on PCBs, on printed circuit boards, and later

Christos:

they wanted to have them in smaller.

Christos:

Is waterproof devices.

Christos:

And this is why the other phone factors came.

Christos:

We did exactly the opposite.

Christos:

We did not look into making them smaller, but installed, uh, the EIM

Christos:

wafer inside a SIM cut phone factor.

Christos:

And the reason for that is to create an opportunity for people with

Christos:

existing devices to benefit from ES.

Christos:

On their devices, which makes their devices also more sustainable

Christos:

using them longer and getting the benefit of this new technology.

Mishaal:

It's very confusing, but the embedded in Essem doesn't actually mean

Mishaal:

it has to be embedded inside the device.

Mishaal:

It's something that you think you take for granted?

Mishaal:

Cause it sounds like, oh, embedded means it's inside, but the specification doesn't

Mishaal:

actually say it has to be inside the device, which is a bit of a fun fact that

Mishaal:

telco village took advantage of with the Esme product, which we'll talk about in a.

Mishaal:

Before we go down.

Mishaal:

I think I wanted to touch upon what actually comprises a SIM

Mishaal:

card that you hold in your hand.

Mishaal:

So for the most part, the reason we're able to go from the big plastic credit

Mishaal:

card size card down to the nanos SIM is that most of it was just plastic.

Mishaal:

It's just like a covering like a shield for the actual circuitry that you can

Mishaal:

clearly see is like the yellow part of any SIM card that you hold that yellow

Mishaal:

part without all the plastic around it.

Mishaal:

That is what actually has the micro controller.

Mishaal:

That's the circuit.

Mishaal:

So this micro controller, it has its own CPU.

Mishaal:

It has its own Ram.

Mishaal:

It has its own storage.

Mishaal:

It has its own IO circuitry so that it can actually communicate with

Mishaal:

the card reader and whatever host device this SIM card is attached to.

Mishaal:

And this is an entire micro controller.

Mishaal:

It has its own embedded firmware, and this firmware is responsible for

Mishaal:

communicating with the host device.

Mishaal:

And it also is able to store some contacts, some messages.

Mishaal:

So it's not very common nowadays, but a long time ago, people used to

Mishaal:

actually store a couple of messages or a couple of contacts directly on

Mishaal:

the SIM card, rather than like in the cloud with Google contacts and SIM

Mishaal:

card still enable you to do that, but it's just not very common anymore.

Mishaal:

So this whole package, that circuitry that's called a U I C, which stands

Mishaal:

for universal integrated circuit card.

Mishaal:

You also see sometimes this referred to as a smart card, which is a generic term

Mishaal:

for any card with an embedded circuit.

Mishaal:

So a U I C C is a, just a specific type of smart card

Mishaal:

that conforms to a specification that was made for this purpose.

Mishaal:

One of the differences between traditional SIM cards and EIMS is that

Mishaal:

EIMS make it possible to store and switch between multiple SIM profiles.

Mishaal:

That's one of the defining differences.

Mishaal:

At least most people recognize.

Mishaal:

So a SIM profile for those of you don't know is what identifies the services

Mishaal:

that your device is able to connect to.

Mishaal:

So of course, like a carrier doesn't.

Mishaal:

Any non-pay customer to be able to connect to their services.

Mishaal:

So you have a profile that determines I can connect to the voice call service.

Mishaal:

I can connect to whatever extra services they have.

Mishaal:

I wanted to ask you, why do we need an EIM to do this?

Mishaal:

Why can't we just retrofit existing traditional SIM cards

Mishaal:

to support storing and switching between multiple SIM profiles.

Christos:

Actually SIM cards can store multiple SIM profiles.

Christos:

And we've been doing this for years before SIM the problem there was that,

Christos:

uh, you also store keys and those solutions were all proprie solutions.

Christos:

Everybody was having his own solution as a mobile operator.

Christos:

You could control those counts where you could remotely upload SIM profiles there.

Christos:

The actual problem was the interoperability between parties.

Christos:

And this interoperability main problem was sharing the keys of your network.

Christos:

The keys that the subscribers identify themselves to the network with another

Christos:

party and with EIM, which is a standard.

Christos:

That a problem will solve because the EIM profile is including those keys without

Christos:

the necessity to share them with somebody.

Christos:

So when you share the EIM profile, you don't share any keys and the

Christos:

GSMA, uh, which release the standard is creating the root certificate.

Christos:

So the E U I C C, which is the chip has a certificate from the GSMA, the RSP server.

Christos:

Which is serving the profile as a certificate.

Christos:

So there is an environment created, uh, with trusted parties and therefore

Christos:

the communication is not possible.

Christos:

So it's not that it's something new with a SIM profiles, but now

Christos:

it is a standard that is globally.

Christos:

Establish and agreed so that it can be executed.

Christos:

This is the main advantage of ES IM that this technology enables the

Christos:

interability between manufacturers of devices, providers, and mobile

Mishaal:

operators.

Mishaal:

Yeah.

Mishaal:

So interesting point about that is while I was researching for the

Mishaal:

original article that I wrote on this, I learned about the apple SIM card.

Mishaal:

For those of you who actually had a SIM card, a physical SIM card that

Mishaal:

let you store multiple profiles onto it, or I think it came pre-installed

Mishaal:

with multiple SIM profiles from multiple different us carriers.

Mishaal:

And you could pick and choose which one to use.

Mishaal:

But as Christos mentioned, the problem with that is it's not interoperable.

Mishaal:

If you were to use an apple SIM card, On a Android device, you wouldn't be

Mishaal:

able to switch between the profiles that were stored on that SIM card because

Mishaal:

only Apple's iOS was set up to do that.

Mishaal:

So by introducing the EIM standard, which standardizes the way these profiles

Mishaal:

are managed, then you could switch between profiles in a standardized way.

Mishaal:

So like right now there's no way to you can't like transfer your EIM profiles

Mishaal:

from an apple device to an Android device.

Mishaal:

But the way in which those profiles are managed is now standardized.

Mishaal:

I wanted to talk about now your product in particular.

Mishaal:

So as you mentioned before, the E be embedded, doesn't actually have to be

Mishaal:

within the device and your company, telco village actually took advantage of

Mishaal:

this, carve out in the em specification to basically create a product that

Mishaal:

lets you enable EIM on any device.

Mishaal:

I wanted to ask you, how exactly does that work?

Mishaal:

Can you tell us a bit about.

Christos:

Let me add something to what you just mentioned with

Christos:

the E and the GSMA standard.

Christos:

The standard requires that the profiles are stored in a physical hardware, so

Christos:

that they're not stored in as a software.

Christos:

That's the requirement and this physical hardware, if it's sold

Christos:

on, on the motherboard, or if it.

Christos:

And another way, you know, connected to the motherboard through the SIM card

Christos:

is still sufficient for the standard.

Christos:

As I mentioned before, we were doing multiple SIM profiles on SIM

Christos:

cards before, and actually we, we registered the eim.me domain in

Christos:

2015, one year ahead, the release.

Christos:

Of the ESY standard, which is funny.

Christos:

And we were happy that the ESY standard hit the market because

Christos:

this created the ability and the interpretability as, as we mentioned.

Christos:

So our goal was to create a removable ESY that will upgrade that will add the

Christos:

ESY functionality to existing devices.

Christos:

But this was not the only goal.

Christos:

Our goal was also to.

Christos:

Create it without rooting a phone without soldering, anything without

Christos:

opening a phone, losing the guarantee.

Christos:

So we were talking with our colleagues and, uh, with, with friends, et

Christos:

cetera, and they were telling us that this is impossible because we need

Christos:

to have some kind of support from the hardware or the software, et cetera.

Christos:

So eventually we, we use.

Christos:

The knowledge of 20 years in telecommunications, we used our experience

Christos:

with multiple SIM profiles on the SIM card, and we created the SME card, uh,

Christos:

which is holding the E U I C C chip and the form factor of the SIM card.

Christos:

And.

Christos:

While our goal was to lift the users of existing devices, to

Christos:

the level of EIM compatibility with devices with ISIM built in.

Christos:

We actually went beyond that because if you see, for example, a Google

Christos:

pixel or any device with built in EIM, it's only for single device.

Christos:

You cannot use that em, in another device.

Christos:

So with our solution, we created EIM capabilities for under

Christos:

devices, but also beyond that.

Christos:

So once the EMM profile is downloaded and activated on the EMM card, you can remove

Christos:

this card, install it in your laptop, in your wifi router, in any device with a SIM

Christos:

slot and benefit from this connectivity.

Christos:

And.

Christos:

The second thing that we did is it's the world's first dual em solution.

Christos:

It means that you can have two ESY profiles active at

Christos:

a time on those devices.

Christos:

And this is also the reason why we have also customers that

Christos:

already have ESY built devices.

Christos:

Google pixel is a good example and the bio product for these two

Christos:

regions to be able to move those EIM profiles to other devices.

Christos:

For example, my smartphone runs out of battery.

Christos:

Where's my connectivity or I, my display is broken or any other thing is damaged.

Christos:

Another reason is when you want to transfer your profiles from one

Christos:

brand to another, it's very easy.

Christos:

You just do it in seconds.

Christos:

And some operators, when you want to transfer your EIM profile, they

Christos:

charge you between $10 and 40 euros.

Christos:

They call it replacement card.

Christos:

They make it very difficult for you.

Christos:

So we tho those customers save, had a.

Christos:

And money and, uh, so there's functionality and

Christos:

there's also convenience.

Christos:

We created the Esme app in a way in the play store.

Christos:

The device list has around I think, 15,000 compatible devices.

Christos:

With our product, but there is, uh, a multiple different Android

Christos:

versions that can be installed.

Christos:

So it's impossible to create a list which device is compatible

Christos:

and which is not compatible.

Christos:

We come to this later, how we check the compatibility, but the app will

Christos:

tell you, you download the free app and you will tell you your device

Christos:

is compatible or not compatible.

Christos:

And when it's compatible, you can order the CDI card, install it.

Christos:

And then you can just start downloading ePRO profiles.

Christos:

And we created.

Christos:

Let's say the, a variety of products to align to.

Christos:

I have a single device.

Christos:

I only want to use it there.

Christos:

So I don't want to spend too much money.

Christos:

I don't need the other features, or I want to switch and manage the

Christos:

cart between devices, et cetera.

Christos:

I need more space and more storage.

Christos:

And therefore we created the variety of products and our customers

Christos:

are excited about this product.

Christos:

And this gives us also the motivation to continue.

Christos:

We have also.

Christos:

Uh, future plans.

Christos:

We can talk about this later, what we are planning to do with the secure element.

Mishaal:

Right.

Mishaal:

So it's definitely a very ingenious product.

Mishaal:

There's nothing else like it that I could find on the market and just both in

Mishaal:

what it does and how it takes advantage of a part about the specification that

Mishaal:

I completely wasn't aware of before, which is the fact that removable

Mishaal:

embedded SIM cards are possible.

Mishaal:

And that it's actually explicitly something that's supported by

Mishaal:

the G SMAs EIM specification.

Mishaal:

They actually does explicitly mention.

Mishaal:

Removable E U ICCS and anywhere you look up you, if you Google, EIMS

Mishaal:

almost, everything says it has to be embedded in the device and that's wrong.

Mishaal:

It doesn't have to be that way.

Mishaal:

And this product proves that.

Mishaal:

And the actual specification allows for that.

Mishaal:

The other interesting part is, as you mentioned, you built an app Esme that

Mishaal:

communicates with your em.me card without using root access, without

Mishaal:

having to be a system pre-installed app.

Mishaal:

And that's the other bit that I found really fascinating.

Mishaal:

Like, how is that possible?

Mishaal:

How is it possible to just download a standard user installed app from the

Mishaal:

play store and have it communicate.

Mishaal:

The card that you insert into your device, like, how do you do that?

Mishaal:

And that's something that I spent a bit of time diving into.

Mishaal:

And I think I wanna talk about that now, because as we know, SIM cards are meant

Mishaal:

to be removable in general, and you're meant to swap them between devices.

Mishaal:

There has to be a standardized way for the host device and the host

Mishaal:

operating system to communicate with the firmware on that card.

Mishaal:

Because if there wasn't, then your SIM cards would be tied to a single

Mishaal:

platform and that's not very useful.

Mishaal:

So I wanted to ask you a bit, Christo, can you tell us about

Mishaal:

how that communication works?

Mishaal:

Can you describe the software that's running on the U I C C slash E U I C C.

Mishaal:

And how does the post operating system like Android communicate with it?

Christos:

The software on the us C we can simply call it EIM OS.

Christos:

So it's a software that managed the MCU, the storage, et cetera, and the

Christos:

interface to the host, as you mentioned, because it's meant to be removable,

Christos:

et cetera is just a smart card.

Christos:

ISO 78, 16 with commands.

Christos:

It's it's that simple.

Christos:

And the content of those commands of course, need to be aligned with

Christos:

what we sent from the Acme app to the Acme card so that it does the actions

Christos:

that we wish it's basically that

Mishaal:

simple.

Mishaal:

Right?

Mishaal:

So the, this E IM OS, can you tell us a little bit about that?

Mishaal:

What kind of programs?

Mishaal:

I guess very, very, very basic from what I read Java card SIM apples,

Mishaal:

like, can you tell us a bit about what's actually running on the EIM?

Mishaal:

The

Christos:

most important part here is the certificate.

Christos:

There is a mechanism that requires the E S C to authenticate itself to the let's

Christos:

call it network or server the us E C being the client and the other way around.

Christos:

So both need to authenticate each other.

Christos:

And from there.

Christos:

There is another piece of software that does the work, which is, uh,

Christos:

we are going to talk a bit later.

Christos:

The LPA, the local profess assistant can also be implemented in the us C, C.

Christos:

We are going to build a version that will have it, but it it's not at the moment.

Christos:

So the us C is only fulfill the GSMA standard in terms of

Christos:

exchanging the information with our.

Mishaal:

Okay.

Mishaal:

So just in summary, all this communication is supposed to

Mishaal:

happen in a standardized way.

Mishaal:

You have a Java card, apple that's running in the ESM OS of the E Y C C.

Mishaal:

And that communicates both ways through app due commands, which stands

Mishaal:

for application protocol, data, unit commands, and all of those commands.

Mishaal:

Those are following a standard definition, the ISO 7 816 dash four.

Mishaal:

So all of this is, is kind of standardized, but one thing I was

Mishaal:

interested for me to learn about was that prior to Android nine, which introduced

Mishaal:

the open mobile API or O M API, that there was a bit of inconsistencies in

Mishaal:

the way that Silicon would actually have their devices communicate with

Mishaal:

the smart card on their device.

Mishaal:

So I wanted to ask you, if you could tell us a bit about the situation,

Mishaal:

like prior to Android nine, can you tell us about what it was like for.

Mishaal:

An app, like ISA me to communicate with ISA me card.

Mishaal:

Like, was that even possible?

Mishaal:

And what did O M B I a do to change?

Mishaal:

We have

Christos:

customers using under five on their phones.

Christos:

This is the, the oldest hundred version that we have, uh, seen customers

Christos:

successfully using the EME caught anme app with the similar lines on MAPP.

Christos:

Is the OPI library that was before Android and was used by OEMs like Samsung Harvey.

Christos:

Samsung did a very good job implementing this and also continue to use similar

Christos:

lines OPI even beyond Android lines.

Christos:

So you have both APIs with them and sometimes we have to switch

Christos:

between them depending on.

Christos:

The implementation of the SIM card readers, because

Christos:

they may not be accessible.

Christos:

And we tried the one or the other way, but the way was the same.

Christos:

There are also other ways of communicating with the SIM card, with the very

Christos:

independent protocol with binary SMS, with a lot of things that are not.

Christos:

Really related in to Android.

Christos:

So, so a network provider mobile operator can talk to its SIM cards,

Christos:

uh, through the mobile network.

Christos:

They basically sent communication that is transposing through the Android system.

Christos:

But if we are talking about an app communicating, this is then done through

Christos:

a MAPP and then eventually open a logical channel, sending commands, uh, et cetera.

Christos:

That's that's the

Mishaal:

implementation.

Mishaal:

So O mappy, by the way, if I didn't mention before was introduced in

Mishaal:

Android nine for a O S P prior to that, as Christos mentioned, some

Mishaal:

OEMs would integrate the library themselves, but it's now a standard

Mishaal:

feature as of Android nine and later.

Mishaal:

And I believe there's even a compatibility test suite test that checks for home APIs,

Mishaal:

whether or not it's been implemented.

Mishaal:

Correct.

Mishaal:

So your app, as you mentioned, works without root and depending on OS

Mishaal:

version, it uses om, API commands or other commands, depending on the device.

Mishaal:

I wanted to ask you now, how exactly is your app allowed to send

Mishaal:

these commands to the Emme card?

Mishaal:

And how do you ensure that only your app is able to communicate with the Emme

Mishaal:

card and not just any other third party app that you download off a Google play?

Mishaal:

Like, how does this

Christos:

privilege work?

Christos:

As I mentioned before, our goal was not to require any permissions

Christos:

or not to require any unnecessary permissions from the user or the OEM.

Christos:

The only permissions that we ask the user to provide.

Christos:

And these are only optional is, uh, permission to use the camera.

Christos:

If you want to scan the QR code to download the Asim profile and the gallery.

Christos:

To access a Q code.

Christos:

This is very interesting because the way that it works is, uh, for example,

Christos:

you buy in , they send you an email with a Q code, some operators send

Christos:

you a postcard with a printed Q code.

Christos:

That's that's not really environmental friendly and not really digital, but yeah,

Christos:

they, they just print on a SIM category.

Christos:

However, if I buy online and.

Christos:

Delivered to me by email, I would store it in the gallery.

Christos:

And then from the gallery, I can read it with in the app.

Christos:

So these are the two permissions we ask, but if you don't want to give this two

Christos:

permissions, you can just enter it manual.

Christos:

You it's like a URL that you enter with some code, and then

Christos:

you can download the profile.

Christos:

The rights that we get.

Christos:

Are, uh, sourced by the card.

Christos:

So the card has certificates that declare which applications that are assigned

Christos:

with specific keys are allowed to access.

Christos:

And we have a set of keys.

Christos:

Which means that our E CME app has access, but we are also open to provide access

Christos:

or similar to the entitlement that that manufacturers give to other, let's say

Christos:

developers to access their E U SCCs.

Christos:

Uh, we have the same option.

Christos:

So developers are open to contact us in this regards with the advantage.

Christos:

Say that even if, if somebody says I have Android running on Google,

Christos:

Android, running on Samsung, or in other manufacturers, they would require the

Christos:

entitlement from each manufacturer, not Google as an Android, but Google as a

Christos:

manufacturer, Samsung as a manufacturer because it's access to the hardware.

Christos:

So this is done with the case at the same time.

Christos:

We allow access to the system apps.

Christos:

So you can access the EME card with your SIM manager from

Christos:

the Google settings up to 111.

Christos:

It was even.

Christos:

Possible to download EI profiles because the ECM card has a higher priority to the

Christos:

embedded S C but with hundred 12, they specifically address the embedded us C

Christos:

so that you have to use the Acme app.

Christos:

But the system itself has access to the cart is the E S C standard.

Christos:

So we allow access to the system itself as.

Mishaal:

So it's quite interesting.

Mishaal:

The way mechanism that this works is actually a certificate that declares,

Mishaal:

which apps can interface with it on the Android side and whatever

Mishaal:

other operating system is available.

Mishaal:

When I was reading through this, I, I learned about this is all part of a U

Mishaal:

I C C carrier privileged permission.

Mishaal:

So basically it's a way for an app to access certain privileged telephone

Mishaal:

APIs without actually having to be system pre-installed or having

Mishaal:

to be granted a specific permiss.

Mishaal:

So this way, EIM dot E is the only user installed app that can

Mishaal:

interface with the ES IME card.

Mishaal:

You can't install any other app on Google play.

Mishaal:

That's able to do what the Esme app is able to do, which is download and

Mishaal:

manage profiles on the em.me card.

Mishaal:

This actually is quite similar to like all other same cards.

Mishaal:

Basically you have your carrier apps, which are able to access

Mishaal:

carrier privileged APIs in this, in this very similar way.

Mishaal:

This is all standardized through the file.

Mishaal:

The whole certificate would call them access rule file.

Mishaal:

I believe so.

Mishaal:

Um, it was very interesting to learn that.

Mishaal:

But one thing that I did discover while I was using the eim.me app, is that it's not

Mishaal:

able to be pre-installed it's not able to be integrated into Android settings, like

Mishaal:

say Google SIM manager app is, and now I wanted to ask you about why that's the

Mishaal:

case and what would be required in order to get in ES IM app actually integrated

Mishaal:

into the Android operating system.

Mishaal:

As like, you know, you go to settings, you're able to directly add anim profile.

Mishaal:

Like you can on a pixel.

Mishaal:

So, can you tell us about some of the things that would be required in order

Mishaal:

to do that in order to actually integrate your app into Android OS setting?

Christos:

What is required is a communication to two directions.

Christos:

The one is the communication to the RSP, the server that holds the profiles.

Christos:

This is standardized how it's going to be implemented.

Christos:

And the other is the connection to the U I C C.

Christos:

This application does not need to be certified because it's only the transport.

Christos:

Let's say the translator, it downloads the profile.

Christos:

It slices the profile down into commands, and then it is sending it to the U S C C

Christos:

prior to this, there is the authentication process necessary where the LPA.

Christos:

Just exchange the information between those two.

Christos:

And this is why the LPA does not really have to be in the app.

Christos:

It can be in the system, it can be in the app and it can even

Christos:

be embedded on the chip itself.

Christos:

This is called LPA E for embedded this time on the chip,

Mishaal:

a couple of terms are thrown around just now, as you

Mishaal:

mentioned, LPA before stands for local profile assistant, it's actually

Mishaal:

part of the GS A's EIM standard.

Mishaal:

So if you look up the GSMA SGP two, two, One of the section talks about

Mishaal:

local profile assistant for device and that the other one is local

Mishaal:

profile assistant for embedded.

Mishaal:

So LPA in terms of Android is the EIM management app.

Mishaal:

Google's SIM manager app would be an example of an L P a D implementation.

Mishaal:

Um, another term that Chris has mentioned before RSP, which is the remote

Mishaal:

SIM provisioning, the server on the carrier side is called the SMDP plus.

Mishaal:

So subscription manager, data preparation, plus.

Mishaal:

And that server that they deploys, what supports RSP, remote SIM

Mishaal:

provisioning, but that's all not Android.

Mishaal:

What is Android side is the L P a D, which is the application that

Mishaal:

actually helps the user download SIM profiles using a QR code, either

Mishaal:

downloaded or something they can scan.

Mishaal:

There are several applications that basically act as an L P a D brand Android.

Mishaal:

The EIM me app is basically kind of like that.

Mishaal:

Then there's also an open source project, which I talked about in

Mishaal:

my post called open E U Y C C.

Mishaal:

, I wanted to ask about your thoughts on this project and what

Mishaal:

are you doing in relation to it?

Christos:

I think that this is something for OEMs to implement

Christos:

their LPAs in their systems.

Christos:

Something that we didn't mention before is how can Google make sure that the map

Christos:

is implemented accurately in the devices?

Christos:

Fortunately, since 109, the map is there, unfortunately.

Christos:

The OEMs do not implement it correctly or fully.

Christos:

So maybe there is no MAPI.

Christos:

Maybe there is O MAPI only for the N C chip, but not for us C or maybe

Christos:

there is O MAPI for the us C, but there is no access to the SIM readers.

Christos:

And this is why we have created this compatibility check.

Christos:

And maybe this open us C is a way.

Christos:

For those OEMs to an update to integrate this functionality, to their phones.

Christos:

We, as Acme are welcoming other LPAs to access our cart because our cart,

Christos:

the Acme card is a secure element.

Christos:

And the secure element, the one thing that it can do is store in profiles.

Christos:

But the secure element is the same.

Christos:

Technology that we see on smart cards for credit cards.

Christos:

So we can store payment information.

Christos:

It can be sliced into secure domains and those secure domains can hold information

Christos:

like keys, like payment information, like any other kind of tokens, et cetera, that.

Christos:

Users or developers are going to develop and create other products.

Christos:

So, so we create the foundation on the physical level and provide the access,

Christos:

and this can enable other developers to basically build on top of that.

Christos:

So LPA is just one thing.

Christos:

And with the secure element, I think we provide a platform and a marketplace

Christos:

where these things can become reality.

Christos:

And the Acme app is not only an LPA.

Christos:

Actually it started very primitive and we expanded because we've seen

Christos:

the feedback from the audience that, uh, now that I have the storage to

Christos:

basically store EIM profiles, where do I get those EI profiles from?

Christos:

And why do I have to go somewhere else, et cetera.

Christos:

And we are creating a carrier neutral marketplace where everybody

Christos:

can offer their easy profiles.

Christos:

We are going to do KYC.

Christos:

For them in some countries it's required to know your customer.

Christos:

And if I am, let's say in Germany and I buy anim profile from Doche tele,

Christos:

from T-Mobile, I need to do KFC there.

Christos:

And then if I switch to Vodafone, I need to do KOC there.

Christos:

And there are a lot of hurdles that make this standard a bit unconvenient.

Christos:

And while if you have a platform.

Christos:

Compare it with Amazon as a marketplace, your credit card is store there.

Christos:

Your address is known you only click and buy, and we want to create a

Christos:

similar marketplace for it in profiles.

Christos:

So that users do not have to start this onboarding process from the beginning.

Christos:

It is authentication.

Christos:

It is payment gateway, et cetera.

David:

This is I think where strategically, maybe we

David:

can zoom out a little bit.

David:

Just like the situation with telecom operators.

David:

For example, they have a lot staked on keeping the physical SIM

David:

standard alive, as long as they can, especially here in the us.

David:

They are very, very attached to it and they really have been

David:

very reticent to give it up.

David:

So I'm sure that that is also something that is kind of slow walked this

David:

technology for a number of years now, especially as we go to EIM, because

David:

to me, the carriers, like you said, they intentionally try to make this

David:

difficult or imposed with cost a very arbitrary and capricious way.

David:

It's it has nothing to do with helping customers.

David:

It has everything to do with making switching services and products.

David:

Very difficult.

David:

So it's interesting to me that even em, which I think was in many ways designed

David:

to be friendly to the carrier's concerns about competition, that y'all were able

David:

to come up with the solution that actually modularizes the standard and says, oh,

David:

you can take it anywhere with you now.

David:

That to me is what makes it so interesting.

David:

Have you had any conversations with any carriers or manufacturers or other

David:

people in the industry who said I was waiting for somebody to make this?

David:

I knew it was possible or is it truly just surprise?

David:

Like we literally did not think this could be done.

Christos:

I agree with you.

Christos:

Operators ly think that if they stick to a Simco, they lock down the customer, but

Christos:

of course the Simco can be replaced with another Simco and ISIM is a threat to

Christos:

their eyes because they think that on the market, they're going to lose a customer.

Christos:

They don't see that this customer is going to another operator

Christos:

that could be themselves.

Christos:

So if I don't offer something, they cannot buy from me.

Christos:

And if I offer ES IM with an app, Like some operators do, then I cannot

Christos:

actually call it E and because they don't give you the activation code

Christos:

to basically see it as an standard.

Christos:

But this being said, I think that this is similar to the number portability that you

Christos:

didn't have in many countries over years.

Christos:

It, it established this way.

Christos:

Uh, we have countries, uh, like Saudi Arabia.

Christos:

where every operator has Zim and where they offer 30% discount.

Christos:

To EIM compared to Simco.

Christos:

I mentioned before they know your customer, they're onboarding.

Christos:

If you have prepaid customers, you have onboarding costs and those

Christos:

customers can leave you anyway.

Christos:

So you don't make any margin if they don't stay for a time with you.

Christos:

So I think that we cannot convince operators that EIM is something good for

Christos:

them and for the future, but we can see an analogy with, do I need a website?

Christos:

Do I need a web presence?

Christos:

You know, Back when online stores, et cetera, uh, created,

Christos:

we just let them take their time.

Christos:

We, of course, we've spoken to many operators because we are an

Christos:

operator ourselves and we have the context to all of them and

Christos:

they, the most of them think of.

Christos:

We are going to wait until there are ISIM only devices and then we have to move.

Christos:

But we also know, and we see this in some markets that if one operator starts

Christos:

advertising starts pushing marketing this, then the others will follow in no time.

Christos:

So we see in Europe, for example, there is, uh, no

Christos:

roaming between countries agree.

Christos:

So within the European union, there's no roaming charges allowed.

Christos:

And then you have, let's say.

Christos:

Polish operators selling in Europe, uh, check operators selling in Europe.

Christos:

It doesn't help the German operators to protect their SIM card because they're

Christos:

going to buy from somewhere else anyway.

Christos:

And the same will is happening in north America.

Christos:

We we've seen Canadians buying Asian EIMS.

Christos:

To use in north America because they only need data.

Christos:

So they don't have to pay for voice packages or whatever.

Christos:

I think it's just a matter of time.

Christos:

It's it's ISIM is a new path and the faster they jump on this, the

Christos:

better market share they can secure.

Mishaal:

Yeah.

Mishaal:

I think the convenience at EIM really can't be understated in some

Mishaal:

situations like my cousin she's visiting us from Bangladesh and of

Mishaal:

course she needs a local Sy card because she's here for several weeks.

Mishaal:

So because she has an iPhone, I remember that T-Mobile actually offers an app

Mishaal:

that just completely guides you through the process of setting up an EES.

Mishaal:

I profile within the app and paying within the app.

Mishaal:

Within a matter of like five minutes, we had service up and running for.

Mishaal:

I didn't have to go anywhere else.

Mishaal:

I didn't have to go to a store.

Mishaal:

Didn't have to shop around for one of the various MBN OS that offer plans.

Mishaal:

It was just at home connected to my wifi network, five minutes

Mishaal:

up and running with a new plan.

Mishaal:

And as you mentioned, even smaller carriers, like in surprise markets

Mishaal:

like Canada, connecting to an ES IM offering from Hong Kong, three, three

Mishaal:

Hong Kong, I believe is the carrier that many of them subscribing to.

Mishaal:

There's an opportunity there that a few carriers are actually taking advantage of.

Mishaal:

And, you know, it's a bit of a chicken and egg situation where more carriers

Mishaal:

are waiting for devices to go EIM only, but devices won't go EIM.

Mishaal:

Only if few carriers are supporting EIM.

Mishaal:

So like, We're kind of a stuck at the standstill where the highest

Mishaal:

end premium phones have in EIM and they also have a physical SIM card.

Mishaal:

But there's also a little technical limitation with the ES.

Mishaal:

I currently in that most ES IMS only support having one of their

Mishaal:

SIM profiles active at a time.

Mishaal:

And as you mentioned, Chris, four, your solution supports enabling multiple ES I

Mishaal:

profiles because you can have one ES IIM profile enabled on your ES IM me card.

Mishaal:

And then another one enabled on the phones built in ES I, or you could

Mishaal:

have a phone with dual in card slots and you could have two Essem me.

Mishaal:

But something interesting that I learned about recently is that Android 13 is

Mishaal:

implementing a new feature called multiple enabled profiles, which would enable

Mishaal:

you to have two SIM profiles stored on an EIM at the same time, it would allow

Mishaal:

you to use both them at the same time.

Mishaal:

So I wanted to ask your thoughts on this multiple enable profiles

Mishaal:

feature and whether or not it's something that actually could

Mishaal:

be done with an eim.me card.

Christos:

This is a great feature.

Christos:

Uh, I really welcome this.

Christos:

Uh, if it's available for us to access it, we are going to implement this

Christos:

also forme we had, uh, customers actually, let's start to define how

Christos:

those multiple is improves, can be used.

Christos:

It is determined by the number of SIM card slot, and eventually

Christos:

by the number of moderns.

Christos:

So if I have two mode, I can have two subscriptions active at a time.

Christos:

And even in some cases where somebody has a dual SIM phone, but wants to use a

Christos:

second SIM card slot for, he says D card.

Christos:

It will be a benefit because he can have one Acme card with two

Christos:

profiles addressing the two mode while he has an SD card on the.

Christos:

That's a lot.

Christos:

So there is a use case for this and there is we, we have

Christos:

received many requests for this.

Christos:

Uh, so I think it's a, it's a good feature.

Christos:

And we will implement this.

Christos:

The access for this is possible means if the OEM will enable this access,

Christos:

because it's depending also on them, how limited this new feature will be similar

Christos:

to the O MAPI on the, on the previous

Mishaal:

things.

Mishaal:

From what I read according to Google's patent, it doesn't actually require

Mishaal:

two modems for MEP to work, which the conventional wisdom that you would

Mishaal:

need for every active SIM profile.

Mishaal:

If you want an active data connection, you need a second modem,

Mishaal:

but, uh, DSDs or dual standby.

Mishaal:

DOSIM dual standby.

Mishaal:

You could still have EIM MEP work with a single modem.

Mishaal:

Google's patent describes a opening two logical connections

Mishaal:

from the SIM car to the modem.

Mishaal:

And yeah, I'm curious to see how it's gonna work.

Mishaal:

It's something Google hasn't announced yet, but there's some documentation

Mishaal:

available for it and whether or not this can be extended to removable.

Mishaal:

E YCCS is another story entire.

Mishaal:

I

Christos:

haven't seen the patent.

Christos:

So I cannot tell something about the patent, but I've seen the

Christos:

description where you can basically address two or three mode.

Christos:

I haven't seen a device with three mode, but at least from the theory

Christos:

point of view, this is possible.

Christos:

If their patent can talk to multiple, let's say networks,

Christos:

et cetera, in a time difference than maybe this is also possible.

Christos:

So theoretically it's possible.

Christos:

Uh, if there is a requirement from the network, That's another thing.

Christos:

So open to see what this pattern will look like and how the let's say the mobile

Christos:

network will or will not have to implement part of the pattern to, to make it work.

David:

And another reason this is, I think also starting to come up is that as 5g

David:

networks reach saturation, there are going to be use cases where having multiple

David:

networks actually is going to provide a material benefit to the end user.

David:

And that end user could be somebody doing something like

David:

downloading a very large file.

David:

We've already seen heterogeneous networking technology, like Samsung

David:

phones like that, this for years where you can use wifi and LT at the same time.

David:

Uh, to boost your download speeds, obviously in America carriers hate

David:

this feature because they would rather you be on wifi and nothing else, but

David:

it goes to show that there are going to be use cases that drive that.

David:

And so if you are able to have a phone that uses what you know, to

David:

be the most reliable data connection or device that uses the most

David:

reliable data connection day to.

David:

But can keep an active profile enabled that is particularly for

David:

like super high throughput downloads maybe, and maybe those are only

David:

necessary during business hours.

David:

And so you have it connected to the high throughput network when the device is

David:

active and being used, but when shuts off.

David:

It goes down to the super low power network.

David:

And maybe that's like a 5g IOT network where it's really just sending some basic

David:

packet data, time to time the check in.

David:

So I'm sure that there are all kinds of use cases out there that have really

David:

yet to be explored for things like this.

David:

And as we make it more integrated on the device, I think that we'll

David:

see those use cases start to emerge the biggest limiting factor.

David:

And I I'm guessing would agree, Christo is that.

David:

The physical side of a SIM card is that it has to go in something.

David:

You have to get it.

David:

And there's one SIM card per device.

David:

And that just makes doing anything complex or unique as far as a

David:

configuration, much more challenging when you're making SIM cards.

David:

It's probably a very big scale kind of thing you're doing.

David:

Like an, operator's not going to be like, oh, we're going to make

David:

this very special configuration for this one customer on our network.

David:

That's uniquely coded to these SIM cards and they can do special things

David:

that other customers can't nobody's providing that kind of service.

David:

So it would make sense that the technology should move to the device

David:

and end user side to be managed there.

David:

So that the implementations, just depending on how much

David:

does this cost me to do this.

David:

So the carrier just goes back to being that dumb bite.

David:

Instead of a glorified services provider, which we know they

David:

all aren't, , they're just bits.

David:

So this is really cool.

David:

And I think that you guys have an amazingly interesting product,

David:

and this is usually where I would plug where Asper fits in with it.

David:

Um, this one's a little harder for us because, you know, we do have mobile

David:

data use case, and it's very interesting, but I've really thought about this

David:

and I'm like, I'm not sure exactly.

David:

But I am sure that eventually we will have customers wear more flexibility

David:

around mobile data, 5g and Essem is going to become a priority because it's

David:

a matter of flexibility for businesses.

David:

Being able to switch providers on the fly would be an amazing way to potentially

David:

reduce your costs or to up your data.

David:

Throughput, if you need more and just be more competitive, this is all about

David:

helping customers move faster, right?

David:

Making decisions about their network or switching networks or whatever it may be.

David:

And I think that that is a super defensible goal for any business in the

David:

tech industry, because this is a problem.

David:

And it's a problem that in many ways has been artificially constructed

David:

as a business competition barrier.

David:

And it's cool to see somebody starting to tear it down.

Christos:

Actually, we are working with mobile operators and we try

Christos:

to visualize this opportunity.

Christos:

If I, for example, as a end customer, I have to choose between

Christos:

two networks, one being the premium networks, which is expensive.

Christos:

And the other one, which is cheaper with not a good

Christos:

coverage, I don't have to choose.

Christos:

I can use both.

Christos:

So having the ability to use both.

Christos:

Imagine that if, for example, you introduce the prepaid model where

Christos:

customers can buy your service for a day, but not to go to the shop,

Christos:

not to wait for shipping, et cetera, they just, they don't have coverage.

Christos:

And now they have coverage to your network.

Christos:

Sell them connectivity.

Christos:

Right on the spot.

Christos:

Right?

Christos:

So, so there is opportunity.

Christos:

And I think that, uh, it will take some time for operators to

Christos:

realize that there is opportunity.

Christos:

Uh, but definitely there is a benefit for the consumer and if something

Christos:

is good for the consumer, people will find the way to buy to get

Mishaal:

it.

Mishaal:

Well, that's all the, uh, questions that I had for this episode.

Mishaal:

I just wanted to thank you Christus again for joining us.

Mishaal:

And before we close off, I wanted to have you tell people where they can

Mishaal:

find you online if you're online, anywhere and where they can follow

Mishaal:

for updates from you and your company.

Christos:

Uh, they con contact, uh, me personally through my LinkedIn profile.

Christos:

Of course they can contact us through our websites, uh, contact from this

Christos:

is, uh, we respond to every request.

Christos:

We, we get a lot of different ideas, et cetera.

Christos:

We are open to everybody.

Christos:

We have.

Christos:

Actually received orders and customers from around 170 countries.

Christos:

So we see a lot of traction and we are open to developers that want

Christos:

to build on top of what we created.

Christos:

And we are also open to listen to customers that have maybe specific

Christos:

needs that we haven't thought about.

Christos:

So LinkedIn and on a website is I think, a good place to.

Mishaal:

Okay, well, thank you for the outro.

Mishaal:

And as you've already mentioned, you can find David and i@esper.io.

Mishaal:

And this podcast is Android bites.

Mishaal:

We have a webpage up, but you can also find all our podcast

Mishaal:

episodes on blog, doper.io.

Mishaal:

So thank you again, Christmas for joining us.

Mishaal:

Thanks David, for joining me on another episode and thank you all for listening.

Next Episode All Episodes Previous Episode
Show artwork for Android Bytes (powered by Esper)

About the Podcast

Android Bytes (powered by Esper)
A weekly show that dives deep into the Android OS
Android Bytes (powered by Esper) is the podcast that dives deep into the engineering and business decisions behind the world’s most popular OS. https://www.esper.io

Android powers over 3 billion devices worldwide and is the platform of choice for over a thousand companies. You’ll find Android on smartphones, tablets, watches, TV, cars, kiosks, and so much more. How does Google architect Android to run on so many form factors, and how do companies fork AOSP to make it run on even more devices? These are the kinds of questions the Android Bytes podcast considers each week.

Join cohosts Mishaal Rahman and David Ruddock, two journalists with extensive knowledge covering the Android OS platform and ecosystem, as they speak to system architects, kernel engineers, app developers, and other distinguished experts in the Android space.

Get in touch with us at Esper.io if you’re looking to use Android for your product — we have the experience you need.

About your hosts

David Ruddock

Profile picture for David Ruddock
David is the Editor in Chief of Esper, and cohosts Android Bytes. David spent over 10 years as the Editor in Chief of Android Police, where he reviewed more phones than he'd care to admit, broke dozens of exclusive mobile industry stories (and also, phones), and ran one of the web's most vibrant Android communities.

Mishaal Rahman

Profile picture for Mishaal Rahman
Mishaal is the Senior Technical Editor at Esper.io and a cohost of the Android Bytes podcast. At his previous role as Editor-in-Chief at XDA-Developers, Mishaal was at the forefront of Android tech journalism, breaking story after story on new OS features and platform changes.