SIMalliance The SIM (r)evolution: secure M2M deployments and evolving market demandsevolving market demands

Benoît JouffreyChairman SIMalliance M2M Working groupOctober 2011

1

Who We Are

MEMBERS

Security . Identity . Mobility

2

STRATEGIC PARTNERS

SIMalliance Members deliver more than nine in every ten SIM cards sold worldwide

ETSI TC M2M WORKSHOP – 27 October 2011

What We Do

SIMalliance supports secure mobile service creation, deployment and management by advancing interoperability and extending security across all devices that access security across all devices that access

wireless networks

Security . Identity . Mobility

3

Since 2000

ETSI TC M2M WORKSHOP – 27 October 2011

Working Groups Program: M2MMobile

Internet

Security

Mobile

Transactions

M2M

Expert Resource s

Consultative

Multi-Platform

WHAT: Taskforce

AIMED AT: Standard Bodies & Associations,

MNOs and eSIM Manufacturers

OBJECTIVE: contribute and complement

Vertical Focus

OBJECTIVE: contribute and complement

work of GSMA Embedded SIM Task Force

and ETSI

ETSI TC M2M WORKSHOP – 27 October 2011

The m2m marketThe m2m market

5

M2M Market – some key trends

Connected Devices The next decade’s Holy Grail ?

• M2M/Consumer Electronics providers• MNO: strategic decisions in a new ecosystem

•New Business process•New Business models•New Product strategies•New Revenue models•New Partners

• Regulator influence (roaming)

6

Hardware M2M Key drivers

• Miniaturization – SIM FF & Module – towards SIM and module integration• High quality driven by M2M industry• Reducing Logistics & integration• Variety of form factors, from to : SIM goes industrial

ETSI TC M2M WORKSHOP – 27 October 2011

Not speaking about specific environmental conditions

Outdoor

Cold

Heat

Rain

Sun

Vibration

... machines are not human... specific products designed for m2m

ETSI TC M2M WORKSHOP – 27 October 2011

The SIM: the thin client current assets

Identity and authentication (IMSI)

Preferred List of Mobile

Network access settings (WAP, GPRS…)

PLMN usage is the standard to choose a network when

The SIM is the sensor to detect what is the model of

the handset and give access to device parameters

All the subscription parameters are stored onto

the SIM

Tamperresistance

Securedstorage

Standardised

Preferred List of Mobile Networks (PLMN)

Personal data

STK applications The SIM is the only universal application platform working with 100% of the devices.

to choose a network when roaming

Standardized phonebook for 100% of the devices.

Credentials for third party applications

The SIM is the security element for key new applications such as

NFC, payment.

resistance

Execution environment

OTAbility

ETSI TC M2M WORKSHOP – 27 October 2011

SecuritySecurity

9

� Fraud on data consumption� Prevent from removing UICC

� Pair devices with SIM

� “War texting” on M2M applications

Securing m2m: a market need

M2M Market threats

� Tampering and physical attacks: personal data corruption, consumption fraud

� Fraudulent remote infrastructure access

Leveraging on SIM assets

SECURED ACCESS

applications

� Ensure secured transmission and secured access to the device

� Protect personal data

access

� Retrieve personal information: health, smart grid…

� In remote� Stored in equipment� Privacy compliancy

SECURED TRANSMISSION

DATA PROTECTION

ETSI TC M2M WORKSHOP – 27 October 2011

The eUICCThe eUICC

11

eUICC: view on use cases (*)

Provisioning of multiple M2Msubscriptions

Provision of first subscription with anew connected device

Subscription Management

eUICCChange of subscription for a device

Termination of a subscription

Subscription transfer betweendevices

12ETSI TC M2M WORKSHOP – 27 October 2011

(*) As stated in GSMA Embedded SIM Task Force Requirement and use cases document v1.0 February 2011

MNO 1Subscription

MNO 2Subscription

eUICC

eUICC: some characteristicseUICC: a certified tamper-resistant hardware component which may be solderedinto mobile devices, to run the secure network access applic ation (s) and enablethe secure changing of subscription identity and other subs cription data. Performsthe role of a traditional UICC.

Setting-up and/or storing and using credentials

eUICC access credentials used by the Subscription Manager to establish a securedchannel with the eUICC,

13

channel with the eUICC,

Controlling Authority credentials

Profile protection credentials used by the Subscription Manager to secure the profileto be delivered to the eUICC

Sub-group of m2m security experts from SIMAlliance m embers working on a new Protection Profile (PP) for eUICC in coordi nation with GSMA,

Compatible with current PPs applicable to UICC

Possible content of interoperable Profiles include Keys, PINs certificates,interoperable Java Card applets, content of specific files… (To be defined in details).

ETSI TC M2M WORKSHOP – 27 October 2011

ConclusionConclusion

14

Conclusion

Security . Identity . MobilityFor Machines

Security : leverage one of the key assets of the SIM, a tamp er-resistant hardware

Identity : the thin -client approach carrying the subscription

15

Identity : the thin -client approach carrying the subscription data, today and tomorrow

For Machines: SIM adapted itself to the specificities of the m2m market (small is beautiful), with new form fact ors and new features.

ETSI TC M2M WORKSHOP – 27 October 2011

Questions?Benoît JOUFFREY

SIMalliance – M2M Working group chairman

T +49(0)89 210 299 125T +49(0)89 210 299 125

M +49(0)162 139 4594

Hervé PIERRE

SIMalliance - General Secretary

T +33(0)442 364 474

M +33(0)673 840 900

SIM Market Evolution Volumes sold in B units

173,9 B in 2010 +25% YoY

Geographical Breakdown

351M => 374M +6%

116M =>141M +22%North America

93M => 107M +15%EEIS & Balkans

Volumes sold in M units

23M=>33M +44%Japan/Korea

752M =>823M +9%

151M => 176 +16%Russia & Ukraine

18

260M=>323M +24%Latin America 405M => 557M +37%

Africa & Middle East

351M => 374M +6%Western Europe

471M => 658M +40%India

523M => 725 +39%Asia Pacific & Indonesia

20102009

752M =>823M +9%Greater China

Memory Breakdown

78KB =>84M +8%

68KB =>70KB +4%North America

59KB =>59KB 0%EEIS & Balkans

93KB=>99KB+6%Japan/Korea67KB =>77KB+15%

59KB=> 62KB +5%Russia & Ukraine

Size in KBytes

19

108KB=>112KB +3%Latin America 68KB => 73KB +8%

Africa & Middle East

78KB =>84M +8%Western Europe

45KB=> 47KB +5%India

48KB =>48KB 0%Asia Pacific & Indonesia

20102009

Japan/Korea67KB =>77KB+15%Greater China

3FF

97,904

SMD

1,251

NA 29%

ASIA

PAC 9%

J/K 6%WE

38%

MEA

6%

REST

12%

3FF20% of

shipments in

NA, WE &

JAP/KO

New Form Factors: a growing market

20

2FF

3818,132

Volumes sold in M units

NA

19%

GC

24%WE

53%

REST

4%

SMD

2010 figures. H1 2011 figures to be published at SIMposium Asia in October 2011

ETSI TC M2M WORKSHOP – 27 October 2011