- This event has passed.
Cloud Security aspects of eSIM, Remote SIM Provisioning & Wearable Smart Devices
February 22, 2017 @ 6:00 pm - 8:30 pm
Free
Karl will discuss security of IoT Consumer devices: The rise of eSIM (eUICC), for commercial applications in the IoT, M2M and Wearables marketplace.
The key to understanding eSIM is to understand Multi-IMSI – International Mobile Subscriber Identity and MNO operator profiles with Subscription Management of smart and connected devices.
The GSMA has created a three-step program for the scaling of IoT devices with eSIM for GSMA’s Remote SIM Provisioning for on-demand connectivity and subscriptions, where the owner of the device sets up and controls 4G LTE WWAN connectivity to activate (In the Cloud) and connect services to any operator’s network.
Currently, devices without “ Tamper Resistant” hardware (secure domain) security will be breached and threatened by Malware. The eSIm/eUICC form factor is MFF2, a hermetically-sealed and soldered SIM module onto the PCB of the smart & connected device and further secured by a hardware SE – Secure Element storage container in the Smart Card to store users sensitive credentials.
Remote SIM Provisioning is managed by a two-phase provisioning process called SM-DP and SM-SR. In Wearable Payment Smart Watches with Android OS, security for performing NFC point-of-sale mobile payments also needs security, either from the eSE within the eSIM.
However, if a virtual “soft” SIM is used, then a TEE-like Trusted Execution Environment with ARM Trustzone Firewall (a securely protected environment in the mobile applications processor chip) can is used to store and secure sensitive user payment credentials, like credit card tokens. Tokens themselves are secure but without “Tamper Resistant” security, they can also be breached. Finally, Wearables for payment in subway transit system are growing globally, especially in Asia and Europe, major transportation networks seek to take advantage with Wearable Payment Smart Watches, NFC-enabled Rings, Wristbands and even NFC & Bluetooth clothing.
All of this technology is coming from outside the USA to influence adoption in the USA.
