Understanding what a 5G SIM is and its benefits

Definition of a 5G SIM

A 5G SIM is a tamper-proof secure element, the only solution to secure 5G network access.

It has been specified by the 5G standardization body ETSI-3GPP in Releases 15 & 16 UICC specifications (UICC: Universal Integrated Circuit Card, better known as a SIM).

It aims at directly addressing the key 5G attributes: enhanced mobile broadband, massive IoT, and critical communications.

Launched commercially in 2019, 5G will reach 1.9 billion subscriptions worldwide in 2024 (i.e., 20% of all mobile subscriptions), making it the fastest generation ever to be rolled out globally scale. 

A 5G SIM encompasses all form factors (removable SIM, IoT SIM, 5G eSIM).

The full promise of the 5G SIM comes with 5G Stand Alone technology. Mobile operators have started deploying such core 5G networks (e.g. AT&T, Verizon, Vodafone Germany...). Over half of mobile operators will have launched 5GC (standalone) by the end of 2021.
 

Thales rSIM offer: addressing all MNO expectations

Challenges for 5G operators

To help deliver the full 5G promise to enterprises and users, trust is increasingly perceived as a pervasive transversal factor added to a mandatory trust-by-design virtualized 5G architecture.

But a certain number of legal and security concerns arise:

1. User privacy management is nowadays increasingly seen as crucial in a digitalized society. This reality hurts mobile operators most dear to them concerning their relationship with their users: reputation and, thus, trust. In particular, mobile subscriber identity is at stake (i.e., International Mobile Subscriber Identity, aka IMSI, used to identify the user of a mobile network and a unique identification associated with all mobile networks): thanks to IMSI catcher equipment, IMSIs can be easily misused to locate, trace individuals and collect data.   
   → Definition: An IMSI catcher (or Stingray) is an intrusive technology that acts as a false base station to locate and track all mobile phones switched on in a particular area. It does this by ‘pretending’ to be a mobile phone tower - tricking your phone into connecting to the IMSI catcher and then revealing your personal details without your knowledge. Source: Privacy International.
   The complete anonymization of the end-to-end subscriber identity is required (i.e., from mobile equipment to core network): it can be imposed on mobile operators by stringent regulations (e.g., GDPR, ePrivacy Regulation, aka ePR) or implemented by mobile operators as part of their own security policy or strategy.  

   1. The ePR aims at ensuring "a high level of protection of the right to the confidentiality of communications and individual privacy, and the creation of a level playing field between digital services relying on data in the EU."

   2. On November 6, 2020, the GSMA and ETNO (European Telecommunications  Network Operators' Association) issued a joint telecoms industry letter on the ePrivacy Regulation. Sent to EU national ministries and the Member States’ Permanent Representations to the EU, it aims to reaffirm the importance of such a regulation, mainly supporting the pseudonymized metadata process.
2. Current mobile security architectures mainly rely on the secrecy of mobile operators’ network authentication elements (i.e., the operator’s network access authentication algorithm and long-term secret-key credentials used for mutual authentication of users onto their mobile networks). Such information can be unexpectedly exposed via hacking attacks (e.g., state intelligence agencies or other actors) or accidental breaches during exchanges between mobile operators and their providers. This vulnerability can sometimes lead to communication spying, SIM cloning, and other unwanted activities. Should the mobile operator believe this sensitive data is compromised or is suspected of being compromised, it can be forced to change its network authentication algorithm and physically replace end-users SIM cards. Such actions are damaging to the user experience. They result in SIM card renewal costs, eventually leading to a loss of trust and the mobile operator's reputation. Hence mobile operators must maintain a cyber-resilient environment in case of an attack by restoring a trusted security level over the entire SIM lifecycle.
3. Enterprises are meant to be the primary beneficiaries of 5G. Mobile operators will leverage 5G virtualization and network slicing to provide tailored connectivity Service Level Requirements to enterprises. But in a post-COVID-19 era, companies' data integrity and confidentiality are increasingly at threat - and thus must be ensured.

Then 5G roaming is on the agenda too.

While travelling abroad, 5G users –particularly the early 5G adopters– logically expect to continue to roam on other 5G networks.

They would not understand that they could be connected to a 3G or 4G network while roaming, thus losing the 5G enhanced mobile experience.

The consequence?

Mobile operators must ensure that their roaming policy across 5G / 4G and 3G is correctly applied in any country.

Benefits of Thales' 5G SIM and 5G eSIM

Be ready for the upcoming 5G Challenges!

Leveraged by our field proven experience in mobile networks and MNO services facilitated by the necessary local team of experts to adapt to all your business needs.

Subscriber identity privacy

Mobile operators can now ensure user data anonymization thanks to IMSI encryption made possible by the highly customizable onboard identity encryption capabilities built into our 5G SIMs.

Cyber resilience

Mobile operators can securely and remotely swap on demand the authentication algorithm contained in the SIM thanks to key rotation management, thus maintaining a trusted environment.

Tailored enterprise & private networks confidentiality

Mobile operators can bring higher integrity and confidentiality levels for enterprise 5G services and private networks thanks to network authentication mechanisms.
Operators can provide tailored security, authentication, and authorization for each network slice.

Seamless 5G roaming experience

The 5G SIM ensures that mobile operators can offer users a seamless & optimal 5G roaming experience while maximizing their roaming revenues, thanks to 5G SIM-based over-the-air 5G steering of roaming capabilities.

Thales' 5G SIM is supported by the world's first 5G chipset for smartphones.

All the world's first 5G smartphones rely on Qualcomm®'s SnapdragonTM 855 Mobile Platform chipset.

Thales has worked closely with the world's leading mobile chipset and modem leader, Qualcomm Technologies, to fully support its 5G SIM with the Qualcomm flagship mobile platform. 

"Qualcomm Technologies has a longstanding relationship with Thales focused on delivering mobile solutions with robust security," said Gautam Sheoran, Senior Director, Product Management Qualcomm Technologies, Inc.

"We are extending this collaboration to allow OEMs to easily develop exciting 5G devices with strong security, using Thales 5G SIM and our next-generation flagship Qualcomm® Snapdragon™ 855 Mobile Platform to pave the path for 5G commercialization in 2019."