Research into E-SIM security-related applications with ASPIDER-NGI

10 MAY 2017

In a proof-of-concept (PoC), SURFnet is working jointly with ASPIDER-NGI, a mobile virtual network operator (MVNO), on the potential of security-related applications on our E-SIM. How can we add and manage our own authentication and authorisation applets securely? We are looking specifically at strong authentication and access to eduroam.

Research into new functionalities

Following the successful pilot with BTG in 2016, where a different profile was copied onto SIM cards ‘over-the-air’, we are this year looking at security-related applications for our embedded SIM (E-SIM). The E-SIM is a much more secure authentication method than the combination of username and password. We will be looking at how we can use the E-SIM for strong authentication and to get access to eduroam. The pilot in 2016 demonstrated that the E-SIM was suitable for giving access to eduroam. In the PoC we are looking for optimum and scalable implementation.

Collaboration with ASPIDER-NGI

We are carrying out this research with ASPIDER-NGI. We are expecting to make great progress this year towards being in a position to implement the E-SIM in order to improve the security of applications and services. As expected, the (smart)cards that institutions have will provide other benefits in future. An important pre-condition is that the applets on the E-SIM do not cause any conflicts with the primary functionality of the E-SIM, namely access to 2G/3G/4G/5G networks. It also needs to be possible to configure and manage the applets remotely.

More information

Latest modifications 10 May 2017