SERMA Safety & Security’s security laboratory is now accredited to carry out assessments according to the new GSMA eUICC Security Assurance (eSA) scheme.

A new GSMA Security Assurance Scheme has been created to carry out evaluations on embedded SIM cards (eSIM/eUICC).

The SERMA laboratory has already carried out several evaluations under this scheme and is now pleased to join the few laboratories accredited to carry out eSA evaluations.
With nearly 25 years of experience, the SERMA security laboratory works with exacting accreditations and is recognised as one of the best ITSEF (embedded security) laboratories in the world.

Obtaining GSMA certification is part of SERMA’s strategy to develop its skills in the mobile and IoT security domains. The laboratory invests heavily in these fields with a dedicated team and tools adapted to its markets.

What’s GSMA?

The GSMA (GSM GSM Association, formerly known as Groupe Spécial Mobile) is the global administrator of the Type Assignment Code (TAC), which is used to create the International Mobile Station Equipment Identification Number that can uniquely identify wireless devices.

What’s an eSIM?

After the SIM card, the mini-SIM, the micro-SIM and the nano-SIM, make way for the eSIM! The eSIM or embedded SIM is a virtual SIM card integrated into a device (smartphone, tablet or connected object).

The eSIM chip, also called eUICC (technical name: Embedded Universal Circuit Card), is much smaller and is integrated directly into the equipment by the manufacturer. It enables the remote management of subscriptions from several mobile network operators. Apart from the profile installation and activation which are different, the eSIM works like a traditional SIM card and offers many advantages.

More and more smartphones, tablets and laptops are equipped with an eSIM card.
Strategy Analytics forecasts that sales of eSIMs for IoT applications will grow to 326 million by 2025, according to a new Strategy Analytics IoT Strategies report.

What’s eSA scheme: eUICC Security Assurance scheme?

The GSMA’s Security Accreditation Scheme (SAS) enables mobile operators, regardless of their resources or experience, to assess the security of their UICC and eUICC suppliers, and of their eUICC subscription management service providers.

The Universal Integrated Circuit Card (UICC) in mobile devices, and its applications and data play a fundamental role in ensuring the security of the network, the subscriber’s account and related services and transactions. To safeguard the integrity of UICCs, of Embedded UICCs (eUICCs) with remote provisioning capabilities, and of their applications and data, it is essential that the supplier environment and processes that are used to manufacture and/or manage UICCs and eUICCs are secure.
Source: https://www.gsma.com/security/security-accreditation-scheme/