eUICC

eUICC (Embedded Universal Integrated Circuit Card)

The eUICCeUICCProvisioningReprogrammable SIMSIMApplicationSmart card for mobile network authentication.Click to view → chip supporting remote profile switching.Click to view → is a secure element designed specifically for remote SIM provisioning. Unlike traditional removable SIM cards that carry a single operator profile soldered or socketed into a device, the eUICC is a reprogrammable chip — typically soldered directly onto the device motherboard — capable of securely downloading, storing, and switching between multiple operator profiles over the air.

Architecture

The eUICC contains an ISD-R (Issuer Security Domain - Root) that serves as the trust anchor for all profile management operations. Each downloaded profile resides in its own ISD-P (Issuer Security Domain - Profile), providing cryptographic isolation between operators. The GlobalPlatform framework manages applet lifecycle within each domain.

Key components inside the eUICC:

• ECASD (eUICC Controlling Authority Security Domain) — holds the eUICC certificate and private key for SM-DP+ authentication
• ISD-R — root domain managing profile installation, enabling, disabling, and deletion
• ISD-P (per profile) — isolated container for each operator profile's NAA, file system, and applets
• LPA services — device-side interface for profile discovery and management

Standards and Specifications

The GSMA defines two RSPRSPApplicationOver-the-air SIM profile management.Click to view → architectures:

The eUICC chip itself must be Common Criteria certified (typically EAL 4+ with AVA_VAN.5) to ensure tamper resistance of stored profiles and cryptographic operations.

Deployment Considerations

Modern eUICC implementations support 5-15 simultaneous profiles depending on available EEPROM or flash memory. Profile download uses ECKA (Elliptic Curve Key Agreement) to establish a secure channel between the SM-DP+ and eUICC, ensuring that profile data — including IMSI, Ki, and OPc — is never exposed during transit. The RSP specification requires mutual authentication before any profile operation proceeds.