RSP
ApplicationRemote SIM Provisioning -- the process of downloading and managing SIM profiles over-the-air on eSIM devices.
RSP
Remote SIMSIMApplicationSmart card for mobile network authentication.Click to view → Provisioning (RSPRSPApplicationOver-the-air SIM profile management.Click to view →) is the GSMA-standardized framework for securely downloading, installing, and managing mobile network operator profiles on eSIM (eUICC) devices over the internet or cellular network. RSP eliminates the need for physical SIM card logistics — operators can provision subscribers remotely, and users can switch carriers without visiting a store.
RSP Architecture
The RSP ecosystem involves several interacting entities:
| Entity | Role |
|---|---|
| eUICC | On-device secure elementsecure elementSecurityTamper-resistant hardware for secure operations.Click to view → storing operator profiles |
| LPA | Device-side app managing profile operations |
| SM-DP+ | Server preparing and delivering encrypted profiles |
| SM-DS | Discovery server — helps LPALPAProvisioningDevice-side app for managing eSIM profile operations.Click to view → locate pending profile downloads |
| Operator BSS | Business support system initiating profile orders |
| CI (Certificate Issuer) | GSMA root CA for the PKI trust chain |
Consumer RSP Flow (GSMA SGP.22)
A typical consumer profile download proceeds as follows:
- The user obtains an activation code (QR code or manual entry) from the operator
- The LPA on the device parses the activation code to extract the SM-DP+ address
- The LPA establishes a TLS connection to the SM-DP+ server
- Mutual authentication occurs between the eUICC and SM-DP+ using ECKA (Elliptic Curve Key Agreement) with certificates rooted in the GSMA CI
- The SM-DP+ sends the encrypted subscription profile (bound to the target eUICCeUICCProvisioningReprogrammable SIM chip supporting remote profile switching.Click to view →'s EIDEIDIdentityNational ID with embedded chip.Click to view →)
- The eUICC decrypts and installs the profile in its secure storage
- The user enables the profile, and the device registers on the operator's network
M2M RSP (GSMA SGP.02)
For IoT and M2M devices without user interfaces, the GSMA defines a push-based provisioning architecture:
| Aspect | Consumer (SGP.22) | M2M (SGP.02) |
|---|---|---|
| Trigger | User-initiated (pull) | Operator-initiated (push) |
| Profile delivery | SM-DP+ direct | SM-DP via SM-SR |
| Device UI | Required | Not required |
| Profile management | User controls enable/disable | Operator controls remotely |
Security Model
RSP security relies on multiple layers:
- PKI: GSMA CI-issued certificates authenticate all parties (eUICC, SM-DP+, SM-DS)
- Bound profile package: Profiles are encrypted specifically for the target eUICC's EID using ephemeral ECDH keys
- Secure Element: All profile decryption and key storage occurs inside the tamper-resistant eUICC
- Attestation: The eUICC proves its identity and platform integrity before profile download
The GSMA manages the root certificate infrastructure (CI), and all eUICC manufacturers and SM-DP+ operators must obtain GSMA SAS certification to participate in the RSP ecosystem.
Related Content
SIM Card Types Explained
Getting Started…provisioned over-the-air via GSMA Remote SIM Provisioning (RSP) — see the eSIM Remote Provisioning Guide . Key eSIM…
eSIM and Remote SIM Provisioning
Industry Applications…the air — a capability known as Remote SIM Provisioning ( RSP ). Governed by GSMA specifications (SGP.02 for M2M, SGP.22…
SIM to eSIM Migration Guide
Industry Applications…devices via SM-SR Fleet provisioning without field visits RSP (Remote SIM Provisioning) is the core enabler. GSMA SGP.22…
5G SIM and iSIM Technology
Industry Applications…in SoC Profile management Carrier swap = physical swap RSP over air RSP over air Standards ETSI TS 102 221 GSMA…
Часто задаваемые вопросы
The smart card glossary is a comprehensive reference of technical terms, acronyms, and concepts used in smart card technology. It covers protocols (APDU, T=0, T=1), security (Common Criteria, EAL, HSM), hardware (SE, EEPROM, contact pad), and applications (EMV, ePassport, eSIM). It serves developers, product managers, and engineers.
Yes. SmartCardFYI provides glossary definitions in 15 languages including English, Korean, Japanese, Chinese, Spanish, Portuguese, Hindi, Arabic, French, Russian, German, Turkish, Vietnamese, Indonesian, and Thai.