Sunday, 31 March 2019

Beyond eSIM: How iSIM could turn phones into the ultimate Internet ID

Most modern smartphones still support the classic SIM card (well, the nano variant at least), but a gradually growing number of phones and other consumer gadgets are starting to support eSIM. We might not be too far away from yet another change in SIM tech, as devices could soon start using iSIM.

Earlier this year, Arm unveiled its vision for the iSIM – an integrated SIM that fits into a device’s system-on-a-chip. In the future, along with a CPU, GPU, LTE or 5G modem, your next phone SoC could also include the SIM card built inside it too.

While there might not appear to be a big difference compared to eSIM, iSIM could end up drastically changing the way we use a wide range of connected devices.

eSIM vs iSIM

eSIM and iSIM are rather similar in a number of respects. Both replace the transferable nano SIM cards with a hardware chip that’s permanently fixed inside a user’s phone, tablet, or other gadget. When you consider that nano SIM cards are around 12.3 x 8.8 mm in size, as well as the hardware necessary to house them, these ideas save on a lot of space.

Don’t fret, eSIM and iSIM are still configurable, allowing customers to select carriers, data plans, and to change their numbers at will.

These two SIM technologies can be reprogrammed as needed to change carriers and modify restrictions or permissions on your tariff. This also required the development of standards for remote provisioning. Here, SIM information is updated over the cellular network rather than by physically changing a card.

Better still, eSIM and iSIM can be used to register a single device on multiple operators, simplifying international roaming. Transfering between carriers won’t require you to replace your SIM, and in the future, it should be possible to manage credentials and access multiple devices using eSIM or iSIM using just a single tariff. This applies to both the business and consumer worlds.

The key difference between eSIM vs iSIM is in their implementation. While an eSIM is a dedicated chip attached to a gadget’s processor, an iSIM is embedded in the main SoC alongside the processor. That might only be a subtle difference, but it is an important one for a number of growing use cases that demand high levels of security.

iSim vs eSIM vs nanoSIM size comparison Arm

What are the benefits of iSIM?

Compliant with the GSMA Embedded SIM specifications, iSIM is primarily designed for Internet of Things (IoT) devices. A key reason for this is due to the security advantages afforded by integrating the SIM into the SoC. Hardware tampering with external nano or eSIM is prevented, and Arm devices also afford protection from SoC tampering thanks to the company’s latest PSA Certified initiative. It’s virtually impossible to break into an SoC and mess with the software or networking hardware.

Furthermore, the combination of Arm’s Kigen OS, TrustZone, and CryptoIsland capabilities means that secure data, cryptography, and other processing can all be handled locally. This reduces or eliminates the risk associated with sending sensitive data out to other bits of hardware that could be tampered with. Secure data is kept locked in secure software on secure hardware. For IoT, this enables the integration of an MCU, cellular modem, and SIM identity with all the required crypto elements into a single smaller, cheaper, more secure chip.

iSIM is designed for more secure IoT devices, but the benefits could apply to phones too

A tighter, more secure relationship between security and SIM could eventually have implications outside of IoT, such as for smartphones. More and more, increasingly sensitive data, from biometric fingerprints to credit card information, is stored on today’s smartphones. Securely tying these to our online SIM identity can open up a whole new range of use cases.

Samsung Galaxy S10 Plus fingerprint sensor

The future is mass connectivity

If the predictions about huge connected smart cities, intelligent factories, and a growing number of wireless consumer devices are to be true, we’re going to need a way to manage all of these products. Arm’s Kigen OS is a cloud-based service that can manage the provisioning of new profiles to devices in the field. In the not too distant future, consumers could end up using a cloud system to manage the various devices on their wireless iSIM contract too.

Consumers are already paying for multiple data plans that include connected security cameras and other IoT devices. These will surely eventually be brought under a single user account. Furthermore, household or family plans where users can control and revoke access to a wide range of devices on that plan become feasible. In other words, your master iSIM identity could control a ton of other devices that are on a single connected plan.

If you’re happy using your identity for mobile banking, why not combine biometrics with your SIM ID to manage accounts and apps across other devices?

But why stop there? Many of you are likely already using biometric identity information for mobile payments. Bringing SIM into the picture means that network access keys and data permissions, root of trust, and more can be brought into the picture. If you’re happy to use your identity for banking, why not use that information to link up with your SIM contract to manage multiple accounts and apps across all of the devices under your name?

Editor's Pick

Of course, for that to happen you’ll want enhanced security on all of your devices. Google is helping to spearhead this in Android, which now supports secure external hardware security modules via Strongbox. This requires a secure module with its own CPU and cryptographic key algorithms, while also supporting key integrity with the main system’s Trusted Execution Environment (TEE).

Strongbox in Android, a secure enclave in OS, and other enclaves, for example in NFC, are all part of this picture. These are not standardized at the moment and are not likely to merge in the future. That’s not necessarily a problem though, as keeping keys separate can help with security. In the future, we could see a super secure enclave that can run multiple secure apps and system within it. But that’s likely five or more years out from now.

Could you trust an “Internet ID”?

Improved device and data security is quickly arriving, and integrating this security with eSIM or iSIM can really lead to some interesting use cases. Ultimately, what is required is a system secure enough that consumers can trust a form of “Internet ID.” This isn’t a new concept, Internet ID has previously been suggested for ensuring better accountability for online transactions and even social media accounts.

Other, more outlandish use cases could include integration with actual forms of real-world identity. If you’ve paid for memberships, such as the gym, with your phone, this could be tied to your SIM identity and use an NFC or other scanners to pass through a turnstile. The same could apply for public transport passes. Secure-enough devices could even be used for documentation such as digital driving licenses and ID cards with mobile passport capabilities, allowing you to pass borders with your phone rather than a paper document. Although, ideas like that might not sit comfortably with everyone.

Regardless of the form Internet ID eventually takes, we’re fast heading towards a future where our devices become even more closely tied to our identities.



from Android Authority https://ift.tt/2V2XHgZ
via IFTTT

0 comments:

Post a Comment