An Interview With Thales - Finding Out More About Their Award-Winning Cybersecurity Platform

POSTED BY Chris Phillips
Thales recently won a number of awards in our Future Digital Awards programme.

We interviewed their team to find out more about their award-winning cybersecurity platform, the benefits of Root SM-DS and how the technology will evolve.

1. The Root SM-DS is one of the methods defined in the GSMA Consumer Remote SIM Provisioning specification, for eSIM devices to download profiles. The GSMA launched this service in pilot mode in 2017 to allow the ecosystem to use it for non-commercial services. Recently, the GSMA has launched this service in commercial mode. Can you please explain why is this launch important?

MNOs and OEMs wanting to support this activation method, needed to have commercial conditions that guaranteed them that the service would be available in the future with a service level agreement behind. With the commercial launch of this service, MNOs and OEMs can now fully adopt this service as part of their strategies and roadmaps. Which means that from now on, we will see commercial devices launched having the Root SM-DS enabled, and MNOs getting ready to support this service to activate these devices.

2. What is the difference of using QR codes versus using Root SM-DS for the download of profiles?

When a subscriber purchases a mobile connectivity plan for a device, the MNO will reserve a profile for it. This profile needs to be downloaded to the eSIM for the subscriber to start using the connectivity plan. For this download to happen, the eSIM needs to know from where (ie from which address) this profile needs to be downloaded. The QR Code provided by the MNO contains this address (and also the ID of the profile that was reserved). Therefore, when the subscriber scans the QR code, the eSIM retrieves this address (and matching ID) and downloads the profile from it. In the case of the Root SM-DS, this address will be provided by this service. In other words, when needing to download a profile, the device will query the Root SM-DS, which will then reply sending the address(es) where the device has profiles ready to be downloaded.

In terms of user experience, the QR code needs the user to scan the QR code. And the Root SM-DS requires the user to provide the device EID or, alternatively, that the MNO gets this EID by scanning it from the device box or screen.

The QR code method requires the device to have a camera to scan the code, whereas the Root SM-DS does not need a camera, allowing the download to happen in one click. Therefore, the Root SM-DS method is the best option for IoT devices that are typically constrained and not provided with a camera.

3. One of the first questions that are raised by MNOs about the Root SM-DS is how to manage the fact that the MNO needs to know the EID of the device that wants a profile. The issue being how to avoid asking the subscriber to type in this number?

When the subscriber goes to a MNO shop to purchase a subscription, the MNO staff can be provided with a scanner to scan the EID from the device´s box or screen.

When the subscriber uses their laptop to purchase a subscription from the MNO portal, their can use the laptop camera to scan the EID.

When the subscriber uses their mobile phone to purchase a subscription from the MNO portal, they can take a screenshot of the EID and send it to the MNO.

4. How do you see the Root SM-DS will evolve?

There are several perspectives to this evolution. From the perspective of adoption, we expect to see in the near future OEMs launching devices enabled to query this service. We know of Tier 1 OEMs already launching mobile phones, meaning the adoption has already started. Consequently, the more devices that are commercially available, the greater number of MNOs that will be supporting the service.

From the ecosystem perspective, knowing that there is one OEM who has already launched their own Root SM-DS, we believe that, in the future, the GSMA Root SM-DS will co-exist with multiple Root SM-DS owned by OEMs, and maybe MNOs as well. But we believe this OEM Root SM-DS approach to be affordable only for a few OEMs, mainly Tier 1s. This will be a challenge for MNOs, as they will face a market with multiple Root SM-DSs and they need to be ready to support them and know which one to contact every time they need to download a profile.

5. How can Thales help MNOs that want to start supporting the Root SM-DS method?

Thales is offering the Thales SMDS Connect service which is a one-stop shop for MNOs that want to start supporting the Root SM-DS method. Having in mind the market fragmentation, and the importance for MNOs to maximise their reach of devices from all brands, through this service MNOs will be able to connect and use (subject to prior agreement between the OEM and the MNO) the complete galaxy of Root SM-DS. Thales SMDS Connect is a single integration point between the MNO system and all the available Root SM-DS, meaning that it is easy and quick to upgrade to upcoming OEM Root SM-DS. And it provides routing capabilities which prevent the MNO from needing to indicate which Root SM-DS needs to be contacted at every profile download. This solution is compliant with GSMA specifications for complete interoperability and it relies on Thales’ proven expertise in delivering Root SM-DS services since 2017 (https://www.gsma.com/membership/gemaltos-discovery-service-boosts-demand-connectivity-activation-consumer-devices-worldwide/).