STMicroelectronics has become the first company to get a product certified under the GSMA’s new eUICC Security Assurance scheme (eSA) for Machine-to-Machine (M2M) solutions. The certification specifically applies to STM’s ST4SIM-201v1.0.8 product, which is geared toward eSIM applications.
In that regard, the GSMA’s eSA program was set up to measure the integrity of new eSIM M2M products. A certification indicates that a solution is strong enough to thwart high-level cybersecurity threats, and can therefore be trusted to protect a wide range of connected devices. The GSMA is hoping that the program will help reduce development times and allow manufacturers to bring new devices to market more quickly, since those manufacturers will be able to move forward knowing that their eSIM tech meets certain compliance benchmarks.
The STM evaluation was carried out by SGS Brightsight and ratified by TrustCB. SGS Brightsight is a GSMA Licensed Test Laboratory, while TrustCB is the GSMA’s appointed Certification Body. The GSMA indicated that its testing process takes less time than other programs, with standards that are still in line with the latest ISO and Common Criteria expectations.
“This is a critical milestone for STMicroelectronics, and we thank the GSMA for maintaining the highest security levels for the product and their efforts to support reduced time-to-market with quick and efficient eSIM certification,” said STMicroelectronics Marketing Director Laurent Degauque.
“The GSMA is committed to promoting security across the entire mobile ecosystem to ensure the benefits of mobile connectivity can be enjoyed safely by all,” added GSMO CTO Alex Sinclair. “eSA ensures that eSIM products have the same level of security resilience required for chips embedded in passports. We are delighted that our processes enable faster time to market for manufacturers.”
IDEMIA got its own eUICC solution certified through a separate process back in 2021. The GSMA, meanwhile, has been encouraging countries to build up their mobile infrastructure and implement policies that will allow more people to participate in the digital economy.