G+D
Mobile Security

GSMA Case Study: Leveraging the SIM to Secure IoT Services

SIM cards used by mobile network operators to authenticate phones can also be used to secure IoT applications. A GSMA Case Study outlines how a SIM card can provide a secure ‘root of trust’.

The SIM cards used by mobile network operators to authenticate our phones today can also be used to secure Internet of Things (IoT) applications. Mobile operators in the Americas, Asia and Europe are developing and deploying SIM-based IoT security services to support IoT customers.

The GSMA Case Study: Leveraging the SIM to Secure IoT Services outlines how a SIM card can provide a secure ‘root of trust’ to provision and store digital certificates and other kinds of security credentials such as passwords. These credentials can be used to identify and authenticate an IoT device to interact with a server-side application or IoT platform. A mobile operator can use its existing provisioning infrastructure as a secure channel through which to cost-effectively install, validate and update the security credentials safely housed on SIM cards.

G+D can add the PKI certificate or other credentials to the SIM card over-the-air and secure the device identity throughout the device lifecycle.

Tomi Ronkainen, G+D Mobile Security

New solution in production before the end of 2018

G+D Mobile Security in partnership with US mobile operator AT&T has developed a solution to securely provision an IoT device’s identity and credentials for secure authentication to cloud platforms and applications. The GSMA invited G+D to feature this SIM-enabled security solution at the Mobile World Congress Americas’ Innovation City. The solution is slated to be put into production before the end of 2018.

AT&T customers are already gearing up to use the solution, including a large machinery manufacturer, an automotive OEM and a cloud service provider. “We also intend to use it for internal products, such as our end-to-end asset tracking and fleet management solutions,” Senthil Ramakrishnan, AT&T, adds. “It will be deployed in several end-to-end solutions.”

“G+D can add the PKI certificate or other credentials to the SIM card over-the-air and secure the device identity throughout the device lifecycle”, says Tomi Ronkainen, G+D Mobile Security.

For more information about SIM-enabled security for the IoT, this GSMA Case Study presents real world solutions with broad applications.