Meet the three new heroes who load magic keys on the assembly line
SGP.41 introduces three brand-new team members. The SM-DPf (Factory Key Maker) is the master craftsman: the only one trusted to create, protect, and bind keys. The FPA (Factory Robot) has one simple job: push locked packages into chips and report back!
The SM-DPf is the master craftsman with five jobs: generate keys, encrypt them, lock each to one specific chip, store them safely, and ship locked packages to the factory. It's SAS-certified: like having a top-security government vault clearance!
The FPA is the assembly-line robot with exactly one job: pick up the locked key package, push it into the eSIM chip, and report back whether it worked. The clever part? The FPA never sees the actual key. It only handles locked, encrypted packages!
The Factory Boss (device manufacturer) requests keys, stores packages, and directs the Robot: "Load this!" The Chip Maker (EUM) loads one-time keys into each chip: like disposable padlocks. The Factory Boss can do all this without internet on the production floor!
The team talks through special channels called interfaces. The carrier tells the Key Maker what keys to build (ES2f). The Key Maker ships locked packages (Esbpp). The Boss directs the Robot (Esfac). And a secret tunnel (ES8f) lets the Key Maker talk directly to the chip: right through the robot!
The FPA Services on the eSIM chip are only active during the factory process. Once the device leaves the production line, those services lock up forever. This means nobody can use the "factory back door" to sneak a malicious key onto your device later!
🏭 Next: From Factory Floor to Pocket →