Comprehensive technical knowledge base covering 12 GSMA eSIM specifications. 84+ articles on Remote SIM Provisioning — SGP.02, SGP.22, SGP.32, SGP.41, SGP.29, SGP.23, SGP.25, SGP.26 and more.
🏠 eUICC.tech > SGP.02 M2M RSP
The SGP.02 specification defines the GSMA’s Remote Provisioning Architecture for Embedded UICC in machine-to-machine devices. This 12-article series covers the complete M2M eSIM “push” architecture: from the ecosystem roles through profile download, lifecycle management, and the SM-SR Change procedure.
Articles are designed as ~1,200–1,800 word reads (<10 minutes each), building progressively from foundation to advanced topics.
SGP.02 v4.2: The M2M eSIM Push Architecture : What is SGP.02, the push model (SM-SR decides when profiles arrive), why it existed before IoT, scope vs SGP.22 consumer. Spec: §1.1–1.8
M2M Ecosystem: EUM, SM-DP, SM-SR, and the Operator : Four core roles, interface landscape (ES1–ES8), how they differ from consumer roles, the SM-SR as central hub. Spec: §2.1
Inside the M2M eUICC: ISD-R, ISD-P, ECASD, and EID : Security domains, EID structure, profile container lifecycle, profile isolation, and hardware requirements. Spec: §2.2
M2M Certificate Hierarchy: CI, EUM, SM-DP, SM-SR, and eUICC : Three-tier PKI, dual certificate format (X.509 and GlobalPlatform), CRL management, algorithm requirements through 2030. Spec: §2.3
OTA Communication: SMS, PSK-TLS, CAT_TP, and DNS : The ES5 bearer, SMS triggering, PSK-TLS handshake, HTTP POST pattern, CAT_TP transport, DNS resolution for SM-SR addresses. Spec: §2.4–2.8
Profile Download: ISD-P Creation, SCP03, and Encrypted Delivery : Full download flow, ISD-P creation, Scenario#3 mutual authentication, ECKA-EG key agreement, SCP03/SCP03t encrypted delivery, error management. Spec: §3.1
Profile Lifecycle: Enable, Disable, Delete, and Fall-Back : Three initiation paths (Operator ES4, SM-DP relay, M2M SP ES4), state machine transitions, enabling/disabling semantics, Master Delete with Delete Token. Spec: §3.2–3.7, §3.10
SM-SR Change: Handover, ES7 Interface, and EIS Migration : Full 32-step handover between SM-SRs, ES7 interface functions (HandoverEUICC, AuthenticateSM-SR, CreateAdditionalKeySet), EIS migration, preventing vendor lock-in. Spec: §3.8–3.9, §5.6
Resilience: Fall-Back Mechanism, Emergency Profiles, and Test Profiles : Fall-Back Profile concept and autonomous activation, Emergency Profile for regulatory compliance, Test Profile lifecycle, local enable/disable via ESx. Spec: §3.16, §3.22–3.31
Policy Rules & Notifications: POL1, POL2, and the Default Notification : Dual-enforcement POL1/POL2 framework, notification types and SMS/HTTPS delivery, Default Notification procedure, ONC (Operator Notification Configuration), PLMA for M2M SP authorisation. Spec: §3.11–3.15, §3.20–3.21
Off-Card Interfaces: ES1–ES7 and the SOAP Binding : Complete function catalog for ES1–ES7, ES4A for M2M SP/ONC, SOAP/HTTPS binding with WS-Addressing and WS-Security, ASN.1 message mapping. Spec: Chapter 5, Annex A–C
SGP.02 vs SGP.22 vs SGP.32: Push, Pull, and the Evolution of eSIM : Comparative analysis across all three GSMA eSIM specs, when to use which standard, M2M push vs consumer pull vs IoT pull, migration paths from legacy M2M to modern IoT. Cross-spec comparison
The articles build progressively:
A reader can stop after Article 7 and have working knowledge of SGP.02. Articles 8–12 provide depth for implementation or architectural decision-making.
Specification: GSMA SGP.02 v4.2 (07 July 2020) : Remote Provisioning Architecture for Embedded UICC Technical Specification, 452 pages