Comprehensive technical knowledge base covering 12 GSMA eSIM specifications. 84+ articles on Remote SIM Provisioning — SGP.02, SGP.22, SGP.32, SGP.41, SGP.29, SGP.23, SGP.25, SGP.26 and more.
🏠 eUICC.tech > SGP.22 v3.x Unified RSP > Device Change and Profile Recovery: Moving eSIMs Between Devices
💡 Why this matters: In v2.x, there is no standard way to transfer an eSIM profile from one device to another. If you buy a new phone, you must either contact your operator for a new eSIM activation code or use proprietary “eSIM Quick Transfer” features that each manufacturer implements differently. Device Change in v3.x provides a standardised, GSMA-specified procedure: the end user initiates the transfer on the old device, the SM-DP+ orchestrates everything, and a new profile lands on the new device. If something goes wrong (e.g., the new device can’t install the profile), Profile Recovery lets you restore the profile on the old device: so you’re never left without service.
Key takeaways:
- Device Change and Profile Recovery are v3.x-only features (
#SupportedForDcV3.X.Y#)- Device Change allows an end user to transfer a subscription from an old Device to a new Device, with the SM-DP+ orchestrating the entire flow
- Two modes: requestToDp (SM-DP+ manages the transfer, optionally issuing a new profile) and usingStoredAc (the profile stores a pre-generated Activation Code for the new device)
- The Device Change Configuration stored in Profile Metadata controls which mode is used, which SM-DP+ to contact, and what information (EID, TAC) is required from the new device
- Profile Recovery lets the end user recover a deleted profile on the old device if the new device’s profile installation fails with a permanent error
- The Service Provider is deeply involved: it receives
HandleDeviceChangeRequestandHandleNotificationcalls, can providenewProfileIccid, a Service Provider Message, and a Confirmation Code
Physical SIM cards are inherently portable: pop the SIM out of one phone and into another. eSIMs, by design, are bound to a specific eUICC. The cryptographic binding between a profile and its eUICC means you can’t simply “move” the profile file from one chip to another.
Before v3.x, transferring an eSIM between devices required one of:
Device Change in v3.x standardises this flow.
Every Profile that supports Device Change contains a DeviceChangeConfiguration in its Profile Metadata (set by the Service Provider via the SM-DP+). This configuration determines which of two modes the procedure uses:
requestToDp (Server-Orchestrated)This is the full, SM-DP+-mediated flow:
DeviceChangeConfiguration and finds requestToDpsmdpAddressForDc in the configurationES9+.AuthenticateClient with ctxParamsForDeviceChange containing the ICCID and optionally the new device’s EID and/or TACES2+.HandleDeviceChangeRequest to the Service Provider, which may provide:
newProfileIccid : a new profile to download on the new device (if the operator issues a fresh one)Service Provider Message : text to display to the end userConfirmation Code : if the end user must enter a codeES2+.HandleNotification (Device Change Request)smdpSigned4 with the transaction ID and optional Service Provider MessageES10b.PrepareDeviceChange on the old eUICC with the signed data and hashed Confirmation CodeES9+.ConfirmDeviceChange : the SM-DP+ processes the confirmationsmdpSigned5 : the LPAd calls ES10b.VerifyDeviceChangeThe Service Provider is notified at multiple points: when the Device Change is requested, when it’s confirmed, and if it fails.
usingStoredAc (Pre-Generated Activation Code)A simpler mode where the profile already contains a stored Activation Code:
DeviceChangeConfiguration and finds usingStoredAcdeleteOldProfile is set:
This is simpler but requires the Service Provider to have pre-generated the Activation Code and embedded it in the profile’s metadata.
Device Change transfers delete the profile from the old device. What if the profile installation on the new device fails with a permanent error? The end user would lose the profile entirely.
Profile Recovery solves this:
Start Conditions:
ES9+.HandleNotificationRecovery Procedure:
ES9+.AuthenticateClient with ctxParamsForProfileRecoveryProfileInstallationResult)smdpSigned4 in the AuthenticateClient responseES10b.VerifyProfileRecovery to verify the signed recovery dataThe recovery validity period is implementation-defined: after it expires, the LPAd discards the recovery information and recovery is no longer possible.
The Device Change procedure involves both devices, the SM-DP+, and the Service Provider. Here’s the end-to-end flow for the requestToDp mode:
| Step | Actor | Action |
|---|---|---|
| 1 | End User | Initiates Device Change on old device |
| 2 | LPAd (old) | Gets Profile Metadata, checks DeviceChangeConfiguration |
| 3 | LPAd (old) | Identifies SM-DP+ address |
| 4 | LPAd (old ← new) | Retrieves EID/TAC from new device if required |
| 5 | LPAd (old) → SM-DP+ | Common Mutual Authentication |
| 5a | LPAd (old) → SM-DP+ | ES9+.AuthenticateClient (ctxParamsForDeviceChange) |
| 6 | SM-DP+ → Service Provider | ES2+.HandleDeviceChangeRequest (ICCID, [EID], [TAC]) |
| 6 | Service Provider → SM-DP+ | OK, [newProfileIccid], [message], [Confirmation Code] |
| 7 | SM-DP+ → LPAd (old) | Error if not supported/not allowed; else continue |
| 8 | SM-DP+ → Service Provider | ES2+.HandleNotification (Device Change Request) |
| 9 | Service Provider → SM-DP+ | Profile Download preparation (if new profile needed) |
| 10 | SM-DP+ → LPAd (old) | smdpSigned4, smdpSignature4, [Service Provider message] |
| 11 | LPAd (old) | Strong Confirmation + optional Confirmation Code entry |
| 12 | LPAd (old) → eUICC (old) | ES10b.PrepareDeviceChange |
| 13 | LPAd (old) → SM-DP+ | ES9+.ConfirmDeviceChange |
| 14 | SM-DP+ → Service Provider | ES2+.HandleNotification (confirmation/failure) |
| 15 | SM-DP+ | Prepares profile if newProfileIccid not provided |
| 16 | SM-DP+ → LPAd (old) | smdpSigned5, smdpSignature5 |
| 17 | LPAd (old) → eUICC (old) | ES10b.VerifyDeviceChange : decrypt DC data, delete profile, create notifications |
| 18 | LPAd (old) | Handle Delete Notifications; generate Activation Code |
| 19 | LPAd (old → new) | Provide Activation Code |
| 20 | LPAd (new) → SM-DP+ → eUICC (new) | Standard Profile Download and Installation |
| Aspect | Manual Transfer (v2.x) | Device Change (v3.x) |
|---|---|---|
| Standardisation | None (proprietary per OEM) | GSMA standard (SGP.22 v3.x) |
| Operator involvement | Manual (call/website for new eSIM) | Automated via ES2+ interface |
| New profile needed | Usually yes | Optional: can reuse existing profile |
| New device info | N/A | EID, TAC optionally required |
| End user steps | Multiple manual actions | Guided flow with Strong Confirmation |
| Rollback on failure | No standard recovery | Profile Recovery restores old profile |
| Service Provider message | N/A | Displayed to end user during confirmation |
| Confirmation Code | Not used in manual flow | Can be required by Service Provider |
requestToDp (SM-DP+ orchestrates) and usingStoredAc (pre-generated Activation Code)HandleDeviceChangeRequest and HandleNotificationBased on GSMA SGP.22 v3.1 (01 December 2023), Section 3.11: Device Change and Profile Recovery, Section 5.6.6: ConfirmDeviceChange, and Annex O: Device Change Configuration
| ← Previous: Remote Profile Management: RPM Initiation, Download, and Execution | Section Index | Next: eUICC Updates and Profile Content Management: Lifecycle Beyond Download → |