What is eUICC?
eUICC stands for Embedded Universal Integrated Circuit Card. It is the hardware chip inside a device that stores and manages SIM operator profiles remotely, without needing a physical SIM swap. It is the foundation of everything described as eSIM – without it, there is no remote provisioning, no profile switching, and no operator independence.
eUICC vs eSIM: the distinction that matters
These two terms are used interchangeably in most industry coverage. They are not the same thing.
eUICC is the physical chip – a secure element certified to GSMA and Common Criteria standards, manufactured by a small number of specialist semiconductor companies, and embedded into a device during production.
eSIM is the broader concept – the combination of eUICC hardware plus the GSMA remote SIM provisioning specifications (SGP.02, SGP.22, SGP.32) that define how profiles are downloaded, managed, and switched over the air.
You cannot have a functioning eSIM without an eUICC. But an eUICC alone does nothing unless it is paired with a compliant provisioning architecture and a connectivity management platform.
The practical implication: when a supplier tells you a device is eSIM-capable, the relevant questions are which eUICC it contains, which GSMA specification it supports, and which provisioning platform manages it. Those details determine what you can actually do with it.
How eUICC works inside a device
The eUICC operates as a secure, tamper-resistant execution environment. Its internal structure is defined by the GSMA specifications and consists of several logical components.
ISD-R (Issuer Security Domain Root) is the master control domain on the chip. It is provisioned by the eUICC manufacturer and cannot be overwritten by operators or end users. The ISD-R creates, manages, and deletes the profile containers on the chip.
ISD-P (Issuer Security Domain Profile) is an isolated container that holds a single operator profile. Each profile stored on an eUICC lives in its own ISD-P. The eUICC can hold multiple ISD-Ps simultaneously, though only one is active at a time in standard deployments.
ECASD (Embedded UICC Controlling Authority Security Domain) manages the cryptographic keys used to authenticate the eUICC during provisioning transactions. It acts as the trust anchor that allows the remote provisioning server to verify it is communicating with a genuine, certified chip.
When a profile is downloaded, the process involves mutual authentication between the chip and the SM-DP+ server, encrypted key exchange, and profile installation into a new ISD-P container. Once installed, the profile can be enabled, disabled, or deleted remotely by an authorised platform. The key security property is isolation – a profile in one ISD-P has no access to any other ISD-P on the same chip.
eUICC form factors
An eUICC is not a single physical format. It comes in several form factors depending on the device type, deployment environment, and integration requirements.
Plug-in (4FF / nano SIM) is the traditional removable SIM card form factor with eUICC capabilities. Used in devices designed for backward compatibility with SIM slots.
MFF2 (Machine Form Factor 2) is the most common form factor for industrial IoT. A soldered surface-mount component approximately 5mm x 6mm, rated to -40/+105°C with no removable parts. Built for vibration, extreme temperatures, humidity, and shock. The default recommendation for most industrial deployments.
LGA (Land Grid Array) is a compact SMD package used in space-constrained modules. Similar deployment characteristics to MFF2 but with a land grid array contact interface.
WLCSP (Wafer Level Chip Scale Package) is the smallest available eUICC form factor, used in wearables, medical sensors, and asset trackers where board space is at a premium. The provisioning architecture is identical across all form factors.
eUICC in the provisioning stack
The eUICC sits at the centre of a provisioning architecture connecting the device, the management platform, and the network operator.
The eIM (eSIM IoT Remote Manager) is the enterprise control layer. It sends provisioning instructions to the eUICC via the device’s cellular connection – triggering profile downloads, activations, suspensions, and deletions across entire device fleets without anyone touching the hardware. eSIM IoT Manager is a platform built specifically for this role in SGP.32 deployments.
The SM-DP+ (Subscription Manager Data Preparation Plus) is the GSMA-certified server that generates and securely delivers operator profiles to the eUICC. It handles the cryptographic handshake with the chip before any profile data is transferred.
The operator profile loaded onto the eUICC contains the credentials the device needs to access a mobile network – IMSI, authentication keys, service entitlements. Change the profile, and the device connects to a different operator with no physical intervention.
eUICC and the GSMA specifications
The eUICC chip is only useful within a defined provisioning architecture. The GSMA has published three main specifications that define how eUICCs are managed remotely.
| Property | SGP.02 | SGP.22 | SGP.32 |
|---|---|---|---|
| Published | 2012 | 2016 | 2023 |
| Target use | Industrial M2M | Smartphones, wearables | Headless IoT at scale |
| Provisioning | Server-push, operator-driven | Pull-based, QR / activation code | eIM server-driven, automated |
| Human required | No | Yes | No |
| IoT headless | Partial | No | Yes |
| NB-IoT / LTE-M | No | No | Yes |
| Operator switching | Complex, bilateral | Manual re-scan | Remote, API-driven |
| Status | Legacy / active | Consumer | Current IoT standard |
The eUICC hardware must be certified for the specific specification it supports. A chip certified for SGP.22 is not automatically suitable for SGP.32 deployments. SGP.32 is covered in full in the SGP.32 guide and at SGP32.co.uk, a dedicated reference for the standard.
eUICC certification and security
Every eUICC deployed in a GSMA-compliant ecosystem must pass formal certification. Uncertified chips cannot participate in the provisioning infrastructure.
GSMA SAS-SM (Security Accreditation Scheme for Subscription Management) covers the security of the systems managing eUICC provisioning, including the SM-DP+ and SM-DS servers.
Common Criteria EAL4+ is the security evaluation standard applied to the eUICC hardware itself. It validates the chip’s cryptographic implementation, key storage, and isolation properties. These certifications distinguish an eUICC from a generic secure element. When evaluating hardware suppliers, confirm which certifications apply to the specific chip in a given module and which SGP version they cover.
Who manufactures eUICC chips
The eUICC market is concentrated among a small number of specialist manufacturers. Key names include Infineon Technologies, STMicroelectronics, NXP Semiconductors, Samsung Semiconductor, and Giesecke+Devrient (G+D). Most eUICC chips reach the market already integrated into cellular modules from vendors including Quectel, Telit Cinterion, u-blox, Sierra Wireless, and SIMCom, rather than as standalone components.
Module datasheets do not always identify which eUICC is inside – direct confirmation from the vendor on the chip model, certification level, and supported SGP version is often required before finalising hardware selection.
Why eUICC matters for IoT deployments
The shift from physical SIM to eUICC changes the operational model for device connectivity in several fundamental ways.
Operator independence – an eUICC device is not tied to a single operator at manufacture. The connectivity profile is loaded after deployment and can be changed remotely, breaking the dependency between hardware procurement and operator selection.
Single SKU manufacturing – without an eUICC, a manufacturer shipping globally typically needs region-specific hardware variants with different SIMs pre-installed. An eUICC device is manufactured once and provisioned locally, reducing inventory complexity and eliminating wrong-region shipping risk.
Remote management at scale – for deployments of thousands or millions of devices, changing operator, updating credentials, or re-provisioning without physical access is an operational requirement. Platforms like eSIM IoT Manager provide the eIM layer that makes this possible.
Long lifecycle support – industrial IoT devices often have operational lifetimes of ten to fifteen years. Physical SIMs degrade, operators sunset networks, and commercial terms change. An eUICC device can be re-provisioned throughout its lifetime without hardware intervention.
eUICC in eSIM routers and gateways
eUICC technology is increasingly available in cellular routers and gateways used to connect fixed or semi-fixed IoT infrastructure. An eSIM router contains an eUICC chip alongside the standard cellular modem, allowing the network operator profile to be managed remotely rather than via a physical SIM slot.
This matters for deployments where routers are installed in inaccessible locations – remote plant, transport vehicles, or infrastructure cabinets. The eUICC in the router can be re-provisioned to a different operator if coverage changes or commercial terms require it. See the eSIM routers guide for hardware comparisons and deployment considerations.
Frequently asked questions
What does eUICC stand for?
eUICC stands for Embedded Universal Integrated Circuit Card. It is the formal GSMA term for the secure chip inside eSIM-enabled devices that stores and manages operator profiles remotely.
Is eUICC the same as eSIM?
Not exactly. eUICC is the physical chip. eSIM refers to the combination of that chip and the GSMA provisioning specifications (SGP.02, SGP.22, SGP.32) that allow profiles to be managed remotely. In most practical contexts the terms are used interchangeably, but the distinction matters when evaluating hardware or platform compatibility.
Can an eUICC hold more than one profile?
Yes. An eUICC can hold multiple operator profiles simultaneously, each in a separate ISD-P container. Only one profile is active at a time in standard operation. The total number of profiles the chip can store is determined at manufacture and varies by model.
Does eUICC work on all mobile networks?
eUICC is network-agnostic at the hardware level. Which networks a device can access depends on the profiles installed and the radio bands supported by the cellular modem. SGP.32 specifically supports NB-IoT and LTE-M in addition to standard 4G and 5G.
Can an existing SIM-based device be converted to eUICC?
No. eUICC requires the physical chip to be present in the device. It cannot be retrofitted to a device with a standard SIM slot – the hardware change must happen at manufacture or through a complete module replacement.
What is the difference between MFF2 and a standard eSIM?
MFF2 is a physical form factor – a soldered, non-removable chip rated to -40/+105°C and designed for industrial environments. A standard eSIM usually refers to the removable nano-SIM form factor (4FF) with eUICC capabilities. The underlying provisioning architecture is identical. The difference is the physical package and its environmental tolerance.
Who controls the eUICC in a deployed device?
The ISD-R (root security domain) is controlled by the eUICC manufacturer. Operator profiles sit in ISD-P containers, controlled by the relevant operator or connectivity platform. With SGP.32 and an enterprise eIM platform, the enterprise has direct control over profile switching without going through the operator – which is one of the main commercial benefits of the standard.
What is an eIM and how does it relate to eUICC?
An eIM (eSIM IoT Remote Manager) is the management platform that orchestrates the eUICC across a device fleet. It sends instructions to the eUICC via the device’s network connection, triggering profile downloads, activations, and deletions at scale. The eUICC is the hardware – the eIM is the control layer. eSIM IoT Manager is a platform built specifically for this role in SGP.32 deployments.
What is the difference between SGP.32 and SGP.02?
Both support headless IoT devices, but SGP.32 replaces the operator-controlled push model of SGP.02 with enterprise-controlled, server-driven provisioning via an eIM. SGP.32 also supports constrained networks (NB-IoT, LTE-M) and delivers significantly more commercial flexibility. Full SGP.32 guide at SGP32.co.uk.
Which eUICC form factor is best for industrial IoT?
MFF2 is the standard recommendation for industrial IoT. It is soldered to the PCB so there are no removable parts to fail or be tampered with, and it is rated to -40/+105°C. MFF2 modules are widely available from all major cellular module vendors including Quectel, Telit Cinterion, u-blox, and Sierra Wireless.