Brazil’s telecommunications regulator, Anatel, has delivered a landmark ruling that reshapes the regulatory framework for eSIM technology. The agency has determined that provisioning eSIM profiles is a core telecommunications function, not a value-added service (VAS).

This ruling has far-reaching consequences: any company that wants to manage eSIM provisioning in Brazil must now hold a Mobile Virtual Network Operator (MVNO) license. By closing a regulatory gap, Anatel is ensuring that entities with direct control over mobile connections operate under the same accountability, consumer protection, and security standards as established carriers.

Why Anatel Drew the Line Between SIM and eSIM

The decision rests on a critical technical distinction. While a physical SIM card is a piece of hardware, an eSIM profile is software-based, giving providers direct, ongoing control over how a device connects to mobile networks.

Anatel considers this control a “technical and regulatory risk” if exercised by companies operating outside the telecom licensing framework. By mandating MVNO authorization, the regulator eliminates the possibility of companies entering the market through eSIM backdoors while bypassing proper oversight.

“This decision consolidates the separation between telecommunications and VAS, and makes it clear that VAS, when tied to telecom functionality, requires at least MVNO authorization,”

explained Olinto Santana, president of Abratual, the Brazilian MVNO association.

The Base Mobile Case: Why the Ruling Matters

The ruling stemmed from a dispute between Telefônica Brazil and Base Mobile, a VAS provider. Base Mobile sought access to more than 650,000 eSIM profiles from Telefônica, arguing they were necessary inputs for its educational platform.

Anatel rejected the request, siding with Telefônica. The agency emphasized that eSIM profiles are not mere data inputs but integral components of Brazil’s mobile infrastructure. Allowing an unlicensed entity direct access to such provisioning, Anatel argued, would pose significant security and regulatory risks.

With this decision, Anatel made clear that provisioning—whether physical SIM or eSIM—requires full telecom authorization under the Personal Mobile Service (SMP) regime.

What the Ruling Means for Global eSIM Providers

Brazil’s market has become a strong destination for international eSIM services. Many providers—particularly those targeting inbound travelers—resell data packages purchased from licensed carriers like Vivo, Claro, and TIM. Until now, they have largely operated under the assumption that they qualify as VAS providers, avoiding direct licensing.

Anatel’s ruling upends this model:

• Licensing Obligation: eSIM providers must obtain MVNO licenses, including appointing a local legal representative.
• Operational Alignment: As licensed operators, they must meet Brazil’s strict standards for network security, service quality, and consumer protection.
• Compliance Enforcement: Non-compliant providers risk fines, service interruptions, or outright bans—similar to regulatory crackdowns in markets such as Turkey.

In effect, eSIM providers can no longer operate as simple digital resellers. They must evolve into full-fledged telecom providers if they want to remain active in Brazil.

A Signal Beyond Brazil

Anatel is not alone in reassessing eSIM regulation. Other telecom regulators worldwide are examining similar frameworks for eSIM and over-the-top (OTT) services.

Industry insiders anticipated this shift. Several international eSIM players have already prepared for the eventual move toward MVNO status, recognizing that compliance could also unlock opportunities to expand into voice, SMS, and additional telecom services.

Bottom Line: Brazil’s Move in a Global Regulatory Trend

Anatel’s stance puts Brazil among the strictest markets on eSIM provisioning—not by banning services, but by classifying eSIM profile provisioning as core telecoms and tying it to SMP/MVNO authorization. Practically, anyone with direct control over eSIM activation must be an authorized operator (or operate under one), which Anatel reaffirmed in the Base Mobile dispute when it declined third-party access to operators’ eSIM “electrical profiles.” The regulator framed provisioning systems as part of the network’s core, not a VAS bolt-on.

Turkey reached a similar end—not by licensing, but by blocking access inside the country to several global travel-eSIM apps and sites (e.g., Airalo, Holafly, Saily, etc.). That keeps control with domestic licensees and functionally squeezes unlicensed cross-border sellers, while still allowing travelers to activate before entry. Different tool, similar objective: limit unlicensed control over local connectivity.

India is in between: there’s no Brazil-style doctrinal ruling yet. In 2024, the Department of Telecommunications (DoT) pushed Google and Apple to remove apps like Airalo and Holafly from Indian app stores — an enforcement step, not a formal policy. In 2025, the Telecom Regulatory Authority of India (TRAI) launched a consultation on whether foreign SIM/eSIM models (especially for IoT/M2M exports) require a licensing framework. That process is still under consultation, meaning India’s approach is evolving but not yet codified for retail travel eSIMs.

Europe hasn’t singled out eSIM provisioning as a licensable activity per se. Instead, the European Electronic Communications Code (EECC) and BEREC guidelines indirectly shape the eSIM landscape by regulating wholesale access and strengthening MVNO competition. In practice, this ensures eSIM-driven business models fall under existing operator/wholesale obligations — but without an explicit “provisioning = operator” doctrine like Brazil’s.

What this means for global providers: Brazil is the bellwether for operator-grade compliance on eSIM provisioning. Providers operating as “VAS resellers” should expect licensing, local representation, and operator-level obligations where they want ongoing control of activation/profiles. Turkey shows access control can curb unlicensed actors even without MVNO pathways. India signals convergence toward licensing clarity, especially for IoT/M2M exports. The EU model suggests that if you want eSIM at scale, partnering or becoming an MVNO remains the safest, most portable strategy across jurisdictions.

Similar cases to watch (for precedent and playbooks):

• Brazil – Base Mobile vs. operators (TIM/Vivo): Anatel rejected third-party access to eSIM provisioning; profiles deemed operator responsibility.
• Turkey – BTK July 2025 actions: Access blocks against multiple international eSIM providers; activation outside Turkey remains a workaround.
• India – DoT app takedowns (2024) + TRAI consultation (2025): Enforcement first, then a consultative path toward licensing for foreign SIM/eSIM in export IoT/M2M.

Brazil isn’t banning eSIM—it’s institutionalizing it. By requiring MVNO-grade authorization, Anatel has redefined provisioning as a regulated telecom responsibility. Turkey shows how access control can enforce similar outcomes, India is moving toward licensing clarity through consultation, and Europe’s framework indirectly channels eSIM into the MVNO ecosystem. The trend is clear: regulators worldwide are converging on the view that if you control provisioning, you are part of the telecom core. For global eSIM providers, aligning with MVNO obligations—security, lawful intercept, consumer protection—isn’t just compliance; it’s the only durable path to long-term market access.