The eSIM ecosystem is expanding far beyond smartphones and travel connectivity. While many users associate eSIM with international data plans, the technology is becoming a core building block of the global Internet of Things. From smart meters and industrial sensors to wearables and routers, connected devices increasingly rely on embedded connectivity that can be managed remotely and securely.

Against this backdrop, eSIM technology provider Kigen has announced that its eSIM products have achieved certification under the GSMA’s eUICC Security Assurance (eSA) scheme. The certified solution is now commercially available and designed to support deployments across both IoT and consumer device ecosystems.

The certification validates security across Kigen’s eSIM operating system, hardware platform, and enablement tools. It confirms compliance with GSMA requirements for remote SIM provisioning and profile management, two essential components that allow network operators and device manufacturers to manage connectivity at scale.

As the number of connected devices continues to grow, standardized security frameworks like eSA are becoming increasingly important for ensuring that connectivity infrastructure remains trusted and interoperable.

Unifying Consumer and IoT eSIM Standards

One of the complexities in the eSIM ecosystem has been the presence of different provisioning standards for different types of devices.

Consumer electronics such as smartphones typically rely on the SGP.22 Remote SIM Provisioning standard, while IoT deployments are increasingly moving toward SGP.32, a framework designed specifically for embedded devices and large-scale connectivity fleets.

Kigen’s certification confirms compliance with both standards.

This is important because manufacturers often develop multiple categories of connected products at the same time. A single company may ship consumer wearables, smart home devices, industrial sensors, and enterprise networking equipment.

Managing separate connectivity architectures for each category can create unnecessary engineering complexity.

By supporting both SGP.22 and SGP.32 within the same certified platform, Kigen aims to simplify connectivity deployment across device types.

The platform also supports legacy machine-to-machine deployments based on the earlier SGP.02 standard, enabling manufacturers to transition existing devices toward newer IoT provisioning frameworks without significant redesign.

In practice, this unified approach can help manufacturers deploy devices globally while reducing development effort and integration challenges.

Simplifying Connectivity Integration

Kigen’s platform includes support for the IoT Profile Assistant for eUICCs (IPAe), a new component introduced with the SGP.32 architecture.

IPAe functions as a native agent within the eSIM environment, helping devices discover and download connectivity profiles from network operators or connectivity management platforms.

For device manufacturers, this simplifies the process of integrating cellular connectivity into products.

Rather than building custom provisioning frameworks, developers can rely on standardized mechanisms embedded directly within the device architecture. Kigen describes the implementation as “plug and play,” allowing device makers to move from older M2M provisioning systems to modern IoT remote management models with minimal development effort.

Gloria Trujillo, the eSIM technical director at GSMA, highlighted the significance of the certification for the broader ecosystem:

“Kigen’s GSMA eUICC Security Assurance (eSA) certification and GSMA Product Compliance is a strong example of how the ecosystem is turning the latest SGP.32 eSIM standard into operator-ready deployments,” said Gloria Trujillo, the eSIM technical director at GSMA. “Kigen has helped shape the industry work behind SGP.32, and its optimised approach supports scale across IoT and Consumer devices while maintaining the stringent security controls and operational assurances mobile network operators require—so the connectivity that people, communities and industries rely on remains trusted.”

The certification confirms that the platform meets the security and operational requirements expected by mobile network operators.

Secure Hardware for the Intelligent Edge

Security in connected devices begins with trusted hardware.

Kigen’s eSIM implementation uses Infineon Technologies’ SLx17 secure hardware platform, which carries Common Criteria EAL5+ certification. This level of certification is commonly used in high-security applications such as payment cards and identity credentials.

Combining the secure hardware platform with Kigen’s eSIM operating system creates a trusted environment for storing connectivity credentials and performing network authentication.

This is particularly important for IoT deployments where devices may operate in remote environments and need to maintain secure connectivity for many years.

Tolgahan Yildiz, head of the trusted mobile connectivity and transactions product line at Infineon, highlighted the importance of secure hardware in scaling connected device ecosystems:

“Kigen’s eSA-certified eSIMs, combined with Infineon’s SLM17, optimised for IoT and industrial eSIM use cases, provide a critical foundation for the intelligent edge.” said Tolgahan Yildiz, the head of the trusted mobile connectivity and transactions product line at Infineon. Together, we support our customers in defending against emerging threats and in delivering the device-level precision needed to scale cellular IoT. At Infineon, future-proofness and reliability of our products are central to our product development approach, and Kigen’s vision matches ours.”

As connected devices become more deeply integrated into infrastructure systems, hardware-level security is becoming a key requirement.

Managing Security Across the Device Lifecycle

Connectivity alone is no longer enough for connected devices. Manufacturers must also manage security throughout the entire lifecycle of a device.

New regulatory frameworks are increasingly emphasizing this requirement. In Europe, the EU Cyber Resilience Act is expected to introduce stricter obligations for managing vulnerabilities and deploying security updates for connected products.

To address this need, Kigen pairs its eSIM technology with the Kigen eIM remote management platform, which supports lifecycle management under the GSMA Security Accreditation Scheme and is certified for SGP.32 v1.2.

The platform enables operators and device manufacturers to manage connectivity profiles, deploy updates, and apply security patches remotely across device fleets.

For organizations operating large IoT deployments, these capabilities are becoming increasingly important.

Connected devices may remain active in the field for many years, and maintaining secure connectivity requires tools that can update and manage devices long after they leave the factory.

Commercial Deployments Already Underway

Kigen says the certified platform is already being adopted across the connectivity ecosystem.

According to the company, 14 global industry players have integrated the technology into commercial connectivity management offerings. In addition, more than 95 customers are currently developing products using the platform.

The system is interoperable with over 300 mobile network operators worldwide, enabling manufacturers to deploy devices across international markets.

The eSIM modules themselves are designed for compact IoT devices and are available in the MFF4 format, measuring 2 mm by 2 mm, making them significantly smaller than traditional SIM cards.

Kigen also reports that connectivity profiles can be securely loaded during manufacturing in roughly two minutes using its In-Factory Profile Provisioning system.

Vincent Korstanje, CEO of Kigen, described the company’s goal as reducing the barriers that have slowed large-scale eSIM adoption:

“Kigen’s unified stack and team’s expertise remove the engineering and operational friction that has slowed the adoption of eSIMs at scale,” said Vincent Korstanje, the CEO of Kigen. “Our fully certified platform lets manufacturers ship a single SKU and simplifies how connectivity players serve the burgeoning IoT demand with assurances of endpoint cybersecurity. Crucially, it gives any tech company the ability to build physical-AI devices where connectivity is simple, data can be trusted, and devices are protected by rapid, auditable patching against cyber threats.”

The eSIM industry is gradually evolving from a consumer convenience feature into a critical infrastructure layer supporting connected devices worldwide.

Secure provisioning frameworks, trusted hardware platforms, and lifecycle management systems are becoming essential components of this ecosystem.

Kigen’s GSMA eSA certification reflects how the industry is moving toward standardized, operator-ready connectivity platforms capable of supporting both consumer electronics and large-scale IoT deployments.

As the number of connected devices continues to grow, the companies building this secure connectivity infrastructure will play an increasingly important role in enabling the next generation of digital services.