Introduction to SGP.32: eSIM remote provisioning for IoT

Managing thousands of IoT devices across multiple carriers has typically meant accepting significant carrier lock-in or relying on operationally heavy approaches like manual SIM swaps. SGP.32 changes that equation by enabling architectures where enterprises can have much more direct control over remote profile provisioning for headless devices at scale, subject to operator and platform support.

This guide covers how SGP.32 works, what makes it different from earlier eSIM standards, and how to evaluate whether it fits your IoT deployment strategy.

What is GSMA SGP.32

GSMA SGP.32 is the next-generation eSIM standard designed specifically for IoT device connectivity. It enables large-scale, remote management of resource-constrained devices that don't have screens or user interfaces. With SGP.32, enterprises can perform bulk, secure swapping of operator profiles through a central manager, significantly reducing dependence on a single connectivity provider, provided multiple operator profiles are available for their devices.

A few key terms help make sense of SGP.32. An eSIM (embedded SIM) is a SIM chip soldered directly onto a device's circuit board rather than inserted as a removable card. An eUICC (embedded Universal Integrated Circuit Card) is the reprogrammable chip inside that stores multiple carrier profiles. Remote SIM provisioning refers to downloading, activating, and switching carrier profiles over the air without ever touching the device.

So what does SGP.32 actually let you do?

• Bulk profile swapping: Change carrier profiles across thousands of devices at once from a single platform
• Carrier independence: Move between connectivity providers without renegotiating contracts or waiting on carrier timelines
• Headless device support: Provision sensors, trackers, and industrial equipment that have no display or user interface

Why SGP.32 was developed for IoT

The first eSIM standards were either designed for M2M deployments under tight operator control (SGP.02) or for consumer devices with user interaction (SGP.22), and both created challenges for many modern IoT fleets. They worked well for their intended purposes, but they created real headaches for engineering teams managing fleets of connected devices.

Limitations of eSIM M2M (SGP.02)

SGP.02 relies on server-to-server integration that carriers control. If you want to make changes to your connectivity, you're working on the carrier's timeline, not yours. The dependency on a single subscription manager also limits flexibility. Switching providers often means navigating complex carrier relationships that can take months to sort out.

Limitations of eSIM Consumer (SGP.22)

SGP.22 introduced user-initiated provisioning, which was a big step forward for smartphones. Users scan a QR code or use an app called an LPA (Local Profile Assistant) to manage their profiles. That works great when someone is holding the device. It doesn't work at all for a sensor mounted on a utility pole or a tracker inside a shipping container.

The need for a unified IoT standard

The GSMA developed SGP.32 to combine the scalability of M2M with much of the flexibility of the consumer standard, creating an enterprise-oriented approach that shifts more operational control toward device owners while still relying on carrier and subscription-management infrastructure.

How eSIM standards have evolved

Understanding where SGP.32 fits requires a quick look at what came before it. Each generation of the eSIM standard was designed to solve specific challenges for different types of devices and users, gradually shifting control from carriers to end users and now to enterprises managing large-scale IoT deployments.

SGP.02 for M2M

This was the first remote provisioning standard, built for traditional machine-to-machine deployments. It relied heavily on carrier-controlled infrastructure, including subscription management systems operated by mobile network operators. For fixed, long-term industrial deployments, this model worked reliably. However, for enterprises needing agility, it introduced friction. Changing connectivity providers could be slow, complex, and dependent on carrier timelines and integrations.

SGP.22 for Consumer Devices

SGP.22 marked a major shift by giving end users direct control over their connectivity. Through QR codes and apps like Local Profile Assistants (LPAs), consumers could easily download and switch carrier profiles on smartphones, tablets, and wearables. This dramatically improved flexibility and user experience. However, the model assumes human interaction, making it impractical for unattended or remotely deployed IoT devices.

SGP.32 for IoT

The newest standard brings enterprise-level control to headless IoT devices. It is purpose-built for devices that operate without screens or user input and that require lifecycle management at scale. By enabling centralized, remote provisioning and bulk profile management, SGP.32 combines the strengths of earlier standards while removing their limitations. It gives organizations greater control, flexibility, and efficiency in managing global IoT connectivity.

Key technical components of GSMA SGP.32

Three main components make SGP.32 work. Each one plays a specific role in the remote provisioning architecture.

eIM or eSIM IoT Remote Manager

The eIM (eSIM IoT Remote Manager) acts as the central control panel for an IoT deployment. From here, you can manage, activate, and switch SIM profiles across your entire device fleet without physical access to any individual device.

In the M2M world, carriers controlled this function through an SM-SR. With SGP.32, the eIM is designed to let enterprises (or their chosen partners) orchestrate profile management more directly, rather than relying solely on carrier-run systems.

IPA or IoT Profile Assistant

The IPA is software that lives on the device itself. It replaces the consumer LPA and manages profiles directly on the hardware. This is what makes headless device provisioning possible. The device doesn't wait for someone to scan a QR code. It handles profile operations on its own.

PSMO or Profile Service Management Operations

PSMO refers to the set of profile service management operations that govern the profile lifecycle—enabling, disabling, deleting, and downloading profiles—across the system. Conceptually, it defines how the eIM orchestrates profile actions with the subscription management backend and the on-device components.

Benefits of SGP.32 for IoT deployments

For engineering teams managing device fleets, SGP.32 addresses several long-standing pain points.

Scalability for large device fleets

The eIM enables bulk profile switching for thousands of devices at once. Instead of managing devices one by one or waiting on carrier processes, you can orchestrate changes across your entire fleet from a single interface, critical for avoiding the hidden costs that can reach $27,000-$37,500 annually from just 3-5% inactive SIMs in a 50,000-device fleet.

Efficiency for low-power and headless devices

SGP.32 includes a light profile template optimized for constrained downloads. This makes it well-suited for LPWAN devices, smart meters, and trackers that have limited bandwidth and processing power. The specification was designed with resource constraints in mind from the start.

Simplified remote profile management

SGP.32 simplifies remote profile management. Once you have appropriate operator profiles and agreements in place, you can switch active providers without physical access to devices and with far less dependence on manual carrier processes.

No dependency on SMS or legacy protocols

SGP.32 supports CoAP/UDP/DTLS transport protocols, which reduces reliance on SMS and TCP/IP for profile management. This matters for devices operating in environments where SMS delivery is unreliable or where network conditions are challenging.

Enhanced security and compliance

GSMA security and certification requirements for SM-DP+ and related components are designed to provide a high level of assurance for secure profile download and storage, building on the same secure infrastructure used in consumer eSIM deployments.

Future-proof connectivity architecture

The decentralized model offers more flexibility to adapt as IoT connectivity evolves, reducing dependence on any single carrier or current technology stack, within the limits of available operator support and compatible hardware.

Real-world IoT use cases for SGP.32 eSIM Remote Provisioning

SGP.32 unlocks new possibilities for IoT deployments by enabling remote, scalable, and carrier-flexible connectivity management. Its ability to provision and switch profiles over the air makes it particularly valuable in real-world scenarios where physical access is limited, uptime is critical, and connectivity needs evolve over time. The following use cases illustrate where SGP.32 delivers significant operational and economic impact.

Logistics and asset tracking

Global logistics companies deploy trackers in shipping containers, pallets, and vehicles that move across borders. With SGP.32, they can remotely switch to local carrier profiles to optimize coverage and cost without physically accessing devices. This avoids roaming restrictions and eliminates costly manual SIM replacements.

Smart metering and utilities

Utility providers install smart meters in homes and infrastructure that operate for years without maintenance. SGP.32 enables remote provisioning and bulk profile updates across millions of devices, ensuring continuous connectivity even if carrier agreements change or network conditions shift.

Industrial IoT and remote equipment monitoring

Industrial sensors and machines deployed in factories, oil fields, or remote environments often lack user interfaces and are difficult to access. SGP.32 allows centralized, over-the-air profile management and updates, reducing downtime and eliminating the need for on-site maintenance (“truck rolls”).

How to choose an SGP.32 eSIM IoT solution

When evaluating providers, a few criteria help distinguish solutions that deliver real flexibility from those that simply shift lock-in from carriers to platforms.

• eIM independence: Look for whether you retain control over the eIM or if you're tied to the provider's specific implementation
• Modem and chipset compatibility: Verify support for your existing or planned hardware before committing
• Multi-carrier flexibility: Ensure access to a wide range of operator profiles to optimize coverage and cost across your deployment regions
• API and automation: Check for robust APIs that allow integration with your existing device management workflows
• Migration path: Ask about the process for transitioning from your current traditional SIM or eSIM deployments

How to approach SGP.32 adoption today

The SGP.32 ecosystem is still maturing. GSMA-certified solutions are beginning to emerge, though availability varies by provider and region, with SGP.32 profile downloads projected to grow from 2.9 million in 2025 to 194 million by 2029. Here's how teams can prepare.

First, assess your current connectivity pain points. Where does your current solution fall short? Is it carrier lock-in, provisioning delays, or coverage gaps? Understanding your specific challenges helps you evaluate whether SGP.32 addresses them.

Next, evaluate your hardware roadmap. Check with your modem and chipset vendors about their SGP.32 support timelines. Certification status varies by manufacturer, and knowing your hardware path helps you plan accordingly.

Finally, engage with forward-thinking partners. Work with connectivity partners who are actively implementing SGP.32 and can guide your strategy. Even if you're not ready to deploy today, understanding the specification helps you make better decisions about your current architecture and future hardware choices.

Get started with global IoT connectivity

Multi-carrier flexibility and global coverage align naturally with what SGP.32 promises. Working with a connectivity partner that prioritizes carrier independence and enterprise control positions your deployment for success both now and as the SGP.32 ecosystem matures.

FAQs about SGP.32 and eSIM IoT

What is the difference between SGP.31 and SGP.32?

SGP.31 defines the architecture and requirements for eSIM IoT. SGP.32 contains the detailed technical specifications for implementation. Think of SGP.31 as the blueprint and SGP.32 as the construction manual.

Is SGP.32 backward compatible with existing eSIM deployments?

SGP.32 is a separate specification from SGP.02 and SGP.22. Existing deployments would require a migration strategy rather than having direct backward compatibility. The eUICC hardware and your connectivity provider both factor into what migration looks like.

Which modem chipsets currently support SGP.32?

Chipset manufacturers are actively adding SGP.32 support. Check with your modem vendor for their specific roadmap and certification status, as availability varies by manufacturer and timeline.

When will SGP.32 solutions be widely available from connectivity providers?

The ecosystem is actively maturing, with 605 million eSIMs shipped globally in 2025, and GSMA-certified solutions are beginning to emerge. Timelines vary by provider and region, so direct conversations with potential partners give you the most accurate picture.

Can existing M2M eSIM deployments migrate to SGP.32?

Migration paths depend on your current eUICC hardware and connectivity provider. Some deployments may have straightforward paths while others may require hardware changes. Work with your provider to assess the options for your specific situation.