2024 Midyear Review: January-June
by Baruch Pinto
With the first half of the year coming to an end, it’s time to look back and see what was important from the perspective of cellular communications and how the industry is evolving. Here are events and discussions that we believe will have a significant impact both in the second half of 2024 and in the coming years.
Work on the SGP.32 IoT Standard
As we mentioned in our previous Chronicles, the publication of SGP.32 Remote SIM provisioning IoT specification was a major milestone for the industry. The new standard is going to simplify IoT connectivity, reduce the time to market for IoT deployments, boost eSIM adoption and growth of connected device use. The work on the SGP.32 continues, albeit not as quickly as expected.
To finalize the standard, SGP.33, the testing and certification specification for the SGP.32 components (eUICC, eIM, IPA) needs to be completed. In January and April, the GSMA published two versions of its eUICC part that provide a set of test cases to be used for the implementations of IoT eUICC. However, testing for full compliance and device certification cannot commence until the other parts of the standard are available, which, according to experts, is expected sometime in the autumn of this year.
In our January review, we estimated that the SGP.32 would become available for use at the end of 2024. Now, it doesn’t seem likely to happen sooner than 2025, most analysts say.
Besides, even when all testing and certification processes are completed, it might not be enough. The real shift in the industry will begin with the mass use of the standard in IoT products, and it will take some time, too. Analysts say it could easily be 2027 before early adopters can get SGP.32 compliant products into market. It could take even longer, given the increase in time to market by 80% in the last four years and the fact that now it takes OEMs an average of 41 months to bring their connected products to the market.
Enterprises that are not ready to postpone their IoT deployments until fully compliant SGP.32 products become available, may opt to use proprietary pre-standard connectivity solutions that are compatible with SGP.32 requirements. Today, there are solutions that have already been thoroughly tested and commercially deployed, such as WebbingCTRL, which successfully ensures over 1 million connections across various industries. These solutions can help enterprises reap all the benefits of the new standard without waiting for the completion of all testing and certification procedures. However, what is also important in that regard is the solutions’ architecture, as it will be critical for compatibility and seamless transition to SGP.32.
While SGP.32 does put more control of SIM profile management into the hands of enterprise users, it still requires SM-DP+ and eSIM functionality and relevant infrastructure, and what may be even more important – contracting multiple connectivity providers. For that reason, experts believe that for most companies deploying IoT devices, SGP.32 will need to be provided as a managed service by an MNO/MVNO.
Since many enterprises and OEMs will opt to use SGP.32, its support by connectivity providers is not optional, and analysts say that every provider should have the necessary functionality available. And it will have to include not only eSIM management, but also the orchestration of all other elements of supporting the user’s IoT connections, including managing data flows, security and compliance.
Post-Quantum Cryptography
One of the topics that gained some traction in the last 6 months is related to quantum computers that pose a significant threat to existing public key cryptographic algorithms such as RSA. Post-quantum cryptography or quantum-resistant cryptography is aimed at developing cryptographic systems that are secure against both quantum and classical computers.
In simplistic terms, quantum computers can perform certain types of calculations much more efficiently than today’s classical, binary, transistor-based computers. This gives them the theoretical capability to decrypt codes in minutes or hours, a task that would take classical computers many years. Thus, when a powerful enough quantum computer is built, it could run algorithms that would break many of the public key cryptosystems currently in use, which would seriously compromise the confidentiality and integrity of digital communications on the Internet.
The experts say the questions of security threat from the quantum computer are often brought up by large financial institutions and government agencies, but the problem is crucial for any industry that relies on networks, particularly for telecommunications. However, according to Keyfactor’s 2024 PKI & Digital Trust Report, most enterprises haven’t begun planning for quantum-safe cryptography.
Many believe that it’s just a matter of time and within the next 10 years, RSA and similar asymmetrical algorithms will no longer be able to protect sensitive data. At RCA Conference 2024, experts recommended organizations stop using public-key cryptography for data that needs to remain encrypted for longer than a decade from now. Since it has taken almost two decades to deploy the existing public key cryptography infrastructure, it is critical to prepare information security systems to resist quantum computing threats. The US National Institute of Standards and Technology (NIST) has been working on this issue since 2015 and in May released the first post-quantum cryptography standards.
Not only government agencies are involved in the development of quantum-proof cryptography: in February, the Linux Foundation announced the launch of the Post-Quantum Cryptography Alliance (PQCA), an open and collaborative initiative to drive the advancement and adoption of post-quantum cryptography, with Amazon Web Services, Cisco, Google, IBM and NVIDIA among founding members.
How does it impact cellular connectivity? Cryptography is used across all telco systems to protect data, infrastructure, and communications. Numerous technology and business domains that network operators have, and data distributed across systems in different environments, across public and private clouds, provide a broad attack surface for cyber threat actors.
in February, GSMA published guidelines for telecom use cases. Along with recommendations to start planning for the transition to Post-Quantum Cryptography and deploying Post-Quantum Cryptographic algorithms as they are standardized, the document contains descriptions of internal MNO use cases such as protection of interface between base stations and security gateway, authentication and transport security in 4G and 5G, devices and firmware upgrade, as well as customer-facing use cases like VPN services, smart meters or connected vehicles. It also includes detailed strategies, recommendations and roadmaps that can help mitigate risks, for instance, in the case of performing remote IoT eSIM provisioning (SGP.32).
GSMA Open Gateway
Another important initiative is meant to help developers and cloud providers leverage the power of mobile networks globally by opening access to network capabilities through common application programming interfaces (APIs).
GSMA Open Gateway is a common and open framework between mobile operators launched in 2023 to make it easier to build apps and services that seamlessly communicate with each other and work for all devices and customers. Common APIs designed to provide universal access to operator networks are developed and published in collaboration with the CAMARA Project supported by the Linux Foundation. The initiative is paving the way for a more integrated and powerful digital experience, helping cloud providers and developers enhance existing services and deploy new services to their customers more quickly via a single point of access. It provides a huge benefit, since it simplifies network complexity with APIs and makes the APIs available across various networks and countries. This, in turn, is expected to accelerate the growth of digital services and applications.
According to the most recent GSMA Intelligence report, a year on from the launch of the project, nearly 50 operators accounting for 65% of global mobile market share have signed up. Momentum continues to build, with nine operators committing in Q1 2024, and the GSMA expects this to continue, filling in the remaining geographies (you can view the map of operators supporting each API here). There are already 17 APIs in use, with a further 11 defined in CAMARA, covering use cases such as anti-fraud, quality on-demand and edge compute. The report specifically mentions examples of US operators using device location capabilities for drone tracking, and South African operators jointly working to prevent fraud.
Transforma Insights gave more examples of APIs and their real-life applications, including delivery of immersive gaming experiences, combatting online financial crime, preventing digital identity theft, securing online transactions, enhancing consumer experience with more personalised services, and enabling autonomous and aerial vehicles to carry out data intensive operations and fulfil safety obligations.
The initiative is also opening the way for utilizing 5G capabilities. Network APIs allow for the creation of subscriptions, services, and applications that move the 5G value proposition away from the abstract concept of enhanced connectivity and toward the relevant, real-world use cases that customers need. With access to the right network APIs, enterprises can create 5G-driven applications that leverage features like speed on demand, low-latency connections, speed tiering, for their use cases such as credit card fraud prevention, glitch-free videoconferencing, metaverse interactions, and entertainment.
It can be beneficial for network operators that have invested nearly $1 trillion in network upgrades in the last 5 years but are still struggling to monetize 5G. In addition to enhancing today’s use cases, network APIs can lay the foundation for entirely new ones, and by enabling these innovations MNO/MVNOs may position themselves as essential partners for enterprises.
It’ll also allow telcos to stimulate demand, differentiate themselves in the market and even expand their role beyond connectivity. However, that would need a careful consideration of each API and the use cases it unlocks: while some can increase clients’ connectivity spending over the long term, others may require more advanced telecom networks, such as Standalone (SA) core network.
Non-Terrestrial Networks
In our January post, we talked about non-terrestrial networks – and they’re still a hot topic. Quite a lot has been happening around non-terrestrial networks recently.
According to the Non-terrestrial 5G networks and satellite connectivity report from GSA, by the end of March 2024 there were 77 publicly announced partnerships between operators and satellite vendors across 43 countries and territories. Ten operators have already commercially launched satellite services, an increase of two operators since the previous update in August 2023. In total, 50 operators in 37 countries have planned satellite services, with nine operators testing or trialing them. The report noted that even though the process of launching 5G NTN worldwide is still only developing, the technology is already becoming widely adopted to provide rural coverage. This remains the most popular use for satellites by far, forming 57% of all partnerships.
Non-terrestrial networks were the focus at MWC Barcelona 2024. Also, during the event, the European Space Agency (ESA) and GSMA Foundry announced a partnership to help the mobile and satellite industries collaborate on developing new, innovative satellite and terrestrial networks technologies (including up to €15 million in funding opportunities).
Satellite companies formed an alliance, too. The Mobile Satellite Services Association (MSSA) aims to provide direct-to-device (D2D) connectivity using frequencies set aside by regulators for mobile satellite services. The members are Viasat, TerreStar Solutions, OmniSpace, Ligado Networks, Omnispace and Yahsat, which together hold more than 100 megahertz of L- and S-band mobile satellite spectrum that could be used to greatly expand the reach of terrestrial cellular networks.
Another important thing is standardization which would enable interoperability. Currently, the 3rd Generation Partnership Project (3GPP) is working on a mobile broadband standard that will allow terrestrial communication service providers to cooperate with satellite network operators to establish connectivity between terrestrial systems and satellite systems. For users that would mean they could migrate both between vendors and also between terrestrial and satcom networks.
For MNOs, leveraging NTN alongside cellular networks will allow to provide reliable coverage in previously untapped areas, making it truly global. This will help them increase existing customer loyalty and grow domestic and international customer bases, particularly in areas they have not previously been able to support.
Some operators are ahead of their rivals in that regard. For example, Space X and T-Mobile will launch their initial direct-to-cell satellite service in autumn, while AST SpaceMobile, which has teamed up with AT&T and Verizon, is expected to start providing similar service in 2025-2026. However, some analysts have doubts about the profitability of such services.
Reviewing what happened in and around the cellular connectivity technology domain in the last six months and how it impacts the market, we expect the second half of the year to be as interesting. We will continue watching emerging and evolving trends, as we at Webbing believe that seeing a bigger picture helps us bring innovations, make better products and provide robust future-proof connectivity to our customers all over the world.
Reach out to learn more about our connectivity solutions.