OmniSIM
Products
Developers
API Reference
Contact Us

Local Profile Management Guide

Local Profile Management (LPM) is a feature of OmniSIM that extends the M2M Profile management to allow a device to manage resilient connectivity.

This documentation applies to the following products:

  • OmniSIM

For all other products, please review their respective documentation

Local Profile Management (LPM) for eSIM on IoT Devices

The Local Profile Management (LPM) applet revolutionizes eSIM profile management on IoT devices, enabling more dynamic and efficient connectivity management directly on the device. This approach leverages the device's intrinsic understanding of its environment, allowing for automatic profile switching based on predefined logic and scenarios. Below, we outline the core functionalities offered by the LPM applet.

Enhancing Device Resilience

The LPM (Local Profile Manager) applet significantly enhances the resilience of devices in mobile networks. It enables devices to not only detect a complete loss of connectivity but also to identify Quality of Service (QoS) issues affecting network bearers. Upon detecting such issues, the device can proactively switch to an alternative Mobile Network Operator (MNO) profile, ensuring uninterrupted service and optimal connectivity performance.

Example

MNO Profile’s A, B and C have an active subscription.

  1. Profile A is Enabled and used by the device for connectivity.

  2. IoT Client detects that it has limited service, drops 5G for example. IoT Client triggers the LPM applet to enable another Profile.

  3. Profile B is Enabled and A is disabled, Profile B then provides connectivity for the device.

Key Features of LPM Applet:

  • Get EID (eUICC Identifier): Allows retrieval of the eSIM's unique identifier.

  • Get eSIM Profiles: Lists all available eSIM profiles stored on the card.

  • Enable Profile: Enables a selected profile based on its ICCID, making it the current active profile.

Activation Methods:

The LPM applet supports activation through two primary methods:

  • AT Commands (AT-CMD): Traditional AT command interface for profile management.

  • Local Profile Assistant Daemon (LPAd): A more intuitive method for triggering profile management actions.

Considerations:

  • The LPM applet is strictly for profile management, not allowing for modification or deletion of eSIM profiles.

  • Devices equipped with the LPM applet can be fully managed by an SM-SR platform, despite the LPM's use the RSP is still in control of the profiles on the card.

  • Responsibility for profile switching in the absence of connectivity from the current MNO profile resides with the device, further emphasizing its autonomous role in connectivity management.

  • LPM is a KORE proprietary feature, it extends the GSMA standards that includes emergency profile fallback to allow a device to decide when and what profile should be enabled to manage connectivity.

This refined approach to eSIM management via the LPM applet grants devices a higher degree of control and adaptability, aligning with the needs of modern IoT ecosystems.

Pre-requisites

To enhance your IoT device's connectivity, ensure you have the following components:

  • OmniSIM 1.3 eSIM from KORE: This eSIM supports Local Profile Management (LPM).

  • KORE’s ConnectivityPro Portal: Provides the capability to download multiple profiles, enabling seamless connectivity management.

  • Compatible IoT Device: Your IoT device should be capable of sending AT Commands to a modem or possess an LPAd (Local Profile Assistant) configurable for changing the ISD-R's Application Identifier (AID) to the LPM AID.

How to Identify eSIM supports LPM?

To determine if a KORE eSIM supports Local Profile Management (LPM), you can check either:

  • The SKU printed on the SIM card.

  • The Profile Code within the eSIM's EID, accessible through a device's GetEID command. The profile code is located in digits 11-13 of the EID.

  • AT Command to query the card to get a profile id. Full details in the OmniSIM how to identify section

LPM Command Interface

The LPM applet will be triggered and managed by APDU commands that are either sent directly from the device OS if capable or via the modem by using AT+CSIM commands, this later option will be more common and is how the Kore Device Steering SDK uses.

Usage Flow

Here is a typical usage flow where the Device Client or Steering SDK uses AT Commands.

  1. Open a Channel to the SIM.

  2. Select the LPM applet so the following commands will be directed to the applet.

  3. Get Profiles – Get a list of profiles and their state to decide which profile to enable.

  4. Enable Profile – Request to Enable a profile, the referenced profile will be enabled and the existing disabled by the ISD-R.

  5. Close the Channel to the SIM, this will trigger the device to refresh and the device will resume connectivity with the new profile.

LPM AT Commands

Prerequisites

To be able to send the AT commands to the LPM applet there needs to be a channel open to the SIM and select the LPM applet so that the AT Command can send the APDU commands to the LPM applet.

Open Channel

The Open Channel command will create a new channel to the SIM, the modem will return the next available channel that can be referenced to send further commands to the SIM.

Open Channel command
AT+CSIM=10,"0070000001"
Response
+CSIM: 6,"0X9000"

Where X is the channel number to be used in the commands below.

Select the LPM Applet

The following command will select the LPM applet using it’s AID so that further APDU are sent to the applet.

The LPM Applet has an AID (Application IDentifier): A000000815030040030902231003

  • Where X is the channel returned by the Open Channel

  • The AID of the LPM applet: A000000815030040030902231003

Response
+CSIM: 4,"9000" // command executed successfully

LPM - Get EID

This command is used to return the EID of the eSIM. Could be used to identify the type of card for example.

Here is the format of the APDU that is sent to the LPM applet to request the EID.

Get EID Command

  • Where X is the channel returned by the Open Channel

  • Returns the EID: 89001039450410141400000000001580

Example - LPM Get EID

Tx AT+CSIM=10,"0070000001"    // open channel
Rx +CSIM: 6,"0X9000"          // channel X selected

Tx AT+CSIM=38,"0X A4 04 00 0E A000000815030040030902231003" // select LPM AID
Rx +CSIM: 4,"9000"

Tx AT+CSIM=10,"8X16000012"    // Get EID
Rx +CSIM: 40,"4C10890010394504101414000000000015809000" // 4C EID tag, 10 length

Tx AT+CSIM=10,"0070800100"    // close channel
Rx +CSIM: 4,"9000

LPM - Get eSIM Profile

This command is used to a list of the available downloaded Profiles on the eSIM and the Status. This would provide an IoT application the current status and information on the profiles to allow the device to decide to select an available profile.

Here is the format of the APDU that is sent to the LPM applet to request the eSIM Profiles.

Get eSIM Profiles Command

  • Where X is the channel returned by the Open Channel

Returns E3 Tag for each Profile on the OmniSIM

Nibble Swapping

The SIM stores some data in Nibble Swapped format to save space for example.

ICCID = 89123108001757010071

If this was covereted to Hex as numbers it would be 0x38 39 20 31 32 20 33 31 20 20 30 38 20 30 30 20 31 37 20 35 37 20 30 31 20 30 30 20 37 31 (20 bytes)

Swapped takes 2 digits and swaps them and stores as a byte for example 89 = 0x98

so the ICCID is stores as a hex string: 0x98211380007175100017 (10 bytes)

Example - LPM eSIM Profiles

AT+CSIM=10,"0070000001" // open channel
Rx +CSIM: 6,"0X9000" // channel X selected

Tx AT+CSIM=38,"0XA404000EA000000815030040030902231003" // select LPM AID
Rx +CSIM: 4,"9000"

Tx AT+CSIM=10,"8X180000FF" // Get eSIM Profile
Rx +CSIM: 238,"
Rx E3 25                                      // E3 tag and length
Rx 4F 10 A0000005591010FFFFFFFF8900001100     // Profile AID
Rx 9F70 01 3F                                 // Enabled
Rx 53 01 01                                   // Fallback attribute set
Rx 5A 0A 98211380007175100017                 // ICCID (Swaped)
Rx E3 25
Rx 4F 10 A0000005591010FFFFFFFF8900001000     // Profile AID
Rx 9F70 01 1F                                 // Disabled
Rx 53 01 00                                   // Fallback attribute NOT set
Rx 5A 0A 989400312171001689F8                 // ICCID
Rx E3254F10A0000005591010FFFFFFFF8900001200 // Profile AID
Rx 9F70011F                                 // Disabled
Rx 530100                                   // Fallback attribute NOT set
Rx 5A0A98211380007175100027                 // ICCID
Rx 9000"

Tx AT+CSIM=10,"0070800100" // close channel
Rx +CSIM: 4,"9000

To decode the response into a more readable structured format then recommend using ASN1 decoder. (https://asn1.io/asn1playground)

LPM - Enable Profile

This command is used to Enable a specified profile that is already downloaded and installed. If the profile is installed the profile is Enabled and the previous active profile is disabled. Once the new profile is enabled, the applet sends the REFRESH command that will be sent to the terminal to force the switch then the Channel to the SIM is closed. If the profile enabling procedure is done against the POL1, the eUICC will send an error SW (69 E1). There will be no Rollback Mechanism in LM Profile Enable process. A notification to the SM-SR to update its database (notification sequence number value =’0000’).

Enable Profile Command

  • Where X is the channel returned by the Open Channel

  • AID of the profile that is to be enabled is: A0000005591010FFFFFFFF8900001100

Response
+CSIM: 4,"9000"

  • 9000 is the command succeeded.

  • Then Close the channel to the SIM and this will trigger the SIM to issue a Refresh to the devivce and the new profile will connect.

Example - LPM Enable Profile

Tx AT+CSIM=10,"0070000001" // open channel
Rx +CSIM: 6,"0X9000"       // channel X selected

Tx AT+CSIM=38,"0X A4 04 00 0E A000000815030040030902231003" // select LPM AID
Rx +CSIM: 4,"9000"

Tx AT+CSIM=42,"8X010000 10 A0000005591010FFFFFFFF8900001100" // enable profile
Rx +CSIM: 4,"9000"

Tx AT+CSIM=10,"0070800X00" // close channel to trigger REFRESH
Rx +CSIM: 4,"9000

ES10 LPM Command Interface

The LPM applet will be triggered and managed a LPAd on the IoT device that is sending ES10c APDU commands to the LPM applet. ES10c commands are

The applet manages a subset of the ES10c commands to allow the switching of the local profiles only and any other ES10c commands are ignored. ES10c can be used with AID or ICCID to reference a profile. This means OmniSIM can be used by a device that would have normally required a Consumer eSIM and allows the switching of profiles. These commands also work with any device that suports AT commands so as a developer you have a choice of LPM/ES10c commands.

Usage Flow

Here is a typical usage flow where the IoT Client uses a LPAd to switch profiles.

  1. Get Profiles – Get a list of profiles and their state to decide which profile to enable.

  2. Enable Profile – Request to Enable a profile, the referenced profile will be enabled and the existing disabled by the ISD-R.

LPM ES10c AT Commands

Prerequisites

Using LPAd

To be able to send the commands to the LPM applet from a LPAd, then the LPAd normally sends the ES10c APDU to the ISD-R of the eSIM. The M2M card does not have this interface so these APDU will be ignored by the M2M eSIM. The LPAd needs to be configured to use the AID of the LPM Applet to route the ES10c commands to the LPM applet. This could be a config change or this might mean updating the code of the LPAd.

LPM AID: A000000815030040030902231003

Using APDU

The LPM applet can be used without a LPAd but the IoT Application can use AT Commands to send the ES10c APDU to the LPM applet. This requires a channel open to the SIM and the LPM applet selected so that the AT Command can send the APDU commands to the LPM applet.

Open Channel

The Open Channel command will create a new channel to the SIM, the modem will return the next available channel that can be referenced to send further commands to the SIM.

Open Channel command
AT+CSIM=10,"0070000001"
Response
+CSIM: 6,"0X9000"

Where X is the channel number to be used in the commands below.

Select the LPM Applet

The following command will select the LPM applet using it’s AID so that further APDU are sent to the applet.

The LPM Applet has an AID (Application IDentifier): A000000815030040030902231003

  • Where X is the channel returned by the Open Channel

  • The AID of the LPM applet: A000000815030040030902231003

Response
+CSIM: 4,"9000" // command executed successfully

LPM - ES10c - Get EID

Gets the EID from the eUICC, returns the EID that could be used if the IoT application wants to know the eUICC being used.

Full details of the APDU can be found in SGP.22 – Section 5.7.20 - ES10c – GetEID

Get EID Command

ES10c Get EID
82E2910002BF3E035C015A

  • Where X is the channel returned by the Open Channel

Where EID = 89001054010210036600000000023780

Example APDU - Get EID The LPAd send a GetEuiccDataRequest:

AT+CSIM=24,"83E2910006BF3E035C015A00"
+CSIM: 4,"6115" // Response has returned 15 bytes of data
OK

The ISD-R returns a GetEuiccDataResponse:

LPM - ES10c Get Profiles

This command is used to a list of the downloaded Profiles on the eUICC and their Status. This would provide an IoT application the current status and information on the profiles to allow the decision to be able to select an available profile.

Full details of the APDU can be found in SGP.22 – Section 5.7.15 - ES10 – GetProfilesInfo

This retrieves the following data for the Profile on the eUICC. Not all tags are available from the OS for an M2M card so these TAGs will be ignored.

(Bold) = Mandatory as would be used in EnableProfile and state could be useful also.

If no tag list is present, the eUICC SHALL return the default ProfileInfo: the ProfileInfo data objects marked with (*) for each Profile matching the selection criterion. The TAGs in Bold are those supported by the M2M card OS, other TAGs will return no data.

Get eSIM Profiles Command

Response
BF2D6EA06CE3375A0A980193000050577617F14F10A0000005591010FFFFFFFF89000010009F7
0010090044B4F524591044B4F524592044B4F5245950102E3315A0A980193000050276777F64F
10A0000005591010FFFFFFFF89000011009F70010191044B4F524592044B4F52459501029000

This eSIM contains two profiles, 8910390000057567711F and 8910390000057276776F, and here’s some additional information about them.

To decode the response into a more readable structured format then recommend using ASN1 decoder. (https://asn1.io/asn1playground)

ANS1 Formatted
E3 37
5A 0A 980193000050577617F1 (ICCID)
4F 10 A0000005591010FFFFFFFF8900001000 (AID)
9F70 01 00 (Status Disabled)
90 04 4B4F5245 (KORE)
91 04 4B4F5245 (KORE)
92 04 4B4F5245 (KORE)
95 01 02
E3 31
5A 0A 980193000050276777F6 (ICCID)
4F 10 A0000005591010FFFFFFFF8900001100 (EID)
9F70 01 01 (Status Enabled)
91 04 4B4F5245 (KORE)
92 04 4B4F5245 (KORE)
95 01 02

Example APDU - Get Profile Information

The LPAd send a ProfileInfoListRequest:

AT+CSIM=28,"82E2910009BF2D065C045A4F9F70"
+CSIM: 4,"6197" // The command returns 97 bytes of data
OK

The ISD-R returns a ProfileInfoListRequest:

AT+CSIM=10,"02C0000097" // Retrieve the 97 bytes of data
+CSIM:
230,"BF2D6EA06CE3225A0A980193000060983055F84F10A0000005591010FFFFFFFF89000010
009F700101E3225A0A980010325476981032144F10A0000005591010FFFFFFFF89000019009F7
00100E3225A0A980193000060809794F14F10A0000005591010FFFFFFFF89000011009F700100
9000"
OK

Using an ASN1 decoder to parse the returned data formats into a more readable format:

BF2D 6E
A0 6C
E3 22
5A 0A 980193000060983055F8 // ICCID
4F 10 A0000005591010FFFFFFFF8900001000 // EID
9F70 01 01 // Enabled
E3 22
5A 0A 98001032547698103214 // ICCID
4F 10 A0000005591010FFFFFFFF8900001900 // EID
9F70 01 00 // Disabled
E3 22
5A 0A 980193000060809794F1 // ICCID
4F 10 A0000005591010FFFFFFFF8900001100 // EID
9F70 01 00 // Disabled

LPM - ES10c Enable Profile

This command is used to Enable a specified profile that is already downloaded and installed. If the profile is installed, the profile is Enabled and the previous active profile is disabled. The device will then reconnect with the new profile. If the new profile does not have connectivity then it will not roll back to the previous profile. This needs to be managed by the local IoT Application.

Full details of the APDU can be found in SGP.22 – Section 5.7.16 - ES10 – EnableProfile

Command from LPAd - ICCID

Command from LPAd - AID

Response to LPAd

BF310000 9000

Status: OK (00) UndefinedError (0x7F or 127)

Example APDU – Enable Profile

[AT+CSIM=52,"83E2910014BF3111A00C5A0A981088020087059780F281010000"
+CSIM: 4,"6A88"
OK
PreviousOmniSIM Troubleshooting TipsNextOmniSIM - GSMA Test Profile (TS.48)

Last updated