Evolving Beyond the SIM: Assessing the Rise of Embedded SIMs

SIM cards have long been the silent carriers of mobile subscriber identities, a small, thin strip of plastic that has survived thousands of design iterations, from the bulkier card‑size chips of the 1990s to the tiny nanoCMOS used today. The physical space these cards occupy is becoming increasingly valuable as device makers push for slimmer chassis, higher‑capacity batteries, and more internal room for processors, sensors and storage. To trim weight and free up precious millimeters, manufacturers introduced the eSIM standard in 2016. Unlike a removable card, an eSIM is a permanently soldered programmable chip that can store multiple virtual SIM profiles and switch between them through software. This not only cuts card real estate in half but also reduces the risk of users accidentally losing a physical card. Apple was the first major smartphone vendor to mandate eSIM usage comprehensively with the iPhone 14, and the company used the extra room to slightly enlarge the battery. The newer iPhone 17, which still offers a removable slot in some markets, holds a battery only eight percent larger than the eSIM‑only model. Google entered the picture with the Pixel 10 series in 2023 – the United States models are eSIM‑only, while the international variants retain a slot but offer no tangible benefit in terms of size or battery. Android’s platform has included system‑level support for downloading, generating, and switching eSIM profiles for over a year. In theory, this should make life easier, but in practice issues frequently arise, and the inconvenience is amplified when a carrier’s procedures for verification rely heavily on SMS. Personal experience illustrates the friction: after switching to a Pixel 10 US phone five years ago, I seldom needed to change my carrier because I typically kept the same provider and number. The first time I had to transfer my eSIM, the carrier’s mobile app authenticated me and pushed a fresh profile in a few minutes. The second time the process failed because I was not authenticated in the app, and the carrier asked for a one‑time password sent via SMS – a message I could not receive because the phone had no working SIM. I was forced to travel to a physical store to obtain a new eSIM. What should have been a matter of seconds extended to an hour. The problem is more than mere inconvenience. Phone numbers are now deeply entangled with authentication mechanisms: banks, mail services, messaging apps, crypto exchanges, and carrier accounts all rely on SMS‑based multi‑factor codes. Losing temporary access to the number can lock a user out of critical services for months. While a physical SIM is virtually immune to failure (unless it is physically damaged), an eSIM is a software‑driven state that can mis‑transmit, become corrupted, or fail to download from the carrier. Consequently, the industry must move beyond SMS as the default gatekeeper. Alternatives such as Google Fi’s eSIM management, which tie the profile download to the account’s credentials and security settings, demonstrate the kind of resilient approach that should become standard. Multi‑factor schemes based on push notifications, passkeys, or app‑level authentication can mitigate the risk of lock‑out even when the underlying SIM profile misbehaves. In sum, while the eSIM transition delivers tangible benefits – slimmer devices, slimmer chassis for better batteries, and the convenience of remote profile management – it also introduces new, less obvious vulnerabilities. Carriers need to revise their identity verification practices, and device makers must design user‑friendly recovery paths. Only by addressing these shortcomings can the industry ensure that the future of mobile connectivity is both cutting‑edge and dependable.