Please click here to download the Prism as a PDF.
Embedded SIM regulations for Machine-to-Machine communications in India liberalised; streamlining profile management and Subscription Manager – Secure Routing operations
The Department of Telecommunications (“DoT”) has issued Instructions on the Usage of Embedded SIM for Machine-to-Machine (“M2M”) Communications dated June 26, 2025 (“M2M Instructions 2025”), modifying the regulatory framework for the use of Embedded SIM (“eSIM”) in M2M communications. This update, incorporates the recommendations from TRAI, aims to liberalise the M2M ecosystem in India by easing restrictive features and establishing clear guidelines for eSIM profile management and Subscription Manager – Secure Routing (“SM-SR”) operations.
Background
The previous DoT instructions (May 16, 2018, and May 30, 2019) had imposed certain limitations on M2M eSIMs to ensure security and efficient numbering. Recognising the rapid evolution of M2M applications and the need for greater flexibility in device connectivity and management, the DoT has now introduced a more adaptive regulatory approach. The key points of the M2M Instructions 2025 are as below:
- it recognises the benefit of eSIM for M2M communication where devices are located in remote areas and the concepts of interrelated entities such as embedded Universal Integrated Circuit Card (“eUICC”), eUICC manufacturer, Subscription Manager-Data Preparation (“SM-DP”) and SM-SR which loads, enables and deletes profiles on the eUICC in accordance with the policy of the operator;
- the definitions given in the additional terms and conditions applicable to the M2M Service Provider (“M2MSP”) as annexed with the M2M Instructions 2025 (in addition to the extant guidelines dated February 8, 2022) include the definitions of (a) eSIM, which has been defined to mean a M2M form factor soldered directly to the M2M device’s motherboard and it is a hardware component of the SIM; (b) eUICC, which has been defined to mean software component of eSIM that provides the capability to store multiple network profiles that can be provisioned and managed over-the-air. Other definitions include the definition of SM-DP, SM-SR, OEM and Communication Profile;
- eligible entities for SM-SR ownership: (a) unified access service license holders; (b) unified license holders; (c) unified license (M2M authorisation) holders; (d) unified license for Virtual Network Operator (“VNO”) with access service authorization holders; (e) unified license for VNO (M2M authorisation) holders; and (f) companies holding M2MSP registrations with explicit SM-SR management permissions;
- each SM-SR site is required to be Global System for Mobile Communications Association (“GSMA”) ‘Security Accreditation Scheme for Subscription Management’ certified with the holders required to submit a copy of the GSMA Security Accreditation Scheme for Subscription Management (“SAS-SM”) certificate to DoT. An M2MSP registrant or telecommunication service licensee whose SM-SR controls M2M eSIMs in India must not refuse integration of its SM-SR with the SM-DP of any licensed Indian Telecom Service Provider (“TSP”) whose profiles are to be added to such M2M eSIMs. This integration must occur upon request from the concerned Original Equipment Manufacturer (“OEM”)/M2MSP. Such integration must adhere to GSMA specifications and be completed within 3 (three) months from the date of formal request;
- the entity whose SM-SR controls M2M eSIMs in India must mandatorily facilitate switching of its SM-SR with the SM-SR of another eligible entity in India, upon request from the concerned OEM/M2MSP. This SM-SR switching must also comply with GSMA specifications and be completed within 6 (six) months from the date of formal request. These provisions significantly enhance flexibility and competition for M2M solution providers in managing their eSIM profiles and choosing SM-SR providers;
- request for switch-over of the communication profile on M2M eSIMs from one TSP to another TSP is required to be placed by the M2MSPs. The M2MSPs/TSPs will be allowed to communicate with SM-DPs and other SM-SRs only for profile management of the M2M eSIMs as per GSMA specifications and adhere to the instructions regarding usage and management of M2M eSIMs, including instructions related to SM-DP, SM-SR, as notified by the Government including instructions regarding roaming of foreign M2M SIMs (including M2M eSIMs) as notified by the Government. The use of 901.XX IMSI series allocated by ITU-TSB to Indian entities is not permitted for providing M2M services in India;
- Applicant for M2MSP registration may seek permission for owning and managing SM-SRs in India at the stage of submitting application. Existing M2MSPs (if an Indian company) may separately seek permission for owning and managing SM-SRs in India with a fee of INR 50,000 (Rupees Fifty Thousand only);
- every SM-SR site in India must be GSMA SAS-SM certified, with proof submitted to the DoT before operations begin. Furthermore, any SM-SR controlling M2M eSIMs in India cannot refuse to integrate with the SM-DP of an Indian TSP to add communication profiles, and this integration must be GSMA-compliant and completed within 3 (three) months. Communication between SM-DPs and other SM-SRs is strictly limited to profile management for M2M eSIMs, as per GSMA standards; and
- guidelines on Trusted Products in network are required to be complied in addition to any instructions on the national security.
Conclusion
This comprehensive update from the DoT represents a forward-thinking approach to M2M communications in India. It offers substantial operational flexibility for M2M service providers and OEMs by easing connectivity limitations and enabling dynamic eSIM profile management. TSPs will need to ensure that their systems support the expanded data points and the new SM-SR integration and switching mandates. For all industries leveraging Internet of Things, this framework simplifies deployment and management of connected devices.
This Prism has been prepared by:
![]() Tony Verghese |
![]() Radhika Gupta |
For more details, please contact [email protected].