GSMA eSA security evaluation and certification

GSMA is a global organization unifying the telecommunication ecosystem in developing and delivering innovation in technology and security. In recent years security assurance programs addressing the Telco market niche have made significant advancements to keep up with new technologies, ecosystems, and services.

Riscure is an accredited laboratory for performing security evaluations of eSIM products (iUICC/eUICC, SoCs, etc.). eSA accreditation enables Riscure to provide device and component evaluation testing against the security objectives within the GSMA Protection Profiles SGP.05 (profile for M2M devices) and the SGP.25 (profile for consumer devices).

The security evaluation process described in SGP.07 has already been used for several years in Common Criteria (CC) evaluations executed with the Dutch scheme. Next to helping our partners in reaching their GSMA related objectives, Riscure is also using our extensive experience with various form factors to provide quicker and better-controlled execution of other relevant Telco security evaluations, like the nuSIM (insert hyperlink) program.

Riscure provides our partners with GSMA certification evaluations at lower cost and quicker run-through times due to our significant expertise in the mobile and IoT security domains, combined with unique exposure to Common Criteria certification projects in the Netherlands.

Riscure is also supporting our partners with bundling different evaluation programs in one campaign – including CC with eSA or CC, eSA, and EMVCo on any type of technology. This way, our partners can access multiple outputs in a single evaluation campaign, resulting in a greater market outreach of target products.