Private 5G/LTE: Dual SIM, Dual IMSI, eSIM or Roaming?
What SIM cards are best for a Private 5G or LTE network: Dual IMSI, eSIM, Dual SIM or maybe a “roaming” SIM – a service from a provider that allows roaming between my private and the public operator network so that my phones will keep working outside the enterprise?
As discussed in a previous blog post (on network slicing vs. private networks), Private LTE and Private 5G networks have become a hot topic for our industry, involving service providers but also directly involving enterprises in many verticals. A question we often hear from customers is: what SIM cards should we use for the private network? Should we go Dual IMSI or eSIM? Should we purchase a “roaming” service from a vendor that allows roaming between my private and the public operator network so that my phones will keep working outside the enterprise?
These are not easy questions to answer when applied to Private LTE and 5G because it really depends on what you want to be able to do:
- Do the private network devices require connectivity both inside and outside the private network coverage?
- Can the private network control which devices (e.g. phones) are used on its network?
Whatever the solution, it MUST deliver a RELIABLE service with DETERMINISTIC CONTROL.
If the private devices should not be used outside the enterprise premises, the enterprise IT team will want to prevent them from connecting to any public network. This can be achieved by deploying either a physical private SIM card or an eSIM (electronic SIM) onto the device. The security credentials of the SIM/eSIM must be provisioned only in the Private 4G/5G network using a secure procedure agreed with the SIM vendor. Athonet for example provides SIM/eSIMs but also allows customers to procure their own and to do their own simplified provisioning through a “Dashboard” that is compatible with SIM vendor requirements. These “private network only” devices will only be able to connect under the wireless coverage of the private network.
On the other hand, in many cases the private devices will be used by personnel that may leave the enterprise premises and needs to maintain connectivity wherever they are. It could simply be a smartphone that runs special applications that can only be utilized under enterprise coverage (e.g. sensitive data, machine control) but still needs email, workflow and voice communications to be available when outside the enterprise. This would require the private device to connect to a carrier’s public 4G/5G network when outside the private premises.
At first sight, the natural solution to this problem would be that of roaming. Roaming is the set of commercial agreements and technical interfaces between two mobile networks that allows a customer of one network to connect to the other network. Further, if a mobile carrier owns the private network they could implement “handovers” (i.e. mobility of devices) between its public and private networks.
Let us assume that it is commercially and technically feasible to have roaming between the private network and the carrier’s public network to allow the private device to connect to the carrier network (note: it is not simple and it is costly but it has been done). How does the phone decide to switch from the carrier network to the private network and viceversa? That is defined by 3GPP mechanisms such as “cell reselection” and “handover”. Essentially the phone will only switch under certain conditions. In an over-simplified way, the phone takes measurements of radio signals, reports them to the current network it is connected to and the current network provides information to the phone which switches (or not) based on the 3GPP protocols and algorithms.
Since the private and public carrier networks will be uncoordinated in the most practical cases (note: even if the carrier provides the private network it will be complex/costly to perform such a tight integration), the phone will not receive information that allows it to switch networks in a deterministic manner. Switching in this case may depend on the smartphone going into “idle mode” (battery save mode) and then looking for its home (private) network every 6 minutes or more as set in the 3GPP specifications. Since we are now in a world where we receive/send Teams, WhatsApp or other similar messages every few minutes, the phone may take hours or it may even never search for the private network despite being at the enterprise premises. Furthermore, we have found that different phones have different behaviours. This does not give us any certainty, failing both the requirement for enterprise control and reliability.
Instead the phone will switch network when it has lost signal from its current network and needs to autonomously find an alternative. This will happen when the phone leaves the enterprise or private network location (e.g. leaves the factory) and will switch to the public carrier network, as its only alternative, after spending some time scanning for networks.
All the above makes basic roaming a suboptimal choice for private networks where, in the vast majority of cases, some carrier public network coverage is present and it overlaps the private network coverage. This is because the phone may remain connected to the carrier’s public network even when it has reached the private network, defeating the purpose of the private network itself. Worse still, even if you are a sophisticated user and find out that your phone is still on the public carrier network and has not switched to your private network, there is no mechanism to force it to switch. You may end up being unable to use those apps that only run under private coverage just when you need them! Also, you may be paying roaming fees for those long video streaming sessions that you thought were getting done under your private network where you don’t pay for traffic. That is why roaming works best for international travel, where the phone can no longer find its network and needs to switch.
Handovers instead would be a deterministic solution as the phone is instructed to move between radios. However it would (a) make the private network overly costly due to the complex integration required with the mobile carrier network as the private and public carrier radios would need to interwork and (b) limit the application to those cases where the private network radio is shared by private and public customers, because all carrier customers would then be able to handover (or attempt to handover) to the private network radio.
It is not a question of technical feasibility. Athonet for example supports handovers, 3GPP relocation mechanisms and roaming which it has implemented in multiple networks interfacing Tier 1 carrier networks in the USA and Europe. It is really a business choice related to complexity which drives up capex and opex beyond the enterprise price levels.
Fortunately there are simpler alternative solutions that can be implemented today using the latest SIM technology.
If roaming and handovers are overly complex for your scenario, how can the phones move between the private network and the public carrier’s network?
To start with, the phone and its SIM card need to be able to connect (securely) with both networks. Since we cannot use a single SIM card leveraging roaming/handovers, we will need two SIM cards to connect to the two networks.
At a time when there were no phones with two SIM slots (Dual SIM) the solution that the SIM vendors invented was the Dual IMSI: two SIM “identities” inside the same physical SIM card. In essence it’s like having two SIMs in one. With a Dual IMSI SIM card a mobile user cannot use both SIM identities at the same time but can switch between them manually by using an “applet” program running on the phone.
Today Dual SIM Dual Standby (DSDS) phones are on the market. The earlier versions of Dual SIM technology had two physical SIM slots where you could insert both a private network SIM card and the carrier SIM card. These early phones required users to select a single SIM at a time. Instead newer phones, supporting DSDS, allow both SIMs to be “active” contemporarily with one of them in “standby”. You can therefore be busy doing email on SIM1 and get interrupted by someone calling you on SIM2.
eSIM technology has taken this concept to a whole new level. No longer do we need a physical SIM card because the digital SIM information can be downloaded securely to the phone itself. eSIMs are supported commercially by many carriers worldwide (e.g. Verizon USA, T-Mobile USA, Vodafone UK, Orange France). The phone scans a one-time QR code in order to fetch and install the SIM profile. Therefore DSDS phones with eSIM support allow us to have a phone that can run both a private and a public carrier SIM at the same time.
What about the phones? There are several DSDS eSIM capable phones on the market today that support many LTE bands (including CBRS B48) such as the Apple iPhone 11/12/SE and the Google Pixel 4.
Let’s assume we have two eSIMs: one private eSIM and one carrier eSIM. Such a phone will be connected to both the private and public carrier network where possible. It will prioritize one of those networks for data and one for calls. On my iPhone 11, for example, I prioritize data on my private LTE SIM and voice on my carrier SIM. Therefore, when I am in my office (home office nowadays…) I can receive calls on the carrier SIM but all my data goes on my private CBRS network. When I leave the office I use the carrier SIM for all traffic.
Coming back to question 2) at the beginning of this post, if the enterprise can pick its devices (which in most cases it can) then a DSDS phone with eSIM support is the simplest solution. Note that, as these phones become mainstream, it will be possible to provide employees or even the public entering a venue with a temporary Private eSIM card using a QR code, allowing them to connect to the venue’s private network in order to access specialized services.