4 digital security trends that defined 2025

How remote SIM provisioning standards are accelerating IoT growth

The Internet of Things is expanding at an unprecedented scale, with GSMA Intelligence projecting 5.8 billion cellular IoT connections by 2030 – 37% of which will be powered by eSIM.¹ But scale brings fragmentation. The challenge isn’t just managing rapid growth, but also ensuring devices can communicate seamlessly across networks and geographies. 

Remote SIM provisioning (RSP) standards are essential for tackling this at G+D: as IoT continues to expand across industries and geographies, a shared set of standards is needed to ensure devices can speak the same language.

Early specifications, such as SGP.02 and SGP.22, addressed basic use cases. SGP.02 was designed for traditional machine-to-machine (M2M) applications such as industrial sensors and connected vehicles, while SGP.22 was designed for consumer devices such as smartphones and wearables. However, neither specification is suitable to address the complex needs of large-scale, headless IoT deployments operating autonomously in hard-to-reach locations. 

The release of SGP.32 in April 2024 marked a turning point, enabling MNOs to remotely download eSIM profiles onto devices in the field. Since SGP.32 reached commercial viability with version 1.2 in June 2024, adoption has gained traction across industries. In automotive, for example, it helps keep drivers and passengers safer by enabling connected vehicles to use fallback and emergency SIM profiles.

As SGP.32 adoption grows, the next evolution is already underway. The upcoming SGP.42 specification (expected Q3 2026) will enable in-factory profile provisioning (IFPP), allowing manufacturers to install connectivity profiles directly during production. Devices will thus be “Born Connected^®.” This will complement existing RSP capabilities, ensuring full connectivity management from factory to field, while reducing power consumption for battery-operated devices.

IoT as a force for good

Standards such as SGP.32 and SGP.42 are enabling this connectivity at scale – but to what end? The IoT has long since evolved from a technological novelty into an essential infrastructure that impacts our lives every day. By 2030, an estimated 40 billion connected devices will be operational² – equivalent to at least four devices for every person on the planet – transforming how we manage energy, deliver healthcare, ensure safety, and move goods across the globe.

In Swiss cities, for example, smart lighting systems have reduced energy demand by 50%.³ In healthcare, smart wearables and connected home technologies are improving how we care for the elderly and chronically ill through remote monitoring, reducing hospital visits while improving patient outcomes. In the automotive sector, vehicle-to-everything (V2X) connectivity powers life-saving innovations such as eCall, estimated to save 2,500⁴ lives annually in the EU, while improving travel times by up to 80%.⁵

Transport and logistics companies are also benefiting from IoT’s tracking capabilities. End-to-end asset tracking provides real-time visibility – even in remote regions – that helps optimize routes and operations, contributing to an average 15% reduction in fuel consumption.⁶ The benefits extend further: IoT technology doesn’t just facilitate locating assets – it also provides insight on the security and environmental conditions of a shipment.

However, scaling these benefits presents significant challenges. It’s one thing to manage one device, or even hundreds of devices. It’s quite another to manage hundreds of thousands, or even millions. Managing connectivity at this scale requires sophisticated platforms that can handle complex security requirements, ensure regulatory compliance, and maintain interoperability across diverse networks and geographies. For businesses looking to realize IoT’s potential, partnering with experts who understand this complexity is essential to successful deployment and long-term operations.

Digital identities – beyond just human identity

Digital identity has traditionally centered around people – verifying who we are so that we can access services, cross borders, or conduct financial transactions. As the digital economy matures, that definition is expanding. Establishing trust and security requires verifying the credentials not only of humans, but also of organizations, machines, and products.

This trend is driven by converging pressures across society. Regulatory initiatives such as the EU Digital Identity Wallet (required by 2026) and the Digital Product Passport (starting in 2027) are establishing new infrastructure for digital credentials. Meanwhile, demands for transparency and privacy, corporate ESG requirements, and the deployment of increasingly autonomous systems are all driving the need for trusted, non-human digital identities.

The challenge ahead is ensuring that these new frameworks are designed to work together across entities. Each entity type is developing identity frameworks tailored to specific needs. But what we can already foresee is that all of these identities – and their owners – will meet even in very basic use cases. As such, it’s crucial that interoperability is built in from the start, to avoid even simple everyday transactions becoming unnecessarily complex.

Consider a common business scenario where an employee rents a connected car for a work trip. The transaction requires the employee’s human credentials, the vehicle’s machine identity, the employer’s legal entity verification, and potentially the car’s Digital Product Passport showing compliance with environmental standards.

While these entities have different priorities – e.g. humans prioritize privacy, whereas traceability is the priority when it comes to products – they share many core commonalities around which interoperable systems can be established. They all perform the same key functions: they can act as issuers, holders, or verifiers of credentials. 

AI: trusted, transformative, necessary

Artificial intelligence hype is not waning. On the contrary, AI is being rapidly deployed across security-critical sectors such as banking, identity verification, and public infrastructure, where failure to protect data integrity can have severe consequences. A renowned case, where a credit assessment algorithm perpetuated decades of discriminatory lending patterns, is a prime example of how unchecked AI can cause irreparable damage while exposing organizations to significant regulatory and reputational risk.⁷

The regulatory environment is hardening, with stakeholders and regulators demanding greater transparency and accountability. The EU’s AI Act now imposes fines reaching €35 million or 7% of global annual revenue for non-compliance.⁸ The message is clear: systems must be secure, and trustworthiness cannot be an afterthought.

Consumers, stakeholders, and regulators are increasingly demanding greater transparency and accountability from technologies such as AI. As a result, organizations have a responsibility to deploy AI in a trustworthy way, especially in applications that can significantly affect people’s lives.

The challenge is that AI often operates as a “black box,” making its complex dependencies and unpredictable behavior difficult to evaluate. High-level ethical principles – such as the seven guidelines established by the European Commission’s High-Level Expert Group on Artificial Intelligence – remain too abstract for practical application. Without concrete frameworks, organizations struggle to translate good intentions into measurable safeguards.

Moving forward, organizations must adopt a proactive approach to building trust. In the study “Towards a Better Understanding of Evaluating Trustworthiness in AI Systems,” Veridos, in collaboration with Friedrich-Alexander University Erlangen-Nuremberg, put forward five principles for building trustworthy AI systems:

• Trust must be engineered from the ground up using quantifiable metrics, not assumed or retrofitted after failures occur.
• Trustworthiness is multi-dimensional and context-dependent – what matters most varies by application and stakes involved.
• Trust isn’t static and requires continuous monitoring as models drift and adversaries evolve.
• Quantification enables governance by making AI systems auditable, accountable, and manageable through real-time dashboards.
• Cross-disciplinary collaboration across AI engineers, ethics scholars, security experts, and UX researchers is essential throughout the development life cycle.

Organizations that adopt these principles won’t just tick a compliance checkbox – they will also gain a competitive advantage in an increasingly scrutinized landscape where trust becomes the ultimate differentiator.

Published: 29/01/2026