Connected vehicle programs routinely collapse not at the hardware stage, but at the connectivity layer – specifically when SIM lifecycle management is treated as an afterthought. If you're designing or scaling a fleet OEM program, this guide covers what actually matters: provisioning architecture, roaming strategy, compliance exposure, and how to structure operations so connectivity doesn't become the ceiling on your growth.

In this article

• Why SIM lifecycle management is a fleet OEM problem, not a carrier problem
• The five stages of a connected vehicle SIM lifecycle
• Provisioning architecture: M2M vs. IoT eSIM
• Roaming strategy and permanent roaming risks
• Operational compliance and audit readiness
• Frequently asked questions
• Key takeaways

Why SIM lifecycle management is a fleet OEM problem, not a carrier problem

Most fleet OEMs frame SIM management as a procurement question: which carrier, which rate plan, how many SIMs. That framing misses the operational reality. Once vehicles leave the factory – crossing borders, aging through network generations, accumulating regulatory exposure in different markets – the carrier can't save you. The OEM owns the lifecycle.

The consequences of poor lifecycle planning compound quickly. A telematics unit that goes dark in the field doesn't just lose location data; it creates gaps in hours-of-service records, opens regulatory exposure in fuel tax reporting, and leaves risk management teams without the session data they need to contest insurance claims. As our guide to common connectivity failures in fleet deployments documents, most of these failures trace back to configuration and deployment decisions made months before the vehicle shipped – not to hardware faults.

The shift from physical SIM to eSIM changes the equation significantly, but only if your operational stack can follow the switch. Profile portability without session-level visibility isn't a feature – it's a liability dressed as one.

The five stages of a connected vehicle SIM lifecycle

Understanding lifecycle management starts with mapping what actually happens to a SIM across a vehicle's operational lifespan.

The test state is underappreciated. Before a single vehicle ships, SIMs should be in a low-cost state – consuming minimal data for validation purposes, paired to specific IMEIs, with production data plans configured to activate automatically on deployment. This isn't a standard offering from most connectivity providers, but it should be a baseline requirement in any OEM vendor evaluation. We've seen programs burn significant budget simply because no one defined the transition trigger from test to operational.

Provisioning architecture: M2M vs. IoT eSIM

The provisioning architecture you choose at design time determines how much operational flexibility you retain for the next decade. Fleet vehicles have long lifespans; the networks they're born into will not be the networks they retire from. Getting this decision wrong is expensive to unwind.

Three GSMA architectures are relevant to fleet OEMs:

• SGP.02 (M2M): The incumbent standard. Uses SM-DP and SM-SR components for push-based Remote SIM Provisioning. Mature and widely supported, but creates SM-SR vendor lock-in that limits your ability to switch infrastructure providers without re-engineering your stack.
• SGP.22 (Consumer): Designed for UI-driven, pull-based profile switching via a local profile assistant on the device. Uses SM-DP+ and LPA, and is also applied to certain classes of IoT devices.
• SGP.32 (IoT eSIM): The emerging standard purpose-built for unattended deployments. Introduces the eIM (eSIM IoT Remote Manager) and IPA (IoT Profile Assistant) to enable vendor-agnostic, over-the-air profile management – without SMS dependency and without SM-SR lock-in. It supports multiple transport protocols including CoAP/DTLS for constrained devices. Our detailed breakdown of SGP.31/32 covers the architecture in full.

For most fleet OEMs designing new programs today, the strategic direction is SGP.32. The elimination of SM-SR lock-in alone justifies the transition planning. The eIM architecture decouples profile management from a specific SM‑SR vendor — a meaningful shift in commercial leverage.

That said, SGP.32 native hardware isn't yet widely available in production-ready cellular modules. In practice, most current deployments use M2M eSIM (SGP.02) infrastructure while IoT eSIM capabilities are layered in as module availability catches up with the standards. 1oT's GSMA-compliant RSP infrastructure runs on AWS, providing the geo-redundancy and scalability that fleet-scale deployments require.

Before committing to any provisioning architecture, work through this checklist:

• Confirm the cellular module supports your target RAT – LTE-M for any mobile asset, without exception (NB-IoT lacks cell handover and will drop connections in moving vehicles)
• Validate BIP (Bearer Independent Protocol) support if using M2M RSP
• Configure IMEI pairing during production to lock SIMs to specific devices
• Establish test-state data plans with automatic transition logic to operational plans post-deployment
• Validate APN settings per target market before scaling – APN misconfiguration is the most common and most preventable fleet connectivity failure

Roaming strategy and permanent roaming risks

A vehicle manufactured in one country and sold in another is, from a connectivity standpoint, immediately a roaming device. For consumer handsets, this is a temporary inconvenience. For fleet telematics, it's a permanent operating condition – and the regulatory exposure accumulates silently until it doesn't.

Permanent roaming restrictions vary significantly across markets. Brazil prohibits non-domestic profiles from roaming beyond 90 days without local business registration. Turkey requires IMEI registration and a local subscription for IoT devices after about 120 days of use on Turkish networks, and effectively blocks non‑local profiles that exceed roughly 90 days of roaming within any 120‑day period. China prohibits permanent roaming in practice and restricts profile swaps under telecommunications law. North America has no formal ban, but major MNOs generally penalise high-roaming arrangements with elevated fees. Our roaming restrictions guide maps the compliance landscape in detail across each major market.

The standard response – "we'll use a global roaming SIM" – works until it doesn't. Roaming SIMs expose you to throttling, higher latency, disabled power-saving modes (PSM/eDRX), and the regulatory cliff edges described above. The eSIM answer to permanent roaming is local profiles. By downloading a local carrier profile over the air when a vehicle enters a new market, you eliminate the permanent roaming classification entirely – the device becomes a local subscriber rather than a foreign SIM on a visitor's arrangement. This is the architecture that GSMA guidance increasingly favours for IoT deployments.

One distinction that carries real operational weight: non-steered SIMs are essential for fleet reliability. Steered SIMs force connections to a carrier's preferred roaming partner regardless of signal quality or network congestion. If that partner has an outage, steered devices have nowhere to fall back to. Non-steered SIMs connect to the strongest available network automatically – the device selects based on signal quality, not carrier commercial arrangements. We've built 1oT's entire SIM offering around non-steered connectivity because the alternative creates a single point of failure at exactly the moment you can least afford it. For more on why this matters in practice, see our breakdown of steered vs. non-steered SIMs.

Operational compliance and audit readiness

Fleet OEMs operating across multiple regions face layered compliance requirements: data localization rules, security standards, SIM state auditability, and lifecycle logging. These requirements don't arrive all at once – they accumulate as you enter new markets and as regulations evolve. The connectivity stack decisions you make at launch determine how painful that accumulation becomes.

A platform that provides real-time session visibility, automated SIM state logging, and API-accessible audit trails gives you a foundation you can build on. One that doesn't leaves your compliance team reconstructing events from carrier invoices – which is neither reliable nor auditable.

The key operational controls for compliance-ready fleet connectivity are:

• SIM state audit trail: Every activation, suspension, profile switch, and deactivation should be logged with timestamps and accessible via API. This is increasingly a regulatory requirement in markets with data governance frameworks, not just good practice.
• IMEI locking: Pairing SIMs to specific vehicle IMEIs prevents misuse and creates a verifiable chain of custody between SIM and device. If a SIM appears on an unexpected IMEI, automated suspension should follow immediately.
• Data usage controls: Per-SIM data limits prevent runaway consumption from firmware errors or compromised devices, and protect against billing events that erode trust with fleet operators downstream.
• Private APN with VPN: Routing fleet telematics over a private APN with an IPsec VPN keeps data off the public internet, satisfies data sovereignty requirements in sensitive markets, and enables fixed IP pools for remote device access. Our guide to keeping IoT devices and SIM cards secure covers implementation specifics.
• Account permission structure: OEMs deploying into end-customer accounts need permission-scoped access – the ability to manage SIM states without visibility into end-customer billing. Split invoicing between OEM and end customer during mixed-responsibility deployment phases is a capability that becomes essential at scale.

The 1oT Terminal connectivity management platform consolidates these controls – SIM state management, usage monitoring, workflow automation, and eSIM orchestration – into a single interface with a full API for backend integration. For fleet OEMs managing vehicles across multiple markets, single-pane visibility isn't a convenience; it's a prerequisite for operational control at scale.

Frequently asked questions

Can we use the same SIM configuration across all markets, or do we need market-specific profiles?

A single global roaming SIM can work for pilot deployments or markets with relaxed roaming policies, but it creates permanent roaming exposure in regulated markets and performance degradation where local network steering isn't available. The operationally sound approach is a default global profile for initial connectivity, with local carrier profiles available for OTA download as vehicles enter target markets. This is the model eSIM enables and that SGP.32 is designed to support at scale.

What's the right cellular technology for fleet telematics modules?

LTE-M (Cat-M1) for any mobile asset, without exception. NB-IoT does not support cell handover, meaning a vehicle moving through coverage boundaries will drop its connection rather than hand off to the next cell. LTE-M handles mobility correctly. For new module selections, Cat 1 bis is a strong choice for broader compatibility where LTE-M availability is inconsistent. Avoid 2G/3G module selections – network sunsets are ongoing across major markets, and the migration cost later exceeds any savings now.

How do we handle SIM deactivation at vehicle end-of-life?

Deactivation should be triggered by a defined event – vehicle retirement, transfer of ownership, contract end – and executed via API or platform workflow, not manually. Active SIMs on decommissioned vehicles are a direct cost leak and a potential security exposure. Your connectivity platform should support automated deactivation workflows tied to fleet management system events, with logged confirmation of deactivation for audit purposes.

Key takeaways

• Lifecycle planning starts at hardware design time. APN configuration, IMEI pairing, test-state data plans, and module RAT selection are decisions made before the vehicle ships – and they determine how much operational control you retain once it does.
• eSIM enables local profiles, not just profile portability. The real value of eSIM for fleet OEMs is eliminating permanent roaming classification by deploying local carrier profiles OTA – reducing regulatory exposure and improving network performance simultaneously.
• Non-steered, multi-network SIMs are the reliability baseline. Steered SIMs create single points of failure. Multi-network access with automatic selection based on signal quality provides the redundancy that fleet telematics SLAs require.
• SGP.32 removes SM-SR lock-in. If you're designing a new connected vehicle program, build toward IoT eSIM architecture – the eIM model gives you vendor-agnostic provisioning control that M2M RSP cannot match.
• Compliance is an operational architecture problem. Audit trails, IMEI locking, private APNs, and account permission structures aren't add-ons – they're foundational to operating across regulated markets at scale.

Ready to map your SIM lifecycle architecture against your fleet deployment requirements? Explore 1oT's connected vehicle connectivity solutions or review global coverage for your target markets – or contact our team to walk through your specific deployment scenario.

‍