ENODA Ventures says bootstrap eSIMs are not IFPP

Jared Miller of ENODA Ventures wrote on May 12, 2026 that embedding an eUICC with a bootstrap profile is not the same as in-factory profile provisioning (IFPP).

Miller describes the common bootstrap model as an eUICC soldered onto a device PCB with a preloaded bootstrap profile that lets the device attach to one network and contact an SM-DP+ (Subscription Manager Data Preparation) server. The SM-DP+ server then downloads the operational profile when the device first powers on in the field. He says this model is functional but still depends on successful first-connectivity, which can fail in basements, underground utility vaults, rural sites, or metal enclosures.

Miller defines IFPP as loading operational profiles, rather than bootstrap credentials, during the eUICC personalization stage at the vendor’s secure facility. He cites STMicroelectronics, Thales, and IDEMIA as examples of companies operating eUICC personalization lines, and says true IFPP requires coordination between the eUICC vendor, the target MNO (mobile network operator) or connectivity platform, and the SM-DP+ operator. He also says IFPP is designed to align with GSMA SGP.32, the GSMA remote SIM provisioning specification for IoT, and the emerging SGP.42 specification for in-factory provisioning procedures.

The article says the distinction matters for manufacturing and deployment because a device with a pre-installed operational profile leaves the factory ready to connect without a first-call-home step. Miller argues that this removes first-connectivity risk and separates OEM production from country and carrier selection. He says enterprises evaluating eSIM manufacturing should ask where the operational profile is loaded, whether the device needs network access before it becomes operational, and who coordinates provisioning between the eUICC vendor, the SM-DP+ operator, and the destination carrier.