Top eSIM Questions Answered: What Users Really Want to Know

This is one of the most frequently asked questions, and the answer depends on your device. Most modern smartphones — including iPhone 14 and later, Google Pixel 7 and up, and flagship Samsung Galaxy devices — can store between 5 and 10 eSIM profiles simultaneously. However, only one or two can be active at any given time, depending on the model. For example, iPhone 13 and newer support dual eSIM active mode, meaning you can have two eSIM lines running concurrently without a physical SIM card. The GSMA eSIM specification actually permits storage of far more profiles in the embedded UICC (eUICC), but manufacturers impose practical limits based on memory allocation and user interface considerations. It is also worth noting that stored profiles consume a small amount of secure storage space — typically a few hundred kilobytes per profile. If you hit the limit, you can safely delete inactive profiles to free up slots without affecting your active service. Always verify your specific device model's eSIM storage capacity on the manufacturer's official support page, as budget and mid-range handsets may support fewer profiles.

The short answer is: it depends on your carrier and the platform ecosystem. In the Apple ecosystem, the introduction of eSIM Quick Transfer in iOS 16 significantly simplified the process. Users can transfer an eSIM from one iPhone to another directly via Bluetooth during the setup process, without needing to contact the carrier — provided the carrier supports this feature. Major carriers like AT&T, T-Mobile, Verizon, and Vodafone generally support Quick Transfer, but many smaller and prepaid carriers still require you to request a new eSIM QR code or activation code. On Android, the situation is more fragmented. Samsung offers a similar transfer capability on Galaxy devices running One UI 5.1 and later, but compatibility varies by carrier and region. Google Pixel devices also support eSIM transfer in select markets. For cross-platform transfers — say, from iPhone to Android or vice versa — you will almost always need to contact your carrier to deactivate the old eSIM and issue a new one, because the GSMA standards do not yet define a universal cross-platform eSIM transfer protocol. This remains one of the biggest usability gaps in the eSIM ecosystem, and the GSMA is actively working on a standardized solution under the SGP.29 specification for remote eSIM transfer.

Deleting an eSIM profile removes the carrier configuration and associated network credentials from your device's eUICC. Once deleted, the profile cannot be recovered — you will need to re-download it from your carrier using a new QR code, activation code, or carrier app. Crucially, deleting the profile from your device does not cancel your mobile plan or contract. Your billing relationship with the carrier remains intact, and the line is still assigned to you on the carrier's back-end systems. To avoid unexpected charges, always contact your carrier to cancel the plan first, then delete the profile. There is one important exception: if you are using a prepaid or travel eSIM with a fixed data allowance and no recurring billing, deleting the profile effectively ends your usage of that plan — but any remaining data balance is typically forfeited. Some travel eSIM providers allow you to re-download the same plan if the validity period has not expired, but this is not universal. Before deleting any eSIM profile, take a screenshot of the activation details or save the original QR code email, as this will save you considerable hassle if you ever need to restore the profile. Also note that deleting an eSIM does not factory-reset the eUICC; the secure element remains intact and ready to accept new profiles.

This question reveals a common confusion about how eSIM activation actually works. The eSIM profile itself — once downloaded and installed — operates exactly like a physical SIM card: it communicates with cellular towers over radio frequencies and does not require internet access for basic connectivity like calls, SMS, or mobile data. However, the initial download and activation of an eSIM profile does require an internet connection, because the profile is fetched from the carrier's SM-DP+ (Subscription Manager Data Preparation) server over a secure IP channel. This is normally done via Wi-Fi or an existing cellular data connection. If you are setting up an eSIM while traveling and have no internet access, you may find yourself in a bind. The workaround is to download the eSIM profile before departing, when you have reliable Wi-Fi. Some carriers also support activation via SMS-based push notifications, but this still requires an active cellular connection. Once the profile is installed, the eSIM functions fully offline in terms of cellular connectivity — it does not depend on an internet connection to maintain service. This distinction is especially important for travelers and users in areas with limited broadband infrastructure, where cellular coverage may be the only reliable form of connectivity.

Contrary to common concern, eSIM technology is generally more secure than physical SIM cards, not less. Physical SIM cards are vulnerable to SIM swapping attacks — where an attacker socially engineers a carrier into transferring a victim's number to a SIM the attacker controls. While the social engineering risk still exists at the carrier level, eSIM eliminates the physical theft vector: there is no plastic card to steal, clone, or surreptitiously swap. The eUICC (embedded Universal Integrated Circuit Card) is soldered directly onto the device's motherboard and is protected by the same hardware security module that safeguards biometric data and encryption keys. All eSIM profile downloads occur over encrypted TLS channels between the device and the carrier's SM-DP+ server, authenticated by digital certificates issued under the GSMA's Certificate Issuer (CI) hierarchy. Additionally, eSIM profiles are bound to the specific eUICC ID (EID) of the device they were downloaded to, making profile cloning infeasible. The GSMA's SAS (Security Accreditation Scheme) ensures that eSIM manufacturing facilities and profile provisioning systems meet rigorous security standards. That said, no technology is immune to attack. The primary eSIM-related security risk today is not the technology itself but rather carrier processes: if a carrier's customer service can be tricked into issuing a new eSIM QR code to an attacker, the outcome is similar to a traditional SIM swap. Users should enable carrier-level SIM protection PINs and use app-based two-factor authentication wherever possible.