Skip to content

Cloudflare is launching a ‘zero-trust’ eSIM

  • by
  • 3 min read

Cloudflare has announced two new services — Zero Trust SIM and Zero Trust for Mobile Operators aimed at providing smartphone users, companies looking to secure corporate phones and carriers better security than just leveraging the built-in management capabilities in Android and iOS. 

Zero Trust SIM will be available as an eSIM that can be deployed to existing mobile management platforms regardless of whether the target device is iOS or Android. It aims to secure all data packets leaving a smartphone and will launch in the US first. The eSIM will also be locked to a specific device, reducing the chances of a SIM-swap attack and can be used either by itself or with Cloudflare’s WARP mobile agent. 

The major difference between Cloudflare’s new eSIM and other more traditional security measures like VPNs is that the eSIM works on a cellular level where the SIM card itself can act as an additional factor. This combined with hardware keys, can make impersonating another identity (or, in the case of a company, an employee) pretty hard. 

Cloudflare aims to start providing physical SIM cards in the near future as well.

The eSIM allows Cloudflare to rewrite DNS requests leaving a secured device to go through its own gateway for DNS filtering while also supporting host and IP validation before a data packet even reaches the internet. Identity-based connectivity to services and other devices can further act as yet another layer of security. 

The pricing for Zero Trust eSIM hasn’t been decided yet, and the product itself will take a few months to come to market. That said, it’s expected to be an extension of the per-seat pricing Zero Trust customers presently have. The company also plans to bring physical SIM cards in the near future. 

As for Zero Trust for Mobile Operators, it’s a carrier partnership program that allows service providers to offer subscriptions to various mobile security tools from the Zero Trust platform. Interested operators can sign up starting September 26 for more information. 

Finally, Cloudflare also demonstrated a platform for IoT devices, named IoT Platform, aimed at making managing multiple connected devices easy, allowing for ordering, provisioning and managing cellular connectivity as well as security for connected devices. This is the company’s response to the multiple IoT management platforms already in place from competitors like Microsoft’s Azure, Amazon Web Services and Google Cloud. 

In the News: UK police arrest suspected teen hacker behind Uber and Rockstar hacks

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>