Ericsson Secure Entitlement Server

SES acts as a multi-service enabler and secure gateway between devices and the carrier network, centralizing entitlement and service logic in one platform. It supports SIM, eSIM and non SIM devices, smartphones, wearables and laptops, aligned with Apple iOS entitlement APIs and GSMA TS.43-based Android ecosystems, and more. So CSPs can and enforce consistent policies and experiences across brands, MVNOs and partners while reusing the same entitlement assets.

SES is highly capable providing a large amount of use cases, including but not limited to: Apple Feature Registration, VoWiFi, VoLTE, VoNR configuration, Secondary devices such as Watches & Wearables and tablets, eSIM activation and cross OS transfer, RCS configuration, 5G data management, Android self-activated differentiated connectivity, Number Verification and Satellite mode support.

A full-fledged eSIM Orchestrator that unifies eSIM lifecycle management across on-device entitlement, web and application self-care, point-of-sale and enterprise portals. CSPs can design once and roll out digital eSIM journeys for activation, subscription transfer (including xOS transfers from Apple to Android and vice versa), recovery and enterprise onboarding across multiple brands and channels. Bring quick time to market for new offers and reducing integration and operational cost enabling end-user self-services with no human interaction needs from the CSP. All in all, focus on and enhancing the end customer experience.

SES enables data boost upsell for premium 5G experiences. Applications such as mobile cloud gaming, AR/VR, real-time collaboration or remote control can trigger device-side offers that SES validates, logs consent for and translates into policies and slice selection in the 5G Core, steering traffic to higher QoS slices for the session and enabling both device triggered and network triggered differentiated connectivity offers.

SES supports Rich Communication Services (RCS) and satellite connectivity as part of its extended entitlement and eSIM orchestration capabilities. For RCS, SES provides secure, SIM-based authentication, per-subscriber eligibility control and privacy-preserving identifiers across iOS and Android ecosystems, helping CSPs launch interoperable RCS services faster and under full policy control. For satellite connectivity, SES underpins satellite mode service enablement by handling user eligibility, service provisioning, plan purchase and policy parameters (such as allowed PLMNs and service types), so devices can seamlessly switch to non-terrestrial coverage when outside terrestrial networks while preserving a consistent subscription, charging model and user experience.

SES enables Number Verification using mobile network attributes and operator tokens, providing a secure, low-friction alternative to SMS one-time passwords for verifying the user’s phone number and supporting strong customer authentication. Implemented in SES and exposed via TS.43 API’s as well as CAMARA Number Verification APIs together with aggregators (Aduna, Vonage and others), this capability lets CSPs offer application providers scalable verification with better UX and security, while the operator retains control of policy, privacy and charging.