On 11 April 2025, the Minister of Communication and Digital Affairs (“Comdigi”) has issued a new Regulation No.7 of 2025 on the Utilization of Embedded Subscriber Identity Module (‘’e-SIM’’) Technology in the Organization Telecommunications Systems (“Reg. 7/2025”). This regulation provides a formal framework for the deployment and management of e-SIM technology across mobile, satellite, and connected device networks, including Internet of Things (‘‘IoT’’) and machine-to-machine (‘‘M2M’’) environments.

Reg. 7/2025 was issued as a follow-up to Minister of Communication and Informatics (which is now under the authority of Comdigi) Regulation No. 5 of 2021 on the Implementation of Telecommunication in response to ongoing developments in the telecommunications sector. e-SIM technology offers numerous advantages for customers, including enhanced protection against unauthorized data usage and various cyber threats. Several adoption of e-SIM technology has gained global momentum due to its flexibility and security advantages over traditional SIM cards. Indonesia’s regulatory framework acknowledges these developments and ensures that e-SIM deployment aligns with national objectives, including data sovereignty, consumer protection, and network security. Mobile cellular network providers operating in the country have expressed their readiness to implement e-SIM technology and any providers that have already adopted or that plan to adopt this technology should take full advantage of the two-year grace period.

Reg.7/2025 is now the legal basis for the use of e-SIM technology in Indonesia, and now allows cellular mobile network providers and satellite mobile network providers (collectively referred to as the “Providers”) to utilize e-SIM technology in the provision of telecommunications services. Comdigi has emphasized that this technology will ultimately improve the integration of digital systems and biometric registration, providing greater protection to users against unlawful data use and various types of cybercrime (e.g. spam, phishing, and online gambling).

 

Key Provisions

Reg.7/2025 applies to the Providers. Their core obligations include:

• Providing and operating provisioning systems to manage local IMSI and MSISDN subscriber identities;
• Ensuring customer registration complies with applicable laws and regulations, including protecting consumer rights and personal data; and
• Safeguarding e-SIM profiles and securing certification under accredited data security schemes for the provisioning systems.

In alignment with Global System for Mobile Communication Association (‘‘GSMA’’) specifications, Reg.7/2025 governs the provisioning of e-SIMs across consumer devices, IoT platforms, and M2M systems. It also introduces dedicated numbering structures for these categories to support effective regulatory oversight at the national level.

Reg. 7/2025 allows the Providers to collaborate with other third parties in the provision and operation of provisioning systems capable of installing e-SIM profiles on consumer, IoT, and M2M devices. However, it requires that all such third parties must meet the following requirements:

(1) Be registered as an Electronic System Organizer (Penyelenggara Sistem Elektronik or PSE);
(2) Ensure comprehensive protection and security for all e-SIM profiles; and
(3) Comply with applicable data security certification standards applicable for provisioning systems.

 

Timeline and Enforcement

The Providers are given two-year grace period to comply with these requirements. During this period, they are expected to adapt their systems, processes, and vendor relationships accordingly. This period should be used to thoroughly assess and implement all of the mandatory measures that apply in order to meet the applicable technical requirements and manage any potential service impacts, thereby ensuring a smooth transition to e-SIM technology. Any Provider intending to implement this technology must assess and adapt their current services in order to bring them into line with the various technical specifications and requirements that apply to the utilization of e-SIM.

Oversight is entrusted to the Directorate General of Digital Ecosystem, who will undertake monitoring, evaluation, and enforcement. Non-compliance may result in administrative sanctions, including written warnings and, if necessary, public disclosure through official government channels.

 

Looking Ahead

This regulatory development marks a significant advancement in Indonesia’s telecommunications framework, formalizing the use of e-SIM technology, closing longstanding regulatory gaps, and strengthening digital security and data sovereignty objectives. The establishment of this framework offers certainty for market participants seeking to operate in or expand into Indonesia’s growing digital economy.

 

Indonesia Practice Group