Today at SIGNAL we introduced two exciting enhancements to Programmable Wireless.
Global SIM Connectivity
First, we’re incredibly excited to provide global connectivity on our T-Mobile powered SIMs. This enables Programmable Wireless to support global device deployments with a single SIM SKU. And for developers building outside the US, we heard your feedback! You’re now able to connect your device during development and testing in almost 200 countries.
When Twilio introduced voice in 2008 and SMS in 2010, both products started with humble US-only origins. Since then we’ve improved global coverage every day. We do this through a combination of commercial deals and technical interops that we collectively refer to as our Super Network. Our vision for a Wireless Super Network is no different – we want to achieve first class performance and capabilities in every market around the world, all via a single SIM and a single API. Today’s announcement is a big first leap toward that vision and we think it’s going to help developers tackle a huge number of use cases.
Global coverage will start as a Developer Preview. We hope to find users that are willing and able to provide feedback on a) the product’s performance in different markets and for different use cases, and b) international SIM card fulfilment. If you are interested in global connectivity and willing to work with our product team, please apply for access. Be sure to check out the pricing.
IoT Authentication Tools (on-board!)
This feature is in direct response to our conversations with IoT developers over the last year. We heard a common problem – the need to simply and securely provision unique identity credentials for a large fleet of devices, and to trust a device the first time it connects to the cloud.
Given that a SIM is essentially a mini cryptographic computer, and given that each SIM has unique data securely loaded at manufacturing time, identity and authentication seemed like a natural problem to approach using SIM hardware.
Starting in the fall, all of our SIMs will ship with two (count em) X.509 certificates on-board. That’s the same certificate format used by SSL and TLS (of HTTPS fame). As a device developer, you’ll have two options for utilizing these certs to sign a TLS challenge. First, from your firmware you can retrieve the public and private key for the first certificate (let’s call it Certificate A). These values can be passed to any standard TLS encryption library, or a hardware module that implements TLS. For security-conscious applications, we’ve separately bundled an applet onto the SIM that can sign a TLS handshake challenge using the second certificate (Certificate B) leveraging the SIM’s own cryptographic capabilities. The private key from Certificate B can never leave the SIM. It’s a bit more effort to get this signing mechanism working with your firmware, but we will provide sample code for Raspberry Pi and ARM mbed to get you started, with more platforms to come.
On the other side of the handshake – the server – we think it’s important to support multiple architectures. You’ll be able to upload certificates directly from Twilio to your AWS IoT account, download certificates via REST and load them to your own application server, or connect directly to Twilio Sync via MQTT. In all these scenarios, the private key exists only on the SIM itself.
If you have feedback, we’d love to hear from you. There’s no early access sign up for this feature – as soon as it’s ready we will start shipping it on every SIM. Over-the-air update capabilities will land at a later date.
With these improvements to Programmable Wireless, we’re excited to help developers deploy globally and keep IoT device communication secure. And as always with Twilio, there’s more to come. So get started, by requesting early access to the Programmable Wireless Global Connectivity Preview.
We can’t wait to see what you build with Programmable Wireless!