Two flavors of virtual SIM – soft SIM and cloud SIM – have arisen as options for IoT deployments, alongside eSIM and iSIM, to complicate the picture further for operators and device makers. At first sight, they are appealing because they share the remote provisioning capabilities of eSIM and iSIM without requiring any specialized hardware on the device, running on whatever processor is available. At least that is the theory. In practice, security is the bugbear, and for most IoT services with any sensitivity at all, there will have to be some provision for that in the device – even if it is some Trusted Execution Environment (TEE) capability that is independent of any SIM functionality. In effect, there would…