From QR Codes to Zero Touch eSIM Provisioning: A Guide to Enterprise eSIM Activation

By 2028, eSIMs are expected to account for most mobile connections worldwide. The digital SIM format is supplanting physical SIMs, spurred by recent developments like the eSIM-only iPhone Air.

For businesses that need to keep their workforces connected with reliable, secure, and fast mobile data, eSIMs have been a revelation.

They’re safer than SIM cards, with no risk of loss or theft. They’re also more efficient, entirely removing physical logistics from the SIM provisioning process and allowing traveling employees to avoid roaming fees while abroad. Crucially, they can be distributed at scale, making them an instant connectivity solution for everyone from startups to multinational corporations.

Companies have a choice of enterprise eSIM deployment methods, depending on their operations and their eSIM provider's capabilities.

Finding the optimal eSIM delivery method is key to a viable mobile strategy: a successful method reduces bureaucracy for IT administrators, while providing a layer of control and visibility over all company mobile usage. The most advanced techniques, such as Zero Touch distribution, even enable the automation of certain tasks, further improving operational efficiency, regulatory compliance, and cybersecurity, while simplifying eSIM management for enterprises.

Here, we explore some of the most common methods of remote eSIM distribution for businesses and reveal why Zero Touch will play a central role in the future of telecommunications.

From activation to orchestration

In 2026, two factors determine the success of a company’s mobile connectivity strategy: flexibility and scalability. Per Apple, “(eSIMs) afford much more deployment flexibility and are also easier to secure; administrators can trigger eSIM installation remotely and restrict a user’s ability to remove it from their device.”

The rising sales of cellular tablets, smartwatches, and laptops mean that employees increasingly work across multiple mobile devices – a viable mobile strategy accommodates this flexible reality rather than sticking to a strict, one-SIM-per-user policy.

For IT departments, the focus has shifted from activating individual devices to orchestrating connectivity across users, device types, and global regions. An unsuited or outdated activation method creates manual overhead, inconsistent deployments, and security risks. The right approach enables instant, repeatable global rollout.

The eSIM activation spectrum

Enterprise eSIM activation spans a spectrum from manual to fully automated. QR codes and user-led installs sit at one end; in-app installs, carrier activation, and EID-based provisioning occupy the centre; and API-driven and MDM-integrated workflows with fully automated deployment are at the other end.

As a general rule, organizations trend towards high-capacity automation and policy-driven provisioning methods as they scale: these provide the foundation for mass visibility and control over company-wide mobile usage, even across international teams.

Key eSIM activation methods explained

Here’s a quick guide to some of the most common eSIM deployment methods, from least to most sophisticated.

1. QR code activation

With this method, the user scans a QR code with their mobile device to download an eSIM.

How it works:

1. The mobile carrier generates a QR code linked to a unique eSIM profile.

2. The QR code is distributed to the end-user via several possible methods, including email, SMS, or physical print.

3. The user scans the QR code with an eSIM-enabled device to instantly download and activate the SIM profile.

QR code activation is simple and widely supported, making it suitable for small deployments or temporary use cases. However, it offers limited control and scalability. Because the process still requires some input at the user end, it retains a slight risk of human intervention or error. QR code activations are also unsupported by eSIM devices that have no camera, such as smartwatches or cellular laptops. The QR codes themselves can be distributed across several channels, from emails to physical print. There are distinct methods of QR code eSIM activation: individual and shared.

Individual QR codes

With single-use QRs, the carrier generates a unique QR for each device. The end-user receives their QR code (typically via email) and activates the eSIM themselves. If they use more than one mobile device, they will require additional QR codes. This is best suited to usages that require individual user verification and authentication, such as corporate mobile plans.

Shared QR codes

Alternatively, a shared QR can also be generated. Here, a single, reusable QR code is linked to a database of eSIM profiles. When the QR code is scanned, it pulls a unique SIM profile from the pool and assigns it to the user. Shared QR codes are ideal for consumer and public-facing use cases, and in shared areas like stores, trade fairs, and print advertising.

The larger the user base, the less practical QR code distribution becomes. Each code must be individually generated and distributed before the recipient can start using their eSIM. While the method is a popular option for consumer applications, like the booming travel eSIM industry, enterprises that require large-scale deployments and ongoing control over their mobile usage may find other options to be more appropriate.

2. In-app activation

For high-volume, high scalability options, in-app-based eSIM provisioning reduces user effort and the chances of interception or human error.

In-app activation is particularly useful for companies that operate bring-your-own-device (BYOD) policies, where employees are authorized to use their personal devices for work. Rather than scanning a QR code, the user verifies their identity and requests an eSIM by downloading an app.

How it works:

1. The employee downloads the carrier’s app onto their personal mobile device.

2. The user then signs into the app with their work credentials and requests an eSIM.

3. The eSIM profile is remotely installed on the device.

Like QR code activation, in-app methods can only be used with compatible devices, limiting usage on cellular laptops or smartwatches, for example.

3. MDM (Mobile Device Management) push

The underlying principle of the previous methods is broadly similar: a user requests an eSIM via their mobile device, the carrier “pulls” a profile from the SM-DP+ server and transmits it to the end-user.

This is in direct contrast to the MDM push method, which requires no manual input from the user. Instead, the organization automatically “pushes” the eSIM profile to their device. In practice, this allows enterprises to outfit their teams with pre-configured, ready-to-use mobile devices.

This is achieved via a Mobile Device Management (MDM) platform, a centralized program that allows IT departments to supervise the mobile device configuration and usage of every enrolled device in the organization.

How it works:

1. A mobile device is enrolled in an organization’s Mobile Device Management (MDM) platform with its unique eUICC ID (EID).

2. The organization uses its MDM (e.g., Microsoft Intune) to push eSIM activation commands and profiles over-the-air to the device.

3. The end-user received a fully configured mobile device with an active eSIM profile, without having to do anything.

4. Further changes, like security updates or eSIM profile revocation, can be made at any time via the MDM.

An MDM allows admins to instantly deploy, manage, and recall eSIM profiles at scale, anywhere in the world, when partnered with a digital-first eSIM provider like 1GLOBAL.

By “preloading” a device with the required configurations, friction is eliminated from the activation process: as soon as the user turns on their new device and logs in with their credentials, they begin the eSIM provisioning process.

Carrier activation and EID preload

For organizations with a preference for Apple devices, Apple Lookup Service (ALS), often referred to as Carrier Activation, provides a more streamlined, device-native approach, reducing the workload required during Apple eSIM activation for enterprise.

Carrier Activation is a form of push install where the eSIM is remotely added to a device via orchestration between the carrier’s SM-DP+ eSIM database and the mobile device/OS manufacturer (like the Apple Lookup Service for iOS devices). The relevant device’s identifying number (EID) is preloaded with the necessary subscriber information before being remotely pushed to the device. For the end user, this means a pre-installed, pre-configured eSIM in their device when they first use it.

Using a central control panel like an MDM transforms the scale and speed at which profiles can be deployed. Rather than requesting users to update their devices or spending time on individual cases, admins can apply sweeping changes to thousands of devices at once.

API-driven provisioning takes this further, integrating connectivity directly into enterprise systems for scalable, dynamic deployment.

Taking it a step further: Zero Touch with 1GLOBAL & Jamf

The most advanced model is fully automated, Zero Touch provisioning. 1GLOBAL’s unique suite of proprietary eSIM management APIs integrates directly with the Apple Device MDM Jamf Pro to introduce automation to the equation.

With 1GLOBAL and Jamf eSIM deployment, eSIMs are deployed remotely and activated automatically based on device policies, without any user interaction.

Devices can be provisioned globally in seconds, reducing IT workload while improving consistency, security, and speed of deployment. This includes further configurations beyond the eSIM profile, including apps and settings. This process allows organizations to automate simple eSIM management tasks through their MDM, further reducing strain on IT departments and providing employees with regularly updated, secure devices that stay connected across the globe.

Comparing eSIM activation methods

Business impact: why choosing the right activation method matters

At scale, activation strategy directly impacts operational efficiency.

Automated eSIM deployment accelerates onboarding, reduces support overheads, and ensures consistent policy enforcement across regions. It also strengthens compliance and security by removing reliance on end-user actions.

While there’s no real downside to using a higher-fidelity option, smaller companies without an MDM may find it more convenient to opt for a simple QR or in-app service.

For companies with internal IT departments and an existing mobile device management system, 1GLOBAL provides a range of scalable, fully integrable eSIM deployment services that sit alongside current systems and grow with the company’s needs.

Over 80% of mobile operators believe that most of their customers will be using eSIM by 2030. Companies must reflect this change in their employee mobile connectivity service. In the short-term, a viable eSIM provisioning strategy enables teams to do their best work while safeguarding the company from potential data breaches and roaming charges.

Long-term, it enables companies to expand internationally while ensuring GDPR compliant eSIM connectivity and keeping pace with technological advancements.

1GLOBAL eSIMs: worldwide eSIM solutions for businesses

1GLOBAL combines global connectivity infrastructure, an eSIM lifecycle management platform, and deep MDM eSIM integration, including Jamf, to simplify enterprise deployment.

This enables organizations to move from fragmented activation methods to a unified, scalable connectivity strategy. As both a fully-licensed telco and an eSIM supplier, 1GLOBAL occupies a unique market position - one that provides us with an inherent understanding of the connectivity needs that multinational businesses face, and the technological prowess to address them.

Learn more in our QuickConnect webinar

On May 21, 1GLOBAL is hosting episode 1.2 in its QuickConnect Webinar series, focusing on eSIM activation methods, diving deeper into how companies can use Zero Touch to streamline their connectivity, and answering your questions in a live Q&A.

The webinar will take place on Thursday, 21 May at 2pm GMT – register here to reserve your spot.

If you can’t make it on time, don’t worry – the recorded webinar will be sent after the session to everyone who registered, and will also be available to view online on this very website.