In the past few months, a number of MNOs have introduced their highly anticipated mobile 5G services. Offers vary considerably across and within markets, with options for handset and router bundles as well as SIM only deals.

Launching in December 2018, South Korea was the first market to offer 5G services, first providing connectivity to a few business customers in a limited area before operators expanded services to consumers in April.

In May 2019, operators in Switzerland, the US and the UK launched their own consumer mobile 5G services.

With operators investing huge amounts in the new technology, they will need to launch their products and services at the right price.

Here we look at 5G tariffs by dividing them into two categories: unlimited and limited data plans.

Unlimited
With 4G, we saw operators move towards data-centric operating models. It is therefore interesting to compare unlimited 4G and 5G plans available.

Since the devices offered in bundled packages vary from market to market, we will predominantly focus on SIM only plans.

As one would expect, at least for the operators that have launched so far, unlimited 5G tariffs are more expensive than 4G.

Based on operators’ data, the average monthly 5G tariff is around $89 compared with $68 for 4G (see chart, below, click to enlarge).

[1]The difference in average cost between 5G and 4G unlimited plans varies from $5 to $72 per month. Some of the variation can be explained by the various extras offered by the operators.

Operators can prevent excessive usage by either adding fixed data caps or by throttling speeds once a certain amount of data has been consumed. KT’s 5G slim package for example reduces speed to 1Mb/s once 8GB of data has been expended in a month.

South Korea
KT has one of the widest gap in pricing with a $51 difference between unlimited 5G and 4G plans. The 5G average monthly tariff however, comes with up to a 50 per cent discount on premium family along with unlimited data roaming at up to 3Mb/s and VVIP Membership.

At the other end of the scale, LG Uplus 5G prices are only $5 higher than 4G. The extras include unlimited national calls, SMS and Mobile TV, these benefits are also available on its 4G packages.

SK Telecom (SKT), has a $9 gap: the lowest-priced 5G unlimited plan at $80 is actually cheaper than the 4G plan from this operator, but does not come with any extras beyond free calls and texts.

USA
Verizon was the first US operator to offer 5G and its average tariff is the lowest of any of the investigated unlimited plans.

Prices are an average of $18 higher than 4G, but come with free roaming in Canada and Mexico along with Apple Music.

Europe
Switzerland was the first country with commercial 5G services in Europe: the higher cost of tariffs in this market are to be expected with it consistently coming top of the list of most expensive countries.

There is a huge $72 gap between the average cost of unlimited 5G and 4G packages with incumbent Swisscom, but users can chose to pay $198 for a 1Gb/s service, or $89 for 300Mb/s. Both include free roaming in Europe, Canada and USA, plus free Swisscom TV.

Sunrise, the second Swiss operator, simply offers 5G services for an extra $10 on top of its 4G unlimited plans, which equates to either $74 for the standard package or $105 with roaming.

In May, EE became the first operator to launch 5G in the UK. As with 4G, the operator has a policy of offering capped data packages and so unlimited data is not available.

We expect a more harmonised unlimited 5G tariffs across various countries once all the main operators have launched 5G services. This pattern will continue until challenger brands push the prices down to the level of current monthly 4G plans.

Limited data plans
These allow operators more control over the volume of data on their networks, while also enabling customers with less intensive data needs to get a flavour of 5G at a lower price point. Operators can also expect many customers, having experienced the power of high speed data, to upgrade to a larger or unlimited data package in the future.

Overall, the average cost for 1 GB data on 4G is $17 compared with $13 on 5G (see chart, below, click to enlarge). While customers will, in many cases, be able to get the same amount of data for a lower price, the faster speeds mean that more data may be consumed.

[2]South Korea
Operators offer substantial allowances on their limited plans. SKT’s allowance is 200GB per month for $63 USD, equating to a cost per GB of $0.32. Servicing the other end of the market, KT’s 5G plan provides 8GB a month for $46, averaging $5.75 per GB.

LG Uplus currently provides plans to service both ends of the market. Its high use tariff provides 150GB a month for $63 ($0.42 per GB), while lower volume users can opt for 9GB at $46 ($5.11 per GB). Both of these plans come with mobile TV and tethering.

Switzerland
Sunrise in Switzerland is the exception to this rule, with 5G cost per GB an average of $13 USD higher than 4G.

USA
Verizon has not yet introduced 5G limited data plans however this is likely to change in the future as other operator launches introduce competition.

UK
EE launched one the cheapest 5G plans in terms of cost per GB, at an average of $1.40. By selecting one of the larger packages, customers can bring the cost down to as low as $1.

Over time, 5G will become mainstream and, as with earlier generations, it will be included in standard tariffs. For the time being however, especially in the case of unlimited plans, customers should in many cases expect to pay a premium for the faster service.

Operators might also consider differentiating their 5G tariffs based not only on the amount of data in each package, but also by network performance indicators such as throughput and latency rates.

– Qmars Safikhani – senior forecast analyst, GSMA Intelligence

The editorial views expressed in this article are solely those of the author and will not necessarily reflect the views of the GSMA, its Members or Associate Members.

[1] https://www.mobileworldlive.com/wp-content/uploads/2019/06/GSMAi_Average_Unlimited_Data_Plan_Tariffs.png
[2] https://www.mobileworldlive.com/wp-content/uploads/2019/06/GSMAi_Average_Limited_Data_Plan_Tariffs.png

I moderated the final panel of GSMA’s Mobile 360 Security for 5G event last week on a topic with potentially high controversy value: Certification and securing the 5G supply chain.

It was the starting point for four security veterans to debate the pros and cons of certification and, of course, touching on implications for the 5G supply chain given the current US-China political climate.

That this panel session also allowed anonymous questions to be asked only added to a sense of danger that the topic could be hijacked by geopolitical discussions.

What came out of the panel was more constructive than I had anticipated. Our head of GSMA Intelligence, Peter Jarich, summarised the key messages from the event’s first day via last week’s blog [1] on why security needs to be top of mind for 5G. However, our panel, on top of highlighting the specific risks arising from a 5G supply chain and discussing certification, offered three additional takeaways for individuals, the telecoms industry and the wider 5G ecosystem regarding the provision of the security assurance necessary for a resilient 5G supply chain.

Certification should lead to building a company’s cyber-resilience
The GSMA’s Network Equipment Security Assurance Scheme (NESAS) is an existing voluntary framework jointly defined with the 3GPP to provide a security baseline which demonstrates network equipment satisfies security requirements in vendor development and product lifecycle processes.

In March, the European Commission announced the EU Cybersecurity Act, which will include a European-wide cybersecurity certification framework related to 5G.

These schemes provide the necessary security assurances from network equipment manufacturers to operators, but also the visibility of the security status of network equipment to the other up- and downstream suppliers. These are only two examples of certification designed to provide an industry-accepted guidance for operators and equipment manufacturers to gain awareness of the security risks that may reside in their 5G systems as they deploy the networks.

With these schemes focused on certifying network components in a way that is achievable by the ecosystem, the scope and intent of certification may therefore be limited and give the wrong impression. The panel warned about the real possibility that individuals and companies would perceive certification as a tick-the-box exercise. Instead, they suggest certification should be framed to influence the behaviours of individuals and companies that entrench and practice “good” security habits. These desired outcomes exceed the scope of NESAS or the EU Cybersecurity Act certification framework, going beyond technology to include assurances on the company’s security operations and business culture.

What is needed is to reframe the security question: our industry should consider a metric that indicates a company’s cyber-resilience in a 5G era. While it is difficult to define something enabling like-for-like comparison, some kind of measure is essential, if only to be able to contribute to the telecoms sector and the wider 5G ecosystem security awareness.

I will be keen to explore how a 5G trust model might facilitate building a more resilient 5G network: watch this space.

Experiment, learn, iterate; then collaborate, cooperate and cultivate
A clear message from the event was that specific 5G security and service requirements are currently unknown to both enterprises and the ecosystem of operators, network equipment manufacturers and software vendors. In the UK, the Department of Culture, Media and Sport (DCMS) runs 5G testbeds and pilots to help discover use cases including enterprise needs and security requirements. Such experiments are also being conducted by various cross-industry organisations, including efforts from GSMA. The panel called for wider dissemination of learning points across the 5G ecosystem, to build the wealth of security research for 5G network systems.

An area of experimentation currently not yet explored in great detail is the possibility of security testing for failure. Our panel offered the example of the Chaos Monkey tool, an engineering concept of deliberately testing for network resilience by randomly disabling computers. Such an idea may be contrary to traditional telecoms principles, but the learning points at this initial 5G experimentation stage could enhance the scope of available security research of 5G systems.

Change the incentives
In the run-up to this event, I filled in for Peter on GSMAi’s weekly Data Point covering revenue for IoT security. Our IoT data estimates the share of security revenue to total revenue would grow from 1 per cent in 2018 to only 3 per cent by 2025, to reach $28 billion. For a comparison, IoT connectivity revenue is expected to make 5 per cent by 2025.

The 3 per cent understates the actual importance of IoT security, but also reflects the challenges in building the RoI case for investing in security.

Though 5G is more than IoT, the incentives equation remains the same. What is the best way for companies to build their business case to request additional funding to address 5G security issues?

As operators and the broader 5G ecosystem consider what enterprise will require as 5G security services, another alternative to the incentive challenge is to consider offering bug bounties. The panel suggested operators and network equipment manufacturers could encourage white hat hackers to conduct security research on 5G networks, an activity with much higher entry barriers than traditional enterprise IT security research. The learnings will form the knowledge base on which the broader 5G ecosystem of operators, equipment vendors, software providers, cloud services and vertical industry companies can build their awareness and visibility of security risks.

By the end of the event, I sensed the conversation around security for 5G is only just beginning. Being at this early start of the journey means we are still able to experiment and refine our efforts to build cyber-resilience in our 5G systems and the kind of services we as individuals and companies would consume.

I have received compliments for a candid and wide-ranging panel discussion, but all the good work comes from the panellists who conducted a rather lively exchange of views on this topic. See for yourself here [2].

– Yiru Zhong – lead analyst, IoT and Enterprise, GSMA Intelligence

The editorial views expressed in this article are solely those of the author and will not necessarily reflect the views of the GSMA, its Members or Associate Members.

[1] https://www.mobileworldlive.com/blog/intelligence-brief-should-we-worry-about-5g-security/
[2] https://www.mobileworldlive.com/mobile-360-security-for-5g-hague-2019-livestream/