A SIM card is an embedded circuit that is designed to safely store or record the international mobile subscriber identity (IMSI).
The SIM stands for Subscriber identity module or subscriber identification module.
The SIM card verifies and identifies mobile subscribers on devices or gadgets such as mobile phones and computers.
SIM cards are primarily used to record and keep contact information. SIM cards can be used on mobile phones, computers, satellite phones, cameras, and smartwatches.
The circuit of a SIM card is one of the parts of the function of a universal integrated circuit card (UICC) physical smart card.
This is usually made of integrated contacts and semiconductors with PVC.
SIM cards are designed to be transferable between different mobile devices. That’s why phone users can easily remove SIM cards from one phone and insert it into another.
The first universal integrated circuit cards were as big as credit and bank cards.
Over time, these sizes were diminished while maintaining electrical contacts simultaneously despite the reduction in the size of the card.
If you look at modern-day SIM cards, a large one can easily be cut down into a much smaller size because the circuit containing all the needed information is on the smallest part of the card’s body.
Every SIM card has a unique serial number known as ICCID, an international mobile subscriber identity number, security verification, and ciphering information.
It also contains local network-related temporary data, a compilation of the services the user can access, and two passkeys.
These passkeys or passwords are two in number, which includes the PIN and PUK.
The PIN is for ordinary use, while PUK (Personal Unblocking Key) is used to unlock your PIN.
History of the SIM card
The SIM card is smart because it has a silicon integrated circuit (IC) chip. In the late 60s, the idea of integrating a silicon-integrated circuit chip onto the surface of a plastic card was developed.
Since then, smart cards have adopted such IC chips along with MOS memory techs such as Electrically Erasable Programmable Read-Only Memory (EEPROM) and flash memory.
In 1991, Munich smart-card maker Giesecke & Devrient invented the first SIM card.
The company subsequently sold the first 300 SIM cards to the Finnish wireless network operator, Radiolinja.
Fast forward to today, SIM cards are omnipresent, enabling over 7 billion devices to be connected to mobile, wireless networks worldwide.
The International Card Manufacturers Association (ICMA) stated that approximately 5.4 billion SIM cards were manufactured worldwide in 2016, turning over revenue of more than $6.5 billion for traditional SIM card sellers.
The growth and advancement of cellular Internet of Things (IoT) and 5G networks are speculated to boost the growth of the addressable market for SIM card producers to over 20 billion cellular devices this year.
The advent of Embedded SIM (eSIM) and remote SIM provisioning (RSP) from the GSMA tends to disturb the ecosystem of the traditional SIM card with the introduction of new players specializing in digital SIM card provisioning and other value-added services for mobile network operators.
Data and Storage
SIM cards utilize network-specific information to verify and identify network subscribers.
The most utilized information includes the ICCID, IMSI, Local Area Identity (LAI), Authentication Key (KI), and operator-specific Emergency number.
Other information stored by the SOM includes Service Provider Name (SPN), Service Dialing Numbers (SDN), Advice-of-charge parameters, SMSC (short message center) number, and Value Added Service (VAS) applications.
SIM cards have various data storage capacities ranging from 8KB to at least 256K. Two hundred fifty contacts are the maximum limit they can take.
The 32KB version has space for 22 mobile network codes (MNCs). These network codes can also be called network identifiers. The 64KB version has space for 80 mobile network identifiers.
This version is used by network operators for data storage on choice networks, particularly when the SIM is not in its home network but roaming.
The network operator that issued the card can use this to connect a device to the network that is economical for the service provider rather than paying the network operator that the phone saw first.
However, this does not mean that a device carrying this SIM card can’t connect to a network range beyond 33 or 80 networks.
It just means that the issuer of the SIM card can specify only up to that particular number of choice networks.
If a SIM is outside this choice, it uses the first or best available network.
Integrated Circuit Card Identifier
Every SIM card is identified internationally by its integrated circuit card identifier (ICCID). The ICCID is the identifier of the SIM card itself, i.e., an identifier for the SIM chip.
Presently, ICCID numbers are also utilized to identify eSIM profiles. ICCIDs are recorded in the SIM cards and are also engraved or imprinted on the SIM card body during a process known as personalization.
The ICCID is distinguished by the ITU-T recommendation E.118 as the Primary Account Number.
Its layout is founded on ISO/IEC 7812. According to E.118, the length of such a number can be up to 22 digits. This will include a single check digit calculated using the Luhn algorithm.
However, the GSM Phase 1 defined the ICCID length as an opaque data field, ten octets (20 digits) in length, whose structure is specific to a mobile network operator.
The number is composed of the following:
Issuer identification number (IIN)
Maximum of seven digits:
- Major industry identifier (MII), two fixed digits, 89 for telecommunication
- Country code, 2 or 3 digits, as ITU-T recommendation E.164 states. NANP countries, aside from Canada, use 01. Russia uses 701, Canada uses 302, i.e., appending 01 to its calling code +7, and Kazakhstan uses 997, even though it shares the calling code +7 with Russia
- Issuer identifier, 14 digits. Often the same with the Mobile Network Code (MNC)
Individual Account Identification
The Individual account identification number has a variable length. But the length of every number under one IIN is constant. Often the same with the Mobile Subscription Identification Number (MSIN).
Check Digit
Check Digit is a single digit calculated from the other digits using the Luhn algorithm.
Location Area Identity (LAI)
The SIM card records and secures information about the network status, which is sourced from the Location Area Identity.
The operator’s networks are split into location areas, each having a unique LAI number.
When the phone switches locations, it records the new LAI to the SIM and transfers it back to the operator’s network with its changed location.
If the device is power-cycled, it takes data off the SIM and searches for the previous Location Area Identity.
International Mobile Subscriber Identity
Individual operator networks utilize a unique International Mobile Subscriber Identity to identify SIM cards.
They also use it to connect calls from mobile phones and enable communication with their market SIM cards.
The format is:
- The initial three digits denote the Mobile Country Code (MCC)
- The following two or three digits denote the Mobile Network Code (MNC). Then, three-digit MNC codes are allowed by E.212 but are generally used in the United States and Canada.
- The following digits denote the mobile subscriber identification number (MSIN). Usually, there are ten digits, but it can be fewer in the case of a 3-digit MNC or if national regulations show that the total length of the IMSI should not be up to 15 digits.
- Digits vary from country to country.
Authentication Key (Ki)
The Ki is a value of 128-bit that is utilized to verify the SIM cards on a GSM mobile network. For the USIM network, you still need Ki, but other parameters are also needed.
Every SIM contains a peculiar Ki given to it by the operator during the process of personalization.
The Ki is also secured in a database (termed authentication centre or AuC) on the network of the carrier.
The SIM card is manufactured to restrict someone from getting the Ki by using the smart card interface.
Rather, the SIM card provides a function, Run GSM Algorithm, that the device utilizes to transfer data to the SIM card to be signed with the Ki.
This, by intention, makes utilizing the SIM card compulsory unless the Ki can be removed from the SIM card or the carrier wants to reveal the Ki.
Practically, the GSM cryptographic algorithm for computing SRES_2 from the Ki has certain vulnerabilities that can permit the removal of the Ki from a SIM card and the making of a replica SIM card.
Sim Contacts and Messages
Most SIM cards record several SMS messages and phone book contacts. It records and collates the contacts in simple name and number pairs.
Entries containing several extra phone numbers are usually unsecured or recorded on the SIM card.
When a user tries to replicate such entries to a SIM, the device’s software breaks such entries into several entries, removing data that is not a phone number.
The number of messages and contacts stored depends on the SIM. Earlier models stored as few as 20 contacts and five messages, while modern SIM cards can store over 250 contacts.
Sim Card Authentication Process
Authentication process
- With the start-up of the mobile equipment, the International Mobile Subscriber Identity (IMSI) is derived from the SIM card and transferred to the mobile operator, asking for access and verification. The mobile equipment may transfer a PIN to the SIM card before the SIM card unveils this information.
- The operator’s network navigates its database for the incoming IMSI and its affiliated Ki.
- The network of the operator then produces a random number (RAND, which is a nonce) and signs it with the Ki affiliated with the IMSI (and secured on the SIM card), calculating another number that is divided into the Signed Response 1 (SRES_1, 32 bits) and the encryption key Kc (64 bits)
- The operator’s network then transfers or transmits the RAND to the mobile equipment, which in turn transfers it to the SIM card. The SIM card then signs it with its Ki, generating SRES_2 and Kc, which it transmits to the mobile equipment. The mobile equipment transfers SRES_2 to the operator’s network.
- The operator’s network then compares its calculated SRES_1 with the calculated SRES_2 that the mobile equipment returned. When the two numbers are identical, the SIM is verified, and the mobile device is given access to the operator’s network. After this, Kc is used to encrypt all further communications between the mobile equipment and the network.
Formats and Sizes
SIM cards have been made to be smaller in size over the years. The SIM’s efficiency is independent of format or size.
Full-size SIM was followed up by manufacturing mini-SIM, micro-SIM, and then, ultimately, nano-SIM. SIM cards are also designed to be embedded in devices.
Full-Size SIM
The full-size SIM is also called the 1FF card or 1st form factor. It was the first form factor to appear. It was as big as a credit card (85.60 mm – 53.98 mm – 0.76 mm).
Over time, smaller SIMs were often supplied embedded in a full-size card from which they could be extracted.
Mini-SIM
The mini-SIM is also referred to as the 2FF card. It is identical to the full-size sim in terms of the contact arrangement, and it is usually supplied embedded within a full-size card carrier, attached by several linking pieces.
This arrangement allows such a card to be used in a device that needs a full-size card and also a device that needs a mini-SIM card after breaking the linking pieces.
Since the full-size SIM is now obsolete, some suppliers regard the mini-SIM as a standard SIM or regular SIM.
Micro SIM
The micro-SIM, also called the 3FF card, shares the same thickness and contact arrangements as the formats mentioned above of SIMs but has a diminished length and breadth.
The micro-SIM was brought in by the European Telecommunications Standards Institute (ETSI) along with SCP, 3GPP (UTRAN/GERAN), 3GPP2 (CDMA2000), ARIB, GSM Association (GSMA SCaG and GSMNA), GlobalPlatform, Liberty Alliance, and the Open Mobile Alliance (OMA). It was designed to fit into devices that are too miniature for a mini-SIM card.
The form factor was highlighted in the December 1998 3GPP SMG9 UMTS Working Party, which is the standards-setting body for GSM SIM cards, and the form factor was agreed upon in late 2003.
The micro-SIM was manufactured for retrogressive compatibility. The major issue for retrogressive compatibility was the chip’s contact area.
Maintaining the same contact area makes the micro-SIM compatible with the older, larger SIM readers through the use of plastic cutout surrounds.
The SIM was also manufactured to run at the same speed (5 MHz) as the previous version.
The same positions and sizes of pins resulted in numerous YouTube videos and How-to tutorials with well-detailed instructions on resizing a mini-SIM card to micro-SIM size.
Various mobile service providers brought in Micro-SIM cards to launch the original iPad and subsequently for smartphones from April 2010.
The iPhone 4 was the very first smartphone to use a micro-SIM card in June 2010, before many other devices followed suit.
Nano SIM
The nano-SIM is the latest-sized SIM card or 4FF card. It was introduced on the 11th of October, 2012, when mobile service providers across different countries began to supply it for phones that supported the format or size.
The nano-SIM measures 0.484 in – 0.346 in – 0.026 in (12.3 mm – 8.8 mm – 0.67 mm) and diminishes the prior size to the contact area while retaining the current contact arrangements.
A miniature rim of isolating material is left to surround the contact area to prevent short circuits with the socket.
Nano-SIM measures 0.026 in (0.67 mm) thick, compared to its predecessors’ 0.030 in (0.76 mm).
4FF can be inserted into adapters for use with devices manufactured for 2FF or 3FF SIMs and is made thinner for that purpose, and mobile phone companies give a due warning about this.
The iPhone 5, released in September 2012, was the very first device to utilize a nano-SIM card. Subsequently, many other devices followed suit.
