A SIM card is an embedded circuit that is designed to safely store or record the international mobile subscriber identity (IMSI).
The SIM stands for “Subscriber identity module” or “subscriber identification module”. The SIM card is used to verify and identify mobile subscribers on devices or gadgets such as mobile phones and computers.
SIM cards are primarily used to record and keep contact information. SIM cards can be used on not just mobile phones and computers, but also satellite phones, cameras and smartwatches.
The circuit of a SIM card is one of the parts of the function of a universal integrated circuit card (UICC) physical smart card. This is usually made of integrated contacts and semiconductors with PVC.
SIM cards are designed to be transferable between different mobile devices. That’s why phone users can easily remove SIM cards from one phone and insert it into another.
The first universal integrated circuit cards were as big as credit and bank cards. Over time, these sizes were diminished while maintaining electrical contacts at the same time despite the reduction in the size of the card.
If you look at modern-day sim cards, a large one can easily be cut down into a much smaller size because the circuit itself that contains all the needed information is on the smallest part of the card’s body.
Every SIM card has a unique serial number known as ICCID, an international mobile subscriber identity number, security verification and ciphering information.
It also contains local network-related temporary data, a compilation of the services the user has access to and two passkeys. These pass keys or passwords are two in number, which includes the PIN and PUK.
The PIN is for ordinary use while PUK (Personal Unblocking Key) is used to unlock your PIN.
History of the SIM card
The SIM card is a smart card because it has the silicon integrated circuit (IC) chip. In the late ’60s, the idea of integrating a silicon integrated circuit chip onto the surface of a plastic card was developed.
Since then, smart cards have adopted such IC chips along with MOS memory techs such as Electrically Erasable Programmable Read-Only Memory (EEPROM) and flash memory.
In 1991, the first-ever SIM card was invented by Munich smart-card maker, and Giesecke & Devrient. The company subsequently sold the first 300 SIM cards to the Finnish wireless network operator, Radiolinja.
Fast forward to the present day, SIM cards are omnipresent, enabling over 7 billion devices to be connected to mobile, wireless networks worldwide.
The International Card Manufacturers Association (ICMA) stated that there were approximately 5.4 billion SIM cards manufactured worldwide in 2016, turning over revenue of more than $6.5 billion for traditional SIM card sellers.
The growth and advancement of cellular Internet of Things (IoT) and 5G networks are speculated to boost the growth of the addressable market for SIM card producers to over 20 billion cellular devices this year.
The advent of Embedded SIM (eSIM) and remote SIM provisioning (RSP) from the GSMA tends to disturb the ecosystem of the traditional SIM card with the introduction of new players specialising in “digital” SIM card provisioning and other value-added services for mobile network operators.
Data and Storage
SIM cards utilise network-specific information to verify and identify network subscribers. Of this information, the most utilised includes the ICCID, IMSI, Local Area Identity (LAI), Authentication Key (KI) and operator-specific Emergency number.
Other information stored by the SOM includes Service Provider Name (SPN), Service Dialing Numbers (SDN), Advice-of-charge parameters, SMSC (short message centre) number and Value Added Service (VAS) applications.
SIM cards have various data storage capacities ranging from 8KB to at least 256K. Two hundred fifty contacts are the maximum limit they can take. The 32KB version has space for 22 mobile network codes (MNCs). These network codes can also be called network identifiers. The 64KB version has space for 80 mobile network identifiers.
This version is used by network operators for data storage on choice networks, particularly when the SIM is not in its home network but roaming. The network operator that issued the card can use this to connect a device to the network that is economical for the service provider rather than paying the network operator that the phone ‘saw’ first.
However, this does not mean that a device carrying this SIM card can’t connect to a network range beyond 33 or 80 networks. It just means that issuer of the SIM card can specify only up to that particular number of choice networks.
If a SIM is outside this choice, it uses the first or best available network.
Integrated Circuit Card Identifier
Every SIM card is identified internationally by its integrated circuit card identifier (ICCID). The ICCID is the identifier of the SIM card itself, i.e. an identifier for the chip of the SIM.
Presently, ICCID numbers are also utilised to identify eSIM profiles. ICCIDs are recorded in the SIM cards and are also engraved or imprinted on the SIM card body during a process known as personalisation. The ICCID is distinguished by the ITU-T recommendation E.118 as the Primary Account Number.
Its layout is founded on ISO/IEC 7812. According to E.118, the length of such a number can be up to 22 digits. This will include a single check digit calculated using the Luhn algorithm.
However, the GSM Phase 1 defined the ICCID length as an opaque data field, ten octets (20 digits) in length, whose structure is specific to a mobile network operator.
The number is composed of the following:
Issuer identification number (IIN)
Maximum of seven digits:
- Major industry identifier (MII), two fixed digits, 89 for telecommunication
- Country code, 2 or 3 digits, as stated by ITU-T recommendation E.164. NANP countries, asides Canada, use 01. Russia uses 701, Canada uses 302, i.e. appending 01 to its calling code +7, Kazakhstan uses 997, even though it shares the calling code +7 with Russia
- Issuer identifier, 1–4 digits. Often the same with the Mobile Network Code (MNC)
Individual account identification
The Individual account identification number has a variable length. But the length of every number under one IIN is constant. Often the same with the Mobile Subscription Identification Number (MSIN).
Check Digit is a single-digit calculated from the other digits using the Luhn algorithm.
Location Area Identity (LAI)
The SIM card records and secures information about the network status, which is sourced from the Location Area Identity. Networks of the operator are split into Location Areas, each having a unique LAI number.
When the phone switches locations, it records the new LAI to the SIM and transfers it back to the network of the operator with its changed location. If the device is power-cycled, it takes data off the SIM and searches for the previous Location Area Identity.
International Mobile Subscriber Identity
Individual operator networks utilise a unique International Mobile Subscriber Identity to identify SIM cards. It is also what they use to connect calls from mobile phones and enable communication with their market SIM cards.
The format is:
- The initial three digits denote the Mobile Country Code (MCC)
- The following two or three digits denote the Mobile Network Code (MNC). Then three-digit MNC codes are allowed by E.212 but are generally used in the United States and Canada
- The following digits denote the mobile subscriber identification number (MSIN). Usually, there are ten digits, but can be less in the case of a 3-digit MNC or if national regulations show that the total length of the IMSI should not be up to15 digits
- Digits varies from country to country
Authentication Key (Ki)
The Ki is a value of 128-bit that is utilised for the verification of the SIM cards on a GSM mobile network. For the USIM network, you still need Ki, but other parameters are also needed.
Every SIM contains a peculiar Ki given to it by the operator during the process of personalisation. The Ki is also secured in a database (termed authentication centre or AuC) on the network of the carrier.
The SIM card is manufactured to restrict someone from getting the Ki by using the interface of the smart-card. Rather, the SIM card provides a function, Run GSM Algorithm, that the device utilises to transfer data to the SIM card to be signed with the Ki.
This, by intention, makes utilising the SIM card compulsory unless the Ki can be removed from the SIM card, or the carrier wants to reveal the Ki.
Practically, the GSM cryptographic algorithm for computing SRES_2 from the Ki has certain vulnerabilities that can permit the removal of the Ki from a SIM card and the making of a replica SIM card.
Sim Contacts and Messages
Most SIM cards record several SMS messages and phone book contacts. It records and collates the contacts in simple “name and number” pairs. Entries that contain several phone numbers and extra phone numbers are usually not secured or recorded on the SIM card.
When a user tries to replicate such entries to a SIM, the device’s software breaks such entries into several entries, removing data that is not a phone number.
The number of messages and contacts stored depends on the SIM. Earlier models stored as few as 20 contacts and five messages, while modern SIM cards have the capacity to store over 250 contacts.
Sim Card Authentication Process
- With the start-up of the mobile equipment, the International Mobile Subscriber Identity (IMSI) is derived from the SIM card, and this is transferred to the mobile operator, asking for access and verification. The mobile equipment may transfer a PIN to the SIM card before the SIM card unveils this information
- The network of the operator navigates its database for the incoming IMSI and its affiliated Ki
- The network of the operator then produces a random number (RAND, which is a nonce) and signs it with the Ki affiliated with the IMSI (and secured on the SIM card), calculating another number, that is divided into the Signed Response 1 (SRES_1, 32 bits) and the encryption key Kc (64 bits)
- The network of the operator then transfers or transmits the RAND to the mobile equipment, which in turn transfers it to the SIM card. The SIM card then signs it with its Ki, generating SRES_2 and Kc, which it transmits to the mobile equipment. The mobile equipment transfers SRES_2 on to the network of the operator
- The network of the operator then compares its calculated SRES_1 with the calculated SRES_2 that the mobile equipment returned. When the two numbers are identical, the SIM is verified, and the mobile device is given access to the operator’s network. After this, Kc is used to encrypt all further communications between the mobile equipment and the network.
Formats and Sizes
SIM cards have been made to be lesser in size over the years. The SIM’s efficiency is independent of format or size. Full-size SIM was followed up by manufacturing of mini-SIM, micro-SIM, then ultimately, nano-SIM.
SIM cards are also designed to embed in devices.
The full-size SIM is also called the 1FF card or 1st form factor. It was the first form factor to appear. It was as big as a credit card (85.60 mm × 53.98 mm × 0.76 mm). Over time, SIMs lesser in sizes were often supplied embedded in a full-size card from which they can be extracted.
The mini-SIM is also referred to as the 2FF card. It is identical to the full-size sim on terms of the contact arrangement, and it is usually supplied embedded within a full-size card carrier, attached by several linking pieces.
This arrangement allows such a card to be used in a device that needs a full-size card and also a device that needs a mini-SIM card, after breaking the linking pieces. Since the full-size SIM is now obsolete, some suppliers regard the mini-SIM as a “standard SIM” or “regular SIM”.
The micro-SIM is also called the 3FF card, and it shares the same thickness and contact arrangements as the formats mentioned above of SIMs, but it has a diminished length and breadth.
The micro-SIM was brought in by the European Telecommunications Standards Institute (ETSI) along with SCP, 3GPP (UTRAN/GERAN), 3GPP2 (CDMA2000), ARIB, GSM Association (GSMA SCaG and GSMNA), GlobalPlatform, Liberty Alliance, and the Open Mobile Alliance (OMA). It was designed to fit into devices too miniature for a mini-SIM card.
The form factor was highlighted in the December 1998 3GPP SMG9 UMTS Working Party, which is the standards-setting body for GSM SIM cards, and the form factor was agreed upon in late 2003. The micro-SIM was manufactured for retrogressive compatibility. The major issue for retrogressive compatibility was the chip’s contact area.
Maintaining the same contact area makes the micro-SIM compatible with the older, larger SIM readers through the use of plastic cutout surrounds. The SIM was also manufactured in a way that it can run at the same speed (5 MHz) as the previous version.
The same positions and sizes of pins resulted in numerous YouTube videos and “How-to” tutorials with well-detailed instructions on how to resize a mini-SIM card to micro-SIM size.
Micro-SIM cards were brought in by various mobile service providers for the launch of the original iPad, and subsequently for smartphones, from April 2010. The iPhone 4 was the very first smartphone to use a micro-SIM card in June 2010, before many other devices followed suit.
The nano-SIM is the latest-sized SIM card or 4FF card. It was introduced on the 11th October 2012, when mobile service providers across different countries began to supply it for phones that supported the format or size.
The nano-SIM measures 0.484 in × 0.346 in × 0.026 in (12.3 mm × 8.8 mm × 0.67 mm) and diminishes the prior size to the contact area while retaining the current contact arrangements.
A miniature rim of isolating material is left to surround the contact area to prevent short circuits with the socket. Nano-SIM measures 0.026 in (0.67 mm) thick, compared to the 0.030 in (0.76 mm) of its predecessors.
4FF can be inserted into adapters for use with devices manufactured for 2FF or 3FF SIMs and is made thinner for that purpose, and mobile phone companies give a due warning about this.
The iPhone 5, released in September 2012, was the very first device to utilise a nano-SIM card. Subsequently, many other devices followed suit.