SIM card
A SIM (Subscriber Identity Module) card is an integrated circuit (IC) intended to securely store an international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephone devices (such as mobile phones and laptops). Technically the actual physical card is known as a universal integrated circuit card (UICC); this smart card is usually made of PVC with embedded contacts and semiconductors, with the SIM as its primary component. In practice the term "SIM card" is still used to refer to the entire unit and not simply the IC.
"Micro-SIM" redirects here. For the company, see MicroSim Corporation.
A SIM contains a unique serial number, integrated circuit card identification (ICCID), international mobile subscriber identity (IMSI) number, security authentication and ciphering information, temporary information related to the local network, a list of the services the user has access to, and four passwords: a personal identification number (PIN) for ordinary use, and a personal unblocking key (PUK) for PIN unlocking as well as a second pair (called PIN2 and PUK2 respectively) which are used for managing fixed dialing number and some other functionality.[1][2] In Europe, the serial SIM number (SSN) is also sometimes accompanied by an international article number (IAN) or a European article number (EAN) required when registering online for the subscription of a prepaid card. It is also possible to store contact information on many SIM cards.
SIMs are always used on GSM phones; for CDMA phones, they are needed only for LTE-capable handsets. SIM cards are also used in satellite phones, smart watches, computers, or cameras.[3]
The first SIM cards were the size of credit and bank cards. Sizes were reduced several times over the years, usually keeping electrical contacts the same, to fit smaller-sized devices.[4]
SIMs are transferable between different mobile devices by removing the card itself. As of 2020, eSIM is superseding physical SIM cards in some domains, including cellular telephony. eSIM uses a software-based SIM embedded into an irremovable eUICC.
History and procurement[edit]
The SIM card is a type of smart card,[3] the basis for which is the silicon integrated circuit (IC) chip.[5] The idea of incorporating a silicon IC chip onto a plastic card originates from the late 1960s.[5] Smart cards have since used MOS integrated circuit chips, along with MOS memory technologies such as flash memory and EEPROM (electrically EPROM).[6]
The SIM was initially specified by the ETSI in the specification TS 11.11. This describes the physical and logical behaviour of the SIM. With the development of UMTS, the specification work was partially transferred to 3GPP. 3GPP is now responsible for the further development of applications like SIM (TS 51.011[7]) and USIM (TS 31.102[8]) and ETSI for the further development of the physical card UICC.
The first SIM card was developed in 1991 by Munich smart-card maker Giesecke+Devrient, who sold the first 300 SIM cards to the Finnish wireless network operator Radiolinja.[9][10]
Today (2023), SIM cards are ubiquitous, allowing over 8 billion devices to connect to cellular networks around the world. According to the International Card Manufacturers Association (ICMA), there were 5.4 billion SIM cards manufactured globally in 2016 creating over $6.5 billion in revenue for traditional SIM card vendors.[11] The rise of cellular IoT and 5G networks was predicted by Ericsson to drive the growth of the addressable market for SIM cards to over 20 billion devices by 2020.[12] The introduction of embedded-SIM (eSIM) and remote SIM provisioning (RSP) from the GSMA[13] may disrupt the traditional SIM card ecosystem with the entrance of new players specializing in "digital" SIM card provisioning and other value-added services for mobile network operators.[6]
Security[edit]
In July 2013, Karsten Nohl, a security researcher from SRLabs, described[33][34] vulnerabilities in some SIM cards that supported DES, which, despite its age, is still used by some operators.[34] The attack could lead to the phone being remotely cloned or let someone steal payment credentials from the SIM.[34] Further details of the research were provided at BlackHat on 31 July 2013.[34][35] In response, the International Telecommunication Union said that the development was "hugely significant" and that it would be contacting its members.[36]
In February 2015, The Intercept reported that the NSA and GCHQ had stolen the encryption keys (Ki's) used by Gemalto (now known as Thales DIS, manufacturer of 2 billion SIM cards annually) [37]), enabling these intelligence agencies to monitor voice and data communications without the knowledge or approval of cellular network providers or judicial oversight.[38] Having finished its investigation, Gemalto claimed that it has “reasonable grounds” to believe that the NSA and GCHQ carried out an operation to hack its network in 2010 and 2011, but says the number of possibly stolen keys would not have been massive.[39]
In September 2019, Cathal Mc Daid, a security researcher from Adaptive Mobile Security, described[40][41] how vulnerabilities in some SIM cards that contained the S@T Browser library were being actively exploited. This vulnerability was named Simjacker. Attackers were using the vulnerability to track the location of thousands of mobile phone users in several countries.[42] Further details of the research were provided at VirusBulletin on 3 October 2019.[43][44]