A subscriber identity module or subscriber identification module (SIM) is an integrated circuit that securely stores the International Mobile Subscriber Identity (IMSI) and the related key used to identify and authenticate subscribers on mobile telephony devices (such as mobile phones and computers).
A SIM is embedded into a removable SIM card, which can be transferred between different mobile devices. SIM cards were first made the same size as a credit card (85.60 mm × 53.98 mm × 0.76 mm). The development of physically-smaller mobile devices prompted the development of a smaller SIM card, the mini-SIM card. Mini-SIM cards have the same thickness as full-size cards, but their length and width are reduced to 25 mm × 15 mm.
A SIM card contains its unique serial number (ICCID), internationally unique number of the mobile user (IMSI), security authentication and ciphering information, temporary information related to the local network, a list of the services the user has access to and two passwords: a personal identification number (PIN) for ordinary use and a personal unblocking code (PUK) for PIN unlocking.
Contents[hide] |
The first SIM card was made in 1991 by Munich smart-card maker Giesecke & Devrient, who sold the first 300 SIM cards to the Finnish wireless network operator Radiolinja.[1]
The specification that standardized the micro-SIM form factor continues to evolve. Some features introduced recently include:
There are three operating voltages for SIM cards: 5 V, 3 V and 1.8 V (ISO/IEC 7816-3 classes A, B and C, respectively). The operating voltage of the majority of SIM cards launched before 1998 was 5 V. SIM cards produced subsequently are compatible with 3 V and 5 V or with 1.8 V and 3 V.
Dual SIM phones are now made by some mobile phone manufacturers, which save the user from carrying around a separate phone for every number. There are two types: the first allows one to switch between the SIMs, whilst the second allows both SIMs to be active simultaneously.
SIM operating systems come in two main types: native and Java Card. Native SIMs are based on proprietary, vendor-specific software, whereas the Java Card SIMs are based on standards, particularly Java Card, which is a subset of the Java programming language specifically targeted at embedded devices.[3] Java Card allows the SIM to contain programs that are hardware independent and interoperable.
SIM cards store network-specific information used to authenticate and identify subscribers on the network. The most important of these are the ICCID, IMSI, Authentication Key (Ki), Local Area Identity (LAI) and Operator-Specific Emergency Number. The SIM also stores other carrier-specific data such as the SMSC (Short Message Service Center) number, Service Provider Name (SPN), Service Dialing Numbers (SDN), Advice-Of-Charge parameters and Value Added Service (VAS) applications. (Refer to GSM 11.11)
Each SIM is internationally identified by its integrated circuit card identifier (ICCID). ICCIDs are stored in the SIM cards and are also engraved or printed on the SIM card body during a process called personalization. The ICCID is defined by the ITU-T recommendation E.118 as the Primary Account Number.[4] Its layout is based on ISO/IEC 7812. According to E.118, the number is up to 19 digits long, including a single check digit calculated using the Luhn algorithm. However, the GSM Phase 1[5] defined the ICCID length as 10 octets with operator-specific structure.
The number is composed of the following subparts:
Maximum of seven digits:
With the GSM Phase 1 specification using 10 octets into which ICCID is stored as packed BCD, the data field has room for 20 digits with hexadecimal digit "F" being used as filler when necessary.
In practice, this means that on GSM SIM cards there are 20-digit (19+1) and 19-digit (18+1) ICCIDs in use, depending upon the issuer. However, a single issuer always uses the same size for its ICCIDs.
To confuse matters more, SIM factories seem to have varying ways of delivering electronic copies of SIM personalization datasets. Some datasets are without the ICCID checksum digit, others are with the digit.
As required by E.118, The ITU regularly publishes a list of all internationally assigned IIN codes in its Operational Bulletins. The most recent list, as of 23 December, 2011, is in Operational Bulletin No. 971
SIM cards are identified on their individual operator networks by a unique IMSI. Mobile operators connect mobile phone calls and communicate with their market SIM cards using their IMSIs. The format is:
The Ki is a 128-bit value used in authenticating the SIMs on the mobile network. Each SIM holds a unique Ki assigned to it by the operator during the personalization process. The Ki is also stored in a database (termed authentication center or AuC) on the carrier's network.
The SIM card is designed not to allow the Ki to be obtained using the smart-card interface. Instead, the SIM card provides a function, Run GSM Algorithm, that allows the phone to pass data to the SIM card to be signed with the Ki. This, by design, makes usage of the SIM card mandatory unless the Ki can be extracted from the SIM card, or the carrier is willing to reveal the Ki. In practice, the GSM cryptographic algorithm for computing SRES_2 (see step 4, below) from the Ki has certain vulnerabilities[6] that can allow the extraction of the Ki from a SIM card and the making of a duplicate SIM card.
Authentication process:
The SIM stores network state information, which is received from the Location Area Identity (LAI). Operator networks are divided into Location Areas, each having a unique LAI number. When the device changes locations, it stores the new LAI to the SIM and sends it back to the operator network with its new location. If the device is power cycled, it will take data off the SIM, and search for the prior LAI. This saves time by avoiding having to search the whole list of frequencies that the telephone normally would.
Most SIM cards will orthogonally store a number of SMS messages and phone book contacts. The contacts are stored in simple 'Name and number' pairs: entries containing multiple phone numbers and additional phone numbers will usually not be stored on the SIM card. When a user tries to copy such entries to a SIM the handset's software will break them up into multiple entries, discarding any information that isn't a phone number. The number of contacts and messages stored depends on the SIM; early models would store as few as 5 messages and 20 contacts while modern SIM cards can usually store over 250 contacts.
SIM cards are available in three standard sizes; full-size, mini-SIM, and micro-SIM. The first to appear was the full-size and is the size of a credit card (85.60 mm × 53.98 mm × 0.76 mm). A newer, more popular, version has the same thickness but has a length of 25 mm and a width of 15 mm, and has one of its corners truncated (chamfered) to prevent misinsertion. The newest incarnation, known as the micro-SIM or 3FF, has dimensions of 15 mm × 12 mm.
The mini-SIM card has the same contact arrangement as the full-size SIM card and is normally supplied within a full-size card carrier, attached by a number of linking pieces. This arrangement (defined in ISO/IEC 7810 as ID-1/000) allows for such a card to be used in a device requiring a full-size card, or to be used in a device requiring a mini-SIM card after cleanly breaking the scorings manufactured in the outline of a mini-SIM card.
For use in even smaller devices, the 3FF card or micro-SIM cards have the same thickness and contact arrangements, but the length and width are further reduced to 15 mm × 12 mm. The specifications for the 3FF card or micro-SIM also include additional functionality beyond changing the physical card size.
SIM card | Standard reference | Length (mm) | Width (mm) | Thickness (mm) |
---|---|---|---|---|
Full-size | ISO/IEC 7810:2003, ID-1 | 85.60 | 53.98 | 0.76 |
Mini-SIM | ISO/IEC 7810:2003, ID-000 | 25.00 | 15.00 | 0.76 |
Micro-SIM | ETSI TS 102 221 V9.0.0, Mini-UICC | 15.00 | 12.00 | 0.76 |
The micro-SIM was developed by the European Telecommunications Standards Institute (ETSI) along with SCP, 3GPP (UTRAN/GERAN), 3GPP2 (CDMA2000), ARIB, GSM Association (GSMA SCaG and GSMNA), GlobalPlatform, Liberty Alliance, and the Open Mobile Alliance (OMA) for the purpose of fitting into devices otherwise too small for a mini-SIM card.[2][7]
The form factor was mentioned in the Dec 1998 3GPP SMG9 UMTS Working Party, which is the standards-setting body for GSM SIM cards,[8] and the form factor was agreed upon in late 2003.[9]
The micro-SIM was created for backward compatibility. The major issue with backward compatibility was the contact area of the chip. Retaining the same contact area allows the micro-SIM to be compatible with the prior, larger SIM readers through the use of plastic cutout surrounds. The SIM was also designed to run at the same speed (5 MHz) as the prior version. The same size and positions of pins resulted in numerous "How-to" tutorials and YouTube video with detailed instructions how to cut a mini-SIM card to micro-SIM size with a sharp knife or scissors. These tutorials became very popular among first owners of iPad 3G after its release on April 30, 2010 and iPhone 4 on June 24, 2010.[10]
The chairman of EP SCP, Dr. Klaus Vedder, said[9]
A virtual SIM is a mobile phone number provided by a mobile network operator that does not require a SIM card to connect phone calls to a user's mobile phone.
USIM (Universal Subscriber Identity Module) is an application for UMTS mobile telephony running on a UICC smart card which is inserted in a 3G mobile phone. There is a common misconception to call the UICC itself a USIM, but the USIM is merely a logical entity on the physical card. It stores user subscriber information, authentication information and provides storage space for text messages and phone book contacts. The phone book on a UICC has been greatly enhanced. For authentication purposes, the USIM stores a long-term pre-shared secret key, which is shared with the Authentication Center (AuC) in the network. The USIM also verifies a sequence number that must be within a range using a window mechanism to avoid replay attacks, and is in charge of generating the session keys to be used in the confidentiality and integrity algorithms of the KASUMI block cipher in UMTS. The equivalent of USIM on CDMA networks is CSIM.
The use of SIM cards is mandatory in GSM devices.
The satellite phone networks Iridium, Thuraya and Inmarsat's BGAN also use SIM cards. Sometimes these SIM cards work in regular GSM phones and also allow GSM customers to roam in satellite networks by using their own SIM card in a satellite phone.
Japan's 2G PDC system (which will be completely shut down by 2012; SoftBank Mobile has already shut down PDC from March 31, 2010) also specifies a SIM, but this has never been implemented commercially. The specification of the interface between the Mobile Equipment and the SIM is given in the RCR STD-27 annex 4. The Subscriber Identity Module Expert Group was a committee of specialists assembled by the European Telecommunications Standards Institute (ETSI) to draw up the specifications (GSM 11.11) for interfacing between smart cards and mobile telephones. In 1994, the name SIMEG was changed to SMG9.
Japan's current and next generation cellular systems are based on W-CDMA (UMTS) and CDMA2000 and all use SIM cards.
CDMA-based devices originally did not use a removable card, and the service for these phones bound to a unique identifier contained in the handset itself. This is most prevalent in operators in the Americas. The first publication of the TIA-820 standard (also known as 3GPP2 C.S0023) in 2000 defined the Removable User Identity Module (R-UIM). Card-based CDMA devices are most prevalent in Asia.
The equivalent of a SIM in UMTS is called the Universal Integrated Circuit Card (UICC), which runs a USIM application. The UICC is still colloquially called a SIM card.
The SIM card introduced a new and significant business opportunity of mobile telecommunications operator/carrier business of the mobile virtual network operator (MVNO) which does not own or operate a cellular telecoms network, but which leases capacity from one of the network operators, and only provides a SIM card to its customers. MVNOs first appeared in Denmark, Hong Kong, Finland and the UK and today exist in over 50 countries, including most of Europe, United States, Canada, Australia and parts of Asia, and account for approximately 10% of all mobile phone subscribers around the world.
On some networks, the mobile phone is locked to its carrier SIM card, meaning that only the specific carrier's SIM cards will work. This is more common in markets where mobile phones are heavily subsidised by the carriers, and the business model depends on the customer staying with the service provider for a minimum term (typically 12 or 24 months). Common examples are the GSM networks in the United States, Canada, Australia, the UK and Poland. Many businesses offer the ability to remove the SIM lock from a phone, effectively making it possible to then use the phone on any network by inserting a different SIM card. Mostly, GSM and 3G mobile handsets can easily be unlocked and used on any suitable network with any SIM card.
In countries where the phones are not subsidised, e.g., Italy, India and Belgium, all phones are unlocked. Where the phone is not locked to its SIM card, the users can easily switch networks by simply replacing the SIM card of one network with that of another while using only one phone. This is typical, for example, among users who may want to optimise their carrier's traffic by different tariffs to different friends on different networks, or when traveling internationally.
A term used to describe software held on or running on a SIM card.[11]
|