Subscriber Identity Module: Wikis


Note: Many of our articles have direct quotes from sources you can cite, within the Wikipedia article! This article doesn't yet, but we're working on it! See more info or our list of citable articles.


From Wikipedia, the free encyclopedia

A mini SIM card next to its electrical contacts in a Nokia 6233.

A subscriber identity module (SIM) on a removable SIM card securely stores the service-subscriber key (IMSI) used to identify a subscriber on mobile telephony devices (such as mobile phones and computers). The SIM card allows users to change phones by simply removing the SIM card from one mobile phone and inserting it into another mobile phone or broadband telephony device.

A SIM card contains its unique serial number, internationally unique number of the mobile user (IMSI), security authentication and ciphering information, temporary information related to the local network (also temporary local id that has been issued to the user), a list of the services the user has access to and two passwords (PIN for usual use and PUK for unlocking).

SIM cards are available in two standard sizes. The first is the size of a credit card (85.60 mm × 53.98 mm x 0.76 mm). The newer, more popular miniature version has a width of 15 mm, a length of 25 mm, a thickness of 0.76 mm, and has one of its corners truncated (chamfered) to prevent misinsertion. However, most SIM cards are still supplied as a full-sized card with the smaller card held in place by a few plastic links; it can easily be broken off to be used in a phone that uses the smaller SIM.

The first SIM card was made in 1991, with Munich smart card maker Giesecke & Devrient selling the first 300 SIM cards to Finnish wireless network operator Elisa Oyj (formerly Radiolinja).


Smart card technology

There are three standards for SIM cards: ISO/IEC 7816 Class A, B and C (5V, 3V and 1.8V). The operating voltage of the majority of SIM cards launched before 1998 was 5V. SIM cards produced subsequently are compatible with 3V and 5V or compatible with 1.8V and 3V.

Each SIM card stores a unique International Mobile Subscriber Identity (IMSI), of this number format:

Since a SIM card is a smart card, it also has an ICC-ID number based on International Standard ISO/IEC 7812. The maximum length of the visible card number is 20 characters; 19 digits are preferred, but telecommunication network operators who already issue Phase 1 SIM cards with an identification number length of 20 digits may retain this length. The number is composed of the following subparts:


Issuer identification number (max. 7 digits)

  • Major industry identifier (MII), 2 digits, 89 for telecommunication purposes.
  • Country code, 1-3 digits, as defined by ITU-T recommendation E.164.
  • Issuer identifier, variable.

Individual account identification

  • Individual account identification number.
  • Parity check digit.

W-SIM is a SIM card that also integrates core cellular technology into the card itself.

A virtual SIM is a mobile phone number provided by a mobile network operator that does not require a SIM card to terminate phone calls on a user's mobile phone.

Usage in mobile phone standards

SIM card for Thuraya satellite phone

The use of SIM cards is mandatory in GSM devices. The equivalent of a SIM in UMTS is called the Universal Integrated Circuit Card (UICC), which runs a USIM application, while the Removable User Identity Module (R-UIM) is more popular in CDMA-based devices e.g. CDMA2000. The UICC card is still colloquially designated a SIM card. Many CDMA-based standards do not include any removable card, and the service is bound to a unique identifier contained in the handset itself.

The satellite phone networks Iridium, Thuraya and Inmarsat's BGAN also use SIM cards. Sometimes these SIM cards work in regular GSM phones and also allow GSM customers to roam in satellite networks by using their own SIM card in a satellite phone.

The SIM card introduced a new and significant business opportunity of mobile telecoms operator/carrier business of the mobile virtual network operator (MVNO) which does not own or operate a cellular telecoms network, but which leases capacity from one of the network operators, and only provides a SIM card to its customers. MVNOs first appeared in Denmark, Hong Kong, Finland and the UK and today exist in over 50 countries including most of Europe, USA, Canada, Australia and parts of Asia and account for approximately 10% of all mobile phone subscribers around the world.

On some networks, the mobile phone is locked to its Carrier SIM card e.g. on the GSM networks in the USA and the UK. This tends to happen only in countries where mobile phones are heavily subsidised, but even then not all countries and not all operators. In the US the phones are locked to the carrier, meaning that only specific carriers' SIM cards will work. In the UK, typically, most phones with subsidies are SIM-locked.

Phones sold with a contract are often locked (SIM-locked) to the network that provided the phone, since the phones are often subsidized in return for using provider for a minimum term (typically, 12 or 24 months). For example in the UK, a phone that would cost £250 without a contract might be offered free-of-charge with an 18 month contract commitment of £30 per month (£540 commitment in total).

A plethora of online and high-street (third-party) businesses now offer the ability to remove the SIM-lock from a phone, effectively making it possible to then use the phone on any network by inserting a different SIM card. This is a useful benefit for travellers that might want to put a local SIM card into their phone when they arrive in a country, in order to minimize roaming charges. In many countries, now it is possible to buy a pre-pay SIM card just by walking into a store, and these SIM-only deals are a cost effective way to stay in contact when travelling.

Phones sold as pre-pay often come with an operator subsidy, especially in competitive mobile markets like the UK. These phones are sold not just through mobile phone stores, but also supermarkets, catalogs, stationery outlets and online; thus the mobile companies are constantly racing to the lowest price. Prepay phones come with a bundled SIM, which can be activated by the user in case the phone is bought up. The handsets are often SIM-locked to ensure that the user does not use another operator, allowing the original operator to eventually recoup its subsidy. However, because the units can be unlocked for a small fee (and even the operators themselves offer this service), units can be bought cheaply, separated from the original SIM card and sold on for a profit, perhaps in other markets, perhaps as contract phone. This is known in the industry as box breaking, and often harms the profits of the operator while allowing complicit sales staff and box breakers to reap the rewards. Note that, if a prepaid handset breaks, the SIM card (representing the prepaid account value, plus user's address book, history, etc) can typically be moved to another prepaid handset if the phone-network is the same. That is, the account is tied to the portable SIM card, not the handset, on prepaid phones. This is useful because by 2010, prepaid handsets cost less than the value a user might have stored in an account.

Mostly, GSM and 3G mobile handsets can easily be SIM-unlocked and used on any suitable network with any SIM card. A notable exception is the Apple iPhone, where in most markets Apple has gone to extreme lengths to lock-down their phones; thus they can only be used with the partner's network. This has led to a popular hack called the jail-break, which allows custom software unapproved by Apple to run on the phone. Then software can be run to unlock the phone, which frees the iPhone from the partner network; thus any SIM card can be inserted. (Note that jailbreaking, in itself, does not unlock the phone, and has other uses as well.) Apple and the hackers are locked in a war of escalation, with Apple constantly trying to close loopholes in their operating system, and the hackers finding new ways to jailbreak each version when it becomes available.

In countries where the phones are not subsidised e.g. Italy and Belgium, all phones are unlocked. Where the phone is not locked to its SIM card, the users can easily switch networks by simply replacing the SIM card of one network with that of another while using only one phone. This is typical, for example, among users who may want to optimise their telecoms traffic by different tariffs to different friends on different networks.

Dual SIM phones are now made by some mobile phone manufacturers, which save the user from carrying around a separate phone for every number. There are two types, the first, that allow one to switch between the SIMS, and the second, that allow both SIMS to be active simultaneously.

Operating systems

SIM operating systems come in two main types: native and Java Card. Native SIMs are based on proprietary, vendor specific software whereas the Java Card SIMs are based on standards, particularly Java Card which is a subset of the Java programming language specifically targeted at embedded devices. Java Card allows the SIM to contain programs that are hardware independent and interoperable.


SIM cards store network specific information used to authenticate and identify subscribers on the Network, the most important of these are the ICC-ID, IMSI, Authentication Key (Ki), Local Area Identity (LAI) and Operator-Specific Emergency Number. The SIM also stores other carrier specific data such as the SMSC (Short Message Service Center) number, Service Provider Name (SPN), Service Dialing Numbers (SDN), Advice-Of-Charge parameters and Value Added Service (VAS) applications. (look to GSM 11.11)

Integrated Circuit Card ID (ICC-ID)

Each SIM is Internationally identified by its ICC-ID. ICC-IDs are stored in the SIM cards and are also engraved or printed on the SIM card body during a process called personalization. The ICC-ID is defined by the ITU-T recommendation E.118[1]. The number is up to 19 or 20 digits long and in addition is often associated with a single check digit calculated using the Luhn algorithm.

International Mobile Subscriber Identity (IMSI)

SIM cards are identified on their individual operator networks by holding a unique IMSI. Mobile operators connect mobile phone calls and communicate with their market SIM cards using their IMSI.

Authentication key (Ki)

The Ki is a 128-bit value used in authenticating the SIMs on the mobile network. Each SIM holds a unique Ki assigned to it by the operator during the personalization process. The Ki is also stored on a database (known as Authentication Center or AuC) on the carrier's network.

The SIM card is designed not to allow the Ki to be obtained using the smart-card interface. Instead, the SIM card provides a function, Run GSM Algorithm, that allows the phone to pass data to the SIM card to be signed with the Ki. This, by design, makes usage of the SIM card mandatory unless the Ki can be extracted from the SIM card, or the carrier is willing to reveal the Ki. In practice, the GSM cryptographic algorithm for computing SRES_2 (see step 4, below) from the Ki has certain vulnerabilities which can allow the extraction of the Ki from a SIM card and the making of a duplicate SIM card.

Authentication process

  1. When the Mobile Equipment starts up, it obtains the International Mobile Subscriber Identity (IMSI) from the SIM card, and passes this to the mobile operator requesting access and authentication. The Mobile Equipment may have to pass a PIN to the SIM card before the SIM card will reveal this information.
  2. The operator network searches its database for the incoming IMSI and its associated Ki.
  3. The operator network then generates a Random Number (RAND, which is a nonce) and signs it with the Ki associated with the IMSI (and stored on the SIM card), computing another number known as Signed Response 1 (SRES_1).
  4. The operator network then sends the RAND to the Mobile Equipment, which passes it to the SIM card. The SIM card signs it with its Ki, producing SRES_2 which it gives to the Mobile Equipment along with encryption key Kc. The Mobile Equipment passes SRES_2 on to the operator network.
  5. The operator network then compares its computed SRES_1 with the computed SRES_2 that the Mobile Equipment returned. If the two numbers match the SIM is authenticated and the Mobile Equipment is granted access to the operator's network. Kc is used to encrypt all further communications between the Mobile Equipment and the network.

Location area identity

The SIM stores network state information, which is received from the Location Area Identity (LAI). Operator networks are divided into Location Areas, each having a unique LAI number. When the device changes locations, it stores the new LAI to the SIM and sends it back to the operator network with its new location. If the device is power cycled, it will take data off the SIM, and search for the previous LAI. This saves time by avoiding having to search the whole list of frequencies that the telephone normally would.

SMS messages and contacts

Most SIM cards will orthogonally store a number of SMS messages and phone book contacts. The contacts are stored in simple 'Name and number' pairs - entries containing multiple phone numbers and additional phone numbers will usually not be stored on the SIM card. When a user tries to copy such entries to a SIM the handset's software will break them up into multiple entries, discarding any information that isn't a phone number. The number of contacts and messages stored depends on the SIM; early models would store as little as 5 messages and 20 contacts while modern SIM cards can usually store over 250 contacts.

Universal Subscriber Identity Module

A 64K UICC card, that has not been removed from its larger Card

A Universal Subscriber Identity Module is an application for UMTS mobile telephony running on a UICC smart card which is inserted in a 3G mobile phone. There is a common misconception to call the UICC card itself a USIM, but the USIM is merely a logical entity on the physical card.

It stores user subscriber information, authentication information and provides storage space for text messages and phone book contacts. The phone book on a UICC has been greatly enhanced.

For authentication purposes, the USIM stores a long-term pre-shared secret key K, which is shared with the Authentication Center (AuC) in the network. The USIM also verifies a sequence number that must be within a range using a window mechanism to avoid replay attacks, and is in charge of generating the session keys CK and IK to be used in the confidentiality and integrity algorithms of the KASUMI block cipher in UMTS.

The equivalent of USIM on GSM networks is SIM, and on CDMA networks it is CSIM.


Japan's PDC system also specifies a SIM, but this has never been implemented commercially. The specification of the interface between the Mobile Equipment and the SIM is given in the RCR STD-27 annex 4. The Subscriber Identity Module Expert Group was a committee of specialists assembled by the European Telecommunications Standards Institute (ETSI) to draw up the specifications (GSM 11.11) for interfacing between smart cards and mobile telephones. In 1994, the name SIMEG was changed to SMG9.


In July 2005, the Finnish government announced that a Citizen Certificate, a government-guaranteed electronic identity included in a SIM card, would be made available to every individual resident in Finland before the end of 2005, allowing mobile phone users to access e-services on the move. The Citizen Certificate has been described as "basically an e-ID card that will be compatible with several hardware devices, such as mobile phones, PDAs, personal computers, digital TV sets, and public web kiosks". It is based on open standards and secured public key infrastructure (PKI).

This plan has been withdrawn.

See also


  1. ^ ITU-T, ITU-T Recommendation E.118, The international telecommunication charge card, Revision history, Revision "05/2006"

External links

  • GSM 11.11 - Specification of the Subscriber Identity Module - Mobile Equipment (SIM - ME) interface.
  • GSM 11.14 - Specification of the SIM Application Toolkit for the Subscriber Identity Module - Mobile Equipment (SIM - ME) interface
  • ITU-T E.118 - The International Telecommunication Charge Card. 2006 ITU-T.


Up to date as of January 15, 2010

Definition from Wiktionary, a free dictionary





Subscriber Identity Module (plural Subscriber Identity Modules)

  1. a component on a SIM card that stores information to identify a mobile phone user

See also



Got something to say? Make a comment.
Your name
Your email address