In 2021, there were more than 14 billion cellular devices in the world even though there were only 7 billion people. The ubiquity of these devices – but especially smartphones – has come to define the contemporary era together with climate change, antimicrobial resistance, and war. But for smartphones’ outsize mark on history, one essential component of theirs has flown somewhat under the radar: the SIM card.
What is a SIM card?
‘SIM’ stands for ‘subscriber identification module’. Specifically, it is an integrated circuit, or a microchip, that identifies the subscriber on a given network.
Imagine each cellular network is a city whose residents are identified by a number, called the international mobile subscriber identity (IMSI), and their locations by some data. The SIM card is a subscriber’s ID card in this city. When someone wishes to contact a subscriber in this city, the network uses the subscriber’s SIM card to find them and confirm their identity.
In order for a mobile phone to connect to any cellular network that follows the Global System for Mobile Communications (GSM) standard, a SIM card is mandatory. This relationship is established using a unique authentication key – a piece of data that a user needs to ‘unlock’ access to the network. Every SIM card stores this data and it is designed such that the user can’t access it through their phone. Instead, signals sent by the phone into the network are ‘signed’ by the key, and the network uses the signature to understand whether the phone’s connection is legitimate. It is possible to duplicate a SIM card by accessing its key and storing it in multiple cards.
SIM cards also store information about its own ID number (the integrated circuit card identifier), the IMSI, the subscriber’s location area identity (i.e. their current location), a list of preferred networks (to whom the subscriber can connect when roaming), emergency numbers, and – depending on the space available – the subscriber’s contacts and SMS messages.
How does a SIM card work?
SIM cards are designed according to the ISO/IEC 7816 international standard maintained by – as its name indicates – the International Organisation for Standardisation and the International Electrotechnical Commission. It applies to electronic identification cards, including smart cards.
In this standard, the card itself consists of the integrated circuit, which is glued to a silicon substrate on the top side. On the other side of the substrate are metal contacts, which form the gold-coloured side of the SIM card. Wires connect the integrated circuit from its bottom side to the metal contacts on the top side, and the contacts interface with the phone’s data connectors.
The metal contacts have a segmented appearance. Each segment is called a pin and has a specific purpose. For example, pin 1 collects the operating voltage that gives it the power to operate. Pin 3 is to access the SIM’s clock and pin 5 is the grounding. Pin 7 transmits data in and out of the SIM. These pin-wise roles are specified by the ISO/IEC 7816-2 standard; others, numbered 1 through 15, specify various functions of a SIM card and how they are to be implemented, from their “transmission protocols” to “cryptographic information applications”.
This is the hardware side (minus the phone’s inner workings). On the network side, the SIM helps a phone establish its place within a cellular network. When a subscriber dials a recipient’s number, the phone sends data via the network – signed by the key on the SIM card – to a telephone exchange. If the recipient is connected to the same exchange, the network establishes their identity and the call is routed to them. If the recipient is ‘located’ elsewhere, a computer connected to the network routes the call there according to the most optimum route.
How have SIM cards changed?
SIM cards are a type of smart card, and the history of smart cards begins in the late 1960s, when West German engineer Helmut Gröttrup reportedly first had the idea to stick an integrated circuit in a plastic panel the size of a credit card. The size and architecture of this microchip evolved in leaps and bounds in the subsequent decades, following Moore’s law.
The SIM card itself evolved according to the standards that defined the networks to which its users wished to connect. The European Telecommunications Standards Institute (ETSI) prepared the GSM Technical Specification 11.11 regarding the SIM card. The July 1996 edition says it “defines the interface between the SIM and the Mobile Equipment (ME) for use during the network operation phase of GSM as well as those aspects of the internal organisation of the SIM which are related to the network operation phase, within the digital cellular telecommunications system.” This is everything from its physical features – including operating temperature and “contact pressure” – to authentication and data access characteristics.
GSM concerns the second generation of cellular networks. After developing the 11.11 standard, ETSI transferred some of its responsibilities to an international consortium of seven organisations called 3GPP. (The Telecommunications Standards Development Society in India is one.) 3GPP subsequently developed the standards for the third (3G), fourth (4G), and fifth generation (5G) of networks.
Until 2G networks, the term ‘SIM card’ denoted both the hardware and the corresponding software. This changed with the advent of the Universal Mobile Telecommunications System with 3G networks, when ‘SIM’ became only the software; the hardware was called the Universal Integrated Circuit Card (UICC). The software was also upgraded to an application called Universal SIM, or USIM, which could be modified to be compatible with the identification and security requirements of 3G, 4G, and 5G networks. As a result, a UICC loaded with both SIM and USIM applications can work with networks of all generations.
What is an eSIM?
Over the years, the SIM card has shrunk from the SIM to the mini SIM to the micro SIM to the nano SIM. The latest on this path is the eSIM, with specifications defined by the GSM Association. In the eSIM paradigm, the SIM software is loaded to a UICC that is permanently installed in the mobile equipment in the factory itself, i.e. it can’t be removed. (This is called the eUICC.)
Users using mobile equipment with this capability – such as the Google Pixels 2, 3, and 4 or the iPhone 14 series – don’t have to bother with physically replacing their SIM cards when they join or switch networks. Instead, the network operator simply has to reprogram the equipment, which can also be done remotely.
An eSIM has two immediate advantages. First, it is considered to be environmentally friendlier than a physical SIM: its reprogrammability means no need for more plastic and metal for a new SIM. Second, if a malicious person gains access to your phone, they won’t be able to separately access the SIM application nor be able to duplicate it.
There are also at least two disadvantages. First, in some countries, including the U.S., eSIMs can be programmed by subscribers themselves. But this process might be difficult for those with low digital literacy, such as the elderly. Second, an eSIM can in theory allow network operators to track subscribers’ data, including inside apps on the device and especially in the absence of data privacy laws.