SIM (Subscriber Identity Module) cards are probably not things you think about very much, except when you get a new phone and the card needs to be transferred from the old device to the new one, along with the phone’s stored information.
The cards themselves are simple plastic pieces with silicone chips on them, similar to those found in credit cards and hotel key cards, which contain processor and memory circuits that allow them to store up to 256 KB of digital information.
SIM cards serve an important purpose in telecommunications and mobile technology: They link a physical device with the owner’s account, making it possible to route calls for individuals to the right device and allowing phone companies to accurately measure utilization and charge subscribers for their service.
What Is a SIM Card?
How Do SIM Cards Work?
How Do SIM Cards Work?
Along with making data transfer much easier between devices, SIM cards are also an important personal identifier for a phone, its phone service and related user activity, acting as an ID badge for the service user and attached device. But how does a SIM card exactly do this?
Within its chip hardware, each SIM card holds unique information known as an IMSI (International Mobile Subscriber Identity) and an ICCID (Integrated Circuit Card Identifier), which are used for identification purposes.
The IMSI is stored as a 64-bit number inside the chip, and works to verify and provide security for the phone’s user. When first connecting a device to a phone service network, the IMSI and an authentication key are sent to the service provider to verify that the attached device belongs to the buying user. If both credentials match to the provider’s records, the device is then given access to the phone service network. If you’re not paying your phone bill, your IMSI is how your provider will know which user and associated device to block from its network.
As for the ICCID, this information is an 18-to-22-digit code usually embedded on the back of each SIM card, and works as a non-duplicable ID for the card itself. The digits of an ICCID tend to be a string of numbers that classify a SIM card’s designated industry, country, service provider network and unique ID. After buying and activating a SIM card, the ICCID lets mobile network operators know which network to connect your card and associated device to. If you live in the United States and have Verizon as your registered service provider, for instance, your ICCID would reflect this information.
Types of SIM Cards
Mobile technology has rapidly changed since the SIM card’s debut in 1991, calling for different adaptations in the card’s hardware and leading to five main types of SIM cards.
Types of SIM Cards
- Embedded (eSIM)
Full-Size SIM Card
The full-size, standard or 1FF SIM card is the original and largest of the card types. About the size of a credit card, full-size SIM cards are typically found in older cellphone models from the early to mid-1990s.
Mini SIM Card
The mini-SIM or 2FF SIM card significantly cut down the size of cards from an approximate three to one inch length. Mini-SIM cards were used in phones like the iPhone 3GS, and can typically be found in other models from the late 1990s to early 2000s.
Micro SIM Card
The micro-SIM or 3FF SIM card gets even closer to the most recent size iteration, at just around half an inch in length and width. Micro-SIM cards can be found in phones like the iPhone 4 and other models released in the early to mid-2010s.
Nano SIM Card
Widely popular for mobile phones created today, the nano-SIM or 4FF SIM card is the smallest physical card type and is compatible with most modern iOS and Android devices. Nano-SIM cards are used in phone models like the iPhone 5 up to the iPhone 13.
Embedded SIM Card
The Embedded SIM or eSIM card is the first entirely digital card type and also the newest type being used. eSIM cards are completely software-based and built into a mobile device, allowing users to activate a service plan without a physical card. Phone models like the iPhone 14, iPhone XS and later all use eSIM technology.
When utilized in an iPhone, Apple reports that a user can install over eight eSIMs and use two phone numbers at the same time.
Advantages and Disadvantages of SIM Cards
Advantage: Easier Phone Use While Traveling
Having an identifying card that is separate from the mobile device has its advantages, such as when a phone user travels abroad. Instead of paying high international rates through a home-country phone provider or getting a completely new phone, a traveler can purchase another SIM card from a carrier that operates within the destination area for a low price. All of the data and applications on the physical device would still be accessible, and once the user returns from the trip, the original SIM card can be switched back.
“Back when we traveled, my family members all just bought different SIM cards,” said Paige Hanson, chief of cyber safety education at Norton LifeLock. “Instead of paying extra to get an international plan, it was so easy to just swap it out — it works great in that country and it has a certain amount of data to use. It was almost thought of as a convenience, or paying less.”
While switching out SIM cards might be convenient during international travel, there’s always the possibility a card that’s been removed could get lost. SIM cards also tie customers to their service providers, because switching providers usually involves getting a new physical SIM card — not very difficult, but it may deter users due to the inconvenience.
Advantage: Quickly Swappable Into New Devices
And in a pinch, a user’s SIM card can be easily removed from a defective phone and inserted into a different device. If the user’s phone suddenly dies and they need to receive an important call, the SIM card can be switched into a friend’s phone and still receive calls and messages.
Disadvantage: Inflates Phone Bills While Traveling
But some argue it’s time to move on from SIM cards — that as an out-of-date technology, they may actually be hindering progress and inflating phone bills, especially during travel. If you choose to keep your original SIM card while going abroad, international roaming and data charges can be tracked and quickly add up, making for an inflated phone bill upon return. Depending on the country you visit, rates also will vary, and can catch users by surprise if an international service plan isn’t set up beforehand.
Disadvantage: Vulnerable to Threats
One of the risks associated with SIM cards is a cyber attack called SIM swapping. Attackers convince a service provider that the attacker is one of the provider’s existing customers, and then they ask for the victim’s existing account to be transferred to a new SIM card the attacker purchased.
Because there is no way, aside from SIM cards, for providers to detect whether a physical device belongs to the account holder, this attack results in the victim’s account being transferred to the attacker’s new SIM card, which the attacker can then use on any phone.
Hanson said SIM swapping has become even more of a risk in recent years, as more account transactions have become virtual.
“Each company has a call center, and they’re going to have a series of authentication questions that they ask to verify what they think is their wireless customer,” Hanson said. “As long as you answer those questions successfully, then you’re able to act as if you are the actual customer.”
Attackers have many ways of obtaining the information they need to successfully get past authentication questions. They can target customers whose personal information has been compromised in previous hacks, or customers who have posted relevant information online themselves.
Once a customer becomes the victim of a successful SIM swapping attack, their phone will no longer work properly. The customer won’t be able to make outgoing calls or receive incoming calls and messages.
As a result, attackers have a limited window of time to use the account before the customer figures out there is a problem — but that doesn’t mean attackers can’t do considerable damage. Many services and websites use phone calls or text messages to authenticate users. Attackers who have access to a customer’s account through a new SIM card can get past those barriers and many two-factor authentication processes.
The Future of SIM Cards
It appears that SIMs are going to be part of mobile communications for the foreseeable future, and may even become more common for customers to have accounts with multiple providers at one time. Apple’s devices give customers the option of juggling two carriers, or having a primary provider that’s connected to an eSIM and multiple SIM cards for travel.
Or eSIMs could become the dominant type of SIM card. Although they are just as prone to SIM swapping attacks as regular SIM cards, users don’t have to worry about losing the card and having to reconfigure their account with their primary provider. Ultimately, it depends on the type of behavior customers want.
“If you’re the type of individual that needs to take out your SIM card because you’re traveling in two countries, maybe that’s not the best thing for you,” Hanson said. “But for me, for instance, an eSIM card would probably be more of a solution for what I want, because I wouldn’t be able to physically remove it.”