Editing SIM card (section)

== Data ==

SIM cards store network-specific information used to authenticate and identify subscribers on the network. The most important of these are the ICCID, IMSI, [[#Authentication key|authentication key (K<sub>i</sub>)]], local area identity (LAI) and operator-specific emergency number. The SIM also stores other carrier-specific data such as the SMSC ([[Short Message service center]]) number, service provider name (SPN), service dialing numbers (SDN), advice-of-charge parameters and value-added service (VAS) applications. (Refer to GSM 11.11.<ref>{{cite web|url=http://www.3gpp.org/dynareport/1111.htm|title=3GPP specification: 11.11|access-date=29 April 2016|archive-date=18 August 2016|archive-url=https://web.archive.org/web/20160818100100/http://www.3gpp.org/dynareport/1111.htm|url-status=live}}</ref>)

SIM cards can come in various data capacities, from {{nowrap|8 KB}} to at least {{nowrap|256 KB}}.<ref name=":2" /> All can store a maximum of 250 contacts on the SIM, but while the {{nowrap|32 KB}} has room for 33 [[Mobile country code]] (MCCs) or ''network identifiers'', the {{nowrap|64 KB}} version has room for 80 MNCs.<ref name=":4" /> This is used by network operators to store data on preferred networks, mostly used when the SIM is not in its home network but is [[roaming]]. The network operator that issued the SIM card can use this to have a phone connect to a preferred network that is more economic for the provider instead of having to pay the network operator that the phone discovered first. This does not mean that a phone containing this SIM card can connect to a maximum of only 33 or 80 networks, instead it means that the SIM card issuer can specify only up to that number of preferred networks. If a SIM is outside these preferred networks, it uses the first or best available network.<ref name=":3" />

=== ICCID ===
Each SIM is internationally identified by its '''integrated circuit card identifier''' ('''ICCID'''). Nowadays ICCID numbers are also used to identify eSIM profiles, not only physical SIM cards. ICCIDs are stored in the SIM cards and are also engraved or printed on the SIM card body during a process called personalisation.

The ICCID is defined by the ITU-T recommendation [[E.118]] as the ''primary account number''.<ref>ITU-T, ITU-T Recommendation [[E.118]], The international telecommunication charge card, [http://www.itu.int/rec/T-REC-E.118 Revision history] {{Webarchive|url=https://web.archive.org/web/20121017235304/http://www.itu.int/rec/T-REC-E.118 |date=17 October 2012 }}, [http://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-E.118-200605-I!!PDF-E&type=items Revision "05/2006"] </ref> Its layout is based on [[ISO/IEC 7812]]. According to E.118, the number can be up to 19 digits long, including a single check digit calculated using the [[Luhn algorithm]]. However, the GSM Phase 1<ref>ETSI, ETSI Recommendation GSM 11.11, Specifications of the SIM-ME Interface, [http://www.3gpp.org/ftp/Specs/archive/11_series/11.11/1111-3G0.ZIP Version 3.16.0] {{Webarchive|url=https://web.archive.org/web/20071127095112/http://www.3gpp.org/ftp/Specs/archive/11_series/11.11/1111-3g0.zip |date=27 November 2007 }}</ref> defined the ICCID length as an opaque data field, 10 octets (20 digits) in length, whose structure is specific to a [[mobile network operator]].

The number is composed of three subparts:
*Issuer identification number (IIN)
*Check digit
*Individual account identification
Their format is as follows.

'''Issuer identification number (IIN)'''

* Maximum of seven digits:
** Major industry identifier (MII), 2 fixed digits, '''89''' for telecommunication purposes.
** [[List of country calling codes|Country code]], 2 or 3 digits, as defined by [[ITU-T]] recommendation [[E.164]].
*** [[North American Numbering Plan|NANP]] countries, apart from Canada, use '''01''', i.e. prepending a zero to their common calling code +1
*** [[Canada]] uses '''302'''
*** [[Russia]] uses '''701''', i.e. appending 01 to its calling code +7
*** [[Kazakhstan]] uses '''997''', even though it shares the calling code +7 with Russia
** Issuer identifier, 1–4 digits.
** Often identical to the [[Mobile country code]] (MCC).<ref name=":5" />

'''Individual account identification'''
* Its length is variable, but every number under one IIN has the same length.
** Often identical to the [[Mobile identification number]] (MIN).<ref name="Chen" />

'''Check digit'''
* Single digit calculated from the other digits using the [[Luhn algorithm]].

With the GSM Phase 1 specification using 10 [[Octet (computing)|octets]] into which ICCID is stored as packed BCD{{clarify|date=February 2024}}, the data field has room for 20 digits with hexadecimal digit "F" being used as filler when necessary.  In practice, this means that on GSM  cards there are 20-digit (19+1) and 19-digit (18+1) ICCIDs in use, depending upon the issuer. However, a single issuer always uses the same size for its ICCIDs.

As required by E.118, the ITU-T updates a list of all current internationally assigned IIN codes in its Operational Bulletins which are published twice a month (the last as of January 2019 was No. 1163 from 1 January 2019).<ref>{{cite web|url=https://www.itu.int/pub/T-SP-OB.1163-2019|title=Operational Bulletin No. 1163 (1.I.2019)|website=www.itu.int|language=en-US|access-date=2019-01-05|archive-date=5 January 2019|archive-url=https://web.archive.org/web/20190105165046/https://www.itu.int/pub/T-SP-OB.1163-2019|url-status=live}}</ref> ITU-T also publishes complete lists: as of August 2023, the list issued on 1 December 2018 was current, having all issuer identifier numbers before 1 December 2018.<ref>{{cite web|url=https://www.itu.int/pub/T-SP-E.118-2018|title=List of issuer identifier numbers for the international telecommunication charge card (in accordance with Recommendation ITU-T E.118 (05/2006))|date=5 January 2015|website=International Telecommunication Union|access-date=4 January 2019|archive-date=5 January 2019|archive-url=https://web.archive.org/web/20190105060539/https://www.itu.int/pub/T-SP-E.118-2018|url-status=live}}</ref>

=== International mobile subscriber identity (IMSI) ===
SIM cards are identified on their individual operator networks by a unique ''[[international mobile subscriber identity]]'' (IMSI). [[Mobile network operator]]s connect mobile phone calls and communicate with their market SIM cards using their IMSIs. The format is:
* The first three digits represent the [[Mobile country code]] (MCC).
* The next two or three digits represent the [[Mobile network code]] (MNC). Three-digit MNC codes are allowed by E.212 but are mainly used in the United States and Canada. One MCC can have both 2 digit and 3 digit MNCs, an example is 350 007.
* The next digits represent the [[Mobile identification number]] (MSIN).
* Normally there are 10 digits, but can be fewer in the case of a 3-digit MNC or if national regulations indicate that the total length of the IMSI should be less than 15 digits.
* Digits are different from country to country.
{{Anchor|Authentication key}}

=== Authentication key (K<sub>i</sub>) ===
The K<sub>i</sub> is a 128-bit value used in authenticating the SIMs on a [[GSM]] mobile network (for USIM network, the K{{sub|i}} is still needed but other parameters are also needed). Each SIM holds a unique K<sub>i</sub> assigned to it by the operator during the personalisation process. The K<sub>i</sub> is also stored in a database (termed [[network switching subsystem#Authentication centre (AuC)|authentication center]] or AuC) on the carrier's network.

The SIM card is designed to prevent someone from getting the K<sub>i</sub> by using the [[(U)SIM interface|smart-card interface]]. Instead, the SIM card provides a function, ''Run GSM Algorithm'', that the phone uses to pass data to the SIM card to be signed with the K<sub>i</sub>. This, by design, makes using the SIM card mandatory unless the K<sub>i</sub> can be extracted from the SIM card, or the carrier is willing to reveal the K<sub>i</sub>. In practice, the GSM cryptographic algorithm for computing a signed response (SRES_1/SRES_2: see steps 3 and 4, below) from the K<sub>i</sub> has certain vulnerabilities<ref name=":4">{{cite news |title= Hackers crack open mobile network |url= https://www.bbc.co.uk/news/technology-13013577 |publisher= bbc.co.uk |access-date= 13 August 2011 |date= 20 April 2011 |archive-date= 12 August 2011 |archive-url= https://web.archive.org/web/20110812103131/http://www.bbc.co.uk/news/technology-13013577 |url-status= live }}</ref> that can allow the extraction of the K<sub>i</sub> from a SIM card and the making of a [[Phone cloning|duplicate SIM card]].

Authentication process:

# When the mobile equipment starts up, it obtains the international mobile subscriber identity (IMSI) from the SIM card, and passes this to the mobile operator, requesting access and authentication. The mobile equipment may have to pass a PIN to the SIM card before the SIM card reveals this information.
# The operator network searches its database for the incoming IMSI and its associated K<sub>i</sub>.
# The operator network then generates a random number (RAND, which is a [[cryptographic nonce|nonce]]) and signs it with the K<sub>i</sub> associated with the IMSI (and stored on the SIM card), computing another number, that is split into the Signed Response 1 (SRES_1, 32 bits) and the encryption key K<sub>c</sub> (64 bits).
# The operator network then sends the RAND to the mobile equipment, which passes it to the SIM card. The SIM card signs it with its K<sub>i</sub>, producing Signed Response 2 (SRES_2) and K<sub>c</sub>, which it gives to the mobile equipment. The mobile equipment passes SRES_2 on to the operator network.
# The operator network then compares its computed SRES_1 with the computed SRES_2 that the mobile equipment returned. If the two numbers match, the SIM is authenticated and the mobile equipment is granted access to the operator's network. K<sub>c</sub> is used to encrypt all further communications between the mobile equipment and the operator.

=== Location area identity ===
The SIM stores network state information, which is received from the [[location area identity]] (LAI). Operator networks are divided into location areas, each having a unique LAI number. When the device changes locations, it stores the new LAI to the SIM and sends it back to the operator network with its new location. If the device is power cycled, it takes data off the SIM, and searches for the prior LAI.

=== SMS messages and contacts ===
Most SIM cards store a number of SMS messages and phone book contacts. It stores the contacts in simple "name and number" pairs. Entries that contain multiple phone numbers and additional phone numbers are usually not stored on the SIM card. When a user tries to copy such entries to a SIM, the handset's software breaks them into multiple entries, discarding information that is not a phone number. The number of contacts and messages stored depends on the SIM; early models stored as few as five messages and 20 contacts, while modern SIM cards can usually store over 250 contacts.<ref name=":6" />