Más contenido relacionado
La actualidad más candente (20)
Similar a SIM Card Overview (20)
Más de Carlos Enrique Ortiz (8)
SIM Card Overview
- 1. SIM Cards Overview
C. Enrique Ortiz | August 2009
http://weblog.cenriqueortiz.com
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 2. What is a SIM Card?
• SIM or Subscriber Identification Module is a smart card
that is included in every cell phone of the GSM family of
networks
6 or 8-pin flat connector embedded on the top of the card
A fully fledge microcomputer with an OS
• UICC stands for Universal Integrated Circuit Card is a
new generation SIM
Source:3, Java Card 3: Classic Functionality Gets a Connectivity Boost © 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 3. More on SIM and SIM Cards
• SIM cards hold subscriber information and memory, for
example for personal directory of numbers
SIM identifies a subscriber via unique International Mobile
Subscriber Identity (IMSI)
>The first 3 digits represent the Mobile Country Code (MCC)
>The next 2 digits represent the Mobile Network Code (MNC)
>The next 10 digits represent the mobile station identification number
• SIM is the application that runs on a SIM Card
SIM is to GSM, what USIM is to UMTS & RUIM/CSIM is to
CDMA
• Today most SIM cards are based on Java Card
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 4. SIM and Smartcard Standards Standards for:
•Toolkit
•File & Auth
•APIs
•OTA
•Smartcards
ISO/IEC 14443 is the international standard for
contactless smart chips and cards that operate
(i.e., can be read from or written to) at a
distance of less than 10 centimeters (4 inches).
This standard operates at 13.56 MHz and
includes specifications for the physical
characteristics, radio frequency power and
signal interface, initialization and anti-collision
protocols and transmission protocol.
ISO/IEC 7816 is the international standard for
contact smart cards. ISO/IEC 7816 Parts 4 and
Source: Gemalto
above are used by both contact and contactless
•ETSI -- Specifications in blue smart card applications for security operations
•3GPP -- Specifications in green and red and commands for interchange.
Source: Smart Card Alliance
Java Card (classic or 3.0) Applets are built using Java and run in a JCRE
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 5. Industry: Interesting Numbers for 2008
• Global SIM card shipments exceeded 2.9 billion units
during 2008
Strong demand from the emerging markets of India, China,
Asia Pacific and Latin America contributing to a 29 per cent
increase on shipments over the previous year
• On average, memory size increased by 11 per cent on
2007 figures
• Number of cards shipped with a S@T (SIMalliance
Toolkit) browser had a growth rate of 22 per cent
• 3G enabled SIM cards represented 14 per cent of total
shipments in 2008
Source:SIMalliance
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 6. Next Generation SIM Cards
• Next gen SIM Cards integrate with new functionality…
• Mobile Near Field Communication (NFC)
• More advanced Applications
Address book, calendar back-up, messaging, teleconferencing
and file transfers, banking and access control, Web!
• Smart Card Web Server
Web apps running right on SIM Cards! And TCP stacks
• High-capacity SIM cards
More and more memory/capacity
• Multi-Media support (in conjunction w/ browser)
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 7. Overview: Programming SIM Cards
• SIM Toolkit
Toolkit
“conversation”
between phone
and Smartcard
Source: Gemalto
A SIM Toolkit is a data management application (applet) for SIM
cards, part of which is resident in the SIM card
•Icon, application, settings and help management
•User (simple menus), mobile, network and card interactions
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 8. Overview: Java Card Classic
import javacard.framework.*
...
public class MyApplet extends Applet {
// Definitions of APDU-related instruction codes
...
MyApplet() {...} // Constructor
// Life-cycle methods
install() {...} Source: Introduction to Java Card Technology by C. Enrique Ortiz
select() {...}
deselect() {...}
process() {...}
// Private methods
...
}
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 9. SIM / Smart Card Application Communication
Application Communication Architecture
Response APDU Structure
Source: SIM Protocols by Mobile Forensics
Command APDU Structure
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 10. Classical Java Card Development
IDEs can
simplify
these steps!
Source: Introduction to Java Card Technology by C. Enrique Ortiz
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 11. Java Card 3.0
• Extends (and simplifies) the programming model
• Classic Applets (Java Card 2 limitations apply for these
applications)
Communication using APDU protocol
Backward compatibility
• Extended Applets
Communication using APDU protocol
Similar to Classic Applets, and can use all the new APIs, like
Threads, Strings, and GCF (Generic Connection Framework)
• Web Enabled!
Based on Servlet 2.4 API
Communication using standard HTTP/ HTTPS protocol
HTML, JavaScript, etc. (much richer UIs than prior)
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 12. Java Card 3 Architecture
Source -- Java Card 3: Classic Functionality Gets a Connectivity Boost by Peter Allenbach
•All data types except float and double
•Multiple threads
NEW! •Extensive API support (java.lang, java.util, GCF, and so on)
•Direct handling of class files, with all loading and linking on card
•All new Java language syntax constructs (enums, generics, …)
•Automatic garbage collection
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 13. Smartcard Web Server
• Very exciting and powerful SIM card evolution in my opinion!
It took more than 10 years but we finally have it! Very powerful.
• Leverages the browser already present in the handset to run local
web applications preloaded into the SIM
• Local web-based applications are securely stored in the SIM card
and can be updated remotely
Best of both worlds
• Servlets framework on SIM Cards! Mobile SIM + Web
Source: Gemalto
Potential Apps:
•Rich SIM card apps
•On-Device Self-Service
•Application Management
•Mobile Payments Source: Gemalto
•Mobile NFC
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 14. Benefits of Smartcard Web Server
• Rich UI and Advanced Capabilities
Access to location, SMS, servers on the web, secure local-storage,
personalized experience
Call-intercepts to perform actions on-device, for example help
troubleshoot issues before calling the support representative
• Manageable
Secure, remote application management
• SIM-card based /On-Device
Works Connected and Disconnected
Secure connections and environment
Uses no wireless resources when doing on-device web apps
Access to information such as location that can help personalize the
experience
• Easy to deploy
Highly customizable application; can be modified as needed and push to
handsets in real-time
Based on OMA and Web standards - xHTML, CSS, JavaScript
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 15. Some Challenges
• SIM Card Applications still a niche, controlled by
operators
But if you have the relationships, it is a good niche ($)
• Applet development is not trivial with few experts
This can translate to opportunities for you!
• Smartcard Web Server requires new generation SIM
cards
Thus conversion process will make adoption slow & expensive
Expect emerging markets adopting first
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 16. Gemalto Toolkit & UpTeq Multimedia SIM Card
Toolkit
Download from: http://developer.gemalto.com/
See http://www.gemalto.com/telecom/upteq/multimedia.html
Smartcard Web Server
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com
- 17. Resources
• Gemalto Developer Website
• Sun Java Card Website
• SIMalliance Website
• Smart Card Alliance Website
• SIM Card Protocols Paper by Mobile Forensics
• Mobile Forensics Blog
• Introduction to Java Card Technology, part 1 by C.
Enrique Ortiz
• Article Java Card 3: Classic Functionality Gets a
Connectivity Boost by Peter Allenbach
© 2009 C. Enrique Ortiz – http://CEnriqueOrtiz.com