All you need to know about nano SIMs - before they are EXTERMINATED

The chip inside the iPhone 5

Using blade systems to cut costs and sharpen efficiencies

Apple's iPhone 5 uses a nano SIM, the smallest SIM ever designed and, quite possibly, the last SIM we'll see in any mobile telephone.

The nano SIM used in the new smartphone is tiny and its pattern of electrical contacts are about two thirds the size of the original SIM. It's almost too small to hold and certainly small enough to lose in a pocket, but despite the diminutive size its basic functionality remains unchanged: hosting encryption electronics and serial communications at 9,600 baud.

Size comparison

The SIM and nano SIM in proportion

The GSM standard mandates a removable SIM, and consumer devices can conform to one of four different form factors [PDF, dry, really dry]. The first is a credit-card-sized monster. The second is the traditional SIM we've come to know. The third form factor (3FF) retains the same contact pattern as the first two so one can just trim down an existing SIM, but the fourth - the nano SIM - makes these DIY jobs a lot more challenging (although not impossible) as it changes the layout and positioning of the connections.

A Subscriber Identity Module (SIM) contains a cryptographic chip, but critically it also stores a copy of the unique subscriber key, the other copy being held in the network operator's authentication server (AuC). During the GSM authentication a random number is encrypted using that key and must be decrypted by the phone to prove the subscriber is genuine. On 3G networks the process is also reversed to mitigate against man-in-the-middle attacks, and it's notable that while the encryption on GSM calls has been compromised (once or twice) the authentication remains secure.

The chips holding the key, and doing the cryptography, are suspended in space, glued to the back of the SIM's metal contacts. The silicon dies are small, but it's the air space around them which has hitherto prevented SIMs from getting thinner. The nano SIM is slimmer, thanks to thinner chips and more precise engineering, so the nano SIM is only .67mm thick.

It's also exempted it from the physical flexibility requirements of the SIM specification, which SIMs inherited largely from the credit card specification (ISO 7816). Nano SIMs will snap more easily than their larger contemporaries, but given the size that's not really important.

Let's make a connection

Contacts on the nano SIM. C1-3 and C5-7 are compatible with previous SIMs.
Source: ETSI. Pads highlighted by The Reg

There are eight connections on all the SIM designs, although on both the traditional SIM and the mini SIM (3FF) the electrical ground connection (C5, see diagram) is generally extended down the middle. That's harder on the nano SIM because it has two connections in the middle (C4 and C8), although some designs stretch the ground pad out and more than a few don't bother with those two optional pads.

As the chips in a SIM shrank, manufacturers tried to extend the functionality many times, from optimistic GPS to accelerometers, and ultimately loads of memory - up to 4GB of flash storage hampered only by the impossibility of getting the data off the SIM in a reasonable timeframe.

SIMs communicate with the phone over a single wire (C7) using a serial protocol similar to RS232 running at 9,600 baud. Older readers will remember that as the Blue US Robotics Sportster, younger readers should just understand that this is really, really, slow - transferring the aforementioned 4GB would take more than a month.

So the manufacturers lobbied for, and got, an extension to the standard that allocated the two lowermost pins to create a USB connection for fast communications. But despite enthusiastic support, from France Telecom, high-capacity SIMs never took off, so the USB connection quickly became redundant and the two contacts are optional. On traditional and mini SIMs that means losing the two bottom connectors, on the nano SIM that removes the two central pads.

Smaller tattoo

Reg man Bill Ray proves his SIM credentials
with this tasteful tattoo

Also optional is pad C6, known as Vpp as it was used to carry the higher voltage needed for writing data to early chips. Vpp is redundant these days as the voltage used to run the SIM, Vcc supplied over C1, is good enough for programming, but C6 is now used for transferring data wirelessly over NFC if the Single Wire Protocol (SWP) is supported, enabling the SIM (even in nano form) to communicate direct with NFC radio hardware. This avoids the security implications of going through the handset.

Of the eight contacts, therefore, three are optional, but in most cases six pads will be visible. C1 is the supply voltage; C2 is the reset signal so the SIM knows when to start doing something; and C3 is the clock signal as the timing clock was left out of the SIM spec to keep the cost down. C5 is ground, often extended down the middle; C6 is the NFC SWP contact; and C7 is the serial communications connection that actually does the stuff one expects a SIM to do.

The SIM can't, realistically, get any smaller, but if the requirement to make it removable is dropped then the functionality could be fitted into a processor die in the form of a typical system-on-a-chip. Hardware-based security can be implemented on the package, as exemplified by ARM's TrustZone and Intel's Secure Element which provide comparable functionality without the need for a physical SIM.

Such a "soft SIM" would require a change to the GSM standard, to which all mobile phones in Europe are required to conform, but that change is already in progress having been proposed in 2010 by Apple.

Apple's interest isn't just in making the SIM even smaller: it also wants to wrest control of the secure store from the network operators whose ownership of the SIM would appear unassailable. The repeated paring away of the physical SIM might be technically driven, but its ultimate disappearance is a matter of politics and power rather than technical necessity. That's particularly irritating for those of us who've opted to have the iconic pattern permanently marked upon us, but it could have been much, much worse. ®

HP ProLiant Gen8: Integrated lifecycle automation

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
Microsoft unsheathes cheap Android-killer: Behold, the Lumia 530
Say it with us: I'm King of the Landfill-ill-ill-ill
All those new '5G standards'? Here's the science they rely on
Radio professor tells us how wireless will get faster in the real world
US freemium mobile network eyes up Europe
FreedomPop touts 'free' calls, texts and data
'Two-speed internet' storm turns FCC.gov into zero-speed website
Deadline for comments on net neutrality shake-up extended to Friday
Oh girl, you jus' didn't: Level 3 slaps Verizon in Netflix throttle blowup
Just hook us up to more 10Gbps ports, backbone biz yells in tit-for-tat spat
prev story


Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.