All you need to know about nano SIMs - before they are EXTERMINATED

The chip inside the iPhone 5

Next gen security for virtualised datacentres

Apple's iPhone 5 uses a nano SIM, the smallest SIM ever designed and, quite possibly, the last SIM we'll see in any mobile telephone.

The nano SIM used in the new smartphone is tiny and its pattern of electrical contacts are about two thirds the size of the original SIM. It's almost too small to hold and certainly small enough to lose in a pocket, but despite the diminutive size its basic functionality remains unchanged: hosting encryption electronics and serial communications at 9,600 baud.

Size comparison

The SIM and nano SIM in proportion

The GSM standard mandates a removable SIM, and consumer devices can conform to one of four different form factors [PDF, dry, really dry]. The first is a credit-card-sized monster. The second is the traditional SIM we've come to know. The third form factor (3FF) retains the same contact pattern as the first two so one can just trim down an existing SIM, but the fourth - the nano SIM - makes these DIY jobs a lot more challenging (although not impossible) as it changes the layout and positioning of the connections.

A Subscriber Identity Module (SIM) contains a cryptographic chip, but critically it also stores a copy of the unique subscriber key, the other copy being held in the network operator's authentication server (AuC). During the GSM authentication a random number is encrypted using that key and must be decrypted by the phone to prove the subscriber is genuine. On 3G networks the process is also reversed to mitigate against man-in-the-middle attacks, and it's notable that while the encryption on GSM calls has been compromised (once or twice) the authentication remains secure.

The chips holding the key, and doing the cryptography, are suspended in space, glued to the back of the SIM's metal contacts. The silicon dies are small, but it's the air space around them which has hitherto prevented SIMs from getting thinner. The nano SIM is slimmer, thanks to thinner chips and more precise engineering, so the nano SIM is only .67mm thick.

It's also exempted it from the physical flexibility requirements of the SIM specification, which SIMs inherited largely from the credit card specification (ISO 7816). Nano SIMs will snap more easily than their larger contemporaries, but given the size that's not really important.

Let's make a connection

Contacts on the nano SIM. C1-3 and C5-7 are compatible with previous SIMs.
Source: ETSI. Pads highlighted by The Reg

There are eight connections on all the SIM designs, although on both the traditional SIM and the mini SIM (3FF) the electrical ground connection (C5, see diagram) is generally extended down the middle. That's harder on the nano SIM because it has two connections in the middle (C4 and C8), although some designs stretch the ground pad out and more than a few don't bother with those two optional pads.

As the chips in a SIM shrank, manufacturers tried to extend the functionality many times, from optimistic GPS to accelerometers, and ultimately loads of memory - up to 4GB of flash storage hampered only by the impossibility of getting the data off the SIM in a reasonable timeframe.

SIMs communicate with the phone over a single wire (C7) using a serial protocol similar to RS232 running at 9,600 baud. Older readers will remember that as the Blue US Robotics Sportster, younger readers should just understand that this is really, really, slow - transferring the aforementioned 4GB would take more than a month.

So the manufacturers lobbied for, and got, an extension to the standard that allocated the two lowermost pins to create a USB connection for fast communications. But despite enthusiastic support, from France Telecom, high-capacity SIMs never took off, so the USB connection quickly became redundant and the two contacts are optional. On traditional and mini SIMs that means losing the two bottom connectors, on the nano SIM that removes the two central pads.

Smaller tattoo

Reg man Bill Ray proves his SIM credentials
with this tasteful tattoo

Also optional is pad C6, known as Vpp as it was used to carry the higher voltage needed for writing data to early chips. Vpp is redundant these days as the voltage used to run the SIM, Vcc supplied over C1, is good enough for programming, but C6 is now used for transferring data wirelessly over NFC if the Single Wire Protocol (SWP) is supported, enabling the SIM (even in nano form) to communicate direct with NFC radio hardware. This avoids the security implications of going through the handset.

Of the eight contacts, therefore, three are optional, but in most cases six pads will be visible. C1 is the supply voltage; C2 is the reset signal so the SIM knows when to start doing something; and C3 is the clock signal as the timing clock was left out of the SIM spec to keep the cost down. C5 is ground, often extended down the middle; C6 is the NFC SWP contact; and C7 is the serial communications connection that actually does the stuff one expects a SIM to do.

The SIM can't, realistically, get any smaller, but if the requirement to make it removable is dropped then the functionality could be fitted into a processor die in the form of a typical system-on-a-chip. Hardware-based security can be implemented on the package, as exemplified by ARM's TrustZone and Intel's Secure Element which provide comparable functionality without the need for a physical SIM.

Such a "soft SIM" would require a change to the GSM standard, to which all mobile phones in Europe are required to conform, but that change is already in progress having been proposed in 2010 by Apple.

Apple's interest isn't just in making the SIM even smaller: it also wants to wrest control of the secure store from the network operators whose ownership of the SIM would appear unassailable. The repeated paring away of the physical SIM might be technically driven, but its ultimate disappearance is a matter of politics and power rather than technical necessity. That's particularly irritating for those of us who've opted to have the iconic pattern permanently marked upon us, but it could have been much, much worse. ®

Next gen security for virtualised datacentres

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
So, Apple won't sell cheap kit? Prepare the iOS garden wall WRECKING BALL
It can throw the low cost race if it looks to the cloud
EE fails to apologise for HUGE T-Mobile outage that hit Brits on Friday
Customer: 'Please change your name to occasionally somewhere'
Time Warner Cable customers SQUEAL as US network goes offline
A rude awakening: North Americans greeted with outage drama
Shoot-em-up: Sony Online Entertainment hit by 'large scale DDoS attack'
Games disrupted as firm struggles to control network
We need less U.S. in our WWW – Euro digital chief Steelie Neelie
EC moves to shift status quo at Internet Governance Forum
BT customers face broadband and landline price hikes
Poor punters won't be affected, telecoms giant claims
prev story


5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?