How Do SIM Cards for IoT Work?

What is an IoT SIM card?


The growth of the Internet of Things (IoT) and its distinctive needs have fueled the development of the IoT SIM card, a variant of the traditional SIM designed to store user information and connect mobile phones to cellular networks.

IoT devices must operate without much human oversight—interacting more with other machines than with people. IoT deployments, which can include thousands or even millions of devices, need a network connection that’s stable, flexible, and secure. IoT SIM cards are designed with these requirements in mind.

But how do IoT SIM cards work? Here’s a breakdown of their forms and functions.

Map of an IoT SIM Card

Encased in protective plastic, the contact chip is the most important part of a standard SIM card. The chip includes a processor equipped with 16–256 KB of electronically erasable, programmable read-only memory (also known as EEPROM), along with varying amounts of read-only memory (ROM) and random access memory (RAM).

Originally developed to verify users on consumer mobile networks, the SIM serves as a storage bank for distinctive information about the device—including authentication credentials and carrier data—and acts as a key to allow the device access to a cellular network. SIM cards are particularly useful for IoT applications because when properly configured they allow developers to authenticate individual devices, track locations, monitor data usage, and manage their own cellular data network..

Data Storage and Connectivity

SIM cards for mobile telephones typically store a set of authentication credentials that allow the device to connect to a network, including security keys, location information and contacts IoT SIM card vendors provide IoT SIM cards that serve a similar function, identifying the device for admission to the network, governing the connection, administering security features and allowing the device to send and receive data. Both traditional SIM and IoT SIM cards contain the following identification information:

  • Integrated Circuit Card ID (ICCID)
    The ICCID is a distinctive number combination assigned to a SIM card, serving as the individual chip’s identification. ICCID numbers are also used to recognize eSIM profiles. In physical SIM cards, ICCIDs are displayed on the outer casing as well as stored inside the processor.
  • Authentication Key (Ki)
    Every SIM card contains a unique authentication key in the form of a 128-bit value. The Global System for Mobile Communications Association (GSMA) assigns the Ki, which authenticates the device with the network using a challenge-response interchange. The actual Ki is not transmitted via the network, making interception impossible and ensuring the security of the device and its data.
  • Location Area Identity (LAI)
    Every sector of a public land mobile network (PLMN) is assigned an identifier or LAI. The LAI contains the mobile country code (MCC), mobile network code (MNC), and a more specific location area code (LAC). This combination of data allows the network to pinpoint the location of a SIM card and its accompanying device.

IoT SIM Card Form Factors 

As SIM technology evolves, the cards have become progressively smaller—with the newest embedded forms abandoning their separate anatomy altogether. The original credit-card-size SIM cards (1FF) used in early mobile telephones are no longer in service, but the other types remain on the market. Some form factors work better than others in IoT deployments depending on considerations such as device type, environmental conditions, network standards, and required data speeds. When connected devices must operate in a wide range of extreme temperatures or harsh conditions, it’s wise to choose an industrial-grade SIM card.

Available in 2FF-4FF, these rugged cards offer additional layers of protection to guard against vibration and deterioration. Here’s a breakdown of the four SIM form factors applicable to IoT:


  • Mini-SIM (2FF)
    With a contact chip that matches that of the larger 1FF, the Mini-SIM was introduced in the mid-1990s to accommodate smaller mobile devices. It measures about 25mm in length and 15mm in width, making it the largest of the three removable SIM cards. The Mini-SIM is often used for IoT applications in vending machines and vehicle tracking.


  • Micro-SIM (3FF)
    With a processor that’s essentially identical to that of the Mini-SIM, the Micro-SIM provides the same storage and authentication capabilities in a smaller package. At 15mm by 12mm, the Micro-SIM is half the size of its predecessor and fits easily into more compact IoT devices such as tablets, dispatch units, and mobile health devices.


  • Nano-SIM (4FF)
    Although the processor and memory are identical to the Mini-SIM and the Micro-SIM, the Nano-SIM (4FF) presents the current smallest removable card option at 12.3mm by 8.8mm. The Nano-SIM is also about 15 percent thinner than the Micro-SIM, accommodating IoT applications such as mobile payment devices and wearables.


  • Embedded-SIM (eSIM or eUICC)
    There’s a lot of buzz around the embedded SIM (eSIM), also known as the embedded universal integrated circuit card (eUICC), because of its powerful potential for IoT applications. According to a recent McKinsey report, the eSIM may become the best mobile switching solution for IoT as it gives operators more control over roaming costs and connection quality. The smallest SIM by far at 6mm by 5mm, the eSIM is soldered directly to the board inside the mobile device, making it more resilient in severe conditions. Because the SIM is already embedded in the device, users have no need to install or replace a detachable card, which saves a great deal of time for businesses looking to deploy thousands of connected wireless devices. The eSIM is also more resistant to external disturbances such as vibration and debris, and allows far more flexibility in device design because of its smaller size. But the eSIM has another, more notable feature—remote provisioning, or the ability to manage multiple device identities without the need to physically swap out SIM cards.

IoT Applications

The number of connected IoT devices is expected to grow from 7 billion today to 21 billion by 2025. As the market explodes, hardware manufacturers are designing SIM card variants with IoT applications in mind which IoT SIM card providers are picking up. Industrial-grade IoT SIM cards are created to operate in temperatures between -40ºC and 105ºC, making them an excellent choice for use cases such as emergency response, weather monitoring, and industrial IoT (IIoT).

Ultimately, IoT SIM cards serve a different purpose than traditional mobile telephone SIM cards. They provide a link between connected devices and the cloud, where collected data can be aggregated and accessed through an IoT management platform. With a focus on managing large groups of devices, IoT SIM cards provide more flexibility and support in the following areas:


  • Data Usage
    In some deployment situations, IoT SIM cards gather and transmit data at different rates—so connectivity service providers typically offer aggregated data packages that are tailored to the specific needs of the company and allow the entire fleet of devices to draw from a single data usage limit.


  • Longevity
    Once deployed, IoT devices may not be easy to access—for example, if they’re inside a mine deep underground or attached to a buoy in the ocean. For that reason, the longevity of the device and all its components, including the SIM, is of paramount importance. Industrial-grade removable IoT SIM cards provide added longevity along with ruggedness, but the eSIM offers the best solution for hard-to-reach deployments. Designed to last for the lifetime of the device it’s embedded in, the eSIM is an excellent choice for IoT applications.
  • Network Connectivity
    IoT SIM cards are equipped to roam between multiple networks. If the IoT deployment is used for vehicle tracking, for example, individual devices will automatically connect to the strongest network in a given area. Compatible cellular networks will depend on the provider, but many IoT projects connect using the same 2G, 3G, 4G LTE and Cat M1 cellular networks that smartphones use. Other networks such as LoRaWAN, NB-IoT, and Sigfox are low-power wide-area networks designed for IoT and may be viable choices in many applications.
  • Remote Provisioning (eSIM)
    While roaming IoT SIM cards provide some flexibility around network connection, the eSIM allows for even more freedom. When it’s manufactured, GSMA’s eSIM specification is equipped with a “bootstrap” profile to allow for the device’s initial connection to a network. The mobile network operator then transmits a SIM profile to override the bootstrap. If there is a need to change to another network provider in the future, the new operator can send a new SIM profile to the chip, replacing the first profile. This ability to switch the SIM’s identity is called remote provisioning, and it offers a tremendous simplification for IoT deployments that need to change operators—instead of sending personnel into the field to change out SIM cards on every device, the IoT manager can make the shift remotely, resulting in substantial cost and time savings.