How Do IoT SIM Cards Work?

How Do IoT SIM Cards Work?

What is an IoT SIM card?


Continued investment in the Internet of Things (IoT) and its resultant evolution has fueled the development of the IoT SIM card, a variant of the traditional SIM designed to store user information and connect mobile phones to cellular networks.

IoT devices typically operate without much human oversight – interacting more with other machines than with people. For IoT deployments, which can include thousands or even millions of these devices, a stable, flexible, and secure network connection is of the utmost importance. Fortunately, IoT SIM cards are designed with these requirements in mind.

But how do IoT SIM cards work? Here’s a quick breakdown:

Map of an IoT SIM Card

Encased in protective plastic, the contact chip is the most important part of a standard SIM card. The chip includes a processor equipped with 16–256 KB of electronically erasable, programmable read-only memory (EEPROM), along with varying amounts of read-only memory (ROM) and random access memory (RAM).

Originally developed to verify users on consumer mobile networks, SIMs serve as a storage bank for distinctive information about the device, such as authentication credentials and carrier data. It also allows the device access to a cellular network. SIM cards are particularly useful for IoT applications because, when properly configured, they allow developers to authenticate individual devices, track locations, monitor data usage, and manage their own cellular data network.

Data Storage and Connectivity

SIM cards for mobile telephones typically store a set of authentication credentials that allow the device to connect to a network. These usually include security keys, location information. Some IoT SIM card vendors even provide IoT SIM cards that serve a similar function, identifying the device for admission to the network, governing the connection, administering security features, and allowing the device to send and receive data. Both traditional SIM and IoT SIM cards contain the following identification information:

  • Integrated Circuit Card ID (ICCID)
    The ICCID is a distinctive number combination assigned to a SIM card, which serves as the individual chip’s identification. ICCID numbers can also be used to recognize eSIM profiles. In physical SIM cards, ICCIDs are displayed on the outer casing and stored inside the processor.
  • Authentication Key (Ki)
    Every SIM card contains a unique authentication key in the form of a 128-bit value known as a Ki. The Global System for Mobile Communications Association (GSMA) assigns the Ki, which authenticates the device with the network using a challenge-response interchange. The actual Ki is not transmitted via the network, making interception impossible and ensuring the security of the device and its data.
  • Location Area Identity (LAI)
    Every sector of a public land mobile network (PLMN) is assigned an identifier or LAI. The LAI contains the mobile country code (MCC), mobile network code (MNC), and a more specific location area code (LAC). This combination of data allows the network to pinpoint the location of a SIM card and its accompanying device.

IoT SIM Card Form Factors 

As technology evolves, IoT SIM cards have become progressively smaller—with the newest embedded forms abandoning separate anatomy altogether. The original credit-card-sized SIM cards (1FF) used in early mobile telephones may no longer be in service, but other types remain on the market. Some form factors work better than others in IoT deployments, depending on considerations such as device type, environmental conditions, network standards, and required data speeds. When connected devices must operate in a wide range of extreme temperatures or harsh conditions, it’s wise to choose an industrial-grade SIM card.

Available in 2FF-4FF, these rugged cards offer additional layers of protection against vibration and deterioration. Here’s a breakdown of the four SIM form factors applicable to IoT:

  • Mini-SIM (2FF)
    With a contact chip that matches that of the larger 1FF, the Mini-SIM was introduced in the mid-1990s to accommodate smaller mobile devices. It measures about 25mm in length and 15mm in width, making it the largest of the three removable SIM cards. The Mini-SIM is often used for IoT applications in vending machines and vehicle tracking.
  • Micro-SIM (3FF)
    With a processor that’s essentially identical to that of the Mini-SIM, the Micro-SIM provides the same storage and authentication capabilities in a smaller package. At 15mm by 12mm, the Micro-SIM is half the size of its predecessor and fits easily into compact IoT devices such as tablets, dispatch units, and mobile health devices.
  • Nano-SIM (4FF)
    Although the processor and memory are identical to the Mini-SIM and Micro-SIM, the Nano-SIM (4FF) currently presents the smallest removable card option at 12.3mm by 8.8mm. The Nano-SIM is also about 15 percent thinner than the Micro-SIM, accommodating IoT applications such as mobile payment devices and wearables.
  • Embedded-SIM (eSIM or eUICC)
    There’s a lot of buzz around the embedded SIM (eSIM), also known as the embedded universal integrated circuit card (eUICC), because of its powerful potential for IoT applications. According to a McKinsey report, the eSIM may become the best mobile switching solution for IoT as it gives operators more control over roaming costs and connection quality. The smallest SIM by far at 6mm by 5mm, the eSIM is soldered directly to the board inside the device, making it more resilient in severe conditions. Because the SIM is already embedded in the device, users have no need to install or replace a detachable card, which saves a great deal of time for businesses looking to deploy thousands of connected wireless devices. The eSIM is also more resistant to external disturbances such as vibration and debris, and allows far more flexibility in device design because of its smaller size. But the eSIM has another, more notable feature—remote provisioning, or the ability to manage multiple device identities without the need to physically swap out SIM cards.

IoT Applications

The number of connected IoT devices is expected to grow from 7 billion today to 21 billion by 2025. As the market explodes, hardware manufacturers are designing SIM card variants with IoT applications in mind which IoT SIM card providers are picking up. Industrial-grade IoT SIM cards are created to operate in temperatures between -40ºC and 105ºC, making them an excellent choice for use cases such as emergency response, weather monitoring, and industrial IoT (IIoT).

Ultimately, IoT SIM cards serve a different purpose than traditional mobile telephone SIM cards. They provide a link between connected devices and the cloud, where collected data can be aggregated and accessed through an IoT management platform. With a focus on managing large groups of devices, IoT SIM cards provide more flexibility and support in the following areas:

  • Data Usage
    In some deployment situations, IoT SIM cards gather and transmit data at different rates—so connectivity service providers typically offer aggregated data packages that are tailored to the specific needs of the company and allow the entire fleet of devices to draw from a single data usage limit.
  • Longevity
    Once deployed, IoT devices may not be easy to access. If they’re inside a mine deep underground or attached to a buoy in the ocean, for example, connecting to a cellular network may be difficult. As such, the longevity of the device and all its components – including the SIM – is of paramount importance. Industrial-grade removable IoT SIM cards provide added product life as well as ruggedness, but the eSIM offers the best solution for hard-to-reach deployments. Each eSIM is designed to last as long as the device in which it’s embedded. This makes the it an excellent choice for IoT applications.
  • Network Connectivity
    IoT SIM cards are equipped to roam between multiple networks. If the IoT deployment is used for vehicle tracking, for example, individual devices will automatically connect to the strongest network in a given area. Compatible cellular networks will depend on the provider, but many IoT projects connect using the same 2G, 3G, 4G LTE and Cat M1 cellular networks that smartphones use. Other networks such as LoRaWAN, NB-IoT, and Sigfox are low-power wide-area networks designed for IoT and may be viable choices in many applications.
  • Remote Provisioning (eSIM)
    While roaming IoT SIM cards provide some flexibility around network connection, the eSIM allows for even more freedom. When it’s manufactured, GSMA’s eSIM specification is equipped with a “bootstrap” profile to allow for the device’s initial connection to a network. The mobile network operator then transmits a SIM profile to override the bootstrap. If there is a need to change to another network provider in the future, the new operator can send a new SIM profile to the chip, replacing the first profile. This ability to switch the SIM’s identity is called remote provisioning, and it offers a tremendous simplification for IoT deployments that need to change operators—instead of sending personnel into the field to change out SIM cards on every device, the IoT manager can make the shift remotely, resulting in substantial cost and time savings.

Editor’s Note: This post was originally published in July 2019 and has been updated for accuracy.