info@dataforensics.org
Contact Us     Live Chat
Home » News » SIM Card Forensics – Complete Forensic Analysis of SIM Cards Explained

SIM Card Forensics – Complete Forensic Analysis of SIM Cards Explained

author
Published By Raj Kumar
Aswin Vijayan
Approved By Aswin Vijayan
Published On April 16th, 2022
Reading Time 4 Minutes Reading
Category News, Updates

The SIM (Subscriber Identity Module) is an integrated circuit card (ICC) that plays a key role in managing and executing this century’s cellular world. The SIM cards work on the principle of UICC (Universal Integrated Circuit Card) and USIM (Universal Subscriber Identity Module) applications. The complete SIM card forensics investigation swirls around the physical and logical structure of the used integrated circuit card.

SIM Card Forensic Analysis

The most advantageous feature of the SIM cards is that the device on which the SIM cards persist, the complete user authorization, services, etc. transfers to that simultaneous device. An important point that needs to keep in mind while proceeding with the SIM card forensics is that the deployment of the 2G SIM card networks is associated with the protocols laid down by UICC whereas the 3G networks are attuned with USIM.

SIM Card Forensics – Understanding The Physical and Logical Structure

The global usage of SIM cards extends from GSM (Global System for Mobile Communications) and iDEN (Integrated Digital Enhanced Network) to that of satellite phone networks. Sim card holds two types of sophisticated tags: –

  1. Identity (termed as IMSI – International Mobile Subscriber Identity)
  2. Symmetric Key (recognized as Ki)

The IMSI are the identities that the mobile communication networks use for interconnection. Every individual is identified as a uniquely registered user in reference to IMSI. IMSI, in a manner, is similar to the mobile’s IMEI (International Mobile Station Equipment Identity) numbers that help to uniquely identify cellular equipment.

The SIM cards come in three different sizes: –

  1. Standard SIM Card
  2. microSIM
  3. nanoSIM

SIM Card Forensic Analysis

The attributes associated with SIM card hardware include: –

  • CPU: – As per current standards, 16-bit is in use.
  • RAM: – Two types of RAM persist. Size lies between 1 to 4 kb.
  • EEPROM/Flash: – Size lies between 4 to 64 kb.
  • Encryption: – As per the latest standards, it supports DES, AES, RSA and DSA hashing encryptions.

Forensic Analysis and Understanding of SIM Card Applets

One can start the SIM card forensic analysis with the investigation of Applets. Applets are small programs that the SIM cards (mainly GSM) uses on UICC. Moreover, the applet is meant for carrying out of all the activities like running the internet, sending SMSes, receiving & sending calls etc. As per stats from some law enforcement agencies, hackers use these applets in mobile banking applications to hack into user accounts.

The MF (Master File), DF (Dedicated File) and EF (Elementary File) attribute governs the security parameters of SIM cards.

The crucial data can be extracted via forensic SIM card analysis. And it can use in the later part of the investigation involving: –  (IMSI),  (MCC), (MNC) and  (MSISDN).

International Mobile Subscriber Identity (IMSI)

Mobile Country Code (MCC)

and Mobile Network Code (MNC)

Mobile Station International Subscriber Directory Number (MSISDN)

The IMSI number collected from SIM cards helps the investigators identify the nationality and preferred language of the suspect. In addition to this, the figures under the MSISDN assist in carving out the calls and simultaneous contact numbers that went from the suspect’s SIM card.

Peculiarities of SIM Card Forensics

  • The list of frequently traversed contacts remains stored in the data logs of SIM cards.
  • Via SIM cards it can track the SMSes sent over a network. We can understand the level of accuracy by the fact that it is possible to even retrieve unread messages.
  • The SIM card always stores the location of the subscriber. As a SIM card keeps on attaching and detaching itself to various network towers. Therefore, it stores the location of each and every tower. This, location of latitude and longitudes provides info about where the location of the subscriber at a certain point in time.

Although, a number of advanced forensic SIM readers and SIM card analysis software are available in the IT market. Controversy or no controversy, these tools often play a key role in achieving success in various criminal cases. By visiting the following platform, one can obtain the SIM card forensic analysis tool: –

The speciality of this technology is that it efficiently provides details about the last SIM card that was used in the device.

Thus, we can say that by using SIM card forensics we can track most of the criminal activities. SIM cards were a revolution in the cellular world, but if used inappropriately, can prove to be an insignificant approach.