• jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    5
    ·
    un anno fa

    That’s neat. But doesn’t that mean we violated the secure element on the phone? If the SIM can be digitally transferred, that means it can be hijacked more easily, right?

    • roneyxcx@lemdro.id
      link
      fedilink
      English
      arrow-up
      14
      ·
      un anno fa

      No, to clear confusion when they mean transfer they are not really transferring the SIM. To explain fully, when you first setup eSIM, you give IMEI to your operator. Then you get a QR code which is associated with your IMEI. When you scan it you are connected to Remote SIM Provisioning system and your phone downloads SIM profile. Now when you switch phones if your carrier supports eSIM transfer, which is not supported by all carriers. Your old phone which has the eSIM will tell carrier your new phones IMEI, once you confirm the transfer, your new phone will contact Remote SIM Provisioning system to download new SIM profile. Then once it’s activated the old phone deletes the eSIM. The way how your old phone knows your new phone is through the Apple account for iPhones and for Samsung/Google it will something similar. Also keep in mind for iPhones you need to have same Apple account for both old and new phone, I am not sure about Samsung/Google’s implementation. Currently there is no standard for iPhone to transfer to Android or vice versa. Probably GSMA will come up with something or Apple and Google can make a standard.