What is it about?

This research improves SIM card security by incorporating hardware-rooted trust with privacy-preserving authentication. The proposed framework protects users against SIM cloning, SIM swap attacks, and identity theft while supporting future mobile networks.

Featured Image

Why is it important?

As SIM swap fraud, identity theft, and mobile account hijacking continue to increase worldwide, stronger authentication methods have become essential. A fundamental weakness of current SIM-based authentication is that anyone who gains possession of a legitimate SIM card is often treated as the legitimate subscriber, regardless of who is actually using it. SafeSIM addresses this critical security gap by combining hardware-based security and privacy-preserving authentication through the integration of Physically Unclonable Functions (PUFs) with Zero-Knowledge Proofs (ZKPs). Unlike conventional SIM authentication methods that rely on static credentials, SafeSIM verifies users without exposing sensitive information and resists SIM cloning and impersonation attacks. The framework is compatible with both traditional SIM cards and emerging eSIM technologies, making it a practical solution for next-generation mobile networks. This work demonstrates how hardware security and modern cryptography can be combined to enhance privacy, trust, and resilience in future telecommunications systems.

Perspectives

This work was inspired by a simple but important question: *What happens if the wrong person gets hold of a legitimate SIM card?* Current mobile networks often trust possession of the SIM, meaning an unauthorized person may still be authenticated as the legitimate subscriber. I wanted to address this overlooked security gap by combining hardware-rooted security with privacy-preserving cryptography. Seeing SafeSIM evolve from an idea into a formally verified protocol and a working Android implementation has been one of the most rewarding parts of my PhD journey. I hope this work encourages future authentication systems to move beyond static credentials toward stronger, privacy-aware, and user-centric mobile security.

SIVAPPRIYA MANIVANNAN
Indian Institute of Technology Kharagpur

Read the Original

This page is a summary of: SafeSIM: SIM Card Authentication Framework Enhancement Using Zero-Knowledge Protocols and PUFs, ACM Transactions on Embedded Computing Systems, June 2026, ACM (Association for Computing Machinery),
DOI: 10.1145/3822567.
You can read the full text:

Read

Contributors

The following have contributed to this page