Send APDU commands to USIM/SIM card in android
Asked Answered
R

2

10

I was already worked with smart cards and I am familiar with APDU commands (that are defined in ISO/IEC 7816 and Global Platform specifications).

Now I want to know if there is any way to send an APDU command to my USIM/SIM card that is inserted to my mobile phone? (Samsung A3 with Android v4.4.4 kitkat installed.)

I already searched in the Google and I found some related topics and tools named SIM Toolkit Application and Seek for Android. But I don't really understand what are these? Are these items two applications that I must install on my mobile phone? or are those two tools that was installed on the USIM/SIM card already and receive commands from the mobile phone?

What is the difference between Proactive commands , APDU commands and AT commands?

Should I learn android to develop SIM card applications or I just need Java Card specifications and ETSI standards?

Thanks in advance.

Rumania answered 19/5, 2015 at 12:29 Comment(0)
H
14

There can be two different types of applets present on your SIM card.

Common applets

Common applets written in plain JavaCard. This is the type of applet you are used to from the world of common smart cards. It has the process method and smart card is the passive subject in the communication: your app sends APDU commands and the card responses.

You can communicate with these applets using a special set of Android libraries called SEEK for Android. Have a look at this tutorial to learn how to create such a phone application.

Starting on API level 21 there is also a way to communicate to SIM using Telephony Manager. However, there is one huge obstacle: your app needs MODIFY_PHONE_STATE permission, which can be granted only to system apps. A reqular, non-system app isn't allowed to use it.

SIM Toolkit Applets

A SIM card is much more than just a common smart card and writing an applet for a SIM card can be much more complicated than for a common smart card if you want to use all the possibilities the SIM card offers. I recommend you to read this paper - it is someone's bachelor thesis, but it is the best overview for a beginner I have found all over the Internet. I also recommend this video from the DefConn conference.

The role of the applet loaded on the SIM card is different: the applet is no longer a passive entity. The phone asks your applet regularly: "Is there anything new I can do for you?" and your applet can reply: "Yes, send this SMS, please" or "Tell me what time it is" etc. Moreover, your applet can become a listener of some events: incoming call, received SMS, time interval elapsed etc. Yes, the SIM card seems to be passive from the technical point of view, but its role is in fact an active one: it is the SIM card who sends commands to the phone.

These commands are called "proactive commands" or SIM Application Toolkit commands. Structure is the same - CLA INS P1 P2 LC data LE; the meaning is different.

You can send them from your applet using classes in a special JavaCard package called sim.toolkit.

(SIM Application Toolkit is a standard that specifies the proactive commands in the same way Global Platform specifies the applet's lifecycle.)

Example of SIM Toolkit applet:

import sim.toolkit.ToolkitInterface;
import sim.toolkit.ToolkitRegistry;
...
import javacard.framework.ISOException;

public class STKTest extends Applet implements ToolkitInterface {

public static void install(byte[] bArray, short bOffset, byte bLength) {
    // GP-compliant JavaCard applet registration
    new STKTest().register(bArray, (short) (bOffset + 1), bArray[bOffset]);
}
//this method handles standard APDU commands
public void process(APDU apdu) {
    // Good practice: Return 9000 on SELECT
    if (selectingApplet()) {
        return;
    }

    apdu.setIncomingAndReceive();
    final byte[] buf = apdu.getBuffer();
    switch (buf[ISO7816.OFFSET_INS]) {
    case (byte) 0x00:
        //do something
        break;
    }
}
//this method handles the SIM Toolkit commands
public void processToolkit(byte event) throws ToolkitException {
    switch (event) {

    case ToolkitConstants.EVENT_TIMER_EXPIRATION:
        //do something
        break;
    }
}

}

Yes, you should learn Android - you will need it to use the SEEK library. Your question is very broad, please ask me for any details, if you want.

Hamulus answered 19/5, 2015 at 21:0 Comment(12)
Thanks dear vojta. 1- So, SEEK for Android is a library that I use to write applet for my mobile set (and not for SIM/USIM) to communicate with the applets on the USIM/SIM, right? 2- Do you have any idea what is SIM Toolkit Applicatin (aka STK)?Rumania
Are Proactive commands similar with regular APDU commands? I mean does they have a 4 byte mandatory header containing CLA,INS,P1 and P2? or they are totally different?Rumania
In the section 1 you emphasized that common smart cards are passive role in the communication. that's right. but does that mean that USIM/SIM cards can have a active role in communication with the phone or they also wait for commands always and they can't start a communication? you said that phone asks the applet regularly "Is there anything new I can do for you?"(the same application that is written using SEEK for android library?) and the applet on the SIM respond to it. so the SIM is passive yet. is not it?Rumania
I know these are a lot of questions, but I'm a little confused and I really need your guidance. I appreciate your time and your consideration. :) There is one more question and I will ask it later. thanks in advance again.Rumania
Dear vojta, May we have a short conversation here please? chat.stackoverflow.com/rooms/78277/sim-applications-developmentRumania
Thanks for the link to SEEK. However, as I understand the docs, it requires running a modified Android build, correct? Can I thus infer that stock Android lacks the mechanisms for (or even actively prevents) this kind of low-level SIM access?Tarragon
@Tarragon Hi! No, you do not need a modified Android build. Your app needs to be built with a special SDK and there must be a few special libraries provided by the vendor of your phone, that is all. I used SEEK successfully with a standard Sony Xperia L with no extra modifications, for example.Hamulus
@Hamulus thanks for the clarification. In the meantime I found out that Android's telephony manager now also has methods to send commands to the SIM card, but they require API level 21 (Lollipop) or higher.Tarragon
@Tarragon Wow, that is interesting! Could you please post a link to what you found? So I could update my answer.Hamulus
@Hamulus developer.android.com/reference/android/telephony/…Tarragon
@Jean, you will find more details about proactive commands in ETSI 102.223 (toolkit)Pandolfi
Thanks to all, I have a question. In tutorial link i saw," The development phone is flashed with SmartCard API", does each handset has to flashed to install smartcard api app?Botulism
B
6

Starting on API level 22 (Android 5.1) there is another Option called "Carrier Privileges". It allows non-system apps to send APDUs to the SIM card using Android TelephonyManager. See: https://developer.android.com/reference/android/telephony/TelephonyManager.html#hasCarrierPrivileges()

For example mobile network operator (MNO) Apps that are distributed on Google Play can use this. But again it's not open for everybody. In this case you need to be granted access by the SIM. The Access Rules on the SIM are managed by the MNO who issued it. See also: http://source.android.com/devices/tech/config/uicc.html

Bodice answered 6/10, 2016 at 17:1 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.