Description
The Universal Subscriber Identity Module (USIM) is the cornerstone of subscriber security and identity management in 3GPP networks from UMTS (3G) onwards. It is not the physical card itself (that is the UICC) but a dedicated application that runs on the UICC's secure microprocessor. The USIM's primary functions are to securely store the subscriber's unique identity (IMSI), authenticate the subscriber to the network, generate session keys for encryption and integrity protection, and manage subscriber-related data like the phonebook and SMS.
Architecturally, the USIM interacts with the Mobile Equipment (ME) via a standardized interface (ETSI/3GPP TS 31.101). When a device powers on or enters a new network area, the ME requests the International Mobile Subscriber Identity (IMSI) from the USIM. This IMSI is sent to the network to initiate an authentication procedure. The network's Authentication Centre (AuC) generates an authentication vector containing a random challenge (RAND), an expected response (XRES), a ciphering key (CK), and an integrity key (IK). The RAND is sent to the USIM.
The USIM, using a secret key (K) stored securely within it and a cryptographic algorithm (MILENAGE for 3G/4G/5G), computes a response (RES) and the same CK and IK. The ME sends the RES back to the network for verification. If RES matches XRES, authentication is successful. The CK and IK are then used by the device and network to encrypt and integrity-protect all subsequent communications. This process, known as Authentication and Key Agreement (AKA), ensures that only a legitimate subscriber with the correct USIM can access the network and that the communication is secure.
Beyond core authentication, the USIM provides a secure storage area for subscriber data, network selection preferences, and service provider applications (like OTA provisioning). In 5G, the USIM's role evolves to support the 5G AKA protocol and store new identifiers like the Subscription Concealed Identifier (SUCI) for enhanced privacy. It acts as a root of trust, enabling secure bootstrapping for other services and acting as a secure element for mobile commerce and digital identity applications.
Purpose & Motivation
The USIM was introduced with 3G UMTS to address security weaknesses in the 2G SIM (Subscriber Identity Module). The 2G SIM used the COMP128 algorithm, which had known vulnerabilities, and the GSM authentication was one-way (network authenticates the subscriber) with weaker encryption algorithms. The move to 3G required a stronger, mutual authentication mechanism and enhanced cryptographic capabilities to protect new data and multimedia services.
The creation of the USIM provided a standardized, future-proof platform for subscriber identity. It separated the secure application (USIM) from the physical card (UICC), allowing multiple applications (like ISIM for IMS) to coexist. This modularity was crucial for the convergence of services. The USIM's secure execution environment and storage protect the long-term secret key (K) from extraction, forming an immutable root of trust for the entire mobile ecosystem.
Its ongoing evolution is driven by the need for stronger privacy (e.g., SUCI in 5G to protect the IMSI), support for new authentication frameworks (EAP-AKA', 5G AKA), and enabling new use cases like network slicing identification and secure services for IoT. The USIM solves the fundamental problem of securely and portably binding a subscriber identity to a subscription, enabling global roaming, secure service access, and trusted transaction capabilities.
Classification
Detected Changes Across Releases
from 3GPP Change RequestsSpecific changes extracted from the „Change history“ tables of 3GPP specifications (81 CRs across 5 releases). Complements the general historical overview above with the evidence-based evolution of this function.
In Release 15, the USIM was enhanced to support 5G-specific functions, including the introduction of a new Elementary File (EF) to store 5G UAC Access Identity information and updates to the SUCI calculation parameters with a Routing Indicator. Furthermore, the release updated the USIM Service Table to support PDU session call control and enhanced configuration data for Mission Critical Services and location information for NG-RAN.
- Support for identity attestation and verification TS 23.228CR1184
- Introduce an EF that contains 5G UAC Access Identity Information TS 31.102CR0780
- USIM Service Table update for PDU session call control support TS 31.102CR0786
- Allow configuration of MCS (Access Identity 2) via USIM. TS 31.102CR0794
- Modify structure of SUCI Calc EF and introduce Routing Indicator TS 31.102CR0797
- Mission Critical Services configuration data update to USIM TS 31.102CR0808
+ 23 more changes
In Release 16, the USIM's role was expanded to store new configuration data for network selection and policy control, including lists for RLOS PLMN selection and trusted non-3GPP access networks. It also gained enhanced capabilities for subscriber privacy by formally supporting the storage and computation of SUCI for various SUPI types, including network-specific identifiers. Furthermore, the USIM was specified to hold pre-configured URSP rules and a separate KSEAF for non-3GPP access, centralizing more network policy and security parameters on the card.
- Support for USIM configuration of RLOS PLMN list TS 31.102CR0847
- URSP storage in USIM TS 31.102CR0861
- Specify storage for a potentially separate KSEAF for non-3gpp access on the USIM TS 31.102CR0864
- SUCI value with SUPI format NSI TS 31.102CR0879
- USIM configuration of RLOS allowed MCC list TS 31.102CR0881
- Support for Trusted non-3GPP access networks list by USIM TS 31.102CR0891
+ 13 more changes
In Release 17, the USIM was enhanced with new dedicated files to store configuration data for network selection and access control, including pre-configured CAG (Closed Access Group) information and parameters for disaster roaming conditions. It also gained support for storing configuration data for 5G features like NSWO (Non-Seamless WLAN Offload) and enhanced Discontinuous Reception (eDRX) for NG-RAN, alongside new files for managing warning messages in SNPNs and the "No E-UTRA Disabling In 5GS" indication. Furthermore, the release introduced mechanisms for updating configurations like the 5G NSWO settings and added specific storage for Steering of Roaming (SOR) parameters.
- Introduce a USIM file to store pre-configured CAG information list TS 31.102CR0904
- SOR-CMCI storage in USIM TS 31.102CR0917
- Addition of USIM files for the indication of whether disaster roaming is enabled in the UE, disaster roaming wait range, disaster return wait range and applicability indicator for disaster roaming PLMNs list provided by VPLMN. TS 31.102CR0938
- Adding eDRX parameters in the USIM for NG-RAN TS 31.102CR0943
- 5G NSWO (Non-Seamless WLAN Offload) configuration support in the USIM compromised proposal. TS 31.102CR0946
- Support of 'No E-UTRA Disabling In 5GS' in USIM TS 31.102CR0947
+ 11 more changes
In Release 18, updates for the USIM function introduced new Elementary Files (EFs) for storing Access Control data for GBA_U APIs and IMS Data Channel configuration, and extended the storage of 5G security parameters with mandated service dependencies. Furthermore, the release provided clarifications and corrections for procedures such as SUCI calculation and the GET IDENTITY command, particularly within the 5G Non-Seamless WLAN Offload (NSWO) context.
- 5G Security Parameters extended storage on USIM (Mandating Service n°133 to be enabled when Service n°123 is enabled) Rel18. TS 31.102CR1014
- Add EF of Access Control to GBA_U_APIs to the USIM TS 31.102CR1007
- Add EF of IMS Data Channel configuration to the USIM TS 31.102CR1006
- Introducing new TCs for GET IDENTITY command in 5G NSWO context TS 31.122CR0087
- SUCI 5G NSWO context, NOTE 3 modification TS 31.102CR1018
- Correction of GET IDENTITY in case of incorrect configuration TS 31.102CR1030
+ 4 more changes
In Release 19, the USIM function introduced support for third-party user identity information in the IMS, including procedures for its handling and verification. It also defined a backward compatibility mechanism for handling USIMs without extended security parameter storage in the EF_5GAuthKeys file. Additionally, the release clarified the calling and called identities notified to the DCSF.
- Support of third party user identity information in IMS TS 23.228CR1478
- Procedure for supporting of third party user identity information in IMS TS 23.228CR1524
- Update the IETF reference to the process of signing and verifying third party user identity information TS 23.228CR1652
- KI#1: Cancel procedure for subscriber specific IMS Events TS 23.228CR1655
- Clarify the calling and called identity notified to the DCSF TS 24.186CR0045
- Backward compatibility handling of USIM without extended security parameter storage in EF_5GAuthKeys - Rel19 TS 31.102CR1074
Explore further
Broader topics and technologies where USIM plays a role.
Defining Specifications
3GPP specifications that define or reference USIM, with the latest known release. Sourced from the 3GPP document catalog — see methodology.
| Specification | Title | Release |
|---|---|---|
| TS 21.111 vj00 | USIM and UICC Requirements for 3G | Rel-19 |
| TS 21.133 v1400 | 3G Security Requirements | Rel-5 |
| TR 21.905 vj00 | 3GPP Technical Terms and Definitions | Rel-19 |
| TS 22.022 vj00 | ME Personalisation Features for GSM/3G | Rel-19 |
| TS 22.038 vj00 | USIM Application Toolkit (USAT) Stage 1 | Rel-19 |
| TS 22.057 vj00 | Mobile Execution Environment (MExE) Stage 1 | Rel-19 |
| TS 22.066 vj00 | Mobile Number Portability Stage 1 | Rel-19 |
| TS 22.100 v1320 | UMTS Service Requirements Phase 1 | Rel-4 |
| TS 22.101 vk00 | Service Principles for PLMNs | Rel-20 |
| TS 22.105 vj00 | Telecommunication Services Framework | Rel-19 |
| TS 22.112 v1800 | USAT Gateway System Specification | Rel-8 |
| TS 22.121 v1400 | Virtual Home Environment Requirements | Rel-5 |
| TS 22.234 vd10 | 3GPP-WLAN Interworking Index Specification | Rel-13 |
| TR 22.907 v1312 | UMTS IC Card and Terminal Concepts | Rel-4 |
| TR 22.944 vj00 | UE Functionality Split Scenarios and Requirements | Rel-19 |
| TR 22.967 vj00 | eCall Emergency Data Transmission | Rel-19 |
| TR 22.975 v1310 | UMTS Numbering and Addressing Requirements | Rel-4 |
| TR 22.980 vj00 | Network Composition Feasibility Study | Rel-19 |
| TS 23.009 vj00 | Handover Procedures in PLMNs | Rel-19 |
| TS 23.048 v1400 | Secured Packets for UICC Remote Management | Rel-5 |
| TS 23.050 v1100 | UMTS Network Principles and Architecture | R99 |
| TS 23.057 vj00 | Mobile Execution Environment (MExE) Specification | Rel-19 |
| TS 23.060 vj00 | GPRS Service Description Stage 2 | Rel-19 |
| TS 23.101 vj00 | UMTS Architecture and Functional Separation | Rel-19 |
| TS 23.110 vj00 | Access Stratum Services Specification | Rel-19 |
| TS 23.127 v1600 | Virtual Home Environment Stage 2 Specification | Rel-6 |
| TS 23.171 v1300 | LCS Stage 2 Specification for UMTS | Rel-4 |
| TS 23.228 vj50 | IMS Stage-2 Service Description | Rel-19 |
| TS 23.234 vd10 | 3GPP-WLAN Interworking Index | Rel-13 |
| TS 23.271 vj00 | LCS Stage 2 Specification | Rel-19 |
| TS 23.700 vk00 | XR Services Application Enablement Layer | Rel-20 |
| TS 23.804 v1700 | SMS/MMS over IP Access Support | Rel-7 |
| TS 23.851 v1600 | Network Sharing Architecture for 3G Systems | Rel-6 |
| TR 23.923 v1300 | Mobile IP+ Feasibility Study for UMTS/GPRS | Rel-4 |
| TS 24.109 vj00 | HTTP Digest AKA & GAA Stage 3 | Rel-19 |
| TS 24.167 vj00 | 3GPP IMS Management Object Specification | Rel-19 |
| TS 24.186 vj60 | IMS Data Channel applications | Rel-19 |
| TS 24.228 v1500 | IP Multimedia Call Control Signaling Flows | Rel-5 |
| TS 24.229 vj50 | IMS call control protocol based on SIP and SDP | Rel-19 |
| TS 24.234 vc20 | 3GPP-WLAN Interworking Network Selection | Rel-12 |
| TS 24.526 vj30 | UE Policies for 5GS; Stage 3 | Rel-19 |
| TS 25.133 vj00 | UTRAN RRM Requirements for FDD | Rel-19 |
| TS 25.305 vj00 | UTRAN UE Positioning Stage 2 | Rel-19 |
| TS 25.401 vj00 | UTRAN Overall Architecture | Rel-19 |
| TS 26.804 vj10 | 5G Media Streaming Extensions Study | Rel-19 |
| TR 26.967 vj00 | eCall via CTM Suitability Analysis | Rel-19 |
| TS 27.007 vj40 | AT Command Set for UE | Rel-19 |
| TS 29.198 v1900 | OSA API Overview Specification | Rel-9 |
| TS 31.102 vj40 | USIM Application Specification | Rel-19 |
| TS 31.111 vj30 | USIM Application Toolkit (USAT) Specification | Rel-19 |
| TS 31.112 v1800 | USAT Interpreter System Architecture | Rel-8 |
| TS 31.113 v1800 | USAT Interpreter Byte Code Specification | Rel-8 |
| TS 31.114 v1800 | USAT Interpreter Transmission Protocol | Rel-8 |
| TS 31.115 vj00 | Secured Packet Structure for UICC Applications | Rel-19 |
| TS 31.121 vi50 | UICC-terminal interface test specification | Rel-18 |
| TS 31.122 vi50 | USIM Conformance Test Specification | Rel-18 |
| TS 31.131 vj00 | C Language Binding for (U)SIM API | Rel-19 |
| TR 31.900 vj00 | 3GPP TS 31.900: Security Interworking Guidance | Rel-19 |
| TR 31.901 ve00 | USIM/ISIM/USAT Feature Review Study | Rel-14 |
| TS 32.101 vj00 | Management principles and high-level requirements | Rel-19 |
| TS 32.102 vj00 | Telecom Management Physical Architecture Framework | Rel-19 |
| TS 32.140 vj00 | Subscription Management (SuM) requirements | Rel-19 |
| TS 32.141 vj00 | Subscription Management (SuM) Architecture | Rel-19 |
| TS 32.181 vj00 | User Data Convergence Management Framework | Rel-19 |
| TS 32.240 vj40 | Charging Management Architecture & Principles | Rel-19 |
| TS 32.251 vj00 | PS Domain Charging Management | Rel-19 |
| TS 32.270 vj00 | MMS Charging Management Specification | Rel-19 |
| TS 32.271 vj20 | 3GPP LCS Charging Management Spec | Rel-19 |
| TS 32.272 vj00 | Charging for Push-to-Talk over Cellular (PoC) | Rel-19 |
| TS 32.277 vj20 | Charging Management for Proximity Services (ProSe) | Rel-19 |
| TS 32.808 v1800 | Common User Profile Storage Framework | Rel-8 |
| TS 33.102 vj10 | 3G Security Architecture Specification | Rel-19 |
| TS 33.105 vj00 | 3G Security: Cryptographic Algorithm Requirements | Rel-19 |
| TS 33.320 vj00 | H(e)NB Subsystem Security Architecture | Rel-19 |
| TS 33.401 vj10 | EPS Security Architecture | Rel-19 |
| TS 33.402 vj00 | Security for non-3GPP access to EPS | Rel-19 |
| TS 33.501 vk00 | 5G Security Architecture and Procedures | Rel-20 |
| TS 33.749 vj00 | Study on security aspects of edge computing enhancement | Rel-19 |
| TS 33.812 v920 | M2M Remote Subscription Management Security | Rel-9 |
| TS 33.820 v1830 | Home NodeB/eNodeB Security Architecture | Rel-8 |
| TS 33.822 v1800 | Security Architecture for Inter-Access Mobility | Rel-8 |
| TS 33.835 vg10 | Study on authentication and key management for apps | Rel-16 |
| TS 33.863 ve20 | Security for Battery-Efficient IoT Device to Enterprise | Rel-14 |
| TS 34.131 vj00 | SIM API C Language Test Specification | Rel-19 |
| TS 35.205 vj00 | MILENAGE Algorithm Set: General Overview | Rel-19 |
| TS 35.234 vj00 | MILENAGE-256 Algorithm Set Specification | Rel-19 |
| TS 35.235 vj00 | MILENAGE-256 Algorithm Set Specification | Rel-19 |
| TR 35.909 vj00 | 3GPP MILENAGE Algorithm Design Report | Rel-19 |
| TR 35.934 vj00 | Tuak algorithm set for 3GPP auth & key gen | Rel-19 |
| TR 35.937 vj00 | MILENAGE-256 Algorithm Set Specification | Rel-19 |
| TS 36.304 vj00 | UE Idle Mode Procedures in E-UTRA | Rel-19 |