What is SIM Cloning?
Creating a duplicate of a SIM card to intercept calls and messages intended for the original, potentially bypassing SMS-based authentication.
SIM cloning creates an exact copy of a SIM card, allowing two devices to receive the same calls and messages.
How It Works
- Physical SIM cards contain an authentication key (Ki)
- If this key is extracted, a duplicate SIM can be created
- Modern SIM cards make Ki extraction harder but not impossible
- eSIMs add additional protections but aren't immune
Compared to SIM Swapping
- SIM cloning: Creates a copy; original still works (temporarily)
- SIM swapping: Transfers the number; original stops working
- SIM swapping is more common because it doesn't require physical access
Protection
- Never use SMS for two-factor authentication
- Use TOTP apps or hardware keys instead
- Keep your physical SIM secure
- Monitor for unexpected service disruptions
- Consider eSIM which is harder to clone physically
Related Terms
SIM Swapping
A social engineering attack where an attacker convinces a mobile carrier to transfer your phone number to their SIM card, hijacking SMS-based authentication.
SS7 Vulnerability
Security flaws in the SS7 telephone signaling protocol that allow attackers to intercept calls, read SMS messages, and track phone locations globally.
Two-Factor Authentication
A security method requiring two different types of identification to access an account: something you know (password) plus something you have (phone, hardware key) or something you are (biometric). This significantly reduces the risk of unauthorized access even if your password is compromised.
Have more questions?
Use our guided flow to get the right next privacy step for SIM Cloning.
Open Guided Flow