Affiliate links on Android Authority may earn us a commission. Learn more.

Android 17 wants to solve the biggest headache with using SIM PIN locks

A clever new trick lets your phone automate SIM PIN unlocking.

•

2 hours ago

•

Add AndroidAuthority on Google

a smartphone with two sim cards and a sim tray on a table

Megan Ellis / Android Authority

TL;DR

SIM PINs help protect you from attackers intercepting 2FA codes.
Manually entering the PIN on boot can get annoying, though.
With Android 17, Google is building a new system for letting the phone automatically handle SIM PIN unlocks.

If you’re a responsible smartphone user, chances are that your phone is already secured with a screen lock — and hopefully that involves a sufficiently long password or PIN. But there’s another PIN you could (and arguably, should) be using to keep your accounts and communication safe: a SIM PIN. And now with Android 17 Beta 2 available to Pixel testers, we’ve spotted a new change Google appears to be working on to make SIM PINs much, much more convenient.

Let’s start by clearing up what we’re talking about here, as there’s a fair chance that you’ve never even heard of a SIM PIN before now, and have no idea what’s going on. Just like a PIN code can keep your phone safe by requiring its entry when your device starts up, a SIM PIN does the same for securing access to your cellular account. When you a power on a phone with a PIN-locked SIM, it won’t be able to make calls, work with texts, or use data until the PIN is entered.

Don’t want to miss the best from Android Authority?

Set us as a favorite source in Google Discover to never miss our latest exclusive reports, expert analysis, and much more.
You can also set us as a preferred source in Google Search by clicking the button below.

Hopefully, you can already see how this could be handy. With so many services tying authentication to text messages, if someone got their hands on your phone, they could always remove the SIM and insert it into a new device to intercept any 2FA codes — even if they weren’t able to unlock your phone itself. By requiring a separate PIN before the SIM is enabled, we can prevent that kind of attack.

So why don’t more people use SIM PINs? Honestly: We’re lazy. Entering one PIN every time your phone reboots is one thing, but having to enter two PINs back-to-back? Especially if it feels like we’re protecting ourselves against an attack with only a tiny chance we’re ever targeted? That second PIN is going to start feeling like a chore, fast, and eventually many users just don’t want to bother with it.

Enter: automatic SIM lock protection. We find multiple new text strings appearing in Android 17 Beta 2 that make reference to the feature:

Code

<string name="automatic_sim_lock_protection">Automatic SIM lock protection</string>
<string name="automatic_sim_lock_settings_title">Protect SIM card</string>
<string name="provide_current_sim_pin">Enter the SIM card current PIN</string>
<string name="provide_current_sim_pin_title">Enter current SIM PIN</string>
<string name="sim_auto_pin_management_toggle">Automatic PIN management</string>
<string name="sim_choose_protection_mode_title">Protect SIM card from theft</string>
<string name="sim_display_platform_managed_pin">Android-managed PIN</string>
<string name="sim_display_platform_managed_pin_title">Show Android-managed PIN</string>
<string name="sim_enrollment_failed">Enrollment failed</string>
<string name="sim_enrollment_succeeded">Enrollment succeeded</string>
<string name="sim_platform_managed_pin_failure">Failed getting PIN</string>
<string name="sim_platform_managed_pin_value">Value of the Android-managed PIN:</string>
<string name="sim_protection_mode_lskf_required">Lockscreen must be set up to turn on SIM protection</string>
<string name="sim_protection_mode_manually_managed">SIM PIN manually managed</string>
<string name="sim_protection_mode_protected_by_platform">SIM PIN managed by Android</string

Based on those strings, we can draw a few inferences about how this is likely to work. The core idea behind it appears to be that rather than manually entering a SIM PIN yourself on startup, you’d instead program the SIM PIN into Android, and then have the system itself send the PIN to unlock the SIM after a reboot.

With how our PINs offer protection, that approach actually makes a lot of sense. Without your lock screen PIN, attackers have no chance of getting into your phone and having Android employ the saved SIM PIN. And if they remove the SIM and try to place it in another phone, that one won’t know the SIM PIN saved on your original phone.

Google’s system basically keeps all the security of a SIM PIN, while removing all the inconvenience. Just make sure you jot down the Android-managed PIN somewhere secure, in case your phone ever dies and you’d like to pop the SIM into a new handset.

So far we haven’t yet been able to access the UI for this feature, but hopefully we’ll see that implemented in a future Android 17 release.

⚠️ An APK teardown helps predict features that may arrive on a service in the future based on work-in-progress code. However, it is possible that such predicted features may not make it to a public release.

Authority Insights News

Android 17 Authority Insights Google

Thank you for being part of our community. Read our Comment Policy before posting.