Although SIM card holds many different types of information but the part which involves carrier unlock is the IMSI number. IMSI (International Mobile Subscriber Identity) is a unique number that corresponds to your account in the mobile carrier’s database. Every IMSI number consists of a MCC (Mobile Country Code) and MNC (Mobile Network Code).

Example IMSI number: 302 720 123456789

The above IMSI indicate the SIM is from Canada (302) Rogers Wireless (720). When there was no software unlock available, the iPhone baseband versions used to check IMSI twice following a restart but later Apple made the authentication procedure mode difficult to crack by introducing a 4-byte TMSI (Temporary Mobile Subscriber Identity) which now identify each handset before IMSI is sent and processed.

So how Gevey SIM still manages to trick the TMSI? It actually makes use of the emergency number 112 to get the TMSI for your connection. When the network issues TMSI for your connection, Gevey’s SIM interposer finds an acceptable MCC/MNC combination by rapidly cycling a list of IMSI. To prevent your baseband from detecting the fake IMSI, toggling the flight mode for a second is enough. This spoofing of IMSI and ICCID makes your carrier think that your iPhone 4 is factory unlocked.Without any doubt, spoofing of IMSI and ICCID using a legitimate emergency number is unethical or downright illegal. Also keep in mind that your network can request your IMEI during the emergency call and can ban your account for using false information and tampering with your SIM card.