LG Uplus Rolls Out Free SIM Swaps, IMSI Randomization for 5G Privacy

LG Uplus has said that its current IMSI operation is standards-compliant and safe, with a very low likelihood of security incidents. To further strengthen security, the carrier will begin a phased program of free USIM swaps and reconfigurations starting April 13.

In the 5G standalone (SA) environment, LG Uplus will apply SUCI, a method that encrypts IMSI, so the subscriber identity is not exposed in transmitted signals. SUCI converts the IMSI into an encrypted value before it is sent over the network.

The company is also reorganizing the IMSI structure itself by introducing randomization in the subscriber identity area. The goal is to reduce predictability and bolster security. The updated IMSI will be applied automatically when a SIM is swapped or reconfigured.

LG Uplus says the security enhancements followed an internal information-security review that identified improvement needs. The carrier has been designing, developing, and conducting commercial testing of the updated systems since the previous year.

Earlier disclosures suggested LG Uplus had reflected some telephone-number information in the IMSI generation process, raising concerns about identifiability when IMSI data is combined with other information. By comparison, SK Telecom and KT are known to use numbers that are closer to random values in their IMSI schemes.

The SIM swap and reconfiguration will apply to all mobile users as of April 13, including users of smartwatches and MVNO services. New subscribers and those moving numbers will receive SIMs configured under the updated system.

To minimize customer disruption, LG Uplus plans to deploy an appointment system for in-store visits and enable remote SIM reset options. The company emphasizes that the rollout aims to maintain service continuity while improving security.

Lee Jae-won, LG Uplus’ vice president in charge of the consumer division, said the security reinforcement is intended to allow customers to use mobile services more safely and that the company will work to minimize any inconvenience during the rollout.

Why this matters beyond Korea: as 5G networks expand globally, encryption of subscriber identities during signaling — such as SUCI in 5G SA deployments — is a key element of protecting user privacy and preventing identity-based exploits. The move touches on issues important to U.S. operators, policymakers, and supply chains, including cross-border roaming security, SIM and eSIM management, and the resilience of mobile ecosystems against data link attacks. For U.S. readers, this illustrates how carriers are strengthening core identity protections, which can influence security standards, consumer protection policy, and the reliability of international mobile services and markets.