Paršovs, Arnis, juhendajaMander, Karl ErikTartu Ülikool. Loodus- ja täppisteaduste valdkondTartu Ülikool. Arvutiteaduse instituut2023-10-202023-10-202023https://hdl.handle.net/10062/93646This thesis investigates the security risk of intercepting Mobile-ID SIM Toolkit calls on Android. The investigation is done by modifying the Android operating system with malware. Through an in-depth analysis of the communication protocol between an Android phone and a SIM card, this study demonstrates that attackers who have gained access to the victim’s phone through illegitimate apps or other exploits with root privileges may be able to remotely control Mobile-ID operations by intercepting SIM card communications. From there on, the system could complete all Mobile-ID transactions surreptitiously and automatically. This thesis aimed to research the security architecture of Android OS concerning Mobile-ID and discuss possible options that a malware creator would have to implement to achieve SIM command intercepting capabilities.estopenAccessAttribution-NonCommercial-NoDerivatives 4.0 InternationalMobiil-IDSMSSIM-kaartMalwareAndroidbakalaureusetöödinformaatikainfotehnoloogiainformaticsinfotechnologyThesis