Known LPAd

Applications #

We know of the following applications that implement the LPAd functionality on Android, together with the respective signer key SHA-1 digests. Those SHA-1 digests are typically used inside of access rules in an ARA-M applet in order to receive elevated privileges via the Android Carrier Privileges Mechanism. Most critical is the access to OMAPI, which provides APDU-level access of the LPAd to the eUICC, in order to access the ES10b interface of the eUICC.

  • EasyEUICC (Mirror)
    Package Name: im.angry.easyeuicc
    signer key SHA1 digest: 2a2fa878bc7c3354c2cf82935a5945a3edae4afa (Release)
  • Infineon LPA
    Package Name: com.infineon.esim.lpa
    signer key SHA1 digest: 6fb0729d5b19897c044078a0184b68647704fa99 (Release)
  • (TelcoVillage GmbH)
    Package Name:
    signer key SHA1 digest: 8d48ecfaf44c5752145ee28b3eb7429cc6627e98 (Play Store)
  • 5ber.eSIM (iFREE GROUP)
    Package Name: com.ifreegroup.moesim
    signer key SHA1 digest: 31f78f62fe89aceed93d970d5675f2034edca7e7 (Play Store)
    signer key SHA1 digest: a8be3c101f840c5025c8a3d8daf5531dd91b1134 (Release)
$ apksigner verify --print-certs easyeuicc-release.apk
Signer #1 certificate DN: CN=Peter Cai, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=CA
Signer #1 certificate SHA-256 digest: 57becc26b373a6475d093d33b0ea1c5e2bf2738ec0233680094ccbbcb500a13e
Signer #1 certificate SHA-1 digest: 2a2fa878bc7c3354c2cf82935a5945a3edae4afa
Signer #1 certificate MD5 digest: e80a9f9f3ce834bfe8761bb835ff1570

See Verify the signature of an APK

References #