I can help with the network functions.
Since my old days I worked on GSM networks, this Xsim card was interesting to me.

Since the phone is physically Locked and network unlock using X-sim card. What I was trying to find out.
What was the X-sim function at the mobile registration stage. What was being blocked or not blocked by the x-sim card in the nokia phone.

The original SIM card contains the International Mobile Subscriber Identity (IMSI) used to identify the subscriber to the system, a secret key for authentication, and other information. The IMEI and the IMSI are independent..

GSM Network mobile registration:
-------------------------------
Since the radio medium can be accessed by anyone, authentication of users to prove that they are who they claim to be, is a very important element of a mobile network. Authentication involves two functional entities, the SIM card in the mobile, and the Authentication Center (AuC). Each subscriber is given a secret key, one copy of which is stored in the SIM card and the other in the AuC. During authentication, the AuC generates a random number that it sends to the mobile. Both the mobile and the AuC then use the random number, in conjuction with the subscriber's secret key and a ciphering algorithm called A3, to generate a signed response (SRES) that is sent back to the AuC. If the number sent by the mobile is the same as the one calculated by the AuC, the subscriber is authenticated.


Conclusion
From this information my conclusion is the Xsim in the nokia BB5 and DCT4+ phone lets the locked phone transmit the original SIM information by bypassing the phone locks. Someone suggested the Xsim card sends mcc+mcn = 0000 to the phone there by bypassing phone locks.

........... any comments....
===============

This is a queston to all programers and developers.

Theory:
Since phone is physically Locked and virtually unlock using X-sim card.

The X-sim, No-key sim card, must work in a way that it suppress or adds some infromation during mobile phone registration to the GSM network.

The question to the programers and developers. Can the functions provided by the X-sim (No-key) card, be cloned.
EC

I didn't use the X-sim but in the photo I see that it has an Eeprom.
did you try to read the Eeprom?
if yes send me the dump

I think that your theory is right

Sure it have an eprom

But how to read it , here is caused the probleme !

it's not a most problem ..... :) just erase PIC and write some "loader" for EEPROM reading . Like in silver card .
Only one problem - how to read ptotected PIC .

What 'type Of Using The Pic X-sim-or Not Key

Sure it have an eprom

But how to read it , here is caused the probleme !


i think x-sim have similary instruction as TESTCARD but modified to read sim locked :p

hehe interesting idea

mcc+mcn = 0000

Dear,
I m Not A Professional & Not have X-SIM,But i wish to a hypothesis that may be in the x-sim is included with many operators dumy IMSI+MCC+MNC+Blank IMSI Ki Code,after authanticated IMSI+MCC+MNC then bypass new Sim.

Thanks All:D

How abount idea of willtek and smare cards, they are accepted by 95% of phones, i never been around sim programing and emulating but mayby thats the way of making perfect x-sim, no-key or whatever turbosim. Most funny thing that this idea came bacause of apple :) i mean iphone. Shame is that from beginning of iphone nobody serious get arround unlocking of iphone but from other side, bacasue they had to find other way to unlock them turbosim came and then no-key. But there is very big threat for gsm buissnes -----> if universal card will come..... will lead us to end of gsm unlocking buisness ...

Thats true man ....:mad: the ****ing turbo sims are the end of professional
unlocking service ... in near future this cards would be cloned and anyone can buy this cards for a pair cents or pennys .:eek:
only we can hope the manufakturers of mobilephones will do a reaktion of this produkt . BR from germany JOE

Conclusion
From this information my conclusion is the Xsim in the nokia BB5 and DCT4+ phone lets the locked phone transmit the original SIM information by bypassing the phone locks. Someone suggested the Xsim card sends mcc+mcn = 0000 to the phone there by bypassing phone locks.

........... any comments....


yes, the comment is:

phone checks IMSI (MCC+MNC) in boot phase for sim lock purpose.

it is on this initial request of imsi that x-sim responds with test card data.

phone carried on to initialise and boot, and now will ask sim many times imsi information for GSM_functions.

these times, x-sim is bypassed, its job has been served.